X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=charts.php;h=a44c9926d699fbfb4787ac10d41ccc1a3e4ae38c;hb=68a5cc5aff88d6144b6db95f7d01315c15e2ebda;hp=959cfe36a5183ba322c9de6a55fe94b42eb0a210;hpb=a8a191541d6f05b08bd8331bdf409af5abfac896;p=timetracker.git

diff --git a/charts.php b/charts.php
index 959cfe36..a44c9926 100644
--- a/charts.php
+++ b/charts.php
@@ -38,7 +38,7 @@ import('ttUserHelper');
 import('ttTeamHelper');
 
 // Access checks.
-if (!ttAccessAllowed('view_own_charts')) {
+if (!(ttAccessAllowed('view_own_charts') || ttAccessAllowed('view_charts'))) {
   header('Location: access_denied.php');
   exit();
 }
@@ -47,8 +47,6 @@ if (!$user->isPluginEnabled('ch')) {
   exit();
 }
 
-
-
 // Initialize and store date in session.
 $cl_date = $request->getParameter('date', @$_SESSION['date']);
 if(!$cl_date) {
@@ -111,7 +109,7 @@ if ($request->isPost()) {
   }
   // If user has changed - set behalf_id accordingly in the session.
   if ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('view_charts')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 
@@ -129,9 +127,13 @@ if ($request->isPost()) {
 $chart_form = new Form('chartForm');
 
 // User dropdown. Changes the user "on behalf" of whom we are working. 
-if ($user->canManageTeam()) {
-  $user_list = ttTeamHelper::getActiveUsers(array('putSelfFirst'=>true));
-  if (count($user_list) > 1) {
+if ($user->can('view_charts')) {
+  if ($user->can('view_own_charts'))
+    $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1,'include_self'=>true,'self_first'=>true);
+  else
+    $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1);
+  $user_list = $user->getUsers($options);
+  if (count($user_list) >= 1) {
     $chart_form->addInput(array('type'=>'combobox',
       'onchange'=>'this.form.submit();',
       'name'=>'onBehalfUser',