X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=group_edit.php;h=1df99a1c534806a847042cd942988c3521dccfbb;hb=691958794018beda9788e9bdb47d640a116af492;hp=872fe1480398f8238463729f7d365ee5d2fecb2f;hpb=69915aba68a312fb2080c2356a482736efc254ae;p=timetracker.git

diff --git a/group_edit.php b/group_edit.php
index 872fe148..1df99a1c 100644
--- a/group_edit.php
+++ b/group_edit.php
@@ -33,19 +33,48 @@ import('ttRoleHelper');
 import('ttConfigHelper');
 
 // Access checks.
-if (!(ttAccessAllowed('manage_basic_settings') || ttAccessAllowed('manage_advanced_settings'))) {
-  header('Location: access_denied.php');
-  exit();
+// There are 4 distinct situations:
+//   1) Editing home group in get or post.
+//   2) Editing a subgroup in get or post.
+// We'll check access separately as it is about different right checks.
+if ($request->isGet()) {
+  $group_id = $request->getParameter('id') ? $request->getParameter('id') : $user->getGroup();
+} else {
+  $group_id = $request->getParameter('group') ? $request->getParameter('group') : $user->getGroup();
+}
+$home_group = $user->group_id == $group_id;
+if ($home_group) {
+  // Editing home group.
+  if (!ttAccessAllowed('manage_basic_settings')) {
+    header('Location: access_denied.php'); // Not allowed to edit home group settings.
+    exit();
+  }
+} else {
+  // Editing a subgroup.
+  if (!ttAccessAllowed('manage_subgroups')) {
+    header('Location: access_denied.php'); // No right to manage subgroups.
+    exit();
+  }
+  if (!$user->isSubgroupValid($group_id)) {
+    header('Location: access_denied.php'); // Wrong subgroup.
+    exit();
+  }
 }
 // End of access checks.
 
-$config = new ttConfigHelper($user->config);
+// Set on behalf group accordingly.
+$groupChanged = $request->getParameter('group_changed');
+if ($request->isPost() && $groupChanged) {
+ $user->setOnBehalfGroup($group_id);
+}
+
+$groups = $user->getGroupsForDropdown();
+$group = ttGroupHelper::getGroupAttrs($group_id);
+$config = $user->getConfigHelper();
 
-$advanced_settings = $user->can('manage_advanced_settings');
 if (!defined('CURRENCY_DEFAULT')) define('CURRENCY_DEFAULT', '$');
 
-if ($request->isPost()) {
-  $cl_group = trim($request->getParameter('group_name'));
+if ($request->isPost() && !$groupChanged) {
   $cl_currency = trim($request->getParameter('currency'));
   if (!$cl_currency) $cl_currency = CURRENCY_DEFAULT;
   $cl_lang = $request->getParameter('lang');
@@ -53,7 +82,7 @@ if ($request->isPost()) {
   $cl_date_format = $request->getParameter('date_format');
   $cl_time_format = $request->getParameter('time_format');
   $cl_start_week = $request->getParameter('start_week');
-  $cl_show_holidays = $request->getParameter('show_holidays');
+  $cl_holidays = trim($request->getParameter('holidays'));
   $cl_tracking_mode = $request->getParameter('tracking_mode');
   $cl_project_required = $request->getParameter('project_required');
   $cl_task_required = $request->getParameter('task_required');
@@ -62,31 +91,39 @@ if ($request->isPost()) {
   $cl_allow_overlap = $request->getParameter('allow_overlap');
   $cl_future_entries = $request->getParameter('future_entries');
   $cl_uncompleted_indicators = $request->getParameter('uncompleted_indicators');
-  $cl_bcc_email = trim($request->getParameter('bcc_email'));
-  $cl_allow_ip = trim($request->getParameter('allow_ip'));
+  $cl_confirm_save = $request->getParameter('confirm_save');
 } else {
-  $cl_group = $user->group_name;
-  $cl_currency = ($user->currency == ''? CURRENCY_DEFAULT : $user->currency);
-  $cl_lang = $user->lang;
-  $cl_decimal_mark = $user->decimal_mark;
-  $cl_date_format = $user->date_format;
-  $cl_time_format = $user->time_format;
-  $cl_start_week = $user->week_start;
-  $cl_show_holidays = $user->show_holidays;
-  $cl_tracking_mode = $user->tracking_mode;
-  $cl_project_required = $user->project_required;
-  $cl_task_required = $user->task_required;
-  $cl_record_type = $user->record_type;
-  $cl_punch_mode = $user->punch_mode;
-  $cl_allow_overlap = $user->allow_overlap;
-  $cl_future_entries = $user->future_entries;
-  $cl_uncompleted_indicators = $user->uncompleted_indicators;
-  $cl_bcc_email = $user->bcc_email;
-  $cl_allow_ip = $user->allow_ip;
+  $cl_currency = ($group['currency'] == ''? CURRENCY_DEFAULT : $group['currency']);
+  $cl_lang = $group['lang'];
+  $cl_decimal_mark = $group['decimal_mark'];
+  $cl_date_format = $group['date_format'];
+  $cl_time_format = $group['time_format'];
+  $cl_start_week = $group['week_start'];
+  $cl_holidays = $group['holidays'];
+  $cl_tracking_mode = $group['tracking_mode'];
+  $cl_project_required = $group['project_required'];
+  $cl_task_required = $group['task_required'];
+  $cl_record_type = $group['record_type'];
+  $cl_punch_mode = $config->getDefinedValue('punch_mode');
+  $cl_allow_overlap = $config->getDefinedValue('allow_overlap');
+  $cl_future_entries = $config->getDefinedValue('future_entries');
+  $cl_uncompleted_indicators = $config->getDefinedValue('uncompleted_indicators');
+  $cl_confirm_save = $config->getDefinedValue('confirm_save');
 }
 
 $form = new Form('groupForm');
-$form->addInput(array('type'=>'text','maxlength'=>'200','name'=>'group_name','value'=>$cl_group,'enable'=>$advanced_settings));
+$form->addInput(array('type'=>'hidden','name'=>'id','value'=>$group_id));
+if (count($groups) > 1) {
+  $form->addInput(array('type'=>'combobox',
+    'onchange'=>'document.groupForm.group_changed.value=1;document.groupForm.submit();',
+    'name'=>'group',
+    'style'=>'width: 250px;',
+    'value'=>$group_id,
+    'data'=>$groups,
+    'datakeys'=>array('id','name')));
+  $form->addInput(array('type'=>'hidden','name'=>'group_changed'));
+  $smarty->assign('group_dropdown', 1);
+}
 $form->addInput(array('type'=>'text','maxlength'=>'7','name'=>'currency','value'=>$cl_currency));
 
 // Prepare an array of available languages.
@@ -131,8 +168,8 @@ foreach ($i18n->weekdayNames as $id => $week_dn) {
 }
 $form->addInput(array('type'=>'combobox','name'=>'start_week','style'=>'width: 150px;','data'=>$week_start_options,'datakeys'=>array('id','name'),'value'=>$cl_start_week));
 
-// Show holidays checkbox.
-$form->addInput(array('type'=>'checkbox','name'=>'show_holidays','value'=>$cl_show_holidays));
+// Show holidays control.
+$form->addInput(array('type'=>'text','name'=>'holidays','value'=>$cl_holidays));
 
 // Prepare tracking mode choices.
 $tracking_mode_options = array();
@@ -162,64 +199,60 @@ $form->addInput(array('type'=>'checkbox','name'=>'future_entries','value'=>$cl_f
 // Uncompleted indicators checkbox.
 $form->addInput(array('type'=>'checkbox','name'=>'uncompleted_indicators','value'=>$cl_uncompleted_indicators));
 
-// Add bcc email control.
-if ($advanced_settings) {
-  $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'bcc_email','value'=>$cl_bcc_email));
-  $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'allow_ip','value'=>$cl_allow_ip));
-}
+// Confirm save checkbox.
+$form->addInput(array('type'=>'checkbox','name'=>'confirm_save','value'=>$cl_confirm_save));
 
 $form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->get('button.save')));
 if ($user->can('delete_group')) $form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get('button.delete')));
 
+$form->setValueByElement('group_changed','');
+
 if ($request->isPost()) {
 
   if ($request->getParameter('btn_delete')) {
     // Delete button pressed, redirect.
-    header('Location: group_delete.php?id='.$user->group_id);
+    header('Location: group_delete.php?id='.$group_id);
     exit();
   }
 
-  // Validate user input.
-  if (!ttValidString($cl_group, true)) $err->add($i18n->get('error.field'), $i18n->get('label.group_name'));
-  if (!ttValidString($cl_currency, true)) $err->add($i18n->get('error.field'), $i18n->get('label.currency'));
-  if ($advanced_settings) {
-    if (!ttValidEmail($cl_bcc_email, true)) $err->add($i18n->get('error.field'), $i18n->get('label.bcc'));
-    if (!ttValidIP($cl_allow_ip, true)) $err->add($i18n->get('error.field'), $i18n->get('form.group_edit.allow_ip'));
-  }
-  // Finished validating user input.
-
-  if ($err->no()) {
-    // Update config.
-    $config->setDefinedValue('show_holidays', $cl_show_holidays);
-    $config->setDefinedValue('punch_mode', $cl_punch_mode);
-    $config->setDefinedValue('allow_overlap', $cl_allow_overlap);
-    $config->setDefinedValue('future_entries', $cl_future_entries);
-    $config->setDefinedValue('uncompleted_indicators', $cl_uncompleted_indicators);
-
-    if ($user->updateGroup(array(
-      'name' => $cl_group,
-      'currency' => $cl_currency,
-      'lang' => $cl_lang,
-      'decimal_mark' => $cl_decimal_mark,
-      'date_format' => $cl_date_format,
-      'time_format' => $cl_time_format,
-      'week_start' => $cl_start_week,
-      'tracking_mode' => $cl_tracking_mode,
-      'project_required' => $cl_project_required,
-      'task_required' => $cl_task_required,
-      'record_type' => $cl_record_type,
-      'uncompleted_indicators' => $cl_uncompleted_indicators,
-      'bcc_email' => $cl_bcc_email,
-      'allow_ip' => $cl_allow_ip,
-      'config' => $config->getConfig()))) {
-      header('Location: time.php');
-      exit();
-    } else
-      $err->add($i18n->get('error.db'));
+  if ($request->getParameter('btn_save')) {
+    // Validate user input.
+    if (!ttValidString($cl_currency, true)) $err->add($i18n->get('error.field'), $i18n->get('label.currency'));
+    if (!ttValidHolidays($cl_holidays)) $err->add($i18n->get('error.field'), $i18n->get('form.group_edit.holidays'));
+    // Finished validating user input.
+
+    if ($err->no()) {
+      // Update config.
+      $config->setDefinedValue('punch_mode', $cl_punch_mode);
+      $config->setDefinedValue('allow_overlap', $cl_allow_overlap);
+      $config->setDefinedValue('future_entries', $cl_future_entries);
+      $config->setDefinedValue('uncompleted_indicators', $cl_uncompleted_indicators);
+      $config->setDefinedValue('confirm_save', $cl_confirm_save);
+
+      if ($user->updateGroup(array(
+        'group_id' => $group_id,
+        'currency' => $cl_currency,
+        'lang' => $cl_lang,
+        'decimal_mark' => $cl_decimal_mark,
+        'date_format' => $cl_date_format,
+        'time_format' => $cl_time_format,
+        'week_start' => $cl_start_week,
+        'holidays' => $cl_holidays,
+        'tracking_mode' => $cl_tracking_mode,
+        'project_required' => $cl_project_required,
+        'task_required' => $cl_task_required,
+        'record_type' => $cl_record_type,
+        'uncompleted_indicators' => $cl_uncompleted_indicators,
+        'config' => $config->getConfig()))) {
+        header('Location: success.php');
+        exit();
+      } else
+        $err->add($i18n->get('error.db'));
+    }
   }
 } // isPost
 
-$smarty->assign('auth_external', $auth->isPasswordExternal());
+$smarty->assign('group_dropdown', count($groups) > 1);
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('onload', 'onLoad="handleTaskRequiredCheckbox(); handlePluginCheckboxes();"');
 $smarty->assign('title', $i18n->get('title.edit_group'));