X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=mobile%2Fuser_edit.php;h=89a473cb6ba5396e8586f48b9b86b9779d2dc23b;hb=c360da4bcfd113a87bc156e0f009e968d8a8bf07;hp=156e320acfea1d11fa405df6f18c9ef58e206b49;hpb=ee49ee74b2a7d3c6daaa2d4bc6397b0c89e3099b;p=timetracker.git

diff --git a/mobile/user_edit.php b/mobile/user_edit.php
index 156e320a..89a473cb 100644
--- a/mobile/user_edit.php
+++ b/mobile/user_edit.php
@@ -35,27 +35,24 @@ import('form.Table');
 import('form.TableColumn');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessAllowed('manage_users')) {
   header('Location: access_denied.php');
   exit();
 }
 
 // Get user id we are editing from the request.
 $user_id = (int) $request->getParameter('id');
-
 // Get user details.
 $user_details = ttUserHelper::getUserDetails($user_id);
 
 // Security checks.
-$ok_to_go = $user->canManageTeam(); // Are we authorized for user management?
-if ($ok_to_go) $ok_to_go = $ok_to_go && $user_details; // Are we editing a real user?
-if ($ok_to_go) $ok_to_go = $ok_to_go && ($user->team_id == $user_details['team_id']); // User belongs to our team?
-if ($ok_to_go && $user->isCoManager() && (ROLE_COMANAGER == $user_details['role']))
-  $ok_to_go = ($user->id == $user_details['id']); // Comanager is not allowed to edit other comanagers.
-if ($ok_to_go && $user->isCoManager() && (ROLE_MANAGER == $user_details['role']))
-  $ok_to_go = false; // Comanager is not allowed to edit a manager.
-if (!$ok_to_go) {
-  die ($i18n->getKey('error.sys'));
+if (!$user_details || // No details.
+     $user_details['team_id'] <> $user->team_id || // User not in team.
+     $user_details['rank'] > $user->rank || // User has a bigger rank.
+     ($user_details['rank'] == $user->rank && $user_details['id'] <> $user->id) // Same rank but not us.
+   ) {
+  header('Location: access_denied.php');
+  exit();
 }
 
 if ($user->isPluginEnabled('cl'))
@@ -72,7 +69,7 @@ if ($request->isPost()) {
     $cl_password2 = $request->getParameter('pas2');
   }
   $cl_email = trim($request->getParameter('email'));
-  $cl_role = $request->getParameter('role');
+  $cl_role_id = $request->getParameter('role');
   $cl_client_id = $request->getParameter('client');
   $cl_status = $request->getParameter('status');
   $cl_rate = $request->getParameter('rate');
@@ -93,7 +90,7 @@ if ($request->isPost()) {
   $cl_login = $user_details['login'];
   $cl_email = $user_details['email'];
   $cl_rate = str_replace('.', $user->decimal_mark, $user_details['rate']);
-  $cl_role = $user_details['role'];
+  $cl_role_id = $user_details['role_id'];
   $cl_client_id = $user_details['client_id'];
   $cl_status = $user_details['status'];
   $cl_projects = array();
@@ -107,16 +104,13 @@ $form = new Form('userForm');
 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'name','value'=>$cl_name));
 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'login','value'=>$cl_login));
 if (!$auth->isPasswordExternal()) {
-  $form->addInput(array('type'=>'text','maxlength'=>'30','name'=>'pas1','aspassword'=>true,'value'=>$cl_password1));
-  $form->addInput(array('type'=>'text','maxlength'=>'30','name'=>'pas2','aspassword'=>true,'value'=>$cl_password2));
+  $form->addInput(array('type'=>'password','maxlength'=>'30','name'=>'pas1','value'=>$cl_password1));
+  $form->addInput(array('type'=>'password','maxlength'=>'30','name'=>'pas2','value'=>$cl_password2));
 }
 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'email','value'=>$cl_email));
 
-$roles[ROLE_USER] = $i18n->getKey('label.user');
-$roles[ROLE_COMANAGER] = $i18n->getKey('form.users.comanager');
-if ($user->isPluginEnabled('cl'))
-  $roles[ROLE_CLIENT] = $i18n->getKey('label.client');
-$form->addInput(array('type'=>'combobox','onchange'=>'handleClientControl()','name'=>'role','value'=>$cl_role,'data'=>$roles));
+$active_roles = ttTeamHelper::getActiveRolesForUser();
+$form->addInput(array('type'=>'combobox','onchange'=>'handleClientControl()','name'=>'role','value'=>$cl_role_id,'data'=>$active_roles,'datakeys'=>array('id', 'name')));
 if ($user->isPluginEnabled('cl'))
   $form->addInput(array('type'=>'combobox','name'=>'client','value'=>$cl_client_id,'data'=>$clients,'datakeys'=>array('id', 'name'),'empty'=>array(''=>$i18n->getKey('dropdown.select'))));
 
@@ -135,15 +129,14 @@ class NameCellRenderer extends DefaultCellRenderer {
 class RateCellRenderer extends DefaultCellRenderer {
   function render(&$table, $value, $row, $column, $selected = false) {
     global $assigned_projects;
-    $field = new FloatField('rate_'.$table->getValueAtName($row,'id'), $table->getValueAtName($row, 'p_rate'));
+    $field = new FloatField('rate_'.$table->getValueAtName($row,'id'));
     $field->setFormName($table->getFormName());
-    $field->setLocalization($GLOBALS['I18N']);
     $field->setSize(5);
     $field->setFormat('.2');
     foreach ($assigned_projects as $p) {
       if ($p['id'] == $table->getValueAtName($row,'id')) $field->setValue($p['rate']);
     }
-    $this->setValue($field->toStringControl());
+    $this->setValue($field->getHtml());
     return $this->toString();
   }
 }
@@ -161,67 +154,75 @@ $form->addInputElement($table);
 
 $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$user_id));
 $form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->getKey('button.save')));
+$form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->getKey('label.delete')));
 
 if ($request->isPost()) {
-  // Validate user input.
-  if (!ttValidString($cl_name)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.person_name'));
-  if (!ttValidString($cl_login)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.login'));
-  if (!$auth->isPasswordExternal() && ($cl_password1 || $cl_password2)) {
-    if (!ttValidString($cl_password1)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.password'));
-    if (!ttValidString($cl_password2)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password'));
-    if ($cl_password1 !== $cl_password2)
-      $err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password'));
-  }
-  if (!ttValidEmail($cl_email, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.email'));
-  if (!ttValidFloat($cl_rate, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('form.users.default_rate'));
-
-  if ($err->no()) {
-    $existing_user = ttUserHelper::getUserByLogin($cl_login);
-    if (!$existing_user || ($user_id == $existing_user['id'])) {
-
-      $fields = array(
-        'name' => $cl_name,
-        'login' => $cl_login,
-        'password' => $cl_password1,
-        'email' => $cl_email,
-        'status' => $cl_status,
-        'rate' => $cl_rate,
-        'projects' => $assigned_projects);
-      if (right_assign_roles & $user->rights) {
-        $fields['role'] = $cl_role;
-        $fields['client_id'] = $cl_client_id;
-      }
-
-      if (ttUserHelper::update($user_id, $fields)) {
-
-        // If our own login changed, set new one in cookie to remember it.
-        if (($user_id == $user->id) && ($user->login != $cl_login)) {
-          setcookie('tt_login', $cl_login, time() + COOKIE_EXPIRE, '/');
-        }
-
-        // In case the name of the "on behalf" user has changed - set it in session.
-        if (($user->behalf_id == $user_id) && ($user->behalf_name != $cl_name)) {
-          $_SESSION['behalf_name'] = $cl_name;
+  if ($request->getParameter('btn_submit')) {
+    // Validate user input.
+    if (!ttValidString($cl_name)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.person_name'));
+    if (!ttValidString($cl_login)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.login'));
+    if (!$auth->isPasswordExternal() && ($cl_password1 || $cl_password2)) {
+      if (!ttValidString($cl_password1)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.password'));
+      if (!ttValidString($cl_password2)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password'));
+      if ($cl_password1 !== $cl_password2)
+        $err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password'));
+    }
+    if (!ttValidEmail($cl_email, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.email'));
+    if (!ttValidFloat($cl_rate, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('form.users.default_rate'));
+  
+    if ($err->no()) {
+      $existing_user = ttUserHelper::getUserByLogin($cl_login);
+      if (!$existing_user || ($user_id == $existing_user['id'])) {
+  
+        $fields = array(
+          'name' => $cl_name,
+          'login' => $cl_login,
+          'password' => $cl_password1,
+          'email' => $cl_email,
+          'status' => $cl_status,
+          'rate' => $cl_rate,
+          'projects' => $assigned_projects);
+        if (in_array('manage_users', $user->rights)) {
+          $fields['role_id'] = $cl_role_id;
+          $fields['client_id'] = $cl_client_id;
         }
-
-        // If we deactivated our own account, do housekeeping and logout.
-        if ($user->id == $user_id && !is_null($cl_status) && $cl_status == INACTIVE) {
-          // Remove tt_login cookie that stores login name.
-          unset($_COOKIE['tt_login']);
-          setcookie('tt_login', NULL, -1);
-
-          $auth->doLogout();
-          header('Location: login.php');
+  
+        if (ttUserHelper::update($user_id, $fields)) {
+  
+          // If our own login changed, set new one in cookie to remember it.
+          if (($user_id == $user->id) && ($user->login != $cl_login)) {
+            setcookie('tt_login', $cl_login, time() + COOKIE_EXPIRE, '/');
+          }
+  
+          // In case the name of the "on behalf" user has changed - set it in session.
+          if (($user->behalf_id == $user_id) && ($user->behalf_name != $cl_name)) {
+            $_SESSION['behalf_name'] = $cl_name;
+          }
+  
+          // If we deactivated our own account, do housekeeping and logout.
+          if ($user->id == $user_id && !is_null($cl_status) && $cl_status == INACTIVE) {
+            // Remove tt_login cookie that stores login name.
+            unset($_COOKIE['tt_login']);
+            setcookie('tt_login', NULL, -1);
+  
+            $auth->doLogout();
+            header('Location: login.php');
+            exit();
+          }
+  
+          header('Location: users.php');
           exit();
-        }
-
-        header('Location: users.php');
-        exit();
-
+  
+        } else
+          $err->add($i18n->getKey('error.db'));
       } else
-        $err->add($i18n->getKey('error.db'));
-    } else
-      $err->add($i18n->getKey('error.user_exists'));
+        $err->add($i18n->getKey('error.user_exists'));
+    }
+  }
+  
+  if ($request->getParameter('btn_delete')) {
+    header("Location: user_delete.php?id=$user_id");
+    exit();
   }
 } // isPost
 
@@ -229,6 +230,7 @@ $rates = ttProjectHelper::getRates($user_id);
 $smarty->assign('rates', $rates);
 
 $smarty->assign('auth_external', $auth->isPasswordExternal());
+$smarty->assign('active_roles', $active_roles);
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('onload', 'onLoad="document.userForm.name.focus();handleClientControl();"');
 $smarty->assign('user_id', $user_id);