X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=report.php;h=61b3587ffed4b362a0ac620cdeba1294079d1a95;hb=9e5dbe1bb51fef6af2a8e3a1dc0160086d723cfb;hp=d712968d9110d05cef8b2d403debd10d2ebd824f;hpb=45c855269d952873285f7a835e82fc2b3eff3971;p=timetracker.git

diff --git a/report.php b/report.php
index d712968d..61b3587f 100644
--- a/report.php
+++ b/report.php
@@ -33,7 +33,7 @@ import('ttReportHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports'))) {
+if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports') || ttAccessAllowed('view_all_reports'))) {
   header('Location: access_denied.php');
   exit();
 }
@@ -70,11 +70,12 @@ $client_id = $bean->getAttribute('client');
 // Do we need to show checkboxes?
 if ($bean->getAttribute('chpaid') ||
    ($client_id && $bean->getAttribute('chinvoice') && ('no_grouping' == $bean->getAttribute('group_by')) && !$user->isClient())) {
-  $smarty->assign('use_checkboxes', true);
+  if ($user->can('manage_invoices'))
+    $smarty->assign('use_checkboxes', true);
 }
 
 // Controls for "Mark paid" block.
-if ($bean->getAttribute('chpaid')) {
+if ($user->can('manage_invoices') && $bean->getAttribute('chpaid')) {
   $mark_paid_select_options = array('1'=>$i18n->get('dropdown.all'),'2'=>$i18n->get('dropdown.select'));
   $form->addInput(array('type'=>'combobox',
     'name'=>'mark_paid_select_options',
@@ -90,7 +91,8 @@ if ($bean->getAttribute('chpaid')) {
 }
 
 // Controls for "Assign to invoice" block.
-if ($client_id && $bean->getAttribute('chinvoice') && ('no_grouping' == $bean->getAttribute('group_by')) && !$user->isClient()) {
+if ($user->can('manage_invoices') &&
+  ($client_id && $bean->getAttribute('chinvoice') && ('no_grouping' == $bean->getAttribute('group_by')) && !$user->isClient())) {
   // Client is selected and we are displaying the invoice column.
   $recent_invoices = ttTeamHelper::getRecentInvoices($user->group_id, $client_id);
   if ($recent_invoices) {
@@ -170,14 +172,15 @@ if ($request->isPost()) {
 
 $group_by = $bean->getAttribute('group_by');
 
-$report_items = ttReportHelper::getItems($bean);
+$options = ttReportHelper::getReportOptions($bean);
+$report_items = ttReportHelper::getItems($bean, $options);
 // Store record ids in session in case user wants to act on records such as marking them all paid.
 if ($request->isGet() && $user->isPluginEnabled('ps'))
   ttReportHelper::putInSession($report_items);
 
 if ('no_grouping' != $group_by)
-  $subtotals = ttReportHelper::getSubtotals($bean);
-$totals = ttReportHelper::getTotals($bean);
+  $subtotals = ttReportHelper::getSubtotals($bean, $options);
+$totals = ttReportHelper::getTotals($bean, $options);
 
 // Assign variables that are used to print subtotals.
 if ($report_items && 'no_grouping' != $group_by) {