X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=role_edit.php;h=972d4540cb2e3e9d2f392a640e3d1a00663f664e;hb=4334f16faa68ecaec5aceb5c16bb500d62a3688f;hp=21ed258d1f649f1c3db2992e97702971c6e05d1e;hpb=4d07dc7fef357e5139f35df6271cc15dc6bea955;p=timetracker.git diff --git a/role_edit.php b/role_edit.php index 21ed258d..972d4540 100644 --- a/role_edit.php +++ b/role_edit.php @@ -28,12 +28,10 @@ require_once('initialize.php'); import('form.Form'); -import('ttTeamHelper'); // TODO: remove this? -import('ttTaskHelper'); // TODO: remove this? import('ttRoleHelper'); -// Access check. -if (!ttAccessCheck(right_manage_team)) { +// Access checks. +if (!ttAccessAllowed('manage_roles')) { header('Location: access_denied.php'); exit(); } @@ -43,16 +41,20 @@ if (!$role) { header('Location: access_denied.php'); exit(); } +// End of access checks. + $assigned_rights = explode(',', $role['rights']); -$available_rights = array_diff($user->rights_array, $assigned_rights); +$available_rights = array_diff($user->rights, $assigned_rights); if ($request->isPost()) { $cl_name = trim($request->getParameter('name')); $cl_description = trim($request->getParameter('description')); + $cl_rank = $request->getParameter('rank'); $cl_status = $request->getParameter('status'); } else { $cl_name = $role['name']; $cl_description = $role['description']; + $cl_rank = $role['rank']; $cl_status = $role['status']; } @@ -60,23 +62,26 @@ $form = new Form('roleForm'); $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_role_id)); $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'name','style'=>'width: 250px;','value'=>$cl_name)); $form->addInput(array('type'=>'textarea','name'=>'description','style'=>'width: 250px; height: 40px;','value'=>$cl_description)); +for ($i = 0; $i < $user->rank; $i++) { + $rank_data[] = $i; +} +$form->addInput(array('type'=>'combobox','name'=>'rank','data'=>$rank_data,'value'=>$cl_rank)); +$form->addInput(array('type'=>'combobox','name'=>'status','value'=>$cl_status, + 'data'=>array(ACTIVE=>$i18n->get('dropdown.status_active'),INACTIVE=>$i18n->get('dropdown.status_inactive')))); +$form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->get('button.save'))); // Multiple select controls for assigned and available rights. $form->addInput(array('type'=>'combobox','name'=>'assigned_rights','style'=>'width: 250px;','multiple'=>true,'data'=>$assigned_rights)); -$form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->getKey('button.delete'))); +$form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get('button.delete'))); $form->addInput(array('type'=>'combobox','name'=>'available_rights','style'=>'width: 250px;','multiple'=>true,'data'=>$available_rights)); -$form->addInput(array('type'=>'submit','name'=>'btn_add','value'=>$i18n->getKey('button.add'))); - - -$form->addInput(array('type'=>'combobox','name'=>'status','value'=>$cl_status, - 'data'=>array(ACTIVE=>$i18n->getKey('dropdown.status_active'),INACTIVE=>$i18n->getKey('dropdown.status_inactive')))); -$form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->getKey('button.save'))); +$form->addInput(array('type'=>'submit','name'=>'btn_add','value'=>$i18n->get('button.add'))); if ($request->isPost()) { if ($request->getParameter('btn_save')) { // Validate user input. - if (!ttValidString($cl_name)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.thing_name')); - if (!ttValidString($cl_description, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.description')); + if (!ttValidString($cl_name)) $err->add($i18n->get('error.field'), $i18n->get('label.thing_name')); + if (!ttValidString($cl_description, true)) $err->add($i18n->get('error.field'), $i18n->get('label.description')); + if ($cl_rank >= $user->rank || $cl_rank < 0) $err->add($i18n->get('error.field'), $i18n->get('form.roles.rank')); if ($err->no()) { $existing_role = ttRoleHelper::getRoleByName($cl_name); @@ -85,14 +90,15 @@ if ($request->isPost()) { if (ttRoleHelper::update(array( 'id' => $cl_role_id, 'name' => $cl_name, + 'rank' => $cl_rank, 'description' => $cl_description, 'status' => $cl_status))) { header('Location: roles.php'); exit(); } else - $err->add($i18n->getKey('error.db')); + $err->add($i18n->get('error.db')); } else - $err->add($i18n->getKey('error.object_exists')); + $err->add($i18n->get('error.object_exists')); } } if ($request->getParameter('btn_delete') && $request->getParameter('assigned_rights')) { @@ -108,7 +114,7 @@ if ($request->isPost()) { header('Location: role_edit.php?id='.$role['id']); exit(); } else - $err->add($i18n->getKey('error.db')); + $err->add($i18n->get('error.db')); } if ($request->getParameter('btn_add') && $request->getParameter('available_rights')) { $rights = $role['rights']; @@ -119,7 +125,7 @@ if ($request->isPost()) { $rights = str_replace($right_to_add, '', $rights); $rights = str_replace(',,',',', $rights); // Add the right only if we have it ourselves. - if (in_array($right_to_add, $user->rights_array)) + if (in_array($right_to_add, $user->rights)) $rights .= ','.$right_to_add; } $rights = trim($rights, ','); @@ -127,11 +133,11 @@ if ($request->isPost()) { header('Location: role_edit.php?id='.$role['id']); exit(); } else - $err->add($i18n->getKey('error.db')); + $err->add($i18n->get('error.db')); } } // isPost $smarty->assign('forms', array($form->getName()=>$form->toArray())); -$smarty->assign('title', $i18n->getKey('title.edit_role')); +$smarty->assign('title', $i18n->get('title.edit_role')); $smarty->assign('content_page_name', 'role_edit.tpl'); $smarty->display('index.tpl');