X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=roles.php;h=fe68329d36c27caba68a48bac622e5850a6068e0;hb=b1102de865ed3f8a3d1d9cd62152e03febbfdcfc;hp=b4facce1cfd7efcb808b801bb0756c5f6061cf58;hpb=fe40891a4ad16b5b70d518e8b5b2596267b684f9;p=timetracker.git

diff --git a/roles.php b/roles.php
index b4facce1..fe68329d 100644
--- a/roles.php
+++ b/roles.php
@@ -31,17 +31,26 @@ import('form.Form');
 import('ttTeamHelper');
 import('ttRoleHelper');
 
-// Access check.
-if (!ttAccessCheck(right_manage_team)) {
+// Access checks.
+if (!ttAccessAllowed('manage_roles')) {
   header('Location: access_denied.php');
   exit();
 }
+$group_id = (int)$request->getParameter('group_id');
+if ($group_id && !$user->isGroupValid($group_id)) {
+  header('Location: access_denied.php');
+  exit();
+}
+// End of access checks.
 
-// If there are no roles in team, introduce default ones.
-if (!ttRoleHelper::rolesExist()) ttRoleHelper::createDefaultRoles(); // TODO: refactor or remove after roles revamp.
+if ($group_id) {
+  // We are passed a valid group_id (most likely from group_edit.php).
+  // Set on behalf group accordingly.
+  $user->setOnBehalfGroup($group_id);
+}
 
-$smarty->assign('active_roles', ttTeamHelper::getActiveRoles($user->team_id));
-$smarty->assign('inactive_roles', ttTeamHelper::getInactiveRoles($user->team_id));
-$smarty->assign('title', $i18n->getKey('title.roles'));
+$smarty->assign('active_roles', ttTeamHelper::getActiveRolesForUser());
+$smarty->assign('inactive_roles', ttTeamHelper::getInactiveRolesForUser());
+$smarty->assign('title', $i18n->get('title.roles'));
 $smarty->assign('content_page_name', 'roles.tpl');
 $smarty->display('index.tpl');