X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=roles.php;h=fe68329d36c27caba68a48bac622e5850a6068e0;hb=c9635e26bfce35b8009e8a760d9aec8de89ec3f5;hp=4e951e9d4cb49c7dbd4c6f05bb78314afdc91402;hpb=1c40fb09e97ff643c80e9b96106d891e6fdbde1b;p=timetracker.git

diff --git a/roles.php b/roles.php
index 4e951e9d..fe68329d 100644
--- a/roles.php
+++ b/roles.php
@@ -31,17 +31,26 @@ import('form.Form');
 import('ttTeamHelper');
 import('ttRoleHelper');
 
-// Access check.
-if (!ttAccessCheck(right_manage_team)) {
+// Access checks.
+if (!ttAccessAllowed('manage_roles')) {
   header('Location: access_denied.php');
   exit();
 }
+$group_id = (int)$request->getParameter('group_id');
+if ($group_id && !$user->isGroupValid($group_id)) {
+  header('Location: access_denied.php');
+  exit();
+}
+// End of access checks.
 
-// If there are no roles in team, introduce default ones.
-if (!ttRoleHelper::rolesExist()) ttRoleHelper::createDefaultRoles();
+if ($group_id) {
+  // We are passed a valid group_id (most likely from group_edit.php).
+  // Set on behalf group accordingly.
+  $user->setOnBehalfGroup($group_id);
+}
 
-$smarty->assign('active_roles', ttTeamHelper::getActiveRoles($user->team_id));
-$smarty->assign('inactive_roles', ttTeamHelper::getInactiveRoles($user->team_id));
-$smarty->assign('title', $i18n->getKey('title.roles'));
+$smarty->assign('active_roles', ttTeamHelper::getActiveRolesForUser());
+$smarty->assign('inactive_roles', ttTeamHelper::getInactiveRolesForUser());
+$smarty->assign('title', $i18n->get('title.roles'));
 $smarty->assign('content_page_name', 'roles.tpl');
 $smarty->display('index.tpl');