X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=time_edit.php;h=5f4068829822f7100447a0b23936754bd34a1b0f;hb=f9e704d00a2d21b1a94332e088f78c22da03d37c;hp=1ff3ad8d610c3e4261632deea22b804fedaf31c0;hpb=55bb8bbaca7f898c41398861c266763dd5ead789;p=timetracker.git
diff --git a/time_edit.php b/time_edit.php
index 1ff3ad8d..5f406882 100644
--- a/time_edit.php
+++ b/time_edit.php
@@ -34,27 +34,27 @@ import('ttClientHelper');
import('ttTimeHelper');
import('DateAndTime');
-// Access check.
-if (!ttAccessAllowed('track_own_time')) {
+// Access checks.
+if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time'))) {
header('Location: access_denied.php');
exit();
}
+$cl_id = (int)$request->getParameter('id');
+$time_rec = ttTimeHelper::getRecord($cl_id, $user->getActiveUser());
+if (!$time_rec || $time_rec['invoice_id']) {
+ // Prohibit editing not ours or invoiced records.
+ header('Location: access_denied.php');
+ exit();
+}
+// End of access checks.
// Use custom fields plugin if it is enabled.
if ($user->isPluginEnabled('cf')) {
require_once('plugins/CustomFields.class.php');
- $custom_fields = new CustomFields($user->team_id);
+ $custom_fields = new CustomFields($user->group_id);
$smarty->assign('custom_fields', $custom_fields);
}
-$cl_id = $request->getParameter('id');
-
-// Get the time record we are editing.
-$time_rec = ttTimeHelper::getRecord($cl_id, $user->getActiveUser());
-
-// Prohibit editing invoiced records.
-if ($time_rec['invoice_id']) die($i18n->getKey('error.sys'));
-
$item_date = new DateAndTime(DB_DATEFORMAT, $time_rec['date']);
// Initialize variables.
@@ -101,7 +101,7 @@ if ($request->isPost()) {
if (strlen($cl_start) > 0 && $cl_start == $cl_finish && $cl_duration == '0:00') {
$cl_finish = '';
$cl_duration = '';
- $msg->add($i18n->getKey('form.time_edit.uncompleted'));
+ $msg->add($i18n->get('form.time_edit.uncompleted'));
}
}
@@ -110,7 +110,7 @@ $form = new Form('timeRecordForm');
// Dropdown for clients in MODE_TIME. Use all active clients.
if (MODE_TIME == $user->tracking_mode && $user->isPluginEnabled('cl')) {
- $active_clients = ttTeamHelper::getActiveClients($user->team_id, true);
+ $active_clients = ttTeamHelper::getActiveClients($user->group_id, true);
$form->addInput(array('type'=>'combobox',
'onchange'=>'fillProjectDropdown(this.value);',
'name'=>'client',
@@ -118,7 +118,7 @@ if (MODE_TIME == $user->tracking_mode && $user->isPluginEnabled('cl')) {
'value'=>$cl_client,
'data'=>$active_clients,
'datakeys'=>array('id', 'name'),
- 'empty'=>array(''=>$i18n->getKey('dropdown.select'))));
+ 'empty'=>array(''=>$i18n->get('dropdown.select'))));
// Note: in other modes the client list is filtered to relevant clients only. See below.
}
@@ -132,11 +132,11 @@ if (MODE_PROJECTS == $user->tracking_mode || MODE_PROJECTS_AND_TASKS == $user->t
'value'=>$cl_project,
'data'=>$project_list,
'datakeys'=>array('id','name'),
- 'empty'=>array(''=>$i18n->getKey('dropdown.select'))));
+ 'empty'=>array(''=>$i18n->get('dropdown.select'))));
// Dropdown for clients if the clients plugin is enabled.
if ($user->isPluginEnabled('cl')) {
- $active_clients = ttTeamHelper::getActiveClients($user->team_id, true);
+ $active_clients = ttTeamHelper::getActiveClients($user->group_id, true);
// We need an array of assigned project ids to do some trimming.
foreach($project_list as $project)
$projects_assigned_to_user[] = $project['id'];
@@ -159,27 +159,26 @@ if (MODE_PROJECTS == $user->tracking_mode || MODE_PROJECTS_AND_TASKS == $user->t
'value'=>$cl_client,
'data'=>$client_list,
'datakeys'=>array('id', 'name'),
- 'empty'=>array(''=>$i18n->getKey('dropdown.select'))));
+ 'empty'=>array(''=>$i18n->get('dropdown.select'))));
}
}
if (MODE_PROJECTS_AND_TASKS == $user->tracking_mode) {
- $task_list = ttTeamHelper::getActiveTasks($user->team_id);
+ $task_list = ttTeamHelper::getActiveTasks($user->group_id);
$form->addInput(array('type'=>'combobox',
'name'=>'task',
'style'=>'width: 250px;',
'value'=>$cl_task,
'data'=>$task_list,
'datakeys'=>array('id','name'),
- 'empty'=>array(''=>$i18n->getKey('dropdown.select'))));
+ 'empty'=>array(''=>$i18n->get('dropdown.select'))));
}
// Add other controls.
if ((TYPE_START_FINISH == $user->record_type) || (TYPE_ALL == $user->record_type)) {
$form->addInput(array('type'=>'text','name'=>'start','value'=>$cl_start,'onchange'=>"formDisable('start');"));
$form->addInput(array('type'=>'text','name'=>'finish','value'=>$cl_finish,'onchange'=>"formDisable('finish');"));
- if ($user->punch_mode && // Punch mode enabled for team.
- !($user->behalf_id && $user->can('override_punch_mode'))) { // Cannot override for lower roles.
+ if ($user->punch_mode && !$user->canOverridePunchMode()) {
// Make the start and finish fields read-only.
$form->getElement('start')->setEnabled(false);
$form->getElement('finish')->setEnabled(false);
@@ -200,60 +199,60 @@ if ($custom_fields && $custom_fields->fields[0]) {
'style'=>'width: 250px;',
'value'=>$cl_cf_1,
'data'=>$custom_fields->options,
- 'empty' => array('' => $i18n->getKey('dropdown.select'))));
+ 'empty' => array('' => $i18n->get('dropdown.select'))));
}
}
// Hidden control for record id.
$form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_id));
if ($user->isPluginEnabled('iv'))
$form->addInput(array('type'=>'checkbox','name'=>'billable','value'=>$cl_billable));
-if ($user->canManageTeam() && $user->isPluginEnabled('ps'))
+if ($user->can('manage_invoices') && $user->isPluginEnabled('ps'))
$form->addInput(array('type'=>'checkbox','name'=>'paid','value'=>$cl_paid));
$form->addInput(array('type'=>'hidden','name'=>'browser_today','value'=>'')); // User current date, which gets filled in on btn_save or btn_copy click.
-$form->addInput(array('type'=>'submit','name'=>'btn_save','onclick'=>'browser_today.value=get_date()','value'=>$i18n->getKey('button.save')));
-$form->addInput(array('type'=>'submit','name'=>'btn_copy','onclick'=>'browser_today.value=get_date()','value'=>$i18n->getKey('button.copy')));
-$form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->getKey('label.delete')));
+$form->addInput(array('type'=>'submit','name'=>'btn_save','onclick'=>'browser_today.value=get_date()','value'=>$i18n->get('button.save')));
+$form->addInput(array('type'=>'submit','name'=>'btn_copy','onclick'=>'browser_today.value=get_date()','value'=>$i18n->get('button.copy')));
+$form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get('label.delete')));
if ($request->isPost()) {
// Validate user input.
if ($user->isPluginEnabled('cl') && $user->isPluginEnabled('cm') && !$cl_client)
- $err->add($i18n->getKey('error.client'));
+ $err->add($i18n->get('error.client'));
if ($custom_fields) {
- if (!ttValidString($cl_cf_1, !$custom_fields->fields[0]['required'])) $err->add($i18n->getKey('error.field'), $custom_fields->fields[0]['label']);
+ if (!ttValidString($cl_cf_1, !$custom_fields->fields[0]['required'])) $err->add($i18n->get('error.field'), $custom_fields->fields[0]['label']);
}
if (MODE_PROJECTS == $user->tracking_mode || MODE_PROJECTS_AND_TASKS == $user->tracking_mode) {
- if (!$cl_project) $err->add($i18n->getKey('error.project'));
+ if (!$cl_project) $err->add($i18n->get('error.project'));
}
if (MODE_PROJECTS_AND_TASKS == $user->tracking_mode && $user->task_required) {
- if (!$cl_task) $err->add($i18n->getKey('error.task'));
+ if (!$cl_task) $err->add($i18n->get('error.task'));
}
if (!$cl_duration) {
if ('0' == $cl_duration)
- $err->add($i18n->getKey('error.field'), $i18n->getKey('label.duration'));
+ $err->add($i18n->get('error.field'), $i18n->get('label.duration'));
elseif ($cl_start || $cl_finish) {
if (!ttTimeHelper::isValidTime($cl_start))
- $err->add($i18n->getKey('error.field'), $i18n->getKey('label.start'));
+ $err->add($i18n->get('error.field'), $i18n->get('label.start'));
if ($cl_finish) {
if (!ttTimeHelper::isValidTime($cl_finish))
- $err->add($i18n->getKey('error.field'), $i18n->getKey('label.finish'));
+ $err->add($i18n->get('error.field'), $i18n->get('label.finish'));
if (!ttTimeHelper::isValidInterval($cl_start, $cl_finish))
- $err->add($i18n->getKey('error.interval'), $i18n->getKey('label.finish'), $i18n->getKey('label.start'));
+ $err->add($i18n->get('error.interval'), $i18n->get('label.finish'), $i18n->get('label.start'));
}
} else {
if ((TYPE_START_FINISH == $user->record_type) || (TYPE_ALL == $user->record_type)) {
- $err->add($i18n->getKey('error.empty'), $i18n->getKey('label.start'));
- $err->add($i18n->getKey('error.empty'), $i18n->getKey('label.finish'));
+ $err->add($i18n->get('error.empty'), $i18n->get('label.start'));
+ $err->add($i18n->get('error.empty'), $i18n->get('label.finish'));
}
if ((TYPE_DURATION == $user->record_type) || (TYPE_ALL == $user->record_type))
- $err->add($i18n->getKey('error.empty'), $i18n->getKey('label.duration'));
+ $err->add($i18n->get('error.empty'), $i18n->get('label.duration'));
}
} else {
if (false === ttTimeHelper::postedDurationToMinutes($cl_duration))
- $err->add($i18n->getKey('error.field'), $i18n->getKey('label.duration'));
+ $err->add($i18n->get('error.field'), $i18n->get('label.duration'));
}
- if (!ttValidDate($cl_date)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.date'));
- if (!ttValidString($cl_note, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.note'));
+ if (!ttValidDate($cl_date)) $err->add($i18n->get('error.field'), $i18n->get('label.date'));
+ if (!ttValidString($cl_note, true)) $err->add($i18n->get('error.field'), $i18n->get('label.note'));
// Finished validating user input.
// This is a new date for the time record.
@@ -263,7 +262,7 @@ if ($request->isPost()) {
if (!$user->future_entries) {
$browser_today = new DateAndTime(DB_DATEFORMAT, $request->getParameter('browser_today', null));
if ($new_date->after($browser_today))
- $err->add($i18n->getKey('error.future_date'));
+ $err->add($i18n->get('error.future_date'));
}
// Save record.
@@ -277,11 +276,11 @@ if ($request->isPost()) {
if ($err->no()) {
// 1) Prohibit saving locked entries in any form.
if ($user->isDateLocked($item_date))
- $err->add($i18n->getKey('error.range_locked'));
+ $err->add($i18n->get('error.range_locked'));
// 2) Prohibit saving completed unlocked entries into locked range.
if ($err->no() && $user->isDateLocked($new_date))
- $err->add($i18n->getKey('error.range_locked'));
+ $err->add($i18n->get('error.range_locked'));
// 3) Prohibit saving uncompleted unlocked entries when another uncompleted entry exists.
$uncompleted = ($cl_finish == '' && $cl_duration == '');
@@ -289,7 +288,7 @@ if ($request->isPost()) {
$not_completed_rec = ttTimeHelper::getUncompleted($user->getActiveUser());
if ($not_completed_rec && ($time_rec['id'] <> $not_completed_rec['id'])) {
// We have another not completed record.
- $err->add($i18n->getKey('error.uncompleted_exists')." ".$i18n->getKey('error.goto_uncompleted')."");
+ $err->add($i18n->get('error.uncompleted_exists')." ".$i18n->get('error.goto_uncompleted')."");
}
}
}
@@ -297,7 +296,7 @@ if ($request->isPost()) {
// Prohibit creating an overlapping record.
if ($err->no()) {
if (ttTimeHelper::overlaps($user->getActiveUser(), $new_date->toString(DB_DATEFORMAT), $cl_start, $cl_finish, $cl_id))
- $err->add($i18n->getKey('error.overlap'));
+ $err->add($i18n->get('error.overlap'));
}
// Now, an update.
@@ -341,7 +340,7 @@ if ($request->isPost()) {
if ($err->no()) {
// 1) Prohibit saving into locked range.
if ($user->isDateLocked($new_date))
- $err->add($i18n->getKey('error.range_locked'));
+ $err->add($i18n->get('error.range_locked'));
// 2) Prohibit saving uncompleted unlocked entries when another uncompleted entry exists.
$uncompleted = ($cl_finish == '' && $cl_duration == '');
@@ -349,7 +348,7 @@ if ($request->isPost()) {
$not_completed_rec = ttTimeHelper::getUncompleted($user->getActiveUser());
if ($not_completed_rec) {
// We have another not completed record.
- $err->add($i18n->getKey('error.uncompleted_exists')." ".$i18n->getKey('error.goto_uncompleted')."");
+ $err->add($i18n->get('error.uncompleted_exists')." ".$i18n->get('error.goto_uncompleted')."");
}
}
}
@@ -357,7 +356,7 @@ if ($request->isPost()) {
// Prohibit creating an overlapping record.
if ($err->no()) {
if (ttTimeHelper::overlaps($user->getActiveUser(), $new_date->toString(DB_DATEFORMAT), $cl_start, $cl_finish))
- $err->add($i18n->getKey('error.overlap'));
+ $err->add($i18n->get('error.overlap'));
}
// Now, a new insert.
@@ -366,6 +365,7 @@ if ($request->isPost()) {
$id = ttTimeHelper::insert(array(
'date'=>$new_date->toString(DB_DATEFORMAT),
'user_id'=>$user->getActiveUser(),
+ 'group_id'=>$user->getActiveGroup(),
'client'=>$cl_client,
'project'=>$cl_project,
'task'=>$cl_task,
@@ -388,7 +388,7 @@ if ($request->isPost()) {
header('Location: time.php?date='.$new_date->toString(DB_DATEFORMAT));
exit();
}
- $err->add($i18n->getKey('error.db'));
+ $err->add($i18n->get('error.db'));
}
}
@@ -403,6 +403,6 @@ $smarty->assign('project_list', $project_list);
$smarty->assign('task_list', $task_list);
$smarty->assign('forms', array($form->getName()=>$form->toArray()));
$smarty->assign('onload', 'onLoad="fillDropdowns()"');
-$smarty->assign('title', $i18n->getKey('title.edit_time_record'));
+$smarty->assign('title', $i18n->get('title.edit_time_record'));
$smarty->assign('content_page_name', 'time_edit.tpl');
$smarty->display('index.tpl');