X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=time_files.php;h=c499b25c9312e6cce4d5a2bd673840daa31abf0b;hb=75a1eedb8977b8f2db459128bab9aaf367e3b58b;hp=6b76b23deb7157ecae1cb2b9da6ca9d7ba5726c0;hpb=ccad5f6b0a1739455bf3b53dfcbcffd6692ffd5e;p=timetracker.git

diff --git a/time_files.php b/time_files.php
index 6b76b23d..c499b25c 100644
--- a/time_files.php
+++ b/time_files.php
@@ -36,17 +36,16 @@ if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time'))) {
   header('Location: access_denied.php');
   exit();
 }
+if (!$user->isPluginEnabled('at')) {
+  header('Location: feature_disabled.php');
+  exit();
+}
 $cl_id = (int)$request->getParameter('id');
-$time_rec = ttTimeHelper::getRecord($cl_id);
+$time_rec = ttTimeHelper::getRecordForFileView($cl_id);
 if (!$time_rec) {
   header('Location: access_denied.php');
   exit();
 }
-if (!$user->isPluginEnabled('at')) {
-  header('Location: feature_disabled.php');
-  exit();
-}
-// TODO: review access checks, specifically for on behalf operations.
 // End of access checks.
 
 if ($request->isPost()) {
@@ -83,10 +82,9 @@ if ($request->isPost()) {
   }
 } // isPost
 
-$canEdit = !($time_rec['approved'] || $time_rec['timesheet_id'] || $time_rec['invoice_id']);
-$smarty->assign('can_edit', $canEdit);
+$smarty->assign('can_edit', $time_rec['can_edit']);
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('files', $files);
 $smarty->assign('title', $i18n->get('title.time_files'));
-$smarty->assign('content_page_name', 'time_files.tpl');
+$smarty->assign('content_page_name', 'entity_files.tpl');
 $smarty->display('index.tpl');