X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=timesheet_edit.php;h=b883b20e9edcbec2f30e9b818b4d14f9cd7ff7dc;hb=5c582eb5bacc8b3d9d2775ade454590c71b113ec;hp=50d2a44d44c7fb615b8b5e43feb6e567303a16e9;hpb=f490a9f5e080c426f54502d1004f8ab444d26469;p=timetracker.git

diff --git a/timesheet_edit.php b/timesheet_edit.php
index 50d2a44d..b883b20e 100644
--- a/timesheet_edit.php
+++ b/timesheet_edit.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTimesheetHelper');
 
 // Access checks.
-if (!(ttAccessAllowed('manage_own_timesheets') || ttAccessAllowed('manage_timesheets'))) {
+if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time'))) {
   header('Location: access_denied.php');
   exit();
 }
@@ -53,10 +53,15 @@ if ($request->isPost()) {
   $cl_status = $request->getParameter('status');
 } else {
   $cl_name = $timesheet['name'];
-  $cl_comment = $timesheet['submitter_comment'];
+  $cl_comment = $timesheet['comment'];
   $cl_status = $timesheet['status'];
 }
 
+// Can we delete this timesheet?
+$canDelete = $timesheet['approve_status'] != 1
+  || (($user->id == $timesheet['user_id'] && $user->can('approve_own_timesheets'))
+  || ($user->id != $timesheet['user_id'] && $user->can('approve_timesheets')));
+
 $form = new Form('timesheetForm');
 $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_timesheet_id));
 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'timesheet_name','style'=>'width: 250px;','value'=>$cl_name));
@@ -64,21 +69,22 @@ $form->addInput(array('type'=>'textarea','name'=>'comment','style'=>'width: 250p
 $form->addInput(array('type'=>'combobox','name'=>'status','value'=>$cl_status,
   'data'=>array(ACTIVE=>$i18n->get('dropdown.status_active'),INACTIVE=>$i18n->get('dropdown.status_inactive'))));
 $form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->get('button.save')));
+if ($canDelete) $form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get('label.delete')));
 
 if ($request->isPost()) {
   // Validate user input.
   if (!ttValidString($cl_name)) $err->add($i18n->get('error.field'), $i18n->get('label.thing_name'));
   if (!ttValidString($cl_comment, true)) $err->add($i18n->get('error.field'), $i18n->get('label.comment'));
 
-  if ($err->no()) {
-    if ($request->getParameter('btn_save')) {
-      $existing_timesheet = ttTimesheetHelper::getTimesheetByName($cl_name, $timesheet['user_id']);
+  if ($request->getParameter('btn_save')) {
+    if ($err->no()) {
+      $existing_timesheet = ttTimesheetHelper::getTimesheetByName($cl_name);
       if (!$existing_timesheet || ($cl_timesheet_id == $existing_timesheet['id'])) {
-         // Update project information.
+         // Update timesheet information.
          if (ttTimesheetHelper::update(array(
            'id' => $cl_timesheet_id,
            'name' => $cl_name,
-           'submitter_comment' => $cl_comment,
+           'comment' => $cl_comment,
            'status' => $cl_status))) {
            header('Location: timesheets.php');
            exit();
@@ -88,12 +94,16 @@ if ($request->isPost()) {
         $err->add($i18n->get('error.object_exists'));
     }
   }
+
+  if ($request->getParameter('btn_delete') && $canDelete) {
+    header("Location: timesheet_delete.php?id=$cl_timesheet_id");
+    exit();
+  }
 } // isPost
 
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('onload', 'onLoad="document.timesheetForm.timesheet_name.focus()"');
-$smarty->assign('show_users', count($users) > 0);
-$smarty->assign('show_tasks', $show_tasks);
+$smarty->assign('can_delete', $canDelete);
 $smarty->assign('title', $i18n->get('title.edit_timesheet'));
 $smarty->assign('content_page_name', 'timesheet_edit.tpl');
 $smarty->display('index.tpl');