X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=timesheet_view.php;h=df28e3061939cb16425f39608c061ec6816bdfc0;hb=086b93bd5a71b4c68ae3fa3e37d97182ee2a5b73;hp=70ab3357dabca597ef40128e8fb7f2f2437fc874;hpb=e5486346ac0574517a4fd118f03616ec455df9a9;p=timetracker.git diff --git a/timesheet_view.php b/timesheet_view.php index 70ab3357..df28e306 100644 --- a/timesheet_view.php +++ b/timesheet_view.php @@ -30,7 +30,7 @@ require_once('initialize.php'); import('ttTimesheetHelper'); // Access checks. -if (!(ttAccessAllowed('view_own_timesheets') || ttAccessAllowed('view_timesheets') || ttAccessAllowed('view_all_timesheets') || ttAccessAllowed('view_client_timesheets'))) { +if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time'))) { header('Location: access_denied.php'); exit(); } @@ -38,14 +38,14 @@ if (!$user->isPluginEnabled('ts')) { header('Location: feature_disabled.php'); exit(); } -$timesheet_id = (int)$request->getParameter('id'); -$timesheet = ttTimesheetHelper::getTimesheet($timesheet_id); +$cl_timesheet_id = (int)$request->getParameter('id'); +$timesheet = ttTimesheetHelper::getTimesheet($cl_timesheet_id); if (!$timesheet) { header('Location: access_denied.php'); exit(); } // TODO: add other checks here for timesheet being appropriate for user role. -// TODO: if this is a timeheet submit, validate approver id, too. +// TODO: if this is a timesheet submit, validate approver id, too. // End of access checks. if ($request->isPost()) { @@ -55,13 +55,12 @@ if ($request->isPost()) { $options = ttTimesheetHelper::getReportOptions($timesheet); $subtotals = ttReportHelper::getSubtotals($options); $totals = ttReportHelper::getTotals($options); -$notClient = !$user->isClient(); // Determine which controls to show and obtain date for them. -$showSubmit = $notClient && !$timesheet['submit_status']; +$showSubmit = !$timesheet['submit_status']; if ($showSubmit) $approvers = ttTimesheetHelper::getApprovers($timesheet['user_id']); -$canApprove = $user->can('approve_timesheets') || $user_>can('approve_all_timesheets'); -$showApprove = $notClient && $timesheet['submit_status'] && $timesheet['approval_status'] == null; +$canApprove = $user->can('approve_timesheets') || $user->can('approve_all_timesheets'); +$showApprove = $timesheet['submit_status'] && $timesheet['approval_status'] == null; // Add a form with controls. $form = new Form('timesheetForm');