X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=timesheets.php;h=672e85974ad4673c0f6c2fa8e5f0c641eed49407;hb=1e2a1839bd4b4530a43dfcdc3f0582623edd5486;hp=4a4eb66fef20ca9802d3039dcd892aa45f792099;hpb=b33cf8ebaf54882a2238b660ba07936301077695;p=timetracker.git diff --git a/timesheets.php b/timesheets.php index 4a4eb66f..672e8597 100644 --- a/timesheets.php +++ b/timesheets.php @@ -28,27 +28,88 @@ require_once('initialize.php'); import('form.Form'); +import('ttGroupHelper'); import('ttTimesheetHelper'); // Access checks. -if (!(ttAccessAllowed('view_own_timesheets') || - ttAccessAllowed('manage_own_timesheets') || - ttAccessAllowed('view_timesheets') || - ttAccessAllowed('manage_timesheets') || - ttAccessAllowed('approve_timesheets'))) { +if (!(ttAccessAllowed('view_own_timesheets') || ttAccessAllowed('view_timesheets') || ttAccessAllowed('view_all_timesheets') || ttAccessAllowed('view_client_timesheets'))) { header('Location: access_denied.php'); exit(); } - if (!$user->isPluginEnabled('ts')) { header('Location: feature_disabled.php'); exit(); } +if ($user->isClient()) { + $users_for_client = ttGroupHelper::getUsersForClient($user->client_id); + if (count($users_for_client) == 0) { + header('Location: access_denied.php'); // There are no users for client. + exit(); + } +} +if ($request->isPost()) { + $userChanged = $request->getParameter('user_changed'); + if ($userChanged && !(ttTimesheetHelper::isUserValid($request->getParameter('user')))) { + header('Location: access_denied.php'); // Wrong user id. + exit(); + } +} // End of access checks. -$timesheets = ttTimesheetHelper::getTimesheets($user->getUser()); +// Determine user for whom we display this page. +$notClient = !$user->isClient(); +if ($request->isPost() && $userChanged) { + $user_id = $request->getParameter('user'); +} else { + if ($notClient) + $user_id = $user->getUser(); + else + $user_id = $users_for_client[0]['id']; // First found user for a client. +} +$group_id = $user->getGroup(); + +// Elements of timesheetsForm. +$form = new Form('timesheetsForm'); + +if ($user->can('view_timesheets') || $user->can('view_all_timesheets') || $user->can('view_client_timesheets')) { + // Prepare user list for dropdown. + if ($notClient) { + $rank = $user->can('view_all_timesheets') ? MAX_RANK : $user->getMaxRankForGroup($group_id); + if ($user->can('view_own_timesheets')) + $options = array('max_rank'=>$rank,'include_self'=>true,'self_first'=>true); + else + $options = array('max_rank'=>$rank); + $user_list = $user->getUsers($options); + } else + $user_list = $users_for_client; // Obtained above. + + if (count($user_list) >= 1) { + $form->addInput(array('type'=>'combobox', + 'onchange'=>'document.timesheetsForm.user_changed.value=1;document.timesheetsForm.submit();', + 'name'=>'user', + 'style'=>'width: 250px;', + 'value'=>$user_id, + 'data'=>$user_list, + 'datakeys'=>array('id','name'))); + $form->addInput(array('type'=>'hidden','name'=>'user_changed')); + $smarty->assign('user_dropdown', 1); + } +} + +$active_timesheets = ttTimesheetHelper::getActiveTimesheets($user_id); +if ($notClient) + $inactive_timesheets = ttTimesheetHelper::getInactiveTimesheets($user_id); + +$showClient = $user->isPluginEnabled('cl') && $notClient; +$canEdit = $notClient && ($user->can('manage_own_timesheets') || + $user->can('manage_timesheets') || $user->can('manage_all_timesheets')); -$smarty->assign('timesheets', $timesheets); +$smarty->assign('active_timesheets', $active_timesheets); +$smarty->assign('inactive_timesheets', $inactive_timesheets); +$smarty->assign('show_client', $showClient); +$smarty->assign('not_client', $notClient); +$smarty->assign('can_edit', $canEdit); +$smarty->assign('forms', array($form->getName()=>$form->toArray())); $smarty->assign('title', $i18n->get('title.timesheets')); $smarty->assign('content_page_name', 'timesheets.tpl'); $smarty->display('index.tpl');