X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=users.php;h=47ec0145aea1204e7d697573f6e6bc3d49066ebb;hb=e92d4ffe1d8dfe70c11be7862b31de432a6bab07;hp=79f2df3e6c52bfe5c4a58f122223ad0cc2201420;hpb=b401022733a9645ed701522585b2d57db936f5cc;p=timetracker.git

diff --git a/users.php b/users.php
index 79f2df3e..47ec0145 100644
--- a/users.php
+++ b/users.php
@@ -28,40 +28,69 @@
 
 require_once('initialize.php');
 import('form.Form');
-import('ttTeamHelper');
 import('ttTimeHelper');
 import('ttRoleHelper');
 
-// Access check.
-if (!ttAccessAllowed('view_users')) {
+// Access checks.
+if (!(ttAccessAllowed('view_users') || ttAccessAllowed('manage_users'))) {
   header('Location: access_denied.php');
   exit();
 }
+if ($request->isPost() && !$user->isGroupValid($request->getParameter('group'))) {
+  header('Location: access_denied.php'); // Wrong group id in post.
+  exit();
+}
+// Note: we don't use "manage_subgroups" in access check, because when user cannot
+// "manage_users" or "view_users" they do not belong here.
+// End of access checks.
+
+if ($request->isPost()) {
+  $group_id = $request->getParameter('group');
+  $user->setOnBehalfGroup($group_id);
+} else {
+  $group_id = $user->getGroup();
+}
+$uncompleted_indicators = $user->getConfigOption('uncompleted_indicators');
 
-// Get users.
-$active_users = ttTeamHelper::getActiveUsers(array('getAllFields'=>true));
-if($user->canManageTeam()) {
+$form = new Form('usersForm');
+if ($user->can('manage_subgroups')) {
+  $groups = $user->getGroupsForDropdown();
+  if (count($groups) > 1) {
+    $form->addInput(array('type'=>'combobox',
+      'onchange'=>'this.form.submit();',
+      'name'=>'group',
+      'style'=>'width: 250px;',
+      'value'=>$group_id,
+      'data'=>$groups,
+      'datakeys'=>array('id','name')));
+    $smarty->assign('group_dropdown', 1);
+  }
+}
 
-  // If there are no roles in team, introduce default ones.
-  if (!ttRoleHelper::rolesExist()) ttRoleHelper::createDefaultRoles(); // TODO: refactor or remove after roles revamp.
-  // This is here temporarily so that we have roles to work with to manage users.
-  // Normally, this should be done during an upgrade step (not yet implemented).
+// Prepare a list of active users.
+if ($user->can('view_users'))
+  $options = array('status'=>ACTIVE,'include_clients'=>true,'include_login'=>true,'include_role'=>true);
+else /* if ($user->can('manage_users')) */
+  $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1,'include_clients'=>true,'include_self'=>true,'include_login'=>true,'include_role'=>true);
+$active_users = $user->getUsers($options);
 
-  $can_delete_manager = (1 == count($active_users));
-  $inactive_users = ttTeamHelper::getInactiveUsers($user->team_id, true);
+// Prepare a list of inactive users.
+if($user->can('manage_users')) {
+  $options = array('status'=>INACTIVE,'max_rank'=>$user->rank-1,'include_clients'=>true,'include_login'=>true,'include_role'=>true);
+  $inactive_users = $user->getUsers($options);
 }
 
-// Check if the team is set to show indicators for uncompleted time entries.
-if ($user->uncompleted_indicators) {
+if ($uncompleted_indicators) {
   // Check each active user if they have an uncompleted time entry.
   foreach ($active_users as $key => $user) {
     $active_users[$key]['has_uncompleted_entry'] = (bool) ttTimeHelper::getUncompleted($user['id']);
   }
+  $smarty->assign('uncompleted_indicators', true);
 }
 
+$smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('active_users', $active_users);
 $smarty->assign('inactive_users', $inactive_users);
-$smarty->assign('can_delete_manager', $can_delete_manager);
-$smarty->assign('title', $i18n->getKey('title.users'));
+$smarty->assign('title', $i18n->get('title.users'));
 $smarty->assign('content_page_name', 'users.tpl');
 $smarty->display('index.tpl');