More refactoring of rights checks (#61)
authorbonnedav <theD_2011@hotmail.com>
Tue, 3 Apr 2018 12:53:55 +0000 (06:53 -0600)
committeranuko <support@anuko.com>
Tue, 3 Apr 2018 12:53:55 +0000 (12:53 +0000)
* Refactor predefined_expenses.tpl to use rights checks

* Refactor notifications.tpl to use rights checks

* Refactor invoices.tpl to use rights checks

* Refactor projects.tpl to use rights checks

* Update users.php

* Refactor desktop projects.tpl to use rights checks

* Refactor expenses.php to remove stray canManageTeam() call

* Refactor mobile users.php to remove stray canManageTeam call

* Refactor mobile expenses.php to remove stray canManageTeam() call

* Refactor time.php to remove stray canManageTeam call

WEB-INF/templates/invoices.tpl
WEB-INF/templates/mobile/projects.tpl
WEB-INF/templates/notifications.tpl
WEB-INF/templates/predefined_expenses.tpl
WEB-INF/templates/projects.tpl
expenses.php
mobile/expenses.php
mobile/users.php
time.php

index 32d0954..b966f9e 100644 (file)
@@ -5,7 +5,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam() || $user->isClient()}
+{if $user->can('manage_invoices') || $user->can('view_own_invoices')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.invoice}</td>
index 5e48813..96dcce1 100644 (file)
@@ -5,7 +5,7 @@
 <table class="mobile-table">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_projects')}
       <table class="mobile-table-details">
   {if $inactive_projects}
         <tr><td class="sectionHeaderNoBorder">{$i18n.form.projects.active_projects}</td></tr>
index 021ff92..7285419 100644 (file)
@@ -2,7 +2,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_advanced_settings')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.thing_name}</td>
index 265bdf1..147230d 100644 (file)
@@ -2,7 +2,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_advanced_settings')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.thing_name}</td>
index 3196721..5899936 100644 (file)
@@ -5,7 +5,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_projects')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
   {if $inactive_projects}
         <tr><td class="sectionHeaderNoBorder">{$i18n.form.projects.active_projects}</td></tr>
index fee8120..7d7295d 100644 (file)
@@ -196,7 +196,7 @@ if ($request->isPost()) {
         $err->add($i18n->get('error.db'));
     }
   } elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_expenses')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 
index 815a4fc..c853a2c 100644 (file)
@@ -200,7 +200,7 @@ if ($request->isPost()) {
         $err->add($i18n->get('error.db'));
     }
   } elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_expenses')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 
index 4723543..b531d7a 100644 (file)
@@ -40,7 +40,7 @@ if (!(ttAccessAllowed('view_users') || ttAccessAllowed('manage_users'))) {
 
 // Get users.
 $active_users = ttTeamHelper::getActiveUsers(array('getAllFields'=>true));
-if($user->canManageTeam()) {
+if($user->can('manage_users')) {
   $can_delete_manager = (1 == count($active_users));
   $inactive_users = ttTeamHelper::getInactiveUsers($user->group_id, true);
 }
index 24cc7c8..d4caad2 100644 (file)
--- a/time.php
+++ b/time.php
@@ -347,7 +347,7 @@ if ($request->isPost()) {
     }
   }
   elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_time')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);