$mdb2 = getConnection();
- $rights_client = 'view_own_data,manage_own_settings';
- $rights_user = 'data_entry,view_own_data,manage_own_settings,view_users';
- $rights_supervisor = $rights_user.',on_behalf_data_entry,view_data,override_punch_mode,swap_roles,approve_timesheets';
+ $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
+ $rights_user = 'data_entry,view_own_reports,view_own_charts,manage_own_settings,view_users';
+ $rights_supervisor = $rights_user.',on_behalf_data_entry,view_reports,view_charts,override_punch_mode,swap_roles,approve_timesheets';
$rights_comanager = $rights_supervisor.',manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices';
$rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups';
global $i18n;
global $user;
- $rights_client = 'view_own_data,manage_own_settings';
- $rights_user = 'data_entry,view_own_data,manage_own_settings,view_users';
- $rights_supervisor = $rights_user.',on_behalf_data_entry,view_data,override_punch_mode,swap_roles,approve_timesheets';
+ $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
+ $rights_user = 'data_entry,view_own_reports,view_own_charts,manage_own_settings,view_users';
+ $rights_supervisor = $rights_user.',on_behalf_data_entry,view_reports,view_charts,override_punch_mode,swap_roles,approve_timesheets';
$rights_comanager = $rights_supervisor.',manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices';
$rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups';
<br>
<table cellspacing="0" cellpadding="4" width="100%" border="0">
<tr>
- <td align="center"> Anuko Time Tracker 1.17.39.4062 | Copyright © <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+ <td align="center"> Anuko Time Tracker 1.17.40.4063 | Copyright © <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
<a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
<a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
<a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
import('ttTeamHelper');
// Access check.
-if (!ttAccessAllowed('view_own_data') || !$user->isPluginEnabled('ch')) {
+if (!ttAccessAllowed('view_own_charts') || !$user->isPluginEnabled('ch')) {
header('Location: access_denied.php');
exit();
}
setChange("INSERT INTO `tt_roles` (`team_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'data_entry,view_own_data,manage_own_settings,view_users,on_behalf_data_entry,view_data,override_punch_mode,swap_roles,approve_timesheets,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups')");
setChange("UPDATE `tt_site_config` SET `param_value` = '1.17.35' where param_name = 'version_db'");
setChange("update `tt_users` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.35') set role_id = (select id from tt_roles where rank = 1024) where role = 1024");
+ setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.35') set rights = 'data_entry,view_own_reports,view_own_charts,view_own_invoices,manage_own_settings,view_users,on_behalf_data_entry,view_reports,view_charts,override_punch_mode,swap_roles,approve_timesheets,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups' where team_id = 0 and rank = 512");
+ setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.35') set rights = replace(rights, 'view_own_data', 'view_own_reports,view_own_charts') where team_id > 0");
+ setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.35') set rights = replace(rights, 'view_data', 'view_reports,view_charts') where team_id > 0");
+ setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.35') set rights = replace(rights, 'view_own_charts', 'view_own_charts,view_own_invoices') where team_id > 0 and rank = 16");
}
if ($_POST["cleanup"]) {
import('ttExpenseHelper');
// Access check.
-if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {
+if (!ttAccessAllowed('data_entry') || !$user->isPluginEnabled('ex')) {
header('Location: access_denied.php');
exit();
}
import('ttExpenseHelper');
// Access check.
-if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {
+if (!ttAccessAllowed('data_entry') || !$user->isPluginEnabled('ex')) {
header('Location: access_denied.php');
exit();
}
import('ttExpenseHelper');
// Access check.
-if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {
+if (!ttAccessAllowed('data_entry') || !$user->isPluginEnabled('ex')) {
header('Location: access_denied.php');
exit();
}
import('form.Form');
// Access check.
-if (!ttAccessCheck(right_export_team)) {
+if (!ttAccessAllowed('export_data')) {
header('Location: access_denied.php');
exit();
}
import('form.Form');
// Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
header('Location: access_denied.php');
exit();
}
import('ttInvoiceHelper');
// Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('iv')) {
+if (!ttAccessAllowed('manage_invoices') || !$user->isPluginEnabled('iv')) {
header('Location: access_denied.php');
exit();
}
import('ttInvoiceHelper');
// Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('iv')) {
+if (!ttAccessAllowed('manage_invoices') || !$user->isPluginEnabled('iv')) {
header('Location: access_denied.php');
exit();
}
import('ttSysConfig');
// Access check.
-if (!ttAccessCheck(right_view_invoices) || !$user->isPluginEnabled('iv')) {
+if (!ttAccessAllowed('manage_invoices') || !$user->isPluginEnabled('iv')) {
header('Location: access_denied.php');
exit();
}
# Insert site-wide roles - site administrator and top manager.
INSERT INTO `tt_roles` (`team_id`, `name`, `rank`, `rights`) VALUES (0, 'Site administrator', 1024, 'administer_site');
-INSERT INTO `tt_roles` (`team_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'data_entry,view_own_data,manage_own_settings,view_users,on_behalf_data_entry,view_data,override_punch_mode,swap_roles,approve_timesheets,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups');
+INSERT INTO `tt_roles` (`team_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'data_entry,view_own_reports,view_own_charts,view_own_invoices,manage_own_settings,view_users,on_behalf_data_entry,view_reports,view_charts,override_punch_mode,swap_roles,approve_timesheets,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups');
#
'name' => $cl_name,
'rank' => $cl_rank,
'description' => $cl_description,
- 'rights' => 'data_entry,view_own_data,manage_own_settings,view_users', // Default user rights.
+ 'rights' => 'data_entry,view_own_reports,view_own_charts,manage_own_settings,view_users', // Default user rights.
'status' => ACTIVE))) {
header('Location: roles.php');
exit();