projects / timetracker.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3ad790a)
Added more access control checks to mobile pages.
authoranuko <support@anuko.com>
Sun, 25 Sep 2016 20:56:48 +0000 (20:56 +0000)
committeranuko <support@anuko.com>
Sun, 25 Sep 2016 20:56:48 +0000 (20:56 +0000)
14 files changed:
WEB-INF/templates/footer.tpl patch | blob | history
mobile/client_add.php patch | blob | history
mobile/client_delete.php patch | blob | history
mobile/client_edit.php patch | blob | history
mobile/expense_delete.php patch | blob | history
mobile/expense_edit.php patch | blob | history
mobile/project_add.php patch | blob | history
mobile/project_delete.php patch | blob | history
mobile/project_edit.php patch | blob | history
mobile/projects.php patch | blob | history
mobile/task_add.php patch | blob | history
mobile/task_delete.php patch | blob | history
mobile/task_edit.php patch | blob | history
mobile/tasks.php patch | blob | history

diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index a62e521..466a65a 100644 (file)
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.9.31.3539 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.9.31.3540 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/mobile/client_add.php b/mobile/client_add.php
index 56f5d08..e489496 100644 (file)
--- a/mobile/client_add.php
+++ b/mobile/client_add.php
@@ -32,7 +32,7 @@ import('ttClientHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cl')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/client_delete.php b/mobile/client_delete.php
index a0caf4f..51e87b4 100644 (file)
--- a/mobile/client_delete.php
+++ b/mobile/client_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttClientHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cl')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/client_edit.php b/mobile/client_edit.php
index cd6266d..ac3e60c 100644 (file)
--- a/mobile/client_edit.php
+++ b/mobile/client_edit.php
@@ -32,7 +32,7 @@ import('ttClientHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cl')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/expense_delete.php b/mobile/expense_delete.php
index b027bd9..8e89513 100644 (file)
--- a/mobile/expense_delete.php
+++ b/mobile/expense_delete.php
@@ -32,7 +32,7 @@ import('DateAndTime');
 import('ttExpenseHelper');
 
 // Access check.
-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/expense_edit.php b/mobile/expense_edit.php
index e14372e..c2df1ab 100644 (file)
--- a/mobile/expense_edit.php
+++ b/mobile/expense_edit.php
@@ -33,7 +33,7 @@ import('DateAndTime');
 import('ttExpenseHelper');
 
 // Access check.
-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/project_add.php b/mobile/project_add.php
index 4c9ad18..1ae6b4d 100644 (file)
--- a/mobile/project_add.php
+++ b/mobile/project_add.php
@@ -32,7 +32,7 @@ import('ttProjectHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/project_delete.php b/mobile/project_delete.php
index 79ed438..eb5e040 100644 (file)
--- a/mobile/project_delete.php
+++ b/mobile/project_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttProjectHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/project_edit.php b/mobile/project_edit.php
index 490a11e..f7a37aa 100644 (file)
--- a/mobile/project_edit.php
+++ b/mobile/project_edit.php
@@ -32,7 +32,7 @@ import('ttProjectHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/projects.php b/mobile/projects.php
index 33d1d51..5dee360 100644 (file)
--- a/mobile/projects.php
+++ b/mobile/projects.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/task_add.php b/mobile/task_add.php
index 9319e2a..700b915 100644 (file)
--- a/mobile/task_add.php
+++ b/mobile/task_add.php
@@ -33,7 +33,7 @@ import('ttTeamHelper');
 import('ttTaskHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/task_delete.php b/mobile/task_delete.php
index aa74be1..1fea8e1 100644 (file)
--- a/mobile/task_delete.php
+++ b/mobile/task_delete.php
@@ -31,7 +31,7 @@ import('ttTaskHelper');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/task_edit.php b/mobile/task_edit.php
index 248167f..e2dcc99 100644 (file)
--- a/mobile/task_edit.php
+++ b/mobile/task_edit.php
@@ -32,7 +32,7 @@ import('ttTeamHelper');
 import('ttTaskHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/tasks.php b/mobile/tasks.php
index 9b778bb..8b828cf 100644 (file)
--- a/mobile/tasks.php
+++ b/mobile/tasks.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: access_denied.php');
   exit();
 }
Unnamed repository; edit this file 'description' to name the repository.