From: Bernd Bleßmann Date: Mon, 28 Dec 2020 14:33:33 +0000 (+0100) Subject: Zeiterfassung: Recht berücksichtigen, Einträge von anderen (nicht) zu sehen X-Git-Tag: kivitendo-mebil_0.1-0~9^2~330 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=2ba42577fce2f8a7da0e9aead95292ba6ccff0b0;p=kivitendo-erp.git Zeiterfassung: Recht berücksichtigen, Einträge von anderen (nicht) zu sehen --- diff --git a/SL/Controller/TimeRecording.pm b/SL/Controller/TimeRecording.pm index 0a171a61a..9ed3c7237 100644 --- a/SL/Controller/TimeRecording.pm +++ b/SL/Controller/TimeRecording.pm @@ -18,7 +18,7 @@ use SL::ReportGenerator; use Rose::Object::MakeMethods::Generic ( # scalar => [ qw() ], - 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees) ], + 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees can_view_all) ], ); @@ -126,11 +126,21 @@ sub init_time_recording { return $time_recording; } +sub init_can_view_all { + $::auth->assert('time_recording_show_all', 1) || $::auth->assert('time_recording_edit_all', 1) +} + sub init_models { + my ($self) = @_; + + my @where; + push @where, (staff_member_id => SL::DB::Manager::Employee->current->id) if !$self->can_view_all; + SL::Controller::Helper::GetModels->new( controller => $_[0], sorted => \%sort_columns, disable_plugin => 'paginated', + query => \@where, with_objects => [ 'customer', 'type', 'project', 'staff_member', 'employee' ], ); } diff --git a/templates/webpages/time_recording/_filter.html b/templates/webpages/time_recording/_filter.html index c94f00d88..b47b55d66 100644 --- a/templates/webpages/time_recording/_filter.html +++ b/templates/webpages/time_recording/_filter.html @@ -26,6 +26,8 @@ [% 'Customer Number' | $T8 %] [% L.input_tag('filter.customer.customernumber:substr::ilike', filter.customer.customernumber_substr__ilike, size = 20) %] + + [%- IF SELF.can_view_all -%] [% 'Mitarbeiter' | $T8 %] @@ -37,6 +39,8 @@ style => 'width: 200px') %] + [%- END -%] + [% L.hidden_tag('sort_by', FORM.sort_by) %]