From: Bernd Bleßmann Date: Mon, 28 Dec 2020 15:32:23 +0000 (+0100) Subject: Zeiterfassung: Recht f. Bearbeitung aller Einträge berücksichtigen X-Git-Tag: kivitendo-mebil_0.1-0~9^2~328 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=c772d61b852c8b3ef172b08284a862a77d28f5d6;p=kivitendo-erp.git Zeiterfassung: Recht f. Bearbeitung aller Einträge berücksichtigen --- diff --git a/SL/Controller/TimeRecording.pm b/SL/Controller/TimeRecording.pm index 28cd68bfd..5c153c716 100644 --- a/SL/Controller/TimeRecording.pm +++ b/SL/Controller/TimeRecording.pm @@ -18,12 +18,13 @@ use SL::ReportGenerator; use Rose::Object::MakeMethods::Generic ( # scalar => [ qw() ], - 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees can_view_all) ], + 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees can_view_all can_edit_all) ], ); # safety __PACKAGE__->run_before('check_auth'); +__PACKAGE__->run_before('check_auth_edit', only => [ qw(edit save delete) ]); # # actions @@ -132,6 +133,10 @@ sub init_can_view_all { $::auth->assert('time_recording_show_all', 1) || $::auth->assert('time_recording_edit_all', 1) } +sub init_can_edit_all { + $::auth->assert('time_recording_edit_all', 1) +} + sub init_models { my ($self) = @_; @@ -159,6 +164,14 @@ sub check_auth { $::auth->assert('time_recording'); } +sub check_auth_edit { + my ($self) = @_; + + if (!$self->can_edit_all && ($self->time_recording->staff_member_id != SL::DB::Manager::Employee->current->id)) { + $::form->error(t8('You do not have permission to access this entry.')); + } +} + sub prepare_report { my ($self) = @_;