From: Nik Okuntseff Date: Sat, 31 Mar 2018 16:37:58 +0000 (+0000) Subject: Introduced view_own_clients right and its handling. X-Git-Tag: timetracker_1.19-1~900 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=e304b6c8564a6c3f2a3c6e68a0f5e9c7db817a65;p=timetracker.git Introduced view_own_clients right and its handling. --- diff --git a/WEB-INF/lib/ttRoleHelper.class.php b/WEB-INF/lib/ttRoleHelper.class.php index 6d81c5bb..aa260f29 100644 --- a/WEB-INF/lib/ttRoleHelper.class.php +++ b/WEB-INF/lib/ttRoleHelper.class.php @@ -185,7 +185,7 @@ class ttRoleHelper { $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings'; $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users'; - $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets'; + $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets'; $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,view_all_reports'; $rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups'; @@ -243,7 +243,7 @@ class ttRoleHelper { $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings'; $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users'; - $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets'; + $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets'; $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,view_all_reports'; $rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups'; diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php index 2511ecfb..e3de5b4c 100644 --- a/WEB-INF/lib/ttUser.class.php +++ b/WEB-INF/lib/ttUser.class.php @@ -236,6 +236,33 @@ class ttUser { return $result; } + // getAssignedClients - returns an array of clients assigned to own projects. + function getAssignedClients() + { + // Start with projects; + $projects = $this->getAssignedProjects(); + if (!$projects) return false; + $assigned_project_ids = array(); + foreach($projects as $project) { + $assigned_project_ids[] = $project['id']; + } + + $mdb2 = getConnection(); + + // Get active clients for group. + $clients = array(); + $sql = "select id, name, address, projects from tt_clients where group_id = $this->group_id and status = 1"; + $res = $mdb2->query($sql); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $client_project_ids = $val['projects'] ? explode(',', $val['projects']) : array(); + if (array_intersect($assigned_project_ids, $client_project_ids)) + $clients[] = $val; // Add client if one of user projects is a client project, too. + } + } + return $clients; + } + // isDateLocked checks whether a specifc date is locked for modifications. function isDateLocked($date) { diff --git a/WEB-INF/templates/clients.tpl b/WEB-INF/templates/clients.tpl index 14c03321..a31a8cd0 100644 --- a/WEB-INF/templates/clients.tpl +++ b/WEB-INF/templates/clients.tpl @@ -53,6 +53,21 @@
{/if} +{else} + + + + + + {if $active_clients} + {foreach $active_clients as $client} + + + + + {/foreach} + {/if} +
{$i18n.label.thing_name}{$i18n.label.address}
{$client.name|escape}{$client.address|escape}
{/if} diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 3f01c8ee..49ee290e 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.84.4206 | Copyright © Anuko | +  Anuko Time Tracker 1.17.85.4207 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/WEB-INF/templates/header.tpl b/WEB-INF/templates/header.tpl index a31eaeb7..8dc7bc99 100644 --- a/WEB-INF/templates/header.tpl +++ b/WEB-INF/templates/header.tpl @@ -125,7 +125,7 @@ {if $user->can('view_users') || $user->can('manage_users')} · {$i18n.menu.users} {/if} - {if $user->isPluginEnabled('cl') && $user->can('manage_clients')} + {if $user->isPluginEnabled('cl') && ($user->can('view_own_clients') || $user->can('manage_clients'))} · {$i18n.menu.clients} {/if} {if $user->can('export_data')} diff --git a/WEB-INF/templates/mobile/clients.tpl b/WEB-INF/templates/mobile/clients.tpl index c10541fa..34f53a91 100644 --- a/WEB-INF/templates/mobile/clients.tpl +++ b/WEB-INF/templates/mobile/clients.tpl @@ -45,6 +45,21 @@

{/if} +{else} + + + + + + {if $active_clients} + {foreach $active_clients as $client} + + + + + {/foreach} + {/if} +
{$i18n.label.thing_name}{$i18n.label.address}
{$client.name|escape}{$client.address|escape}
{/if} diff --git a/WEB-INF/templates/mobile/header.tpl b/WEB-INF/templates/mobile/header.tpl index d8c34b21..417cca25 100644 --- a/WEB-INF/templates/mobile/header.tpl +++ b/WEB-INF/templates/mobile/header.tpl @@ -88,7 +88,7 @@ {if $user->can('view_users') || $user->can('manage_users')} · {$i18n.menu.users} {/if} - {if $user->isPluginEnabled('cl') && $user->can('manage_clients')} + {if $user->isPluginEnabled('cl') && ($user->can('view_own_clients') || $user->can('manage_clients'))} · {$i18n.menu.clients} {/if} diff --git a/clients.php b/clients.php index 177bd61e..6bf48097 100644 --- a/clients.php +++ b/clients.php @@ -31,7 +31,7 @@ import('form.Form'); import('ttTeamHelper'); // Access checks. -if (!ttAccessAllowed('manage_clients')) { +if (!(ttAccessAllowed('view_own_clients') || ttAccessAllowed('manage_clients'))) { header('Location: access_denied.php'); exit(); } @@ -40,8 +40,14 @@ if (!$user->isPluginEnabled('cl')) { exit(); } -$smarty->assign('active_clients', ttTeamHelper::getActiveClients($user->group_id, true)); -$smarty->assign('inactive_clients', ttTeamHelper::getInactiveClients($user->group_id, true)); +if($user->can('manage_clients')) { + $active_clients = ttTeamHelper::getActiveClients($user->group_id, true); + $inactive_clients = ttTeamHelper::getInactiveClients($user->group_id, true); +} else + $active_clients = $user->getAssignedClients(); + +$smarty->assign('active_clients', $active_clients); +$smarty->assign('inactive_clients', $inactive_clients); $smarty->assign('title', $i18n->get('title.clients')); $smarty->assign('content_page_name', 'clients.tpl'); $smarty->display('index.tpl'); diff --git a/dbinstall.php b/dbinstall.php index 351ccc0c..0035bdce 100644 --- a/dbinstall.php +++ b/dbinstall.php @@ -805,7 +805,7 @@ if ($_POST) { print "Updated $users_updated users...
\n"; } - if ($_POST["convert11744to11784"]) { + if ($_POST["convert11744to11785"]) { setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.44') set rights = replace(rights, 'override_punch_mode,override_date_lock', 'override_punch_mode,override_own_punch_mode,override_date_lock')"); setChange("UPDATE `tt_site_config` SET param_value = '1.17.48' where param_name = 'version_db' and param_value = '1.17.44'"); setChange("update `tt_users` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.48') set role_id = (select id from tt_roles where team_id = 0 and rank = 512) where role = 324"); @@ -890,6 +890,8 @@ if ($_POST) { setChange("UPDATE `tt_site_config` SET param_value = '1.17.83', modified = now() where param_name = 'version_db' and param_value = '1.17.82'"); setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.83') set rights = replace(rights, 'view_own_projects,manage_own_settings', 'view_own_projects,view_own_tasks,manage_own_settings')"); setChange("UPDATE `tt_site_config` SET param_value = '1.17.84', modified = now() where param_name = 'version_db' and param_value = '1.17.83'"); + setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.84') set rights = replace(rights, 'view_charts,override_punch_mode', 'view_charts,view_own_clients,override_punch_mode')"); + setChange("UPDATE `tt_site_config` SET param_value = '1.17.85', modified = now() where param_name = 'version_db' and param_value = '1.17.84'"); } if ($_POST["cleanup"]) { @@ -935,7 +937,7 @@ if ($_POST) {

DB Install

-
Create database structure (v1.17.84) + Create database structure (v1.17.85)
(applies only to new installations, do not execute when updating)
@@ -975,8 +977,8 @@ if ($_POST) {
- Update database structure (v1.17.44 to v1.17.84) - + Update database structure (v1.17.44 to v1.17.85) + diff --git a/mobile/clients.php b/mobile/clients.php index 4f03510c..61cc304e 100644 --- a/mobile/clients.php +++ b/mobile/clients.php @@ -31,7 +31,7 @@ import('form.Form'); import('ttTeamHelper'); // Access checks. -if (!ttAccessAllowed('manage_clients')) { +if (!(ttAccessAllowed('view_own_clients') || ttAccessAllowed('manage_clients'))) { header('Location: access_denied.php'); exit(); } @@ -39,9 +39,16 @@ if (!$user->isPluginEnabled('cl')) { header('Location: feature_disabled.php'); exit(); } +// End of access checks. -$smarty->assign('active_clients', ttTeamHelper::getActiveClients($user->group_id, true)); -$smarty->assign('inactive_clients', ttTeamHelper::getInactiveClients($user->group_id, true)); +if($user->can('manage_clients')) { + $active_clients = ttTeamHelper::getActiveClients($user->group_id, true); + $inactive_clients = ttTeamHelper::getInactiveClients($user->group_id, true); +} else + $active_clients = $user->getAssignedClients(); + +$smarty->assign('active_clients', $active_clients); +$smarty->assign('inactive_clients', $inactive_clients); $smarty->assign('title', $i18n->get('title.clients')); $smarty->assign('content_page_name', 'mobile/clients.tpl'); $smarty->display('mobile/index.tpl'); diff --git a/mysql.sql b/mysql.sql index 5ac6b856..53fc6163 100644 --- a/mysql.sql +++ b/mysql.sql @@ -74,7 +74,7 @@ create unique index role_idx on tt_roles(group_id, rank, status); # Insert site-wide roles - site administrator and top manager. INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Site administrator', 1024, 'administer_site'); -INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_invoices,view_own_projects,view_own_tasks,manage_own_settings,view_users,track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,view_all_reports,manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups'); +INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_invoices,view_own_projects,view_own_tasks,manage_own_settings,view_users,track_time,track_expenses,view_reports,view_charts,view_own_clients,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,view_all_reports,manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups'); # @@ -450,4 +450,4 @@ CREATE TABLE `tt_site_config` ( PRIMARY KEY (`param_name`) ); -INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.17.84', now()); # TODO: change when structure changes. +INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.17.85', now()); # TODO: change when structure changes.