From: Nik Okuntseff <support@anuko.com>
Date: Mon, 12 Mar 2018 15:08:54 +0000 (+0000)
Subject: Work in progress redoing access checks.
X-Git-Tag: timetracker_1.19-1~1051
X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=e4c40a490a8c9477cab1d41b786aa7aaa5e930d6;p=timetracker.git

Work in progress redoing access checks.
---

diff --git a/WEB-INF/lib/common.lib.php b/WEB-INF/lib/common.lib.php
index 56214922..e9f93327 100644
--- a/WEB-INF/lib/common.lib.php
+++ b/WEB-INF/lib/common.lib.php
@@ -365,4 +365,4 @@ function ttAccessAllowed($required_right)
     return true;
 
   return false;
-}
\ No newline at end of file
+}
diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index 36dcb362..db729137 100644
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.17.39.4060 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.17.39.4061 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/admin_team_add.php b/admin_team_add.php
index e88da19a..6626a8d8 100644
--- a/admin_team_add.php
+++ b/admin_team_add.php
@@ -32,7 +32,7 @@ import('ttUserHelper');
 import('ttRoleHelper');
 
 // Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/admin_team_delete.php b/admin_team_delete.php
index 987543c5..6958ca0e 100644
--- a/admin_team_delete.php
+++ b/admin_team_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/admin_team_edit.php b/admin_team_edit.php
index 6f44ee9a..61828e16 100644
--- a/admin_team_edit.php
+++ b/admin_team_edit.php
@@ -32,7 +32,7 @@ import('ttUserHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/admin_teams.php b/admin_teams.php
index a1f848a4..9c3d2092 100644
--- a/admin_teams.php
+++ b/admin_teams.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/cf_custom_field_add.php b/cf_custom_field_add.php
index 2eba5b56..f8ea01e0 100644
--- a/cf_custom_field_add.php
+++ b/cf_custom_field_add.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/cf_custom_field_delete.php b/cf_custom_field_delete.php
index 88779bed..caf858a2 100644
--- a/cf_custom_field_delete.php
+++ b/cf_custom_field_delete.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/cf_custom_field_edit.php b/cf_custom_field_edit.php
index 8b481a67..295e4079 100644
--- a/cf_custom_field_edit.php
+++ b/cf_custom_field_edit.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/cf_custom_fields.php b/cf_custom_fields.php
index 44efc79b..539271c5 100644
--- a/cf_custom_fields.php
+++ b/cf_custom_fields.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/cf_dropdown_option_add.php b/cf_dropdown_option_add.php
index ecf4892d..f87003d1 100644
--- a/cf_dropdown_option_add.php
+++ b/cf_dropdown_option_add.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/cf_dropdown_option_delete.php b/cf_dropdown_option_delete.php
index ec06b49f..f4e44207 100644
--- a/cf_dropdown_option_delete.php
+++ b/cf_dropdown_option_delete.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/cf_dropdown_option_edit.php b/cf_dropdown_option_edit.php
index ba486ae9..1013a54a 100644
--- a/cf_dropdown_option_edit.php
+++ b/cf_dropdown_option_edit.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/cf_dropdown_options.php b/cf_dropdown_options.php
index 544eefdb..3ee5294e 100644
--- a/cf_dropdown_options.php
+++ b/cf_dropdown_options.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }