From: Nik Okuntseff Date: Mon, 12 Mar 2018 15:08:54 +0000 (+0000) Subject: Work in progress redoing access checks. X-Git-Tag: timetracker_1.19-1~1051 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=e4c40a490a8c9477cab1d41b786aa7aaa5e930d6;p=timetracker.git Work in progress redoing access checks. --- diff --git a/WEB-INF/lib/common.lib.php b/WEB-INF/lib/common.lib.php index 56214922..e9f93327 100644 --- a/WEB-INF/lib/common.lib.php +++ b/WEB-INF/lib/common.lib.php @@ -365,4 +365,4 @@ function ttAccessAllowed($required_right) return true; return false; -} \ No newline at end of file +} diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 36dcb362..db729137 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.39.4060 | Copyright © Anuko | +  Anuko Time Tracker 1.17.39.4061 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/admin_team_add.php b/admin_team_add.php index e88da19a..6626a8d8 100644 --- a/admin_team_add.php +++ b/admin_team_add.php @@ -32,7 +32,7 @@ import('ttUserHelper'); import('ttRoleHelper'); // Access check. -if (!ttAccessCheck(right_administer_site)) { +if (!ttAccessAllowed('administer_site')) { header('Location: access_denied.php'); exit(); } diff --git a/admin_team_delete.php b/admin_team_delete.php index 987543c5..6958ca0e 100644 --- a/admin_team_delete.php +++ b/admin_team_delete.php @@ -31,7 +31,7 @@ import('form.Form'); import('ttTeamHelper'); // Access check. -if (!ttAccessCheck(right_administer_site)) { +if (!ttAccessAllowed('administer_site')) { header('Location: access_denied.php'); exit(); } diff --git a/admin_team_edit.php b/admin_team_edit.php index 6f44ee9a..61828e16 100644 --- a/admin_team_edit.php +++ b/admin_team_edit.php @@ -32,7 +32,7 @@ import('ttUserHelper'); import('ttTeamHelper'); // Access check. -if (!ttAccessCheck(right_administer_site)) { +if (!ttAccessAllowed('administer_site')) { header('Location: access_denied.php'); exit(); } diff --git a/admin_teams.php b/admin_teams.php index a1f848a4..9c3d2092 100644 --- a/admin_teams.php +++ b/admin_teams.php @@ -31,7 +31,7 @@ import('form.Form'); import('ttTeamHelper'); // Access check. -if (!ttAccessCheck(right_administer_site)) { +if (!ttAccessAllowed('administer_site')) { header('Location: access_denied.php'); exit(); } diff --git a/cf_custom_field_add.php b/cf_custom_field_add.php index 2eba5b56..f8ea01e0 100644 --- a/cf_custom_field_add.php +++ b/cf_custom_field_add.php @@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php'); import('form.Form'); // Access check. -if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) { +if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) { header('Location: access_denied.php'); exit(); } diff --git a/cf_custom_field_delete.php b/cf_custom_field_delete.php index 88779bed..caf858a2 100644 --- a/cf_custom_field_delete.php +++ b/cf_custom_field_delete.php @@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php'); import('form.Form'); // Access check. -if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) { +if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) { header('Location: access_denied.php'); exit(); } diff --git a/cf_custom_field_edit.php b/cf_custom_field_edit.php index 8b481a67..295e4079 100644 --- a/cf_custom_field_edit.php +++ b/cf_custom_field_edit.php @@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php'); import('form.Form'); // Access check. -if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) { +if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) { header('Location: access_denied.php'); exit(); } diff --git a/cf_custom_fields.php b/cf_custom_fields.php index 44efc79b..539271c5 100644 --- a/cf_custom_fields.php +++ b/cf_custom_fields.php @@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php'); import('form.Form'); // Access check. -if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) { +if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) { header('Location: access_denied.php'); exit(); } diff --git a/cf_dropdown_option_add.php b/cf_dropdown_option_add.php index ecf4892d..f87003d1 100644 --- a/cf_dropdown_option_add.php +++ b/cf_dropdown_option_add.php @@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php'); import('form.Form'); // Access check. -if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) { +if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) { header('Location: access_denied.php'); exit(); } diff --git a/cf_dropdown_option_delete.php b/cf_dropdown_option_delete.php index ec06b49f..f4e44207 100644 --- a/cf_dropdown_option_delete.php +++ b/cf_dropdown_option_delete.php @@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php'); import('form.Form'); // Access check. -if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) { +if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) { header('Location: access_denied.php'); exit(); } diff --git a/cf_dropdown_option_edit.php b/cf_dropdown_option_edit.php index ba486ae9..1013a54a 100644 --- a/cf_dropdown_option_edit.php +++ b/cf_dropdown_option_edit.php @@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php'); import('form.Form'); // Access check. -if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) { +if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) { header('Location: access_denied.php'); exit(); } diff --git a/cf_dropdown_options.php b/cf_dropdown_options.php index 544eefdb..3ee5294e 100644 --- a/cf_dropdown_options.php +++ b/cf_dropdown_options.php @@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php'); import('form.Form'); // Access check. -if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) { +if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) { header('Location: access_denied.php'); exit(); }