From 069fad4865cadc18340589bc2d2d681d2e0616a6 Mon Sep 17 00:00:00 2001
From: Nik Okuntseff <support@anuko.com>
Date: Tue, 19 Feb 2019 16:12:47 +0000
Subject: [PATCH] A bit more timesheet work.

---
 WEB-INF/templates/footer.tpl | 2 +-
 WEB-INF/templates/header.tpl | 3 +--
 timesheets.php               | 6 +-----
 3 files changed, 3 insertions(+), 8 deletions(-)

diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index 175c87c7..252e3227 100644
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.18.37.4740 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.18.37.4741 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/WEB-INF/templates/header.tpl b/WEB-INF/templates/header.tpl
index aab851bf..0b9e290a 100644
--- a/WEB-INF/templates/header.tpl
+++ b/WEB-INF/templates/header.tpl
@@ -115,8 +115,7 @@
     {if $user->exists() && ($user->can('view_own_reports') || $user->can('view_reports') || $user->can('view_all_reports') || $user->can('view_client_reports'))}
             &middot; <a class="mainMenu" href="reports.php">{$i18n.menu.reports}</a> 
     {/if}
-    {if $user->exists() && $user->isPluginEnabled('ts') && ($user->can('view_own_timesheets') || $user->can('manage_own_timesheets') ||
-      $user->can('view_timesheets') || $user->can('manage_timesheets') || $user->can('approve_timesheets'))}
+    {if $user->exists() && $user->isPluginEnabled('ts') && ($user->can('view_own_timesheets') || $user->can('view_timesheets') || $user->can('view_all_timesheets') || $user->can('view_client_timesheets'))}
             &middot; <a class="mainMenu" href="timesheets.php">{$i18n.menu.timesheets}</a>
     {/if}
     {if $user->exists() && $user->isPluginEnabled('iv') && ($user->can('manage_invoices') || $user->can('view_client_invoices'))}
diff --git a/timesheets.php b/timesheets.php
index fcdd401b..9dc0d2c8 100644
--- a/timesheets.php
+++ b/timesheets.php
@@ -31,11 +31,7 @@ import('form.Form');
 import('ttTimesheetHelper');
 
 // Access checks.
-if (!(ttAccessAllowed('view_own_timesheets') ||
-  ttAccessAllowed('manage_own_timesheets') ||
-  ttAccessAllowed('view_timesheets') ||
-  ttAccessAllowed('manage_timesheets') ||
-  ttAccessAllowed('approve_timesheets'))) {
+if (!(ttAccessAllowed('view_own_timesheets') || ttAccessAllowed('view_timesheets') || ttAccessAllowed('view_all_timesheets') || ttAccessAllowed('view_client_timesheets'))) {
   header('Location: access_denied.php');
   exit();
 }
-- 
2.20.1