From 06c7ff20c26a9f1957ba3e2c909e5853e8b9ed70 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Tue, 13 Mar 2018 19:30:42 +0000 Subject: [PATCH] More work on roles revamp. Removed rights_mask from User class. --- WEB-INF/lib/ttUser.class.php | 20 ++++---------------- WEB-INF/lib/ttUserHelper.class.php | 2 +- WEB-INF/templates/footer.tpl | 2 +- mobile/user_edit.php | 2 +- user_edit.php | 3 ++- 5 files changed, 9 insertions(+), 20 deletions(-) diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php index 3d850238..fa9f0201 100644 --- a/WEB-INF/lib/ttUser.class.php +++ b/WEB-INF/lib/ttUser.class.php @@ -60,8 +60,8 @@ class ttUser { var $custom_logo = 0; // Whether to use a custom logo for team. var $lock_spec = null; // Cron specification for record locking. var $workday_minutes = 480; // Number of work minutes in a regular day. - var $rights_mask = 0; // A mask of user rights. TODO: remove after roles revamp. - var $rights = array(); // An array of user rights, planned replacement of $rights_mask. + var $rights = array(); // An array of user rights such as 'data_entry', etc. + var $is_client = false; // Whether user is a client as determined by missing 'data_entry' right. // Constructor. function __construct($login, $id = null) { @@ -97,6 +97,7 @@ class ttUser { $this->role = $val['role']; $this->role_id = $val['role_id']; $this->rights = explode(',', $val['rights']); + $this->is_client = !in_array('data_entry', $this->rights); $this->rank = $val['rank']; // Downgrade rank to legacy role, if it is still in use. if ($this->role > 0 && $this->rank > $this->role) @@ -138,19 +139,6 @@ class ttUser { $this->behalf_id = $_SESSION['behalf_id']; $this->behalf_name = $_SESSION['behalf_name']; } - - // Set user rights. TODO: remove during roles revamp, whe we redo access checks. - if ($this->role == ROLE_USER) { - $this->rights_mask = right_data_entry|right_view_charts|right_view_reports; - } elseif ($this->role == ROLE_CLIENT) { - $this->rights_mask = right_view_reports|right_view_invoices; - } elseif ($this->role == ROLE_COMANAGER) { - $this->rights_mask = right_data_entry|right_view_charts|right_view_reports|right_view_invoices|right_manage_team; - } elseif ($this->role == ROLE_MANAGER) { - $this->rights_mask = right_data_entry|right_view_charts|right_view_reports|right_view_invoices|right_manage_team|right_assign_roles|right_export_team; - } elseif ($this->role == ROLE_SITE_ADMIN) { - $this->rights_mask = right_administer_site; - } } } @@ -176,7 +164,7 @@ class ttUser { // isClient - determines whether current user is a client. function isClient() { - return (ROLE_CLIENT == $this->role); + return $this->is_client; } // canManageTeam - determines whether current user is manager or co-manager. diff --git a/WEB-INF/lib/ttUserHelper.class.php b/WEB-INF/lib/ttUserHelper.class.php index be46da3a..e70f085b 100644 --- a/WEB-INF/lib/ttUserHelper.class.php +++ b/WEB-INF/lib/ttUserHelper.class.php @@ -167,7 +167,7 @@ class ttUserHelper { // Prepare query parts. if (isset($fields['password'])) $pass_part = ', password = md5('.$mdb2->quote($fields['password']).')'; - if (right_assign_roles & $user->rights_mask) { + if (in_array('manage_users', $user->rights)) { if (isset($fields['role'])) { $role = (int) $fields['role']; $role_part = ", role = $role"; diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 908461e6..b4683b9b 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.41.4067 | Copyright © Anuko | +  Anuko Time Tracker 1.17.42.4068 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/mobile/user_edit.php b/mobile/user_edit.php index dc432580..b353047a 100644 --- a/mobile/user_edit.php +++ b/mobile/user_edit.php @@ -188,7 +188,7 @@ if ($request->isPost()) { 'status' => $cl_status, 'rate' => $cl_rate, 'projects' => $assigned_projects); - if (right_assign_roles & $user->rights_mask) { + if (in_array('manage_users', $user->rights)) { $fields['role'] = $cl_role; $fields['client_id'] = $cl_client_id; } diff --git a/user_edit.php b/user_edit.php index 493b00ba..92d27eaa 100644 --- a/user_edit.php +++ b/user_edit.php @@ -192,10 +192,11 @@ if ($request->isPost()) { 'status' => $cl_status, 'rate' => $cl_rate, 'projects' => $assigned_projects); - if (right_assign_roles & $user->rights_mask && $cl_role) { + if (in_array('manage_users', $user->rights) && $cl_role) { // Get legacy role value. $legacy_role = ttRoleHelper::getLegacyRole($cl_role); // TODO: remove after roles revamp. $fields['role'] = $legacy_role; + $fields['role_id'] = $cl_role; $fields['client_id'] = $cl_client_id; } -- 2.20.1