From 2df50105b46a5cbd6493271b137a136ccfe2ea5a Mon Sep 17 00:00:00 2001
From: bonnedav <theD_2011@hotmail.com>
Date: Tue, 3 Apr 2018 06:53:55 -0600
Subject: [PATCH] More refactoring of rights checks (#61)

* Refactor predefined_expenses.tpl to use rights checks

* Refactor notifications.tpl to use rights checks

* Refactor invoices.tpl to use rights checks

* Refactor projects.tpl to use rights checks

* Update users.php

* Refactor desktop projects.tpl to use rights checks

* Refactor expenses.php to remove stray canManageTeam() call

* Refactor mobile users.php to remove stray canManageTeam call

* Refactor mobile expenses.php to remove stray canManageTeam() call

* Refactor time.php to remove stray canManageTeam call
---
 WEB-INF/templates/invoices.tpl            | 2 +-
 WEB-INF/templates/mobile/projects.tpl     | 2 +-
 WEB-INF/templates/notifications.tpl       | 2 +-
 WEB-INF/templates/predefined_expenses.tpl | 2 +-
 WEB-INF/templates/projects.tpl            | 2 +-
 expenses.php                              | 2 +-
 mobile/expenses.php                       | 2 +-
 mobile/users.php                          | 2 +-
 time.php                                  | 2 +-
 9 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/WEB-INF/templates/invoices.tpl b/WEB-INF/templates/invoices.tpl
index 32d09544..b966f9e2 100644
--- a/WEB-INF/templates/invoices.tpl
+++ b/WEB-INF/templates/invoices.tpl
@@ -5,7 +5,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam() || $user->isClient()}
+{if $user->can('manage_invoices') || $user->can('view_own_invoices')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.invoice}</td>
diff --git a/WEB-INF/templates/mobile/projects.tpl b/WEB-INF/templates/mobile/projects.tpl
index 5e488133..96dcce10 100644
--- a/WEB-INF/templates/mobile/projects.tpl
+++ b/WEB-INF/templates/mobile/projects.tpl
@@ -5,7 +5,7 @@
 <table class="mobile-table">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_projects')}
       <table class="mobile-table-details">
   {if $inactive_projects}
         <tr><td class="sectionHeaderNoBorder">{$i18n.form.projects.active_projects}</td></tr>
diff --git a/WEB-INF/templates/notifications.tpl b/WEB-INF/templates/notifications.tpl
index 021ff921..72854190 100644
--- a/WEB-INF/templates/notifications.tpl
+++ b/WEB-INF/templates/notifications.tpl
@@ -2,7 +2,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_advanced_settings')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.thing_name}</td>
diff --git a/WEB-INF/templates/predefined_expenses.tpl b/WEB-INF/templates/predefined_expenses.tpl
index 265bdf1b..147230dc 100644
--- a/WEB-INF/templates/predefined_expenses.tpl
+++ b/WEB-INF/templates/predefined_expenses.tpl
@@ -2,7 +2,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_advanced_settings')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.thing_name}</td>
diff --git a/WEB-INF/templates/projects.tpl b/WEB-INF/templates/projects.tpl
index 31967218..58999365 100644
--- a/WEB-INF/templates/projects.tpl
+++ b/WEB-INF/templates/projects.tpl
@@ -5,7 +5,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_projects')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
   {if $inactive_projects}
         <tr><td class="sectionHeaderNoBorder">{$i18n.form.projects.active_projects}</td></tr>
diff --git a/expenses.php b/expenses.php
index fee81205..7d7295d2 100644
--- a/expenses.php
+++ b/expenses.php
@@ -196,7 +196,7 @@ if ($request->isPost()) {
         $err->add($i18n->get('error.db'));
     }
   } elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_expenses')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 
diff --git a/mobile/expenses.php b/mobile/expenses.php
index 815a4fc3..c853a2ca 100644
--- a/mobile/expenses.php
+++ b/mobile/expenses.php
@@ -200,7 +200,7 @@ if ($request->isPost()) {
         $err->add($i18n->get('error.db'));
     }
   } elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_expenses')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 
diff --git a/mobile/users.php b/mobile/users.php
index 4723543d..b531d7a4 100644
--- a/mobile/users.php
+++ b/mobile/users.php
@@ -40,7 +40,7 @@ if (!(ttAccessAllowed('view_users') || ttAccessAllowed('manage_users'))) {
 
 // Get users.
 $active_users = ttTeamHelper::getActiveUsers(array('getAllFields'=>true));
-if($user->canManageTeam()) {
+if($user->can('manage_users')) {
   $can_delete_manager = (1 == count($active_users));
   $inactive_users = ttTeamHelper::getInactiveUsers($user->group_id, true);
 }
diff --git a/time.php b/time.php
index 24cc7c8a..d4caad2b 100644
--- a/time.php
+++ b/time.php
@@ -347,7 +347,7 @@ if ($request->isPost()) {
     }
   }
   elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_time')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 
-- 
2.20.1