From 5897ea0d3efe16a50706bcf1bde8d33044b5cf5f Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Fri, 1 Mar 2019 17:49:49 +0000 Subject: [PATCH] Cleaning up no longer needed access rights. --- WEB-INF/lib/ttRoleHelper.class.php | 4 ++-- WEB-INF/lib/ttTimesheetHelper.class.php | 4 ---- WEB-INF/templates/footer.tpl | 2 +- WEB-INF/templates/header.tpl | 2 +- dbinstall.php | 11 +++++++---- mysql.sql | 4 ++-- reports.php | 6 ++---- 7 files changed, 15 insertions(+), 18 deletions(-) diff --git a/WEB-INF/lib/ttRoleHelper.class.php b/WEB-INF/lib/ttRoleHelper.class.php index c03368f9..966c409b 100644 --- a/WEB-INF/lib/ttRoleHelper.class.php +++ b/WEB-INF/lib/ttRoleHelper.class.php @@ -190,8 +190,8 @@ class ttRoleHelper { $mdb2 = getConnection(); $rights_client = 'view_client_reports,view_client_invoices,manage_own_settings'; - $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users'; - $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,approve_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles'; + $rights_user = 'track_own_time,track_own_expenses,view_own_reports,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users'; + $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,approve_reports,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles'; $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports'; $rights_manager = $rights_comanager.',manage_features,manage_advanced_settings,manage_roles,export_data,manage_subgroups'; diff --git a/WEB-INF/lib/ttTimesheetHelper.class.php b/WEB-INF/lib/ttTimesheetHelper.class.php index 9ab86f0f..6b13ae53 100644 --- a/WEB-INF/lib/ttTimesheetHelper.class.php +++ b/WEB-INF/lib/ttTimesheetHelper.class.php @@ -236,10 +236,6 @@ class ttTimesheetHelper { // in current context. static function isUserValid($user_id) { // We have to cover several situations. - // - // 1) User is a client. - // 2) User with view_all_timesheets rights. - // 3) User with view_timesheets rights. global $user; diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 2afec4f9..7db67991 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
- - - + +
 Anuko Time Tracker 1.18.47.4799 | Copyright © Anuko | +  Anuko Time Tracker 1.18.47.4800 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/WEB-INF/templates/header.tpl b/WEB-INF/templates/header.tpl index a89d60f8..d00000a7 100644 --- a/WEB-INF/templates/header.tpl +++ b/WEB-INF/templates/header.tpl @@ -115,7 +115,7 @@ {if $user->exists() && ($user->can('view_own_reports') || $user->can('view_reports') || $user->can('view_all_reports') || $user->can('view_client_reports'))} {if !$user->isClient()}·{/if} {$i18n.menu.reports} {/if} - {if $user->exists() && $user->isPluginEnabled('ts') && ($user->can('view_own_timesheets') || $user->can('view_timesheets') || $user->can('view_all_timesheets'))} + {if $user->exists() && $user->isPluginEnabled('ts') && ($user->can('track_own_time') || $user->can('track_time'))} · {$i18n.menu.timesheets} {/if} {if $user->exists() && $user->isPluginEnabled('iv') && ($user->can('manage_invoices') || $user->can('view_client_invoices'))} diff --git a/dbinstall.php b/dbinstall.php index c6a72415..5a239b25 100644 --- a/dbinstall.php +++ b/dbinstall.php @@ -972,7 +972,7 @@ if ($_POST) { print "Updated $tt_expense_items_updated tt_expense_items records...
\n"; } - if ($_POST["convert11797to11847"]) { + if ($_POST["convert11797to11848"]) { ttExecute("ALTER TABLE `tt_fav_reports` CHANGE `group_by` `group_by1` varchar(20) default NULL"); ttExecute("ALTER TABLE `tt_fav_reports` ADD `group_by2` varchar(20) default NULL AFTER `group_by1`"); ttExecute("ALTER TABLE `tt_fav_reports` ADD `group_by3` varchar(20) default NULL AFTER `group_by2`"); @@ -1109,6 +1109,9 @@ if ($_POST) { ttExecute("ALTER TABLE `tt_timesheets` CHANGE `approval_status` `approve_status` tinyint(4) default NULL"); ttExecute("ALTER TABLE `tt_timesheets` CHANGE `manager_comment` `approve_comment` text"); ttExecute("UPDATE `tt_site_config` SET param_value = '1.18.47', modified = now() where param_name = 'version_db' and param_value = '1.18.46'"); + ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.47') set rights = replace(rights, 'view_own_timesheets,', '')"); + ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.47') set rights = replace(rights, 'view_timesheets,', '')"); + ttExecute("UPDATE `tt_site_config` SET param_value = '1.18.48', modified = now() where param_name = 'version_db' and param_value = '1.18.47'"); } if ($_POST["cleanup"]) { @@ -1157,7 +1160,7 @@ if ($_POST) {

DB Install

-
Create database structure (v1.18.47) + Create database structure (v1.18.48)
(applies only to new installations, do not execute when updating)
@@ -1202,8 +1205,8 @@ if ($_POST) {
Update database structure (v1.17.97 to v1.18.47)Update database structure (v1.17.97 to v1.18.48)
diff --git a/mysql.sql b/mysql.sql index 126902d1..8f324248 100644 --- a/mysql.sql +++ b/mysql.sql @@ -75,7 +75,7 @@ create unique index role_idx on tt_roles(group_id, rank, status); # Insert site-wide roles - site administrator and top manager. INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Site administrator', 1024, 'administer_site'); -INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users,view_client_reports,view_client_invoices,track_time,track_expenses,view_reports,approve_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports,view_all_timesheets,manage_all_timesheets,manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_reports,approve_all_timesheets,manage_subgroups,view_client_unapproved,delete_group'); +INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users,view_client_reports,view_client_invoices,track_time,track_expenses,view_reports,approve_reports,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports,view_all_timesheets,manage_all_timesheets,manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_reports,approve_all_timesheets,manage_subgroups,view_client_unapproved,delete_group'); # @@ -526,4 +526,4 @@ CREATE TABLE `tt_site_config` ( PRIMARY KEY (`param_name`) ); -INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.18.47', now()); # TODO: change when structure changes. +INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.18.48', now()); # TODO: change when structure changes. diff --git a/reports.php b/reports.php index fc77e091..fb74e16c 100644 --- a/reports.php +++ b/reports.php @@ -192,8 +192,7 @@ if ($showApproved) { } // Add timesheet assignment selector. -$showTimesheetDropdown = $user->isPluginEnabled('ts') && - ($user->can('view_own_timesheets') || $user->can('view_timesheets') || $user->can('view_all_timesheets')); +$showTimesheetDropdown = $user->isPluginEnabled('ts'); if ($showTimesheetDropdown) { $form->addInput(array('type'=>'combobox', 'name'=>'timesheet', @@ -206,8 +205,7 @@ if ($showTimesheetDropdown) { 'empty'=>array(''=>$i18n->get('dropdown.all')) )); } -$showTimesheetCheckbox = $user->isPluginEnabled('ts') && - ($user->can('view_own_timesheets') || $user->can('view_timesheets') || $user->can('view_all_timesheets')); +$showTimesheetCheckbox = $user->isPluginEnabled('ts'); // Add user table. $showUsers = $user->can('view_reports') || $user->can('view_all_reports') || $user->isClient(); -- 2.20.1