From 6d72b9b2a73391e8e6b2a3586b4972c1a2e8160d Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Tue, 19 Feb 2019 15:28:59 +0000 Subject: [PATCH] Renamed client access rights for clarity. --- WEB-INF/lib/ttRoleHelper.class.php | 2 +- WEB-INF/templates/footer.tpl | 2 +- WEB-INF/templates/header.tpl | 4 ++-- WEB-INF/templates/invoices.tpl | 2 +- dbinstall.php | 14 ++++++++++---- invoice_send.php | 2 +- invoice_view.php | 2 +- invoices.php | 2 +- mysql.sql | 4 ++-- report.php | 2 +- reports.php | 2 +- tofile.php | 2 +- topdf.php | 2 +- 13 files changed, 24 insertions(+), 18 deletions(-) diff --git a/WEB-INF/lib/ttRoleHelper.class.php b/WEB-INF/lib/ttRoleHelper.class.php index 02b22cdf..000f7ceb 100644 --- a/WEB-INF/lib/ttRoleHelper.class.php +++ b/WEB-INF/lib/ttRoleHelper.class.php @@ -189,7 +189,7 @@ class ttRoleHelper { $mdb2 = getConnection(); - $rights_client = 'view_own_reports,view_own_timesheets,view_own_charts,view_own_invoices,manage_own_settings'; + $rights_client = 'view_client_reports,view_client_timesheets,view_client_invoices,manage_own_settings'; $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users'; $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles'; $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports'; diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index d8ce9770..6ed36219 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.18.37.4738 | Copyright © Anuko | +  Anuko Time Tracker 1.18.37.4739 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/WEB-INF/templates/header.tpl b/WEB-INF/templates/header.tpl index b5f122db..aab851bf 100644 --- a/WEB-INF/templates/header.tpl +++ b/WEB-INF/templates/header.tpl @@ -112,14 +112,14 @@ {if $user->exists() && $user->isPluginEnabled('ex') && ($user->can('track_own_expenses') || $user->can('track_expenses'))} · {$i18n.menu.expenses} {/if} - {if $user->exists() && ($user->can('view_own_reports') || $user->can('view_reports'))} + {if $user->exists() && ($user->can('view_own_reports') || $user->can('view_reports') || $user->can('view_all_reports') || $user->can('view_client_reports'))} · {$i18n.menu.reports} {/if} {if $user->exists() && $user->isPluginEnabled('ts') && ($user->can('view_own_timesheets') || $user->can('manage_own_timesheets') || $user->can('view_timesheets') || $user->can('manage_timesheets') || $user->can('approve_timesheets'))} · {$i18n.menu.timesheets} {/if} - {if $user->exists() && $user->isPluginEnabled('iv') && ($user->can('view_own_invoices') || $user->can('manage_invoices'))} + {if $user->exists() && $user->isPluginEnabled('iv') && ($user->can('manage_invoices') || $user->can('view_client_invoices'))} · {$i18n.title.invoices} {/if} {if ($user->exists() && $user->isPluginEnabled('ch') && ($user->can('view_own_charts') || $user->can('view_charts'))) && diff --git a/WEB-INF/templates/invoices.tpl b/WEB-INF/templates/invoices.tpl index b966f9e2..86e7e525 100644 --- a/WEB-INF/templates/invoices.tpl +++ b/WEB-INF/templates/invoices.tpl @@ -5,7 +5,7 @@ - - + +
-{if $user->can('manage_invoices') || $user->can('view_own_invoices')} +{if $user->can('manage_invoices') || $user->can('view_client_invoices')} diff --git a/dbinstall.php b/dbinstall.php index 99450963..e40d4be6 100644 --- a/dbinstall.php +++ b/dbinstall.php @@ -972,7 +972,7 @@ if ($_POST) { print "Updated $tt_expense_items_updated tt_expense_items records...
\n"; } - if ($_POST["convert11797to11839"]) { + if ($_POST["convert11797to11840"]) { ttExecute("ALTER TABLE `tt_fav_reports` CHANGE `group_by` `group_by1` varchar(20) default NULL"); ttExecute("ALTER TABLE `tt_fav_reports` ADD `group_by2` varchar(20) default NULL AFTER `group_by1`"); ttExecute("ALTER TABLE `tt_fav_reports` ADD `group_by3` varchar(20) default NULL AFTER `group_by2`"); @@ -1077,6 +1077,12 @@ if ($_POST) { ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.38') set rights = replace(rights, 'view_all_reports', 'view_all_reports,view_all_timesheets,manage_all_timesheets') where rank = 68 or rank = 324"); ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.38') set rights = replace(rights, 'export_data,manage_subgroups', 'export_data,approve_all_timesheets,manage_subgroups') where rank = 324"); ttExecute("UPDATE `tt_site_config` SET param_value = '1.18.39', modified = now() where param_name = 'version_db' and param_value = '1.18.38'"); + ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.39') set rights = 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users,view_client_reports,view_client_timesheets,view_client_invoices,track_time,track_expenses,view_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports,view_all_timesheets,manage_all_timesheets,manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_timesheets,manage_subgroups,delete_group' where rank = 512"); + ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.39') set rights = replace(rights, 'view_own_reports', 'view_client_reports') where rank = 16"); + ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.39') set rights = replace(rights, 'view_own_charts,', '') where rank = 16"); + ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.39') set rights = replace(rights, 'view_own_timesheets', 'view_client_timesheets') where rank = 16"); + ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.39') set rights = replace(rights, 'view_own_invoices', 'view_client_invoices') where rank = 16"); + ttExecute("UPDATE `tt_site_config` SET param_value = '1.18.40', modified = now() where param_name = 'version_db' and param_value = '1.18.39'"); } if ($_POST["cleanup"]) { @@ -1125,7 +1131,7 @@ if ($_POST) {

DB Install

{$i18n.label.invoice}
-
Create database structure (v1.18.39) + Create database structure (v1.18.40)
(applies only to new installations, do not execute when updating)
@@ -1170,8 +1176,8 @@ if ($_POST) {
Update database structure (v1.17.97 to v1.18.39)Update database structure (v1.17.97 to v1.18.40)
diff --git a/invoice_send.php b/invoice_send.php index c86cebb5..e94e8050 100644 --- a/invoice_send.php +++ b/invoice_send.php @@ -32,7 +32,7 @@ import('ttInvoiceHelper'); import('ttUserConfig'); // Access checks. -if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_own_invoices'))) { +if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_client_invoices'))) { header('Location: access_denied.php'); exit(); } diff --git a/invoice_view.php b/invoice_view.php index 772500ef..64831798 100644 --- a/invoice_view.php +++ b/invoice_view.php @@ -33,7 +33,7 @@ import('ttClientHelper'); import('form.Form'); // Access checks. -if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_own_invoices'))) { +if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_client_invoices'))) { header('Location: access_denied.php'); exit(); } diff --git a/invoices.php b/invoices.php index ba1cad46..de51b536 100644 --- a/invoices.php +++ b/invoices.php @@ -31,7 +31,7 @@ import('form.Form'); import('ttGroupHelper'); // Access checks. -if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_own_invoices'))) { +if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_client_invoices'))) { header('Location: access_denied.php'); exit(); } diff --git a/mysql.sql b/mysql.sql index bd8a67e7..0218cf75 100644 --- a/mysql.sql +++ b/mysql.sql @@ -75,7 +75,7 @@ create unique index role_idx on tt_roles(group_id, rank, status); # Insert site-wide roles - site administrator and top manager. INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Site administrator', 1024, 'administer_site'); -INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_invoices,view_own_projects,view_own_tasks,manage_own_settings,view_users,track_time,track_expenses,view_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports,view_all_timesheets,manage_all_timesheets,manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_timesheets,manage_subgroups,delete_group'); +INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users,view_client_reports,view_client_timesheets,view_client_invoices,track_time,track_expenses,view_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports,view_all_timesheets,manage_all_timesheets,manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_timesheets,manage_subgroups,delete_group'); # @@ -518,4 +518,4 @@ CREATE TABLE `tt_site_config` ( PRIMARY KEY (`param_name`) ); -INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.18.39', now()); # TODO: change when structure changes. +INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.18.40', now()); # TODO: change when structure changes. diff --git a/report.php b/report.php index 65d98e4e..93720cb2 100644 --- a/report.php +++ b/report.php @@ -33,7 +33,7 @@ import('ttReportHelper'); import('ttGroupHelper'); // Access check. -if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports') || ttAccessAllowed('view_all_reports'))) { +if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports') || ttAccessAllowed('view_all_reports') || ttAccessAllowed('view_client_reports'))) { header('Location: access_denied.php'); exit(); } diff --git a/reports.php b/reports.php index 892b117e..05d7e5f2 100644 --- a/reports.php +++ b/reports.php @@ -38,7 +38,7 @@ import('ttClientHelper'); import('ttReportHelper'); // Access check. -if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports') || ttAccessAllowed('view_all_reports'))) { +if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports') || ttAccessAllowed('view_all_reports') || ttAccessAllowed('view_client_reports'))) { header('Location: access_denied.php'); exit(); } diff --git a/tofile.php b/tofile.php index 3934471d..3ddce979 100644 --- a/tofile.php +++ b/tofile.php @@ -32,7 +32,7 @@ import('form.ActionForm'); import('ttReportHelper'); // Access checks. -if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports'))) { +if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports') || ttAccessAllowed('view_all_reports') || ttAccessAllowed('view_client_reports'))) { header('Location: access_denied.php'); exit(); } diff --git a/topdf.php b/topdf.php index fd3016e5..181dec69 100644 --- a/topdf.php +++ b/topdf.php @@ -36,7 +36,7 @@ import('form.ActionForm'); import('ttReportHelper'); // Access checks. -if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports'))) { +if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports') || ttAccessAllowed('view_all_reports') || ttAccessAllowed('view_client_reports'))) { header('Location: access_denied.php'); exit(); } -- 2.20.1