From c71ac60a3c6913ad64b22f367b994983ff77ca22 Mon Sep 17 00:00:00 2001
From: Nik Okuntseff <support@anuko.com>
Date: Sat, 23 Feb 2019 21:47:45 +0000
Subject: [PATCH] Introduced view_client_unapproved access right.

---
 WEB-INF/lib/ttRoleHelper.class.php |  2 +-
 WEB-INF/templates/footer.tpl       |  2 +-
 WEB-INF/templates/reports.tpl      |  4 ++--
 dbinstall.php                      | 10 ++++++----
 mysql.sql                          |  4 ++--
 reports.php                        | 16 ++++++++++------
 6 files changed, 22 insertions(+), 16 deletions(-)
diff --git a/WEB-INF/lib/ttRoleHelper.class.php b/WEB-INF/lib/ttRoleHelper.class.php
index 000f7ceb..92f6bec3 100644
--- a/WEB-INF/lib/ttRoleHelper.class.php
+++ b/WEB-INF/lib/ttRoleHelper.class.php
@@ -189,7 +189,7 @@ class ttRoleHelper {
 
     $mdb2 = getConnection();
 
-    $rights_client = 'view_client_reports,view_client_timesheets,view_client_invoices,manage_own_settings';
+    $rights_client = 'view_client_reports,view_client_timesheets,view_client_unapproved,view_client_invoices,manage_own_settings';
     $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users';
     $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles';
     $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports';
diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index 9677eea8..d0cc37fd 100644
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.18.37.4762 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.18.41.4763 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/WEB-INF/templates/reports.tpl b/WEB-INF/templates/reports.tpl
index 82135278..07c39834 100644
--- a/WEB-INF/templates/reports.tpl
+++ b/WEB-INF/templates/reports.tpl
@@ -216,7 +216,7 @@ function handleCheckboxes() {
               <tr><td><b>{$i18n.label.invoice}</b></td></tr>
               <tr><td>{$forms.reportForm.invoice.control}</td></tr>
 {/if}
-{if $show_timesheet}
+{if $show_timesheet_dropdown}
               <tr><td><b>{$i18n.label.timesheet}</b></td></tr>
               <tr><td>{$forms.reportForm.timesheet.control}</td></tr>
 {/if}
@@ -259,7 +259,7 @@ function handleCheckboxes() {
 {if $show_project}
                     <tr><td><label>{$forms.reportForm.chproject.control}&nbsp;{$i18n.label.project}</label></td></tr>
 {/if}
-{if $show_timesheet}
+{if $show_timesheet_checkbox}
                     <tr><td><label>{$forms.reportForm.chtimesheet.control}&nbsp;{$i18n.label.timesheet}</label></td></tr>
 {/if}
 {if $show_cf_1_checkbox}
diff --git a/dbinstall.php b/dbinstall.php
index e40d4be6..f700d99e 100644
--- a/dbinstall.php
+++ b/dbinstall.php
@@ -972,7 +972,7 @@ if ($_POST) {
     print "Updated $tt_expense_items_updated tt_expense_items records...<br>\n";
   }
 
-  if ($_POST["convert11797to11840"]) {
+  if ($_POST["convert11797to11841"]) {
     ttExecute("ALTER TABLE `tt_fav_reports` CHANGE `group_by` `group_by1` varchar(20) default NULL");
     ttExecute("ALTER TABLE `tt_fav_reports` ADD `group_by2` varchar(20) default NULL AFTER `group_by1`");
     ttExecute("ALTER TABLE `tt_fav_reports` ADD `group_by3` varchar(20) default NULL AFTER `group_by2`");
@@ -1083,6 +1083,8 @@ if ($_POST) {
     ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.39') set rights = replace(rights, 'view_own_timesheets', 'view_client_timesheets') where rank = 16");
     ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.39') set rights = replace(rights, 'view_own_invoices', 'view_client_invoices') where rank = 16");
     ttExecute("UPDATE `tt_site_config` SET param_value = '1.18.40', modified = now() where param_name = 'version_db' and param_value = '1.18.39'");
+    ttExecute("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.18.40') set rights = replace(rights, 'view_client_timesheets,view_client_invoices', 'view_client_timesheets,view_client_unapproved,view_client_invoices') where rank = 16");
+    ttExecute("UPDATE `tt_site_config` SET param_value = '1.18.41', modified = now() where param_name = 'version_db' and param_value = '1.18.40'");
   }
 
   if ($_POST["cleanup"]) {
@@ -1131,7 +1133,7 @@ if ($_POST) {
 <h2>DB Install</h2>
 <table width="80%" border="1" cellpadding="10" cellspacing="0">
   <tr>
-    <td width="80%"><b>Create database structure (v1.18.40)</b>
+    <td width="80%"><b>Create database structure (v1.18.41)</b>
     <br>(applies only to new installations, do not execute when updating)</br></td><td><input type="submit" name="crstructure" value="Create"></td>
   </tr>
 </table>
@@ -1176,8 +1178,8 @@ if ($_POST) {
   </tr>
   </tr>
   <tr valign="top">
-    <td>Update database structure (v1.17.97 to v1.18.40)</td>
-    <td><input type="submit" name="convert11797to11840" value="Update"></td>
+    <td>Update database structure (v1.17.97 to v1.18.41)</td>
+    <td><input type="submit" name="convert11797to11841" value="Update"></td>
   </tr>
 </table>
 
diff --git a/mysql.sql b/mysql.sql
index 0218cf75..2a507ee2 100644
--- a/mysql.sql
+++ b/mysql.sql
@@ -75,7 +75,7 @@ create unique index role_idx on tt_roles(group_id, rank, status);
 
 # Insert site-wide roles - site administrator and top manager.
 INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Site administrator', 1024, 'administer_site');
-INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users,view_client_reports,view_client_timesheets,view_client_invoices,track_time,track_expenses,view_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports,view_all_timesheets,manage_all_timesheets,manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_timesheets,manage_subgroups,delete_group');
+INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_timesheets,manage_own_timesheets,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users,view_client_reports,view_client_timesheets,view_client_unapproved,view_client_invoices,track_time,track_expenses,view_reports,view_timesheets,manage_timesheets,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports,view_all_timesheets,manage_all_timesheets,manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_timesheets,manage_subgroups,delete_group');
 
 
 #
@@ -518,4 +518,4 @@ CREATE TABLE `tt_site_config` (
   PRIMARY KEY  (`param_name`)
 );
 
-INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.18.40', now()); # TODO: change when structure changes.
+INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.18.41', now()); # TODO: change when structure changes.
diff --git a/reports.php b/reports.php
index f652027b..fdb2d2ed 100644
--- a/reports.php
+++ b/reports.php
@@ -179,10 +179,10 @@ if ($showPaidStatus) {
 }
 
 // Add timesheet assignment selector.
-$showTimesheet = $user->isPluginEnabled('ts') &&
+$showTimesheetDropdown = $user->isPluginEnabled('ts') &&
   ($user->can('view_own_timesheets') || $user->can('view_timesheets') ||
-   $user->can('view_all_timesheets') || $user->can('view_client_timesheets'));
-if ($showTimesheet) {
+   $user->can('view_all_timesheets') || ($user->can('view_client_timesheets') && $user->can('view_client_unapproved')));
+if ($showTimesheetDropdown) {
   $form->addInput(array('type'=>'combobox',
    'name'=>'timesheet',
    'style'=>'width: 250px;',
@@ -194,6 +194,9 @@ if ($showTimesheet) {
    'empty'=>array(''=>$i18n->get('dropdown.all'))
   ));
 }
+$showTimesheetCheckbox = $user->isPluginEnabled('ts') &&
+  ($user->can('view_own_timesheets') || $user->can('view_timesheets') ||
+   $user->can('view_all_timesheets') || $user->can('view_client_timesheets'));
 
 // Add user table.
 $showUsers = $user->can('view_reports') || $user->can('view_all_reports') || $user->isClient();
@@ -274,11 +277,11 @@ $form->addInput(array('type'=>'checkbox','name'=>'chcost'));
 $showWorkUnits = $user->isPluginEnabled('wu');
 if ($showWorkUnits)
   $form->addInput(array('type'=>'checkbox','name'=>'chunits'));
-if ($showTimesheet)
+if ($showTimesheetCheckbox)
   $form->addInput(array('type'=>'checkbox','name'=>'chtimesheet'));
 
 // Add a hidden control for timesheet_user_id (who to generate a timesheet for).
-if ($showTimesheet)
+if ($showTimesheetCheckbox)
   $form->addInput(array('type'=>'hidden','name'=>'timesheet_user_id'));
 
 // Add group by control.
@@ -428,7 +431,8 @@ $smarty->assign('show_billable', $showBillable);
 $smarty->assign('show_invoice_dropdown', $showInvoiceDropdown);
 $smarty->assign('show_invoice_checkbox', $showInvoiceCheckbox);
 $smarty->assign('show_paid_status', $showPaidStatus);
-$smarty->assign('show_timesheet', $showTimesheet);
+$smarty->assign('show_timesheet_dropdown', $showTimesheetDropdown);
+$smarty->assign('show_timesheet_checkbox', $showTimesheetCheckbox);
 $smarty->assign('show_users', $showUsers);
 $smarty->assign('show_start', $showStart);
 $smarty->assign('show_finish', $showFinish);
-- 
2.20.1


Anuko Time Tracker 1.18.37.4762 \| Copyright © Anuko \| +	Anuko Time Tracker 1.18.41.4763 \| Copyright © Anuko \| {$i18n.footer.credits} \| {$i18n.footer.license} \| {$i18n.footer.improve} diff --git a/WEB-INF/templates/reports.tpl b/WEB-INF/templates/reports.tpl index 82135278..07c39834 100644 --- a/WEB-INF/templates/reports.tpl +++ b/WEB-INF/templates/reports.tpl @@ -216,7 +216,7 @@ function handleCheckboxes() {
{$i18n.label.invoice}
{$forms.reportForm.invoice.control}
{$i18n.label.timesheet}
{$forms.reportForm.timesheet.control}
{$forms.reportForm.chproject.control} {$i18n.label.project}
{$forms.reportForm.chtimesheet.control} {$i18n.label.timesheet}