From e560c531255da8d1fa40295c58cc5c4b1bb4e9d3 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Sun, 25 Mar 2018 21:32:25 +0000 Subject: [PATCH] Improved population of on behalf dropdowns on week view and expenses pages. --- WEB-INF/templates/footer.tpl | 2 +- expenses.php | 18 +++++++++++++++--- mobile/expenses.php | 18 +++++++++++++++--- time.php | 2 +- week.php | 16 ++++++++++++++-- 5 files changed, 46 insertions(+), 10 deletions(-) diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index d1cf3d01..2be4b935 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.71.4166 | Copyright © Anuko | +  Anuko Time Tracker 1.17.71.4167 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/expenses.php b/expenses.php index 00b43179..7291414a 100644 --- a/expenses.php +++ b/expenses.php @@ -42,6 +42,14 @@ if (!$user->isPluginEnabled('ex')) { header('Location: feature_disabled.php'); exit(); } +if ($user->behalf_id && (!$user->can('track_expenses') || !$user->checkBehalfId())) { + header('Location: access_denied.php'); // Trying on behalf, but no right or wrong user. + exit(); +} +if (!$user->behalf_id && !$user->can('track_own_expenses') && !$user->adjustBehalfId()) { + header('Location: access_denied.php'); // Trying as self, but no right for self, and noone to work on behalf. + exit(); +} // Initialize and store date in session. $cl_date = $request->getParameter('date', @$_SESSION['date']); @@ -64,9 +72,13 @@ $cl_cost = $request->getParameter('cost'); // Elements of expensesForm. $form = new Form('expensesForm'); -if ($user->canManageTeam()) { - $user_list = ttTeamHelper::getActiveUsers(array('putSelfFirst'=>true)); - if (count($user_list) > 1) { +if ($user->can('track_expenses')) { + if ($user->can('track_own_expenses')) + $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1,'include_self'=>true,'self_first'=>true); + else + $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1); + $user_list = $user->getUsers($options); + if (count($user_list) >= 1) { $form->addInput(array('type'=>'combobox', 'onchange'=>'this.form.submit();', 'name'=>'onBehalfUser', diff --git a/mobile/expenses.php b/mobile/expenses.php index f0fc5c30..1cd39c04 100644 --- a/mobile/expenses.php +++ b/mobile/expenses.php @@ -42,6 +42,14 @@ if (!$user->isPluginEnabled('ex')) { header('Location: feature_disabled.php'); exit(); } +if ($user->behalf_id && (!$user->can('track_expenses') || !$user->checkBehalfId())) { + header('Location: access_denied.php'); // Trying on behalf, but no right or wrong user. + exit(); +} +if (!$user->behalf_id && !$user->can('track_own_expenses') && !$user->adjustBehalfId()) { + header('Location: access_denied.php'); // Trying as self, but no right for self, and noone to work on behalf. + exit(); +} // Initialize and store date in session. $cl_date = $request->getParameter('date', @$_SESSION['date']); @@ -68,9 +76,13 @@ $cl_cost = $request->getParameter('cost'); // Elements of expensesForm. $form = new Form('expensesForm'); -if ($user->canManageTeam()) { - $user_list = ttTeamHelper::getActiveUsers(array('putSelfFirst'=>true)); - if (count($user_list) > 1) { +if ($user->can('track_expenses')) { + if ($user->can('track_own_expenses')) + $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1,'include_self'=>true,'self_first'=>true); + else + $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1); + $user_list = $user->getUsers($options); + if (count($user_list) >= 1) { $form->addInput(array('type'=>'combobox', 'onchange'=>'this.form.submit();', 'name'=>'onBehalfUser', diff --git a/time.php b/time.php index 18979fe2..98a383fd 100644 --- a/time.php +++ b/time.php @@ -51,7 +51,7 @@ if ($user->behalf_id && (!$user->can('track_time') || !$user->checkBehalfId())) exit(); } if (!$user->behalf_id && !$user->can('track_own_time') && !$user->adjustBehalfId()) { - header('Location: access_denied.php'); // Trying as self, but no right for self, and noone to view on behalf. + header('Location: access_denied.php'); // Trying as self, but no right for self, and noone to work on behalf. exit(); } diff --git a/week.php b/week.php index f1dc7889..741a2bb4 100644 --- a/week.php +++ b/week.php @@ -47,6 +47,14 @@ if (!$user->isPluginEnabled('wv')) { header('Location: feature_disabled.php'); exit(); } +if ($user->behalf_id && (!$user->can('track_time') || !$user->checkBehalfId())) { + header('Location: access_denied.php'); // Trying on behalf, but no right or wrong user. + exit(); +} +if (!$user->behalf_id && !$user->can('track_own_time') && !$user->adjustBehalfId()) { + header('Location: access_denied.php'); // Trying as self, but no right for self, and noone to work on behalf. + exit(); +} // Initialize and store date in session. $cl_date = $request->getParameter('date', @$_SESSION['date']); @@ -203,8 +211,12 @@ class WeekViewCellRenderer extends DefaultCellRenderer { $form = new Form('weekTimeForm'); if ($user->can('track_time')) { - $user_list = ttTeamHelper::getActiveUsers(array('putSelfFirst'=>true)); - if (count($user_list) > 1) { + if ($user->can('track_own_time')) + $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1,'include_self'=>true,'self_first'=>true); + else + $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1); + $user_list = $user->getUsers($options); + if (count($user_list) >= 1) { $form->addInput(array('type'=>'combobox', 'onchange'=>'this.form.submit();', 'name'=>'onBehalfUser', -- 2.20.1