posaune

[timetracker.git] / charts.php

diff --git a/charts.php b/charts.php
index adaa8ae..862a2fa 100644 (file)
--- a/charts.php
+++ b/charts.php
@@ -46,6 +46,10 @@ if (!$user->isPluginEnabled('ch')) {
   header('Location: feature_disabled.php');
   exit();
 }
+if (!$user->exists()) {
+  header('Location: access_denied.php'); // Nobody to display a chart for.
+  exit();
+}
 if ($user->behalf_id && (!$user->can('view_charts') || !$user->checkBehalfId())) {
   header('Location: access_denied.php'); // Trying on behalf, but no right or wrong user.
   exit();
@@ -69,9 +73,6 @@ if ($request->isPost() && $userChanged) {
   $user->setOnBehalfUser($user_id);
 } else {
   $user_id = $user->getUser();
-  // Handle a situation for no users in on behalf group.
-  if ($user->behalfGroup && $user_id == $user->id)
-    $user_id = null;
 }
 
 $uc = new ttUserConfig();
@@ -114,10 +115,11 @@ $chart_form = new Form('chartForm');
 
 // User dropdown. Changes the user "on behalf" of whom we are working. 
 if ($user->can('view_charts')) {
+  $rank = $user->getMaxRankForGroup($user->getGroup());
   if ($user->can('view_own_charts'))
-    $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1,'include_self'=>true,'self_first'=>true);
+    $options = array('status'=>ACTIVE,'max_rank'=>$rank,'include_self'=>true,'self_first'=>true);
   else
-    $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1);
+    $options = array('status'=>ACTIVE,'max_rank'=>$rank);
   $user_list = $user->getUsers($options);
   if (count($user_list) >= 1) {
     $chart_form->addInput(array('type'=>'combobox',