posaune

[timetracker.git] / timesheet_edit.php

diff --git a/timesheet_edit.php b/timesheet_edit.php
index 8446154..b883b20 100644 (file)
--- a/timesheet_edit.php
+++ b/timesheet_edit.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTimesheetHelper');
 
 // Access checks.
-if (!(ttAccessAllowed('manage_own_timesheets') || ttAccessAllowed('manage_timesheets'))) {
+if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time'))) {
   header('Location: access_denied.php');
   exit();
 }
@@ -53,10 +53,15 @@ if ($request->isPost()) {
   $cl_status = $request->getParameter('status');
 } else {
   $cl_name = $timesheet['name'];
-  $cl_comment = $timesheet['submitter_comment'];
+  $cl_comment = $timesheet['comment'];
   $cl_status = $timesheet['status'];
 }
 
+// Can we delete this timesheet?
+$canDelete = $timesheet['approve_status'] != 1
+  || (($user->id == $timesheet['user_id'] && $user->can('approve_own_timesheets'))
+  || ($user->id != $timesheet['user_id'] && $user->can('approve_timesheets')));
+
 $form = new Form('timesheetForm');
 $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$cl_timesheet_id));
 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'timesheet_name','style'=>'width: 250px;','value'=>$cl_name));
@@ -64,40 +69,41 @@ $form->addInput(array('type'=>'textarea','name'=>'comment','style'=>'width: 250p
 $form->addInput(array('type'=>'combobox','name'=>'status','value'=>$cl_status,
   'data'=>array(ACTIVE=>$i18n->get('dropdown.status_active'),INACTIVE=>$i18n->get('dropdown.status_inactive'))));
 $form->addInput(array('type'=>'submit','name'=>'btn_save','value'=>$i18n->get('button.save')));
+if ($canDelete) $form->addInput(array('type'=>'submit','name'=>'btn_delete','value'=>$i18n->get('label.delete')));
 
 if ($request->isPost()) {
   // Validate user input.
   if (!ttValidString($cl_name)) $err->add($i18n->get('error.field'), $i18n->get('label.thing_name'));
   if (!ttValidString($cl_comment, true)) $err->add($i18n->get('error.field'), $i18n->get('label.comment'));
 
-  if ($err->no()) {
-    /*
-    // TODO: coding ongoing down from here.
-    if ($request->getParameter('btn_save')) {
-      $existing_project = ttProjectHelper::getProjectByName($cl_name);
-      if (!$existing_project || ($cl_project_id == $existing_project['id'])) {
-         // Update project information.
-         if (ttProjectHelper::update(array(
-           'id' => $cl_project_id,
+  if ($request->getParameter('btn_save')) {
+    if ($err->no()) {
+      $existing_timesheet = ttTimesheetHelper::getTimesheetByName($cl_name);
+      if (!$existing_timesheet || ($cl_timesheet_id == $existing_timesheet['id'])) {
+         // Update timesheet information.
+         if (ttTimesheetHelper::update(array(
+           'id' => $cl_timesheet_id,
            'name' => $cl_name,
-           'description' => $cl_description,
-           'status' => $cl_status,
-           'users' => $cl_users,
-           'tasks' => $cl_tasks))) {
-           header('Location: projects.php');
+           'comment' => $cl_comment,
+           'status' => $cl_status))) {
+           header('Location: timesheets.php');
            exit();
         } else
            $err->add($i18n->get('error.db'));
       } else
         $err->add($i18n->get('error.object_exists'));
-    }*/
+    }
+  }
+
+  if ($request->getParameter('btn_delete') && $canDelete) {
+    header("Location: timesheet_delete.php?id=$cl_timesheet_id");
+    exit();
   }
 } // isPost
 
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('onload', 'onLoad="document.timesheetForm.timesheet_name.focus()"');
-$smarty->assign('show_users', count($users) > 0);
-$smarty->assign('show_tasks', $show_tasks);
+$smarty->assign('can_delete', $canDelete);
 $smarty->assign('title', $i18n->get('title.edit_timesheet'));
 $smarty->assign('content_page_name', 'timesheet_edit.tpl');
 $smarty->display('index.tpl');