More refactoring of rights checks (#61)

author bonnedav <theD_2011@hotmail.com>

Tue, 3 Apr 2018 12:53:55 +0000 (06:53 -0600)

committer anuko <support@anuko.com>

Tue, 3 Apr 2018 12:53:55 +0000 (12:53 +0000)
author bonnedav <theD_2011@hotmail.com>
Tue, 3 Apr 2018 12:53:55 +0000 (06:53 -0600)
committer anuko <support@anuko.com>
Tue, 3 Apr 2018 12:53:55 +0000 (12:53 +0000)
diff --git a/WEB-INF/templates/invoices.tpl b/WEB-INF/templates/invoices.tpl

index 32d0954..b966f9e 100644 (file)
--- a/WEB-INF/templates/invoices.tpl
+++ b/WEB-INF/templates/invoices.tpl
@@ -5,7 +5,7 @@
  <table cellspacing="0" cellpadding="7" border="0" width="720">
    <tr>
      <td valign="top">
-{if $user->canManageTeam() || $user->isClient()}
+{if $user->can('manage_invoices') || $user->can('view_own_invoices')}
        <table cellspacing="1" cellpadding="3" border="0" width="100%">
          <tr>
            <td class="tableHeader">{$i18n.label.invoice}</td>
diff --git a/WEB-INF/templates/mobile/projects.tpl b/WEB-INF/templates/mobile/projects.tpl

index 5e48813..96dcce1 100644 (file)
--- a/WEB-INF/templates/mobile/projects.tpl
+++ b/WEB-INF/templates/mobile/projects.tpl
@@ -5,7 +5,7 @@
  <table class="mobile-table">
    <tr>
      <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_projects')}
        <table class="mobile-table-details">
    {if $inactive_projects}
          <tr><td class="sectionHeaderNoBorder">{$i18n.form.projects.active_projects}</td></tr>
diff --git a/WEB-INF/templates/notifications.tpl b/WEB-INF/templates/notifications.tpl

index 021ff92..7285419 100644 (file)
--- a/WEB-INF/templates/notifications.tpl
+++ b/WEB-INF/templates/notifications.tpl
@@ -2,7 +2,7 @@
  <table cellspacing="0" cellpadding="7" border="0" width="720">
    <tr>
      <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_advanced_settings')}
        <table cellspacing="1" cellpadding="3" border="0" width="100%">
          <tr>
            <td class="tableHeader">{$i18n.label.thing_name}</td>
diff --git a/WEB-INF/templates/predefined_expenses.tpl b/WEB-INF/templates/predefined_expenses.tpl

index 265bdf1..147230d 100644 (file)
--- a/WEB-INF/templates/predefined_expenses.tpl
+++ b/WEB-INF/templates/predefined_expenses.tpl
@@ -2,7 +2,7 @@
  <table cellspacing="0" cellpadding="7" border="0" width="720">
    <tr>
      <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_advanced_settings')}
        <table cellspacing="1" cellpadding="3" border="0" width="100%">
          <tr>
            <td class="tableHeader">{$i18n.label.thing_name}</td>
diff --git a/WEB-INF/templates/projects.tpl b/WEB-INF/templates/projects.tpl

index 3196721..5899936 100644 (file)
--- a/WEB-INF/templates/projects.tpl
+++ b/WEB-INF/templates/projects.tpl
@@ -5,7 +5,7 @@
  <table cellspacing="0" cellpadding="7" border="0" width="720">
    <tr>
      <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_projects')}
        <table cellspacing="1" cellpadding="3" border="0" width="100%">
    {if $inactive_projects}
          <tr><td class="sectionHeaderNoBorder">{$i18n.form.projects.active_projects}</td></tr>
diff --git a/expenses.php b/expenses.php

index fee8120..7d7295d 100644 (file)
--- a/expenses.php
+++ b/expenses.php
@@ -196,7 +196,7 @@ if ($request->isPost()) {
          $err->add($i18n->get('error.db'));
      }
    } elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_expenses')) {
        unset($_SESSION['behalf_id']);
        unset($_SESSION['behalf_name']);
  
diff --git a/mobile/expenses.php b/mobile/expenses.php

index 815a4fc..c853a2c 100644 (file)
--- a/mobile/expenses.php
+++ b/mobile/expenses.php
@@ -200,7 +200,7 @@ if ($request->isPost()) {
          $err->add($i18n->get('error.db'));
      }
    } elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_expenses')) {
        unset($_SESSION['behalf_id']);
        unset($_SESSION['behalf_name']);
  
diff --git a/mobile/users.php b/mobile/users.php

index 4723543..b531d7a 100644 (file)
--- a/mobile/users.php
+++ b/mobile/users.php
@@ -40,7 +40,7 @@ if (!(ttAccessAllowed('view_users') || ttAccessAllowed('manage_users'))) {
  
  // Get users.
  $active_users = ttTeamHelper::getActiveUsers(array('getAllFields'=>true));
-if($user->canManageTeam()) {
+if($user->can('manage_users')) {
    $can_delete_manager = (1 == count($active_users));
    $inactive_users = ttTeamHelper::getInactiveUsers($user->group_id, true);
  }
diff --git a/time.php b/time.php

index 24cc7c8..d4caad2 100644 (file)
--- a/time.php
+++ b/time.php
@@ -347,7 +347,7 @@ if ($request->isPost()) {
      }
    }
    elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_time')) {
        unset($_SESSION['behalf_id']);
        unset($_SESSION['behalf_name']);
author	bonnedav <theD_2011@hotmail.com>
	Tue, 3 Apr 2018 12:53:55 +0000 (06:53 -0600)
committer	anuko <support@anuko.com>
	Tue, 3 Apr 2018 12:53:55 +0000 (12:53 +0000)
WEB-INF/templates/invoices.tpl		patch \| blob \| history
WEB-INF/templates/mobile/projects.tpl		patch \| blob \| history
WEB-INF/templates/notifications.tpl		patch \| blob \| history
WEB-INF/templates/predefined_expenses.tpl		patch \| blob \| history
WEB-INF/templates/projects.tpl		patch \| blob \| history
expenses.php		patch \| blob \| history
mobile/expenses.php		patch \| blob \| history
mobile/users.php		patch \| blob \| history
time.php		patch \| blob \| history