Zeiterfassung: Recht berücksichtigen, Einträge von anderen (nicht) zu sehen

[mfinanz.git] / SL / Controller / TimeRecording.pm

diff --git a/SL/Controller/TimeRecording.pm b/SL/Controller/TimeRecording.pm
index c0a4cdc0c1ea9909167109652b270e88df495246..9ed3c72373b3d1be1e1343d1c161597c06ee3848 100644 (file)
--- a/SL/Controller/TimeRecording.pm
+++ b/SL/Controller/TimeRecording.pm
@@ -18,7 +18,7 @@ use SL::ReportGenerator;
 use Rose::Object::MakeMethods::Generic
 (
 # scalar                  => [ qw() ],
- 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees) ],
+ 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees can_view_all) ],
 );
 
 
@@ -43,6 +43,11 @@ my %sort_columns = (
 sub action_list {
   my ($self, %params) = @_;
 
+  $::form->{filter} //=  {
+    staff_member_id       => SL::DB::Manager::Employee->current->id,
+    "start_time:date::ge" => DateTime->now_local->add(weeks => -2)->to_kivitendo,
+  };
+
   $self->setup_list_action_bar;
   $self->make_filter_summary;
   $self->prepare_report;
@@ -121,11 +126,21 @@ sub init_time_recording {
   return $time_recording;
 }
 
+sub init_can_view_all {
+  $::auth->assert('time_recording_show_all', 1) || $::auth->assert('time_recording_edit_all', 1)
+}
+
 sub init_models {
+  my ($self) = @_;
+
+  my @where;
+  push @where, (staff_member_id => SL::DB::Manager::Employee->current->id) if !$self->can_view_all;
+
   SL::Controller::Helper::GetModels->new(
     controller     => $_[0],
     sorted         => \%sort_columns,
     disable_plugin => 'paginated',
+    query          => \@where,
     with_objects   => [ 'customer', 'type', 'project', 'staff_member', 'employee' ],
   );
 }
@@ -135,7 +150,7 @@ sub init_all_time_recording_types {
 }
 
 sub init_all_employees {
-  SL::DB::Manager::Employee->get_all_sorted;
+  SL::DB::Manager::Employee->get_all_sorted(query => [ deleted => 0 ]);
 }
 
 sub check_auth {