]> wagnertech.de Git - timetracker.git/blobdiff - user_edit.php
projects / timetracker.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Access checks re-done using role rights.
[timetracker.git] / user_edit.php
diff --git a/user_edit.php b/user_edit.php
index d8f49a78b04604263ee6b52fbdfa50af17624156..493b00ba24f49a06e0d6eb22d335da034b95cffe 100644 (file)
--- a/user_edit.php
+++ b/user_edit.php
@@ -36,7 +36,7 @@ import('form.TableColumn');
 import('ttRoleHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessAllowed('manage_users')) {
   header('Location: access_denied.php');
   exit();
 }
@@ -192,7 +192,7 @@ if ($request->isPost()) {
         'status' => $cl_status,
         'rate' => $cl_rate,
         'projects' => $assigned_projects);
-      if (right_assign_roles & $user->rights && $cl_role) {
+      if (right_assign_roles & $user->rights_mask && $cl_role) {
         // Get legacy role value.
         $legacy_role = ttRoleHelper::getLegacyRole($cl_role); // TODO: remove after roles revamp.
         $fields['role'] = $legacy_role;
Unnamed repository; edit this file 'description' to name the repository.