]> wagnertech.de Git - timetracker.git/blobdiff - time_files.php
projects / timetracker.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Improved security of getRecordForFileView().
[timetracker.git] / time_files.php
diff --git a/time_files.php b/time_files.php
index 40a0c50639cb3b7357713faabcf0e7383692f444..c499b25c9312e6cce4d5a2bd673840daa31abf0b 100644 (file)
--- a/time_files.php
+++ b/time_files.php
@@ -82,8 +82,7 @@ if ($request->isPost()) {
   }
 } // isPost
 
-$canEdit = !($time_rec['approved'] || $time_rec['timesheet_id'] || $time_rec['invoice_id']);
-$smarty->assign('can_edit', $canEdit);
+$smarty->assign('can_edit', $time_rec['can_edit']);
 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('files', $files);
 $smarty->assign('title', $i18n->get('title.time_files'));
Unnamed repository; edit this file 'description' to name the repository.