Started redesign of timesheets feature.

[timetracker.git] / WEB-INF / lib / ttTimesheetHelper.class.php

diff --git a/WEB-INF/lib/ttTimesheetHelper.class.php b/WEB-INF/lib/ttTimesheetHelper.class.php
index 21e75a96ddd81b3279ce95d34334b27c6d9861a1..636504e30b712637b33c2a2ff1a742cc7c7c5e18 100644 (file)
--- a/WEB-INF/lib/ttTimesheetHelper.class.php
+++ b/WEB-INF/lib/ttTimesheetHelper.class.php
@@ -285,17 +285,10 @@ class ttTimesheetHelper {
 
     global $user;
 
-    // Step 1.
-    // A client must have view_client_timesheets and
-    // aser must be assigned to one of client projects.
-    if ($user->isClient()) {
-      if (!$user->can('view_client_timesheets'))
-        return false;
-      $valid_users = ttGroupHelper::getUsersForClient($user->client_id);
-      $v = 2;
-    }
-
-    return true;
+    // TODO: we are currently re-designing timesheets.
+    // Clients are not supposed to view them at all.
+    // And the post will change on_behalf user, to keep things consistent.
+    return false;
   }
 
   // getReportOptions prepares $options array to be used with ttReportHelper
@@ -336,7 +329,7 @@ class ttTimesheetHelper {
     $sql = "select u.id, u.name, u.email".
       " from tt_users u".
       " left join tt_roles r on (r.id = u.role_id)".
-      " where u.status = 1 and u.email is not null".
+      " where u.status = 1 and u.email is not null and u.group_id = $group_id and u.org_id = $org_id".
       " and (r.rights like '%approve_all_timesheets%' or (r.rank > $rank and r.rights like '%approve_timesheets%'))";
     $res = $mdb2->query($sql);
     if (!is_a($res, 'PEAR_Error')) {