X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/7ea057af633d933eb5b39cceb112c3cc98c55a1d..06c7ff20c26a9f1957ba3e2c909e5853e8b9ed70:/user_edit.php

diff --git a/user_edit.php b/user_edit.php
index f890282d..92d27eaa 100644
--- a/user_edit.php
+++ b/user_edit.php
@@ -36,7 +36,7 @@ import('form.TableColumn');
 import('ttRoleHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessAllowed('manage_users')) {
   header('Location: access_denied.php');
   exit();
 }
@@ -192,10 +192,11 @@ if ($request->isPost()) {
         'status' => $cl_status,
         'rate' => $cl_rate,
         'projects' => $assigned_projects);
-      if (right_assign_roles & $user->rights_mask && $cl_role) {
+      if (in_array('manage_users', $user->rights) && $cl_role) {
         // Get legacy role value.
         $legacy_role = ttRoleHelper::getLegacyRole($cl_role); // TODO: remove after roles revamp.
         $fields['role'] = $legacy_role;
+
         $fields['role_id'] = $cl_role;
         $fields['client_id'] = $cl_client_id;
       }