X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/a8a191541d6f05b08bd8331bdf409af5abfac896..796b9e17473ca045e448b7876472bb73015247e9:/charts.php

diff --git a/charts.php b/charts.php
index 959cfe36..3923d9a0 100644
--- a/charts.php
+++ b/charts.php
@@ -32,13 +32,13 @@ require_once('initialize.php');
 import('form.Form');
 import('DateAndTime');
 import('ttChartHelper');
-import('ttSysConfig');
+import('ttUserConfig');
 import('PieChartEx');
 import('ttUserHelper');
 import('ttTeamHelper');
 
 // Access checks.
-if (!ttAccessAllowed('view_own_charts')) {
+if (!(ttAccessAllowed('view_own_charts') || ttAccessAllowed('view_charts'))) {
   header('Location: access_denied.php');
   exit();
 }
@@ -46,8 +46,14 @@ if (!$user->isPluginEnabled('ch')) {
   header('Location: feature_disabled.php');
   exit();
 }
-
-
+if ($user->behalf_id && (!$user->can('view_charts') || !$user->checkBehalfId())) {
+  header('Location: access_denied.php'); // Trying on behalf, but no right or wrong user.
+  exit();
+}
+if (!$user->behalf_id && !$user->can('view_own_charts') && !$user->adjustBehalfId()) {
+  header('Location: access_denied.php'); // Trying as self, but no right for self, and noone to view on behalf.
+  exit();
+}
 
 // Initialize and store date in session.
 $cl_date = $request->getParameter('date', @$_SESSION['date']);
@@ -60,8 +66,8 @@ $_SESSION['date'] = $cl_date;
 // Initialize chart interval.
 $cl_interval = $_SESSION['chart_interval'];
 if (!$cl_interval) {
-  $sc = new ttSysConfig($user->id);
-  $cl_interval = $sc->getValue(SYSC_CHART_INTERVAL);
+  $uc = new ttUserConfig();
+  $cl_interval = $uc->getValue(SYSC_CHART_INTERVAL);
 }
 if (!$cl_interval) $cl_interval = INTERVAL_THIS_MONTH;
 $_SESSION['chart_interval'] = $cl_interval;
@@ -69,10 +75,10 @@ $_SESSION['chart_interval'] = $cl_interval;
 // Initialize chart type.
 $cl_type = $_SESSION['chart_type'];
 if (!$cl_type) {
-  $sc = new ttSysConfig($user->id);
-  $cl_type = $sc->getValue(SYSC_CHART_TYPE);
+  $uc = new ttUserConfig();
+  $cl_type = $uc->getValue(SYSC_CHART_TYPE);
 }
-if (MODE_TIME == $user->tracking_mode) {
+if (MODE_TIME == $user->getTrackingMode()) {
   if ($user->isPluginEnabled('cl'))
     $cl_type = CHART_CLIENTS;
 } else {
@@ -80,7 +86,7 @@ if (MODE_TIME == $user->tracking_mode) {
     if (!$user->isPluginEnabled('cl'))
       $cl_type = CHART_PROJECTS;	
   } elseif ($cl_type == CHART_TASKS) {
-    if (MODE_PROJECTS_AND_TASKS != $user->tracking_mode)
+    if (MODE_PROJECTS_AND_TASKS != $user->getTrackingMode())
       $cl_type = CHART_PROJECTS;
   }
 }
@@ -97,8 +103,8 @@ if ($request->isPost()) {
     // Save in the session
     $_SESSION['chart_interval'] = $cl_interval;
     // and permanently.
-    $sc = new ttSysConfig($user->id);
-    $sc->setValue(SYSC_CHART_INTERVAL, $cl_interval);
+    $uc = new ttUserConfig();
+    $uc->setValue(SYSC_CHART_INTERVAL, $cl_interval);
   }
   // If chart type changed - save it.
   $cl_type = $request->getParameter('type');
@@ -106,12 +112,12 @@ if ($request->isPost()) {
     // Save in the session
     $_SESSION['chart_type'] = $cl_type;
     // and permanently.
-    $sc = new ttSysConfig($user->id);
-    $sc->setValue(SYSC_CHART_TYPE, $cl_type);
+    $uc = new ttUserConfig();
+    $uc->setValue(SYSC_CHART_TYPE, $cl_type);
   }
   // If user has changed - set behalf_id accordingly in the session.
   if ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('view_charts')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 
@@ -129,9 +135,13 @@ if ($request->isPost()) {
 $chart_form = new Form('chartForm');
 
 // User dropdown. Changes the user "on behalf" of whom we are working. 
-if ($user->canManageTeam()) {
-  $user_list = ttTeamHelper::getActiveUsers(array('putSelfFirst'=>true));
-  if (count($user_list) > 1) {
+if ($user->can('view_charts')) {
+  if ($user->can('view_own_charts'))
+    $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1,'include_self'=>true,'self_first'=>true);
+  else
+    $options = array('status'=>ACTIVE,'max_rank'=>$user->rank-1);
+  $user_list = $user->getUsers($options);
+  if (count($user_list) >= 1) {
     $chart_form->addInput(array('type'=>'combobox',
       'onchange'=>'this.form.submit();',
       'name'=>'onBehalfUser',