X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/dab1057395c8eb9c5dce5480a738de1467e83ba5..75ef763b9bd7f515280a6d130e5ad81720d72156:/projects.php

diff --git a/projects.php b/projects.php
index 5315c4f7..1d5f7e2e 100644
--- a/projects.php
+++ b/projects.php
@@ -31,7 +31,8 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access checks.
-if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time'))) {
+// TODO: introduce view_projects right to keep access checks simple.
+if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time') || ttAccessAllowed('manage_projects'))) {
   header('Location: access_denied.php');
   exit();
 }
@@ -39,8 +40,9 @@ if (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->t
   header('Location: feature_disabled.php');
   exit();
 }
+// End of access checks.
 
-if($user->canManageTeam()) {
+if($user->can('manage_projects')) {
   $active_projects = ttTeamHelper::getActiveProjects($user->team_id);
   $inactive_projects = ttTeamHelper::getInactiveProjects($user->team_id);
 } else