More refactoring of rights checks (#61)

* Refactor predefined_expenses.tpl to use rights checks

* Refactor notifications.tpl to use rights checks

* Refactor invoices.tpl to use rights checks

* Refactor projects.tpl to use rights checks

* Update users.php

* Refactor desktop projects.tpl to use rights checks

* Refactor expenses.php to remove stray canManageTeam() call

* Refactor mobile users.php to remove stray canManageTeam call

* Refactor mobile expenses.php to remove stray canManageTeam() call

* Refactor time.php to remove stray canManageTeam call

diff --git a/WEB-INF/templates/invoices.tpl b/WEB-INF/templates/invoices.tpl
index 32d09544fb213a4b8c39ddc328d852fd89ba7170..b966f9e247e81c01bf29489ddf315371c7bbd43b 100644 (file)
--- a/WEB-INF/templates/invoices.tpl
+++ b/WEB-INF/templates/invoices.tpl
@@ -5,7 +5,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam() || $user->isClient()}
+{if $user->can('manage_invoices') || $user->can('view_own_invoices')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.invoice}</td>

diff --git a/WEB-INF/templates/mobile/projects.tpl b/WEB-INF/templates/mobile/projects.tpl
index 5e48813323c533680f15cd613bb133424ff50ba4..96dcce100d77276d3a17b2905579ff3bbf26cf89 100644 (file)
--- a/WEB-INF/templates/mobile/projects.tpl
+++ b/WEB-INF/templates/mobile/projects.tpl
@@ -5,7 +5,7 @@
 <table class="mobile-table">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_projects')}
       <table class="mobile-table-details">
   {if $inactive_projects}
         <tr><td class="sectionHeaderNoBorder">{$i18n.form.projects.active_projects}</td></tr>

diff --git a/WEB-INF/templates/notifications.tpl b/WEB-INF/templates/notifications.tpl
index 021ff921f671c31dcbfafe497d268e9ef13626b2..72854190b79a1c6a479d1001789df3b8ddbb913e 100644 (file)
--- a/WEB-INF/templates/notifications.tpl
+++ b/WEB-INF/templates/notifications.tpl
@@ -2,7 +2,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_advanced_settings')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.thing_name}</td>

diff --git a/WEB-INF/templates/predefined_expenses.tpl b/WEB-INF/templates/predefined_expenses.tpl
index 265bdf1bf79c2aa338117b0ae424ae00e82becf7..147230dc52897587cf440d28eb3817a15674d127 100644 (file)
--- a/WEB-INF/templates/predefined_expenses.tpl
+++ b/WEB-INF/templates/predefined_expenses.tpl
@@ -2,7 +2,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_advanced_settings')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
         <tr>
           <td class="tableHeader">{$i18n.label.thing_name}</td>

diff --git a/WEB-INF/templates/projects.tpl b/WEB-INF/templates/projects.tpl
index 3196721878c16b32a57115e4b3b36a46b2f5b7c9..589993652b3eaecf25e93be317329cce3a8b2647 100644 (file)
--- a/WEB-INF/templates/projects.tpl
+++ b/WEB-INF/templates/projects.tpl
@@ -5,7 +5,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_projects')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
   {if $inactive_projects}
         <tr><td class="sectionHeaderNoBorder">{$i18n.form.projects.active_projects}</td></tr>

diff --git a/expenses.php b/expenses.php
index fee8120511d24e4284fb98de6739c26f627b7df9..7d7295d29eab2c5ef9b179f62495fc0722c85983 100644 (file)
--- a/expenses.php
+++ b/expenses.php
@@ -196,7 +196,7 @@ if ($request->isPost()) {
         $err->add($i18n->get('error.db'));
     }
   } elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_expenses')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 

diff --git a/mobile/expenses.php b/mobile/expenses.php
index 815a4fc3464f4eff5ec54c945334079ce961123d..c853a2caea0e83a8481d61435b936f2db1e853bb 100644 (file)
--- a/mobile/expenses.php
+++ b/mobile/expenses.php
@@ -200,7 +200,7 @@ if ($request->isPost()) {
         $err->add($i18n->get('error.db'));
     }
   } elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_expenses')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);
 

diff --git a/mobile/users.php b/mobile/users.php
index 4723543d8575c85c2d90978cc6a8bf4a0a95c94c..b531d7a49c42c9aa998abbbd2851b96764a617fb 100644 (file)
--- a/mobile/users.php
+++ b/mobile/users.php
@@ -40,7 +40,7 @@ if (!(ttAccessAllowed('view_users') || ttAccessAllowed('manage_users'))) {
 
 // Get users.
 $active_users = ttTeamHelper::getActiveUsers(array('getAllFields'=>true));
-if($user->canManageTeam()) {
+if($user->can('manage_users')) {
   $can_delete_manager = (1 == count($active_users));
   $inactive_users = ttTeamHelper::getInactiveUsers($user->group_id, true);
 }

diff --git a/time.php b/time.php
index 24cc7c8ae10cb80bd34d8ce5a59b38b381c4be77..d4caad2b171ff96a1389077daa0feda6426e568f 100644 (file)
--- a/time.php
+++ b/time.php
@@ -347,7 +347,7 @@ if ($request->isPost()) {
     }
   }
   elseif ($request->getParameter('onBehalfUser')) {
-    if($user->canManageTeam()) {
+    if($user->can('track_time')) {
       unset($_SESSION['behalf_id']);
       unset($_SESSION['behalf_name']);