Added more access control checks.

diff --git a/expense_delete.php b/expense_delete.php
index 38800b629d21fc1687022abccaa470a7013c9bd7..c5f53aa91f87e05ec1fa275c7b539db9dcdbed24 100644 (file)
--- a/expense_delete.php
+++ b/expense_delete.php
@@ -32,7 +32,7 @@ import('DateAndTime');
 import('ttExpenseHelper');
 
 // Access check.
 import('ttExpenseHelper');
 
 // Access check.

-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/expense_edit.php b/expense_edit.php
index 213cfcba739e8b280ae8a414d7cbaff4e38bbc91..2f026917a9b8ffdefc51635947c207e271f0b7c7 100644 (file)
--- a/expense_edit.php
+++ b/expense_edit.php
@@ -33,7 +33,7 @@ import('DateAndTime');
 import('ttExpenseHelper');
 
 // Access check.
 import('ttExpenseHelper');
 
 // Access check.

-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/invoice_add.php b/invoice_add.php
index f68753fca4b337fa02372aa8eef692f984408d0b..0e752dca35d6d236329cd4a8be217659ee6ea17b 100644 (file)
--- a/invoice_add.php
+++ b/invoice_add.php
@@ -32,7 +32,7 @@ import('ttTeamHelper');
 import('ttInvoiceHelper');
 
 // Access check.
 import('ttInvoiceHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('iv')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/invoice_delete.php b/invoice_delete.php
index 7db539a53e6e61e90843f7ff82647109fe41cf60..41f7c1901093da62be5e7375e540b191a2eafd50 100644 (file)
--- a/invoice_delete.php
+++ b/invoice_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttInvoiceHelper');
 
 // Access check.
 import('ttInvoiceHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('iv')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/invoice_send.php b/invoice_send.php
index e519132d6ab5c934447e2925da6cf5e413f97b13..b9e2a29321ed17d25980d79c8d0a9bd00bf3ad62 100644 (file)
--- a/invoice_send.php
+++ b/invoice_send.php
@@ -32,7 +32,7 @@ import('ttInvoiceHelper');
 import('ttSysConfig');
 
 // Access check.
 import('ttSysConfig');
 
 // Access check.

-if (!ttAccessCheck(right_view_invoices)) {
+if (!ttAccessCheck(right_view_invoices) || !$user->isPluginEnabled('iv')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/invoice_view.php b/invoice_view.php
index 2bb987637beeec51f3336399df1bb65d31e0baba..e94c04b72bba78ef28cd5d01fa1e42133ed320a8 100644 (file)
--- a/invoice_view.php
+++ b/invoice_view.php
@@ -32,7 +32,7 @@ import('ttInvoiceHelper');
 import('ttClientHelper');
 
 // Access check.
 import('ttClientHelper');
 
 // Access check.

-if (!ttAccessCheck(right_view_invoices)) {
+if (!ttAccessCheck(right_view_invoices) || !$user->isPluginEnabled('iv')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/invoices.php b/invoices.php
index ad0b28533546d5914232f46d507a35dafefe90a4..a014472f3920c80b4e1b1d8a2de7c158978dadfd 100644 (file)
--- a/invoices.php
+++ b/invoices.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
 import('ttTeamHelper');
 
 // Access check.

-if (!ttAccessCheck(right_view_invoices)) {
+if (!ttAccessCheck(right_view_invoices) || !$user->isPluginEnabled('iv')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/locking.php b/locking.php
index dfdc2f2fcc0c7cd9498fd5e651f0836de1bcfe02..8acdcd70499e41c992bd56c4746b9817c844d41d 100644 (file)
--- a/locking.php
+++ b/locking.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
 import('ttTeamHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('lk')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/notification_add.php b/notification_add.php
index 80f46bb2e65b99ecb02f60799c4337e2abc5458b..05b6ce0c3ccc7e517891aa916eee2c2bc7bc4d10 100644 (file)
--- a/notification_add.php
+++ b/notification_add.php
@@ -34,7 +34,7 @@ import('ttFavReportHelper');
 import('ttNotificationHelper');
 
 // Access check.
 import('ttNotificationHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('no')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/notification_delete.php b/notification_delete.php
index 50c33952c0938a6fbf6317bfe2034b5fc2a6bf0c..834befbe3439eeb4b0dfcc1847a5e9403faba164 100644 (file)
--- a/notification_delete.php
+++ b/notification_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttNotificationHelper');
 
 // Access check.
 import('ttNotificationHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('no')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/notification_edit.php b/notification_edit.php
index 30a9d8fe33501c7d7d5c9a7d8baeb531b944ae65..cd3f41bd1841f4f9c33f5417ad5698bf934e1927 100644 (file)
--- a/notification_edit.php
+++ b/notification_edit.php
@@ -34,7 +34,7 @@ import('ttFavReportHelper');
 import('ttNotificationHelper');
 
 // Access check.
 import('ttNotificationHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('no')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/notifications.php b/notifications.php
index 6a66b2f755bc72dfea4c2db4d28be4437ff39220..68cdfff8b5bc2a678c9846c04d82071a6a77f14a 100644 (file)
--- a/notifications.php
+++ b/notifications.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
 import('ttTeamHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('no')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/project_add.php b/project_add.php
index 1c825d9fb1ab619c0a0c82fbcc8aac89edf994bb..fe46a6bd4c2de9426c9c4845a956087ee79f97c2 100644 (file)
--- a/project_add.php
+++ b/project_add.php
@@ -32,7 +32,7 @@ import('ttProjectHelper');
 import('ttTeamHelper');
 
 // Access check.
 import('ttTeamHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/project_delete.php b/project_delete.php
index b6f4655930e7ac37c2762a173b27f2defb0dd0ef..832bf4f739db38ea09153e3cafe88b0eecddb372 100644 (file)
--- a/project_delete.php
+++ b/project_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttProjectHelper');
 
 // Access check.
 import('ttProjectHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/project_edit.php b/project_edit.php
index 9cca73e55feb6998ad54bb8b94d25167364f5a21..11abccc830c367bfa4bd3e0fd8457fe1dc5b9693 100644 (file)
--- a/project_edit.php
+++ b/project_edit.php
@@ -32,7 +32,7 @@ import('ttProjectHelper');
 import('ttTeamHelper');
 
 // Access check.
 import('ttTeamHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/projects.php b/projects.php
index cc79e4ab7a5e0d1223e8d7d5b29f2560f0a97057..d9f3685124104338c4c3d0aa2ebf009caaa5e2d3 100644 (file)
--- a/projects.php
+++ b/projects.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
 import('ttTeamHelper');
 
 // Access check.

-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/quotas.php b/quotas.php
index 68b8a6198756deca8cb61f369d6b593f2b33da06..d846ae25d79196f4c5449bb33941caea26486738 100644 (file)
--- a/quotas.php
+++ b/quotas.php
@@ -32,7 +32,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
 import('ttTeamHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('mq')) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/task_add.php b/task_add.php
index ff98c977784b922436ecc5ed3de2044964c07cc8..5ef549bb18f088933f05e877497371ee132dee20 100644 (file)
--- a/task_add.php
+++ b/task_add.php
@@ -33,7 +33,7 @@ import('ttTeamHelper');
 import('ttTaskHelper');
 
 // Access check.
 import('ttTaskHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/task_delete.php b/task_delete.php
index 3fd835018d96d07b61782790655aacd8aefebe7c..ebc96e219cfd1b693cbb057636d3499e3b381e76 100644 (file)
--- a/task_delete.php
+++ b/task_delete.php
@@ -31,7 +31,7 @@ import('ttTaskHelper');
 import('form.Form');
 
 // Access check.
 import('form.Form');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/task_edit.php b/task_edit.php
index 943e9a92055a2ab53560f63dea8c98a1c8d14c7f..077c7c6b373b4a886f8f077ec9821ee96d9709c0 100644 (file)
--- a/task_edit.php
+++ b/task_edit.php
@@ -32,7 +32,7 @@ import('ttTeamHelper');
 import('ttTaskHelper');
 
 // Access check.
 import('ttTaskHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }

diff --git a/tasks.php b/tasks.php
index cf7f607cc4d9023823f96c7cab2bfc93757afb63..3ea2faaa0fb6dec831e03a7af2bd32f9aa013801 100644 (file)
--- a/tasks.php
+++ b/tasks.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
 import('ttTeamHelper');
 
 // Access check.

-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {

   header('Location: access_denied.php');
   exit();
 }
   header('Location: access_denied.php');
   exit();
 }