Work in progress redoing access checks.

diff --git a/WEB-INF/lib/common.lib.php b/WEB-INF/lib/common.lib.php
index 5621492228ff0f780510be76ccfeb80b22b4b19f..e9f9332777963d8f90a659915f2db8aeada6ba5d 100644 (file)
--- a/WEB-INF/lib/common.lib.php
+++ b/WEB-INF/lib/common.lib.php
@@ -365,4 +365,4 @@ function ttAccessAllowed($required_right)
     return true;
 
   return false;
-}
\ No newline at end of file
+}

diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index 36dcb362ac9fab2648f1524c26479671c34c55e5..db729137b72204b54372fb1ea71b31db284fe3c4 100644 (file)
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.17.39.4060 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.17.39.4061 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>

diff --git a/admin_team_add.php b/admin_team_add.php
index e88da19a3c5e2d3d419c16cca5c72f2e28729cee..6626a8d8283148475b2ac1292df9f1cc5036da9b 100644 (file)
--- a/admin_team_add.php
+++ b/admin_team_add.php
@@ -32,7 +32,7 @@ import('ttUserHelper');
 import('ttRoleHelper');
 
 // Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/admin_team_delete.php b/admin_team_delete.php
index 987543c5897324f88dd81874645c8382ee6250e4..6958ca0e87ae976d32042dfd59181818a120a8af 100644 (file)
--- a/admin_team_delete.php
+++ b/admin_team_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/admin_team_edit.php b/admin_team_edit.php
index 6f44ee9a7d99ae60bcf82089a3da09b1226ad4fb..61828e166db539f10b0cf96cda424d2d2e7596e5 100644 (file)
--- a/admin_team_edit.php
+++ b/admin_team_edit.php
@@ -32,7 +32,7 @@ import('ttUserHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/admin_teams.php b/admin_teams.php
index a1f848a4f4a7d9766320bdf0efe7b570a5a4b075..9c3d2092c187918010e71636c4cdeffcaae85b18 100644 (file)
--- a/admin_teams.php
+++ b/admin_teams.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/cf_custom_field_add.php b/cf_custom_field_add.php
index 2eba5b56f404d557111a8f71c73f47cccd3846ca..f8ea01e01315c34d2119c38325108a896c6d78d2 100644 (file)
--- a/cf_custom_field_add.php
+++ b/cf_custom_field_add.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/cf_custom_field_delete.php b/cf_custom_field_delete.php
index 88779bedbc37dba6917efc6344d7ce49080244f1..caf858a292ec595c6b0a25b41e4f1cb59d3d80ac 100644 (file)
--- a/cf_custom_field_delete.php
+++ b/cf_custom_field_delete.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/cf_custom_field_edit.php b/cf_custom_field_edit.php
index 8b481a67821e47155c7609c116c6c75de9f48fea..295e4079092e6c7d9fc9aaebae61fb342cc44f66 100644 (file)
--- a/cf_custom_field_edit.php
+++ b/cf_custom_field_edit.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/cf_custom_fields.php b/cf_custom_fields.php
index 44efc79b65f5532b0dcb3d27812e7a31c00e5f6a..539271c544a6efdc0cad0c090c4488ef359b8292 100644 (file)
--- a/cf_custom_fields.php
+++ b/cf_custom_fields.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/cf_dropdown_option_add.php b/cf_dropdown_option_add.php
index ecf4892d61c0188f2948f70f85df097b147365d0..f87003d154918c8d184c09178880182567cca683 100644 (file)
--- a/cf_dropdown_option_add.php
+++ b/cf_dropdown_option_add.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/cf_dropdown_option_delete.php b/cf_dropdown_option_delete.php
index ec06b49fd56553e1adf532b3c05868fe3dc66906..f4e44207541e8e731bef87a7216e7a2f8b07b068 100644 (file)
--- a/cf_dropdown_option_delete.php
+++ b/cf_dropdown_option_delete.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/cf_dropdown_option_edit.php b/cf_dropdown_option_edit.php
index ba486ae98413f7b698cc8ba7b9939d0b4c80e985..1013a54a4c2ccd00f5a9e272da4ce50d6c381095 100644 (file)
--- a/cf_dropdown_option_edit.php
+++ b/cf_dropdown_option_edit.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }

diff --git a/cf_dropdown_options.php b/cf_dropdown_options.php
index 544eefdbeeb3bcb052716c229c1c8520785f14f1..3ee5294ebd4a8370cedd2ce295700fdd0a065bbb 100644 (file)
--- a/cf_dropdown_options.php
+++ b/cf_dropdown_options.php
@@ -31,7 +31,7 @@ require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cf')) {
+if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
   header('Location: access_denied.php');
   exit();
 }