]> wagnertech.de Git - timetracker.git/commitdiff
projects / timetracker.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3ad790a)
Added more access control checks to mobile pages.
authoranuko <support@anuko.com>
Sun, 25 Sep 2016 20:56:48 +0000 (20:56 +0000)
committeranuko <support@anuko.com>
Sun, 25 Sep 2016 20:56:48 +0000 (20:56 +0000)
14 files changed:
WEB-INF/templates/footer.tpl patch | blob | history
mobile/client_add.php patch | blob | history
mobile/client_delete.php patch | blob | history
mobile/client_edit.php patch | blob | history
mobile/expense_delete.php patch | blob | history
mobile/expense_edit.php patch | blob | history
mobile/project_add.php patch | blob | history
mobile/project_delete.php patch | blob | history
mobile/project_edit.php patch | blob | history
mobile/projects.php patch | blob | history
mobile/task_add.php patch | blob | history
mobile/task_delete.php patch | blob | history
mobile/task_edit.php patch | blob | history
mobile/tasks.php patch | blob | history

diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index a62e521c4f14abd1788a71381f6ed404f7f50dbc..466a65a60ddc79a2b6a520dac1049e55b83594a1 100644 (file)
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.9.31.3539 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.9.31.3540 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/mobile/client_add.php b/mobile/client_add.php
index 56f5d08a404b60e2e7d48c5d1573c2489e93f97d..e489496279bf44b5466b7116e1583097d3e352fe 100644 (file)
--- a/mobile/client_add.php
+++ b/mobile/client_add.php
@@ -32,7 +32,7 @@ import('ttClientHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cl')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/client_delete.php b/mobile/client_delete.php
index a0caf4fe6e29badadf574d46a67dca1f28660884..51e87b43ecac5e9fbd9eea41f2b46b2163815435 100644 (file)
--- a/mobile/client_delete.php
+++ b/mobile/client_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttClientHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cl')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/client_edit.php b/mobile/client_edit.php
index cd6266dac7a8837a71e253599414c1c1c1b4dbae..ac3e60c71a2b8fb79816d838edfd4404075db518 100644 (file)
--- a/mobile/client_edit.php
+++ b/mobile/client_edit.php
@@ -32,7 +32,7 @@ import('ttClientHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || !$user->isPluginEnabled('cl')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/expense_delete.php b/mobile/expense_delete.php
index b027bd941d3c3337b4bdbbba22b9c7f3bd3f0913..8e89513fd603573830cb166d55576d0c756d4c12 100644 (file)
--- a/mobile/expense_delete.php
+++ b/mobile/expense_delete.php
@@ -32,7 +32,7 @@ import('DateAndTime');
 import('ttExpenseHelper');
 
 // Access check.
-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/expense_edit.php b/mobile/expense_edit.php
index e14372eacfdfb2030e43a596042f184784169cfb..c2df1abb65e1bfd4a2d91c7907dcbe12ab5d75da 100644 (file)
--- a/mobile/expense_edit.php
+++ b/mobile/expense_edit.php
@@ -33,7 +33,7 @@ import('DateAndTime');
 import('ttExpenseHelper');
 
 // Access check.
-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || !$user->isPluginEnabled('ex')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/project_add.php b/mobile/project_add.php
index 4c9ad185a5beac658ff50510ee90d709bd334b61..1ae6b4dfa3df13a5cbf20fa1c74408c583666313 100644 (file)
--- a/mobile/project_add.php
+++ b/mobile/project_add.php
@@ -32,7 +32,7 @@ import('ttProjectHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/project_delete.php b/mobile/project_delete.php
index 79ed438e815b719e573f115d2b74982d5bd4ea55..eb5e0403908d737eb03c9503bb45236ed094c5ce 100644 (file)
--- a/mobile/project_delete.php
+++ b/mobile/project_delete.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttProjectHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/project_edit.php b/mobile/project_edit.php
index 490a11e24168359f649a50689a03cabd2271d71a..f7a37aaf5c4e08c398f8f4db5757778dabfd184d 100644 (file)
--- a/mobile/project_edit.php
+++ b/mobile/project_edit.php
@@ -32,7 +32,7 @@ import('ttProjectHelper');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/projects.php b/mobile/projects.php
index 33d1d51b5d04830f1ce3d272f35736768e2c0d82..5dee3605d2188134f496ff990edc69b7713b0072 100644 (file)
--- a/mobile/projects.php
+++ b/mobile/projects.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_data_entry)) {
+if (!ttAccessCheck(right_data_entry) || (MODE_PROJECTS != $user->tracking_mode && MODE_PROJECTS_AND_TASKS != $user->tracking_mode)) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/task_add.php b/mobile/task_add.php
index 9319e2a91003fbe98027898835f00a4ec441db1e..700b91584eb8947d6509b5a7404f3fb1cc909744 100644 (file)
--- a/mobile/task_add.php
+++ b/mobile/task_add.php
@@ -33,7 +33,7 @@ import('ttTeamHelper');
 import('ttTaskHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/task_delete.php b/mobile/task_delete.php
index aa74be1f0923f1fd0f35a6147559cf47f1c3ae09..1fea8e127e16f8b754acdf2a16c05afb8925fd20 100644 (file)
--- a/mobile/task_delete.php
+++ b/mobile/task_delete.php
@@ -31,7 +31,7 @@ import('ttTaskHelper');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/task_edit.php b/mobile/task_edit.php
index 248167ff58073ebf4e11ac44c7cf55e74ec2074a..e2dcc9908983225b23d8b1542c7f027a478037e0 100644 (file)
--- a/mobile/task_edit.php
+++ b/mobile/task_edit.php
@@ -32,7 +32,7 @@ import('ttTeamHelper');
 import('ttTaskHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/mobile/tasks.php b/mobile/tasks.php
index 9b778bbf486443e3ab1cca077a69f15514eac227..8b828cfba471144adb1a8f964ac665993faa8e09 100644 (file)
--- a/mobile/tasks.php
+++ b/mobile/tasks.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access check.
-if (!ttAccessCheck(right_manage_team)) {
+if (!ttAccessCheck(right_manage_team) || MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: access_denied.php');
   exit();
 }
Unnamed repository; edit this file 'description' to name the repository.