function check_permissions()
{
if (user_permissions_get("projects_timegroup")) {
// accept user if they have access to all staff
if (user_permissions_get("timekeeping_all_view")) {
return 1;
}
// select the IDs that the user does have access to
if ($this->access_staff_ids = user_permissions_staff_getarray("timereg_view")) {
return 1;
}
}
}
function check_permissions()
{
if (user_permissions_get("projects_view")) {
// accept user if they have access to all staff
if (user_permissions_get("timekeeping_all_view")) {
return 1;
}
// select the IDs that the user does have access to
if ($this->access_staff_ids = user_permissions_staff_getarray("timereg_view")) {
return 1;
} else {
log_render("error", "page", "Before you can view project hours, your administrator must configure the staff accounts you may access, or set the timekeeping_all_view permission.");
}
}
}
function check_permissions()
{
if (user_permissions_get("timekeeping")) {
// check if user has permissions to write as the selected employee
if ($this->employeeid) {
if (!user_permissions_staff_get("timereg_write", $this->employeeid)) {
log_write("error", "page_output", "Sorry, you do not have permissions to adjust the timesheet for the selected employee");
return 0;
}
}
// accept user if they have write access to all staff
if (user_permissions_get("timekeeping_all_write")) {
return 1;
}
// select the IDs that the user does have write access to
if ($this->access_staff_ids_write = user_permissions_staff_getarray("timereg_write")) {
return 1;
} else {
log_render("error", "page", "Before you can add or edit timesheet hours, your administrator must configure the staff accounts you may access, or set the timekeeping_all_write permission.");
}
}
}
function check_permissions()
{
if (user_permissions_get("timekeeping")) {
// check if user has permissions to view the selected employee
if ($this->employeeid) {
if (!user_permissions_staff_get("timereg_view", $this->employeeid)) {
log_write("error", "page_output", "Sorry, you do not have permissions to view the timesheet for the selected employee");
// we unset the session variable, this prevents issues when the admin has disabled access to an employee
// for a specific user, and the session keeping the older user number stuck in memory forces
// the user to have to logout.
$_SESSION["form"]["timereg"]["employeeid"] = 0;
return 0;
}
}
// accept user if they have access to all staff
if (user_permissions_get("timekeeping_all_view")) {
return 1;
}
// select the IDs that the user does have access to
if ($this->access_staff_ids = user_permissions_staff_getarray("timereg_view")) {
return 1;
}
}
}
/*
projects/timebilled-edit-process.php
access: projects_timegroup
Allows the creation of new time groups, or adjustments to existing ones.
*/
// includes
include_once "../include/config.php";
include_once "../include/amberphplib/main.php";
if (user_permissions_get('projects_timegroup')) {
// select the IDs that the user does have access to, unless if they
// have full access
if (!user_permissions_get("timekeeping_all_view")) {
if (!($access_staff_ids = user_permissions_staff_getarray("timereg_view"))) {
log_write("error", "process", "Unable to create time group, as you have no access permissions to any staff.");
}
}
/////////////////////////
$projectid = @security_form_input_predefined("int", "projectid", 1, "");
$groupid = @security_form_input_predefined("int", "groupid", 0, "");
$data["name_group"] = @security_form_input_predefined("any", "name_group", 1, "");
$data["customerid"] = @security_form_input_predefined("int", "customerid", 1, "");
$data["code_invoice"] = @security_form_input_predefined("any", "code_invoice", 0, "");
$data["description"] = @security_form_input_predefined("any", "description", 0, "");
//// VERIFY PROJECT/TIME GROUP IDS /////////////
// check that the specified project actually exists
$sql_obj = new sql_query();
$sql_obj->string = "SELECT id FROM `projects` WHERE id='{$projectid}' LIMIT 1";
$sql_obj->execute();
