private function _checkAccess() { static $access = null; if ($access === null) { $this->arAccessUsers = CTimeMan::GetAccess(); if (count($this->arAccessUsers['READ']) > 0) { $this->bCanReadAll = in_array('*', $this->arAccessUsers['READ']); $this->bCanEditAll = in_array('*', $this->arAccessUsers['WRITE']); $access = true; } else { $access = false; } } return $access; }
$dbRes = CTimeManEntry::GetList(array(), array('ID' => $ID), false, false, array('*', 'ACTIVATED')); if ($arEntry = $dbRes->Fetch()) { if ($arFields['TIME_FINISH'] && $arEntry['PAUSED'] == 'Y') { $arFields['PAUSED'] = 'N'; } $arFields['TIME_LEAKS'] = isset($arFields['TIME_LEAKS']) ? $arFields['TIME_LEAKS'] : $arEntry['TIME_LEAKS']; $arFields['DURATION'] = $arFields['TIME_FINISH'] - $arFields['TIME_START'] - $arFields['TIME_LEAKS']; } CTimeManEntry::Update($ID, $arFields); $TMUSER = new CTimeManUser($arEntry['USER_ID']); $TMUSER->ClearCache(); } } case 'admin_entry': $ID = $_REQUEST['ID']; $arAccessUsers = CTimeMan::GetAccess(); if (count($arAccessUsers['READ']) > 0) { $bCanEditAll = in_array('*', $arAccessUsers['WRITE']); $bCanReadAll = in_array('*', $arAccessUsers['READ']); $dbRes = CTimeManEntry::GetList(array(), array('ID' => $ID), false, false, array('*', 'ACTIVATED')); if ($arRes = $dbRes->Fetch()) { if ($arRes['USER_ID'] == $USER->GetID() || $bCanReadAll || in_array($arRes['USER_ID'], $arAccessUsers['READ'])) { $arRes['TIME_OFFSET'] = CTimeManUser::getDayStartOffset($arRes); $bCanEdit = $bCanEditAll || in_array($arRes['USER_ID'], $arAccessUsers['WRITE']); $user_url = COption::GetOptionString('intranet', 'path_user', '/company/personal/user/#USER_ID#/', $_REQUEST['site_id']); $obUser = new CTimeManUser($arRes['USER_ID']); $obUser->SITE_ID = $_REQUEST['site_id']; $bReturnRes = true; $dbRes = CUser::GetList($by = 'ID', $order = 'ASC', array('ID' => $arRes['USER_ID']), array('SELECT' => array('UF_*'))); $arCurrentUser = $dbRes->GetNext(); $arCurrentUser['PHOTO'] = $arCurrentUser['PERSONAL_PHOTO'] > 0 ? CIntranetUtils::InitImage($arCurrentUser['PERSONAL_PHOTO'], 32, 0, BX_RESIZE_IMAGE_EXACT) : array();
<?php if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true) { die; } if (!CBXFeatures::IsFeatureEnabled('timeman') || !CModule::IncludeModule('timeman')) { return; } // maybe we should cache GetAccess data? $arResult['arAccessUsers'] = CTimeMan::GetAccess(); if (count($arResult['arAccessUsers']['READ']) > 0) { CUtil::InitJSCore(array('timeman')); $arUserFields = $GLOBALS['USER_FIELD_MANAGER']->GetUserFields('USER', 0, LANGUAGE_ID); $arResult['UF_DEPARTMENT_field'] = $arUserFields['UF_DEPARTMENT']; $arResult['UF_DEPARTMENT_field']['FIELD_NAME'] = 'department'; $arResult['UF_DEPARTMENT_field']['MULTIPLE'] = 'N'; $arResult['UF_DEPARTMENT_field']['SETTINGS']['LIST_HEIGHT'] = 1; $this->IncludeComponentTemplate(); }
public static function Approve($ID, $check_rights = true) { if ($check_rights) { $hasAccess = false; $arAccessUsers = CTimeMan::GetAccess(); if (count($arAccessUsers['WRITE']) > 0) { $bCanEditAll = in_array('*', $arAccessUsers['WRITE']); $dbRes = CTimeManEntry::GetList(array(), array('ID' => $ID), false, false, array('*')); $arRes = $dbRes->Fetch(); if ($arRes) { $hasAccess = $bCanEditAll || in_array($arRes['USER_ID'], $arAccessUsers['WRITE']); } } if (!$hasAccess) { $GLOBALS['APPLICATION']->ThrowException('Access denied'); return false; } } if (CTimeManEntry::Update($ID, array('ACTIVE' => 'Y'))) { CTimeManReport::Approve($ID); CTimeManReportDaily::SetActive($ID); CTimeManNotify::SendMessage($ID, 'U'); return true; } return false; }