Projekt

Allgemein

Profil

« Zurück | Weiter » 

Revision e06619e8

Von Bernd Bleßmann vor etwa 4 Jahren hinzugefügt

  • ID e06619e8d650d9b731e8702a16a703d7a390091d
  • Vorgänger 61799336
  • Nachfolger c3f86c4f

Zeiterfassung: Recht f. Bearbeitung aller Einträge berücksichtigen

Unterschiede anzeigen:

SL/Controller/TimeRecording.pm
18 18
use Rose::Object::MakeMethods::Generic
19 19
(
20 20
# scalar                  => [ qw() ],
21
 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees can_view_all) ],
21
 'scalar --get_set_init' => [ qw(time_recording models all_time_recording_types all_employees can_view_all can_edit_all) ],
22 22
);
23 23

  
24 24

  
25 25
# safety
26 26
__PACKAGE__->run_before('check_auth');
27
__PACKAGE__->run_before('check_auth_edit', only => [ qw(edit save delete) ]);
27 28

  
28 29
#
29 30
# actions
......
132 133
  $::auth->assert('time_recording_show_all', 1) || $::auth->assert('time_recording_edit_all', 1)
133 134
}
134 135

  
136
sub init_can_edit_all {
137
  $::auth->assert('time_recording_edit_all', 1)
138
}
139

  
135 140
sub init_models {
136 141
  my ($self) = @_;
137 142

  
......
159 164
  $::auth->assert('time_recording');
160 165
}
161 166

  
167
sub check_auth_edit {
168
  my ($self) = @_;
169

  
170
  if (!$self->can_edit_all && ($self->time_recording->staff_member_id != SL::DB::Manager::Employee->current->id)) {
171
    $::form->error(t8('You do not have permission to access this entry.'));
172
  }
173
}
174

  
162 175
sub prepare_report {
163 176
  my ($self) = @_;
164 177

  

Auch abrufbar als: Unified diff