- Fixed expenses permissions

100803c4 · Frank Bergmann · 9db56994 · 100803c4 · 100803c4
Commit 100803c4 authored Apr 15, 2017 by Frank Bergmann
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 2 deletions

intranet-expenses-procs.tcl tcl/intranet-expenses-procs.tcl +7 -0

index.tcl www/index.tcl +2 -2

No files found.
--- a/tcl/intranet-expenses-procs.tcl
+++ b/tcl/intranet-expenses-procs.tcl
@@ -63,6 +63,9 @@ ad_proc -public im_expense_permissions {user_id expense_id view_var read_var wri
    upvar $write_var write
    upvar $admin_var admin

+    set add_expense_p [im_permission $user_id "add_expenses"]
+    set create_bundle_p [im_permission $user_id "add_expense_bundle"]
+    set view_expenses_all_p [im_permission $user_id "view_expenses_all"]
    set user_admin_p [im_is_user_site_wide_or_intranet_admin $user_id]

    # Get expense information
@@ -80,6 +83,10 @@ ad_proc -public im_expense_permissions {user_id expense_id view_var read_var wri
 	set admin_p 0
    }

+    if {$view_expenses_all_p} {
+	set view_p 1
+	set read_p 1
+    }
 }



--- a/www/index.tcl
+++ b/www/index.tcl
@@ -36,6 +36,7 @@ set date_format "YYYY-MM-DD"
 set cur_format [im_l10n_sql_currency_format]
 set return_url [im_url_with_query]
 set current_url [ns_conn url]
+set user_admin_p [im_is_user_site_wide_or_intranet_admin $user_id]

 # Check permissions to log hours for other users
 # We use the hour logging permissions also for expenses...
@@ -264,8 +265,7 @@ if {"" != $expense_type_id  & 0 != $expense_type_id} {
    set expense_where "\tand e.expense_type_id = :expense_type_id\n" 
 }

-# Allow accounting guys to see all expense items,
-# not just their own ones...
+# Allow accounting guys to see all expense items, not just their own ones...
 set personal_only_sql ""
 if {!$view_expenses_all_p} { 
    set personal_only_sql "and provider_id = :user_id"