0012078: skip grants check in timesheet controller if disabled

* fixes checkGrant for timesheets
* need to use RequestContext/skipClosedCheck to make sure
 Sales functions can update timesheets

 https://forge.tine20.org/view.php?id=12078

Change-Id: I87726d3b93c8b8fbdbcd451db160cb9934bf9022
Reviewed-on: http://gerrit.tine20.com/customers/3434
Tested-by: Jenkins CI (http://ci.tine20.com/)
Reviewed-by: Philipp Schüle <p.schuele@metaways.de>

diff --git a/tests/tine20/Timetracker/JsonTest.php b/tests/tine20/Timetracker/JsonTest.php
index 177eea9..22cf36f 100644 (file)
--- a/tests/tine20/Timetracker/JsonTest.php
+++ b/tests/tine20/Timetracker/JsonTest.php
@@ -1258,7 +1258,6 @@ class Timetracker_JsonTest extends Timetracker_AbstractTest
     
     /**
      * try to update a Timesheet with a closed TimeAccount
-     *
      */
     public function testUpdateClosedTimeaccount()
     {
@@ -1271,14 +1270,15 @@ class Timetracker_JsonTest extends Timetracker_AbstractTest
         ));
         $timesheetData = $this->_json->saveTimesheet($timesheet->toArray(), array('skipClosedCheck' => true));
         
-        Timetracker_ControllerTest::removeManageAllRight();
-        
-        $this->setExpectedException('Timetracker_Exception_ClosedTimeaccount');
-        
         // update Timesheet
         $timesheetData['description'] = "blubbblubb";
         $timesheetData['account_id'] = $timesheetData['account_id']['accountId'];
         $timesheetData['timeaccount_id'] = $timesheetData['timeaccount_id']['id'];
-        $timesheetUpdated = $this->_json->saveTimesheet($timesheetData);
+        try {
+            $timesheetUpdated = $this->_json->saveTimesheet($timesheetData, array('skipClosedCheck' => false));
+            $this->fail('Failed asserting that exception of type "Timetracker_Exception_ClosedTimeaccount" is thrown.');
+        } catch (Timetracker_Exception_ClosedTimeaccount $tect) {
+            $this->assertEquals('This Timeaccount is already closed!', $tect->getMessage());
+        }
     }
 }

diff --git a/tine20/Timetracker/Controller/Timesheet.php b/tine20/Timetracker/Controller/Timesheet.php
index 974a095..ebe096f 100644 (file)
--- a/tine20/Timetracker/Controller/Timesheet.php
+++ b/tine20/Timetracker/Controller/Timesheet.php
@@ -243,10 +243,6 @@ class Timetracker_Controller_Timesheet extends Tinebase_Controller_Record_Abstra
      */
     protected function _checkGrant($_record, $_action, $_throw = TRUE, $_errorMessage = 'No Permission.', $_oldRecord = NULL)
     {
-        if (!$this->_doContainerACLChecks) {
-            return true;
-        }
-
         $isAdmin = false;
         // users with MANAGE_TIMEACCOUNTS have all grants here
         if ( $this->checkRight(Timetracker_Acl_Rights::MANAGE_TIMEACCOUNTS, FALSE)

diff --git a/tine20/Timetracker/Model/Timeaccount.php b/tine20/Timetracker/Model/Timeaccount.php
index e350c3f..650872c 100644 (file)
--- a/tine20/Timetracker/Model/Timeaccount.php
+++ b/tine20/Timetracker/Model/Timeaccount.php
@@ -580,9 +580,9 @@ class Timetracker_Model_Timeaccount extends Sales_Model_Accountable_Abstract
     protected function _disableTimesheetChecks($tsController)
     {
         $tsController->doCheckDeadLine(false);
-        $tsController->doContainerACLChecks(false);
         $tsController->doRightChecks(false);
         $tsController->doRelationUpdate(false);
+        $tsController->setRequestContext(array('skipClosedCheck' => true));
     }
     
     /**
@@ -593,9 +593,9 @@ class Timetracker_Model_Timeaccount extends Sales_Model_Accountable_Abstract
     protected function _enableTimesheetChecks($tsController)
     {
         $tsController->doCheckDeadLine(true);
-        $tsController->doContainerACLChecks(true);
         $tsController->doRightChecks(true);
         $tsController->doRelationUpdate(true);
+        $tsController->setRequestContext(array('skipClosedCheck' => false));
     }
     
     /**