0012078: skip grants check in timesheet controller if disabled
authorPaul Mehrer <p.mehrer@metaways.de>
Wed, 3 Aug 2016 11:54:16 +0000 (13:54 +0200)
committerPhilipp Schüle <p.schuele@metaways.de>
Thu, 4 Aug 2016 07:45:52 +0000 (09:45 +0200)
Timetracker - Timesheet controller - _checkGrant can skip rights check

the overwritten _checkGrant function now skips the rights check as the
parent function would if the corresponding flag is set.

https://forge.tine20.org/view.php?id=12078

Change-Id: I6f3c185ce13c4fe69b0731cb8f90f54d1bc944b0
Reviewed-on: http://gerrit.tine20.com/customers/3403
Reviewed-by: Philipp Schüle <p.schuele@metaways.de>
Tested-by: Philipp Schüle <p.schuele@metaways.de>
tine20/Timetracker/Controller/Timesheet.php

index d0d8f98..aa6efe8 100644 (file)
@@ -243,6 +243,10 @@ class Timetracker_Controller_Timesheet extends Tinebase_Controller_Record_Abstra
      */
     protected function _checkGrant($_record, $_action, $_throw = TRUE, $_errorMessage = 'No Permission.', $_oldRecord = NULL)
     {
+        if (!$this->_doContainerACLChecks) {
+            return true;
+        }
+
         $isAdmin = false;
         // users with MANAGE_TIMEACCOUNTS have all grants here
         if ( $this->checkRight(Timetracker_Acl_Rights::MANAGE_TIMEACCOUNTS, FALSE)