diff --git a/app/Models/User.php b/app/Models/User.php
index 6d98a49c01d4..4bf67dea9cf7 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -425,7 +425,7 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
public function caddAddUsers()
{
- if ( ! Utils::isNinja()) {
+ if ( ! Utils::isNinjaProd()) {
return true;
} elseif ( ! $this->hasFeature(FEATURE_USERS)) {
return false;
@@ -441,6 +441,12 @@ class User extends Model implements AuthenticatableContract, AuthorizableContrac
return $numUsers < $company->num_users;
}
+
+ public function canCreateOrEdit($entityType, $entity = false)
+ {
+ return (($entity && $this->can('edit', $entity))
+ || (!$entity && $this->can('create', $entityType)));
+ }
}
User::updating(function ($user) {
diff --git a/app/Ninja/Datatables/ExpenseDatatable.php b/app/Ninja/Datatables/ExpenseDatatable.php
index 3b398a51849f..799552f86f8e 100644
--- a/app/Ninja/Datatables/ExpenseDatatable.php
+++ b/app/Ninja/Datatables/ExpenseDatatable.php
@@ -46,7 +46,7 @@ class ExpenseDatatable extends EntityDatatable
[
'expense_date',
function ($model) {
- if(!Auth::user()->can('editByOwner', [ENTITY_EXPENSE, $model->user_id])){
+ if(!Auth::user()->can('viewByOwner', [ENTITY_EXPENSE, $model->user_id])){
return Utils::fromSqlDate($model->expense_date);
}
diff --git a/app/Ninja/Datatables/InvoiceDatatable.php b/app/Ninja/Datatables/InvoiceDatatable.php
index b9fa70aa0a43..646ebff05a2f 100644
--- a/app/Ninja/Datatables/InvoiceDatatable.php
+++ b/app/Ninja/Datatables/InvoiceDatatable.php
@@ -16,7 +16,7 @@ class InvoiceDatatable extends EntityDatatable
[
'invoice_number',
function ($model) use ($entityType) {
- if(!Auth::user()->can('editByOwner', [ENTITY_INVOICE, $model->user_id])){
+ if(!Auth::user()->can('viewByOwner', [ENTITY_INVOICE, $model->user_id])){
return $model->invoice_number;
}
@@ -186,7 +186,7 @@ class InvoiceDatatable extends EntityDatatable
$class = 'success';
break;
}
-
+
return "$label
";
}
diff --git a/app/Ninja/Datatables/PaymentDatatable.php b/app/Ninja/Datatables/PaymentDatatable.php
index 20f2cd025892..b26cb4ac1ffe 100644
--- a/app/Ninja/Datatables/PaymentDatatable.php
+++ b/app/Ninja/Datatables/PaymentDatatable.php
@@ -21,7 +21,7 @@ class PaymentDatatable extends EntityDatatable
[
'invoice_number',
function ($model) {
- if(!Auth::user()->can('editByOwner', [ENTITY_INVOICE, $model->invoice_user_id])){
+ if(!Auth::user()->can('viewByOwner', [ENTITY_INVOICE, $model->invoice_user_id])){
return $model->invoice_number;
}
diff --git a/app/Ninja/Datatables/TaskDatatable.php b/app/Ninja/Datatables/TaskDatatable.php
index 2184d9c35957..0f0a1cc09c79 100644
--- a/app/Ninja/Datatables/TaskDatatable.php
+++ b/app/Ninja/Datatables/TaskDatatable.php
@@ -26,6 +26,9 @@ class TaskDatatable extends EntityDatatable
[
'created_at',
function ($model) {
+ if(!Auth::user()->can('viewByOwner', [ENTITY_EXPENSE, $model->user_id])){
+ return Task::calcStartTime($model);
+ }
return link_to("tasks/{$model->public_id}/edit", Task::calcStartTime($model))->toHtml();
}
],
diff --git a/resources/views/expenses/edit.blade.php b/resources/views/expenses/edit.blade.php
index c07d3dbb2f64..265680378bb3 100644
--- a/resources/views/expenses/edit.blade.php
+++ b/resources/views/expenses/edit.blade.php
@@ -171,26 +171,28 @@
-
- {!! Button::normal(trans('texts.cancel'))
- ->asLinkTo(URL::to('/expenses'))
- ->appendIcon(Icon::create('remove-circle'))
- ->large() !!}
+ @if (Auth::user()->canCreateOrEdit(ENTITY_EXPENSE, $expense))
+
+ {!! Button::normal(trans('texts.cancel'))
+ ->asLinkTo(URL::to('/expenses'))
+ ->appendIcon(Icon::create('remove-circle'))
+ ->large() !!}
- @if (Auth::user()->hasFeature(FEATURE_EXPENSES))
- {!! Button::success(trans('texts.save'))
- ->appendIcon(Icon::create('floppy-disk'))
- ->large()
- ->submit() !!}
+ @if (Auth::user()->hasFeature(FEATURE_EXPENSES))
+ {!! Button::success(trans('texts.save'))
+ ->appendIcon(Icon::create('floppy-disk'))
+ ->large()
+ ->submit() !!}
- @if ($expense)
- {!! DropdownButton::normal(trans('texts.more_actions'))
- ->withContents($actions)
- ->large()
- ->dropup() !!}
+ @if ($expense)
+ {!! DropdownButton::normal(trans('texts.more_actions'))
+ ->withContents($actions)
+ ->large()
+ ->dropup() !!}
+ @endif
@endif
- @endif
-
+
+ @endif
{!! Former::close() !!}
@@ -214,7 +216,11 @@
return false;
}
- return true;
+ @if (Auth::user()->canCreateOrEdit(ENTITY_EXPENSE, $expense))
+ return true;
+ @else
+ return false
+ @endif
}
function onClientChange() {
diff --git a/resources/views/invoices/edit.blade.php b/resources/views/invoices/edit.blade.php
index 3f1039d7f7a7..988aef0f5a41 100644
--- a/resources/views/invoices/edit.blade.php
+++ b/resources/views/invoices/edit.blade.php
@@ -537,19 +537,21 @@
->appendIcon(Icon::create('download-alt')) !!}
@endif
- @if ($invoice->isClientTrashed())
-
- @elseif ($invoice->trashed())
- {!! Button::success(trans('texts.restore'))->withAttributes(['onclick' => 'submitBulkAction("restore")'])->appendIcon(Icon::create('cloud-download')) !!}
- @elseif (!$invoice->trashed())
- {!! Button::success(trans("texts.save_{$entityType}"))->withAttributes(array('id' => 'saveButton', 'onclick' => 'onSaveClick()'))->appendIcon(Icon::create('floppy-disk')) !!}
- {!! Button::info(trans("texts.email_{$entityType}"))->withAttributes(array('id' => 'emailButton', 'onclick' => 'onEmailClick()'))->appendIcon(Icon::create('send')) !!}
- @if ($invoice->id)
- {!! DropdownButton::normal(trans('texts.more_actions'))
- ->withContents($actions)
- ->dropup() !!}
- @endif
- @endif
+ @if (Auth::user()->canCreateOrEdit(ENTITY_INVOICE, $invoice))
+ @if ($invoice->isClientTrashed())
+
+ @elseif ($invoice->trashed())
+ {!! Button::success(trans('texts.restore'))->withAttributes(['onclick' => 'submitBulkAction("restore")'])->appendIcon(Icon::create('cloud-download')) !!}
+ @elseif (!$invoice->trashed())
+ {!! Button::success(trans("texts.save_{$entityType}"))->withAttributes(array('id' => 'saveButton', 'onclick' => 'onSaveClick()'))->appendIcon(Icon::create('floppy-disk')) !!}
+ {!! Button::info(trans("texts.email_{$entityType}"))->withAttributes(array('id' => 'emailButton', 'onclick' => 'onEmailClick()'))->appendIcon(Icon::create('send')) !!}
+ @if ($invoice->id)
+ {!! DropdownButton::normal(trans('texts.more_actions'))
+ ->withContents($actions)
+ ->dropup() !!}
+ @endif
+ @endif
+ @endif
@@ -1337,7 +1339,11 @@
onPartialChange(true);
- return true;
+ @if (Auth::user()->canCreateOrEdit(ENTITY_INVOICE, $invoice))
+ return true;
+ @else
+ return false;
+ @endif
}
function submitBulkAction(value) {
diff --git a/resources/views/tasks/edit.blade.php b/resources/views/tasks/edit.blade.php
index 424889fc520f..2793318ce14d 100644
--- a/resources/views/tasks/edit.blade.php
+++ b/resources/views/tasks/edit.blade.php
@@ -18,13 +18,15 @@
-
@if ($errors->first('time_log'))
{{ trans('texts.task_errors') }}
@endif
+ {!! Former::open($url)
+ ->addClass('col-md-10 col-md-offset-1 warn-on-exit task-form')
+ ->onsubmit('return onFormSubmit(event)')
+ ->method($method) !!}
- {!! Former::open($url)->addClass('col-md-10 col-md-offset-1 warn-on-exit task-form')->method($method)->rules(array()) !!}
@if ($task)
{!! Former::populate($task) !!}
{!! Former::populateField('id', $task->public_id) !!}
@@ -126,32 +128,34 @@
-
- @if (Auth::user()->hasFeature(FEATURE_TASKS))
- @if ($task && $task->is_running)
- {!! Button::success(trans('texts.save'))->large()->appendIcon(Icon::create('floppy-disk'))->withAttributes(['id' => 'save-button']) !!}
- {!! Button::primary(trans('texts.stop'))->large()->appendIcon(Icon::create('stop'))->withAttributes(['id' => 'stop-button']) !!}
- @elseif ($task && $task->trashed())
- {!! Button::normal(trans('texts.cancel'))->large()->asLinkTo(URL::to('/tasks'))->appendIcon(Icon::create('remove-circle')) !!}
- {!! Button::success(trans('texts.restore'))->large()->withAttributes(['onclick' => 'submitAction("restore")'])->appendIcon(Icon::create('cloud-download')) !!}
+ @if (Auth::user()->canCreateOrEdit(ENTITY_TASK, $task))
+
+ @if (Auth::user()->hasFeature(FEATURE_TASKS))
+ @if ($task && $task->is_running)
+ {!! Button::success(trans('texts.save'))->large()->appendIcon(Icon::create('floppy-disk'))->withAttributes(['id' => 'save-button']) !!}
+ {!! Button::primary(trans('texts.stop'))->large()->appendIcon(Icon::create('stop'))->withAttributes(['id' => 'stop-button']) !!}
+ @elseif ($task && $task->trashed())
+ {!! Button::normal(trans('texts.cancel'))->large()->asLinkTo(URL::to('/tasks'))->appendIcon(Icon::create('remove-circle')) !!}
+ {!! Button::success(trans('texts.restore'))->large()->withAttributes(['onclick' => 'submitAction("restore")'])->appendIcon(Icon::create('cloud-download')) !!}
+ @else
+ {!! Button::normal(trans('texts.cancel'))->large()->asLinkTo(URL::to('/tasks'))->appendIcon(Icon::create('remove-circle')) !!}
+ @if ($task)
+ {!! Button::success(trans('texts.save'))->large()->appendIcon(Icon::create('floppy-disk'))->withAttributes(['id' => 'save-button']) !!}
+ {!! Button::primary(trans('texts.resume'))->large()->appendIcon(Icon::create('play'))->withAttributes(['id' => 'resume-button']) !!}
+ {!! DropdownButton::normal(trans('texts.more_actions'))
+ ->withContents($actions)
+ ->large()
+ ->dropup() !!}
+ @else
+ {!! Button::success(trans('texts.save'))->large()->appendIcon(Icon::create('floppy-disk'))->withAttributes(['id' => 'save-button']) !!}
+ {!! Button::success(trans('texts.start'))->large()->appendIcon(Icon::create('play'))->withAttributes(['id' => 'start-button']) !!}
+ @endif
+ @endif
@else
{!! Button::normal(trans('texts.cancel'))->large()->asLinkTo(URL::to('/tasks'))->appendIcon(Icon::create('remove-circle')) !!}
- @if ($task)
- {!! Button::success(trans('texts.save'))->large()->appendIcon(Icon::create('floppy-disk'))->withAttributes(['id' => 'save-button']) !!}
- {!! Button::primary(trans('texts.resume'))->large()->appendIcon(Icon::create('play'))->withAttributes(['id' => 'resume-button']) !!}
- {!! DropdownButton::normal(trans('texts.more_actions'))
- ->withContents($actions)
- ->large()
- ->dropup() !!}
- @else
- {!! Button::success(trans('texts.save'))->large()->appendIcon(Icon::create('floppy-disk'))->withAttributes(['id' => 'save-button']) !!}
- {!! Button::success(trans('texts.start'))->large()->appendIcon(Icon::create('play'))->withAttributes(['id' => 'start-button']) !!}
- @endif
@endif
- @else
- {!! Button::normal(trans('texts.cancel'))->large()->asLinkTo(URL::to('/tasks'))->appendIcon(Icon::create('remove-circle')) !!}
- @endif
-
+
+ @endif
{!! Former::close() !!}
@@ -204,6 +208,14 @@
timeLabels['{{ $period }}s'] = '{{ trans("texts.{$period}s") }}';
@endforeach
+ function onFormSubmit(event) {
+ @if (Auth::user()->canCreateOrEdit(ENTITY_TASK, $task))
+ return true;
+ @else
+ return false
+ @endif
+ }
+
function tock(duration) {
var str = convertDurationToString(duration);
$('#duration-text').html(str);