mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 02:44:53 +00:00
Permissions - clients and tickets
Enforce new permissions model in clients and tickets
This commit is contained in:
wrongecho
26
clients.php
26
clients.php
@@ -96,11 +96,11 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||
<div class="card-header py-2">
|
||||
<h3 class="card-title mt-2"><i class="fa fa-fw fa-user-friends mr-2"></i><?php if($leads == 0){ echo "Client"; } else { echo "Lead"; } ?> Management</h3>
|
||||
<div class="card-tools">
|
||||
<?php if ($session_user_role == 3) { ?>
|
||||
<?php if (lookupUserPermission("module_client") >= 2) { ?>
|
||||
<div class="btn-group">
|
||||
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#addClientModal">
|
||||
<i class="fas fa-plus mr-2"></i>New
|
||||
<?php if($leads == 0){ echo "Client"; } else { echo "Lead"; } ?>
|
||||
<?php if ($leads == 0) { echo "Client"; } else { echo "Lead"; } ?>
|
||||
</button>
|
||||
<button type="button" class="btn btn-primary dropdown-toggle dropdown-toggle-split" data-toggle="dropdown"></button>
|
||||
<div class="dropdown-menu">
|
||||
@@ -134,13 +134,13 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||
<div class="col-md-8">
|
||||
<div class="btn-toolbar float-right">
|
||||
<div class="btn-group mr-2">
|
||||
<a href="?leads=0" class="btn btn-<?php if($leads == 0){ echo "primary"; } else { echo "default"; } ?>"><i class="fa fa-fw fa-user-friends mr-2"></i>Clients</a>
|
||||
<a href="?leads=1" class="btn btn-<?php if($leads == 1){ echo "primary"; } else { echo "default"; } ?>"><i class="fa fa-fw fa-bullhorn mr-2"></i>Leads</a>
|
||||
<a href="?leads=0" class="btn btn-<?php if ($leads == 0){ echo "primary"; } else { echo "default"; } ?>"><i class="fa fa-fw fa-user-friends mr-2"></i>Clients</a>
|
||||
<a href="?leads=1" class="btn btn-<?php if ($leads == 1){ echo "primary"; } else { echo "default"; } ?>"><i class="fa fa-fw fa-bullhorn mr-2"></i>Leads</a>
|
||||
</div>
|
||||
|
||||
<div class="btn-group mr-2">
|
||||
<a href="?<?php echo $url_query_strings_sort ?>&archived=<?php if($archived == 1){ echo 0; } else { echo 1; } ?>"
|
||||
class="btn btn-<?php if($archived == 1){ echo "primary"; } else { echo "default"; } ?>">
|
||||
class="btn btn-<?php if ($archived == 1) { echo "primary"; } else { echo "default"; } ?>">
|
||||
<i class="fa fa-fw fa-archive mr-2"></i>Archived
|
||||
</a>
|
||||
</div>
|
||||
@@ -270,8 +270,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||
<?php if ($sort == 'contact_name') { echo $order_icon; } ?>
|
||||
</a>
|
||||
</th>
|
||||
<?php if (($session_user_role == 3 || $session_user_role == 1) && $config_module_enable_accounting == 1) { ?> <th class="text-right">Billing</th> <?php } ?>
|
||||
<?php if ($session_user_role == 3) { ?> <th class="text-center">Action</th> <?php } ?>
|
||||
<?php if ((lookupUserPermission("module_financial") >= 1) && $config_module_enable_accounting == 1) { ?> <th class="text-right">Billing</th> <?php } ?>
|
||||
<?php if (lookupUserPermission("module_client") >= 2) { ?> <th class="text-center">Action</th> <?php } ?>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
@@ -387,7 +387,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||
</div>
|
||||
<?php } ?>
|
||||
<div class="mt-1 text-secondary">
|
||||
<small><strong>Created:</strong> <?php echo $client_created_at; ?></small>
|
||||
<small><strong>Created: </strong> <?php echo $client_created_at; ?></small>
|
||||
</div>
|
||||
|
||||
</td>
|
||||
@@ -425,8 +425,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||
<?php } ?>
|
||||
</td>
|
||||
|
||||
<!-- Show Billing for Admin/Accountant roles only and if accounting module is enabled -->
|
||||
<?php if (($session_user_role == 3 || $session_user_role == 1) && $config_module_enable_accounting == 1) { ?>
|
||||
<!-- Show Billing if perms & if accounting module is enabled -->
|
||||
<?php if ((lookupUserPermission("module_financial") >= 1) && $config_module_enable_accounting == 1) { ?>
|
||||
<td class="text-right">
|
||||
<div class="mt-1">
|
||||
<span class="text-secondary">Balance</span> <span class="<?php echo $balance_text_color; ?>"><?php echo numfmt_format_currency($currency_format, $balance, $session_company_currency); ?></span>
|
||||
@@ -443,8 +443,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||
</td>
|
||||
<?php } ?>
|
||||
|
||||
<!-- Show actions for Admin role only -->
|
||||
<?php if ($session_user_role == 3) { ?>
|
||||
<!-- Actions -->
|
||||
<?php if (lookupUserPermission("module_client") >= 2) { ?>
|
||||
<td>
|
||||
<div class="dropdown dropleft text-center">
|
||||
<button class="btn btn-secondary btn-sm" type="button" data-toggle="dropdown">
|
||||
@@ -457,7 +457,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
|
||||
|
||||
<?php if (empty($client_archived_at)) { ?>
|
||||
<div class="dropdown-divider"></div>
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_client=<?php echo $client_id; ?>">
|
||||
<a class="dropdown-item text-danger confirm-link" href="post.php?archive_client=<?php echo $client_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
|
||||
<i class="fas fa-fw fa-archive mr-2"></i>Archive
|
||||
</a>
|
||||
<?php } ?>
|
||||
|
||||
Reference in New Issue
Block a user