diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 264dc86b440..3a0e96d58da 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -718,10 +718,9 @@ Permission34=Delete products Permission36=See/manage hidden products Permission38=Export products Permission39=Ignore minimum price -Permission41=Read projects and tasks (shared project and projects I'm contact for). -Permission145=Can enter time consumed, for me or my hierarchy, on assigned tasks (Timesheet) -Permission42=Create/modify projects (shared project and projects I'm contact for). Can also create tasks and assign users to project and tasks -Permission44=Delete projects (shared project and projects I'm contact for) +Permission41=Read projects and tasks (shared projects and projects of which I am a contact). +Permission42=Create/modify projects (shared projects and projects of which I am a contact). Can also assign users to projects and tasks +Permission44=Delete projects (shared projects and projects of which I am a contact) Permission45=Export projects Permission61=Read interventions Permission62=Create/modify interventions @@ -767,9 +766,10 @@ Permission122=Create/modify third parties linked to user Permission125=Delete third parties linked to user Permission126=Export third parties Permission130=Create/modify third parties payment information -Permission141=Read all projects and tasks (also private projects for which I am not a contact) -Permission142=Create/modify all projects and tasks (also private projects for which I am not a contact) -Permission144=Delete all projects and tasks (also private projects i am not contact for) +Permission141=Read all projects and tasks (as well as the private projects for which I am not a contact) +Permission142=Create/modify all projects and tasks (as well as the private projects for which I am not a contact) +Permission144=Delete all projects and tasks (as well as the private projects I am not a contact) +Permission145=Can enter time consumed, for me or my hierarchy, on assigned tasks (Timesheet) Permission146=Read providers Permission147=Read stats Permission151=Read direct debit payment orders diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 53d0e6c7f91..744a1667f7b 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -888,17 +888,18 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser $linktocreatetimeBtnStatus = 0; $linktocreatetimeUrl = ''; $linktocreatetimeHelpText = ''; - if ($user->rights->projet->all->lire || $user->rights->projet->time) { + if (!empty($user->rights->projet->time)) { if ($projectstatic->public || $userRead > 0) { $linktocreatetimeBtnStatus = 1; - if (!empty($projectidforalltimes)) { // We are on tab 'Time Spent' of project + if (!empty($projectidforalltimes)) { + // We are on tab 'Time Spent' of project $backtourl = $_SERVER['PHP_SELF'].'?projectid='.$projectstatic->id.($withproject ? '&withproject=1' : ''); - $linktocreatetimeUrl = $_SERVER['PHP_SELF'].'?'.($withproject ? 'withproject=1' : '').'&projectid='.$projectstatic->id.'&action=createtime'.$param.'&backtopage='.urlencode($backtourl); - } else // We are on tab 'Time Spent' of task - { + $linktocreatetimeUrl = $_SERVER['PHP_SELF'].'?'.($withproject ? 'withproject=1' : '').'&projectid='.$projectstatic->id.'&action=createtime&token='.newToken().$param.'&backtopage='.urlencode($backtourl); + } else { + // We are on tab 'Time Spent' of task $backtourl = $_SERVER['PHP_SELF'].'?id='.$object->id.($withproject ? '&withproject=1' : ''); - $linktocreatetimeUrl = $_SERVER['PHP_SELF'].'?'.($withproject ? 'withproject=1' : '').($object->id > 0 ? '&id='.$object->id : '&projectid='.$projectstatic->id).'&action=createtime'.$param.'&backtopage='.urlencode($backtourl); + $linktocreatetimeUrl = $_SERVER['PHP_SELF'].'?'.($withproject ? 'withproject=1' : '').($object->id > 0 ? '&id='.$object->id : '&projectid='.$projectstatic->id).'&action=createtime&token='.newToken().$param.'&backtopage='.urlencode($backtourl); } } else { $linktocreatetimeBtnStatus = -2;