From 993b60d61eb927cff21ea0b06c1631eb986f6a51 Mon Sep 17 00:00:00 2001
From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Fri, 14 Mar 2008 21:17:09 +0000
Subject: Adds 2 permissions (closes #859): * edit_time_entries: lets a user
 edit/delete any time entry * edit_own_time_entries: lets a user edit/delete
 its own time entries only

git-svn-id: http://redmine.rubyforge.org/svn/trunk@1249 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/models/time_entry.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/models')

diff --git a/app/models/time_entry.rb b/app/models/time_entry.rb
index 0f8f62889..bcf6d1223 100644
--- a/app/models/time_entry.rb
+++ b/app/models/time_entry.rb
@@ -50,7 +50,7 @@ class TimeEntry < ActiveRecord::Base
   
   # Returns true if the time entry can be edited by usr, otherwise false
   def editable_by?(usr)
-    usr == self.user
+    (usr == user && usr.allowed_to?(:edit_own_time_entries, project)) || usr.allowed_to?(:edit_time_entries, project)
   end
   
   def self.visible_by(usr)
-- 
cgit v1.2.3