Posted by NToronto on October 23, 2009 at 3:53pm
3 followers
Jump to:
| Project: | Support Timer |
| Version: | 6.x-1.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | NToronto |
| Status: | closed (fixed) |
Issue Summary
Support Timer comes with a permission called, "view time spent". It is assumed that only those with "view time spent" permissions would be able to view the time spent on each ticket. However, this is not the case. All users able to view tickets can also view the time spent on each ticket. Below is a modification to the support_timer.module to ensure only those with "view time spent" can see the time spent on tickets:
Find the code:
// Display time spent on ticket.
$timer = db_fetch_object(db_query('SELECT time, date, summary FROM {support_ticket_comment_timer} WHERE cid = %d', $comment->cid));
if (!empty($timer) && ($timer->time || $timer->date)) {
$date = date('d M Y', $timer->date);Directly underneath it paste the following:
// Ensures only those with "view time spent" can see the time spent on tickets.
if (user_access('view time spent')) {
$comment->comment = "<div class='support-timer'><div class='time'>Time: $timer->time</div><div class='date'>Date: $date</div><div class='summary'>Summary: $timer->summary</div></div>" . $comment->comment;
}
Comments
#1
Thanks, fix committed:
http://drupal.org/cvs?commit=300474
#2
Automatically closed -- issue fixed for 2 weeks with no activity.