forked from mirrors/easyappointments
Providers should not be able to create appointments for other providers in the backend calendar page. #510
This commit is contained in:
parent
ba3227e11c
commit
b3b1815c8d
2 changed files with 9 additions and 0 deletions
|
@ -14,6 +14,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
||||||
- #485: Make REST API search check with "q" parameter case insensitive.
|
- #485: Make REST API search check with "q" parameter case insensitive.
|
||||||
- #489: REST API response headers must use the Content-Type application/json value.
|
- #489: REST API response headers must use the Content-Type application/json value.
|
||||||
- #500: Performance optimization in backend calendar page, after the user clicks the insert appointment button.
|
- #500: Performance optimization in backend calendar page, after the user clicks the insert appointment button.
|
||||||
|
- #510: Providers should not be able to create appointments for other providers in the backend calendar page.
|
||||||
- #512: Only show appointments of the currently logged in provider.
|
- #512: Only show appointments of the currently logged in provider.
|
||||||
|
|
||||||
## [1.3.1]
|
## [1.3.1]
|
||||||
|
|
|
@ -299,6 +299,14 @@ window.BackendCalendarAppointmentsModal = window.BackendCalendarAppointmentsModa
|
||||||
// Update the providers select box.
|
// Update the providers select box.
|
||||||
$.each(GlobalVariables.availableProviders, function (indexProvider, provider) {
|
$.each(GlobalVariables.availableProviders, function (indexProvider, provider) {
|
||||||
$.each(provider.services, function (indexService, serviceId) {
|
$.each(provider.services, function (indexService, serviceId) {
|
||||||
|
if (GlobalVariables.user.role_slug === Backend.DB_SLUG_PROVIDER && parseInt(provider.id) !== GlobalVariables.user.id) {
|
||||||
|
return true; // continue
|
||||||
|
}
|
||||||
|
|
||||||
|
if (GlobalVariables.user.role_slug === Backend.DB_SLUG_SECRETARY && GlobalVariables.secretaryProviders.indexOf(provider.id) === -1) {
|
||||||
|
return true; // continue
|
||||||
|
}
|
||||||
|
|
||||||
// If the current provider is able to provide the selected service, add him to the listbox.
|
// If the current provider is able to provide the selected service, add him to the listbox.
|
||||||
if (serviceId == sid) {
|
if (serviceId == sid) {
|
||||||
var optionHtml = '<option value="' + provider.id + '">'
|
var optionHtml = '<option value="' + provider.id + '">'
|
||||||
|
|
Loading…
Reference in a new issue