mirror of
https://github.com/alextselegidis/easyappointments.git
synced 2024-11-08 17:12:25 +03:00
Providers should not be able to create appointments for other providers in the backend calendar page. #510
This commit is contained in:
parent
ba3227e11c
commit
b3b1815c8d
2 changed files with 9 additions and 0 deletions
|
@ -14,6 +14,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|||
- #485: Make REST API search check with "q" parameter case insensitive.
|
||||
- #489: REST API response headers must use the Content-Type application/json value.
|
||||
- #500: Performance optimization in backend calendar page, after the user clicks the insert appointment button.
|
||||
- #510: Providers should not be able to create appointments for other providers in the backend calendar page.
|
||||
- #512: Only show appointments of the currently logged in provider.
|
||||
|
||||
## [1.3.1]
|
||||
|
|
|
@ -299,6 +299,14 @@ window.BackendCalendarAppointmentsModal = window.BackendCalendarAppointmentsModa
|
|||
// Update the providers select box.
|
||||
$.each(GlobalVariables.availableProviders, function (indexProvider, provider) {
|
||||
$.each(provider.services, function (indexService, serviceId) {
|
||||
if (GlobalVariables.user.role_slug === Backend.DB_SLUG_PROVIDER && parseInt(provider.id) !== GlobalVariables.user.id) {
|
||||
return true; // continue
|
||||
}
|
||||
|
||||
if (GlobalVariables.user.role_slug === Backend.DB_SLUG_SECRETARY && GlobalVariables.secretaryProviders.indexOf(provider.id) === -1) {
|
||||
return true; // continue
|
||||
}
|
||||
|
||||
// If the current provider is able to provide the selected service, add him to the listbox.
|
||||
if (serviceId == sid) {
|
||||
var optionHtml = '<option value="' + provider.id + '">'
|
||||
|
|
Loading…
Reference in a new issue