This release includes some very critical security fixes. We recommend upgrading your installation to the latest release.
Features
- Allow passing additional parameters to payroll predefined methods
- Pass leave type name in function field to get leave count for a given type
- Add employee name to payroll report
- Show supervisor name on employee profile
- Add custom fields to employee report
- Add filter by status feature to subordinate time sheets
Security Fixes
- Fix missing login form CSRF token
- Fix risky usage of the hashed password in the request
- Fixing permission issues on module access for each user level
- Prevent manager from accessing sensitive user records
Other Fixes
- Hide employee salary from managers
- Prevent manager from accessing audit, cron and notifications
- Prevent managers from deleting employees
- Validate overtime start and end times
- Fix issue: the employee can download draft payroll