Time enties are an interesting feature, unfortunately we are not allowed to to use them due to company constraints regarding information security.
What our layers do not like at all is the fact that every user can view every time enty from every other user (together with the full name) for every item in every project he has permission to.
This should be restricted as follows:
- just like editing a "normal" user must only see his very own time entries. If time entries from other users exist, they must be "anonymized", so that a only see the accumulated sum per row and the number of rows.
Anonymous time entry view
- viewing the entries of other users shall be limited to the "TimeTrackingAdmin" permission.
This must of course apply to the report generator as well