Raise 404 not found instead of error, when user is not employee

i.e. when they try to view "employee schedule" or "time sheet"

tailbone/views/shifts/lib.py

@@ -158,8 +158,8 @@ class TimeSheetView(View):
         # force current user if not allowed to view all data
         if not self.request.has_perm('{}.viewall'.format(self.key)):
             employee = self.request.user.employee
-            assert employee
 
+        # note that employee may still be None, e.g. if current user is not employee
         return {'date': date, 'employee': employee}
 
     def process_filter_form(self, form):
@@ -257,6 +257,8 @@ class TimeSheetView(View):
         View time sheet for single employee.
         """
         context = self.get_employee_context()
+        if not context['employee']:
+            raise self.notfound()
         form = self.make_employee_filter_form(context)
         self.process_employee_filter_form(form)
         context['form'] = form

tailbone/views/shifts/timesheet.py

@@ -49,6 +49,8 @@ class TimeSheetView(BaseTimeSheetView):
         """
         # process filters; redirect if any were received
         context = self.get_employee_context()
+        if not context['employee']:
+            raise self.notfound()
         form = self.make_employee_filter_form(context)
         self.process_employee_filter_form(form)