public function view($id) { try { $project = Project::find($id); } catch (Exception $e) { $error = $e->getMessage(); die($error); } $is_runner = !empty($_SESSION['is_runner']) ? 1 : 0; $is_payer = !empty($_SESSION['is_payer']) ? 1 : 0; //get the project owner $project_user = new User(); $project_user->findUserById($project->getOwnerId()); $this->write('project_user', $project_user); $userId = Session::uid(); if ($userId > 0) { Utils::initUserById($userId); $user = new User(); $user->findUserById($userId); // @TODO: this is overwritten below.. -- lithium $nick = $user->getNickname(); $userbudget = $user->getBudget(); $budget = number_format($userbudget); $is_owner = $project->isOwner($user->getId()); $is_admin = $user->getIs_admin(); } else { $is_owner = false; $is_admin = false; } $runners = $project->getRunners(); if (isset($_REQUEST['save_project']) && ($is_runner || $is_payer || $is_owner)) { $project->setDescription($_REQUEST['description'])->setShortDescription($_REQUEST['short_description']); $project->setWebsite($_REQUEST['website']); $cr_anyone = $_REQUEST['cr_anyone'] ? 1 : 0; $cr_3_favorites = $_REQUEST['cr_3_favorites'] ? 1 : 0; $cr_project_admin = isset($_REQUEST['cr_project_admin']) ? 1 : 0; $cr_users_specified = isset($_REQUEST['cr_users_specified']) ? 1 : 0; $cr_job_runner = isset($_REQUEST['cr_job_runner']) ? 1 : 0; $internal = isset($_REQUEST['internal']) ? 1 : 0; $require_sandbox = isset($_REQUEST['require_sandbox']) ? 1 : 0; $hipchat_enabled = isset($_REQUEST['hipchat_enabled']) ? 1 : 0; $project->setCrAnyone($cr_anyone); $project->setCrFav($cr_3_favorites); $project->setCrAdmin($cr_project_admin); $project->setCrRunner($cr_job_runner); $project->setCrUsersSpecified($cr_users_specified); $project->setHipchatEnabled($hipchat_enabled); $project->setHipchatNotificationToken($_REQUEST['hipchat_notification_token']); $project->setHipchatRoom($_REQUEST['hipchat_room']); $project->setHipchatColor($_REQUEST['hipchat_color']); if ($user->getIs_admin()) { $project->setInternal($internal); } if ($user->getIs_admin()) { $project->setRequireSandbox($require_sandbox); } if ($_REQUEST['logoProject'] != "") { $project->setLogo(basename($_REQUEST['logoProject'])); } $project->save(); // we clear post to prevent the page from redirecting $_POST = array(); } $project_id = $project->getProjectId(); $hide_project_column = true; // save,edit,delete roles <mikewasmie 16-jun-2011> if ($is_runner || $is_payer || $project->isOwner($userId)) { if (isset($_POST['save_role'])) { $args = array('role_title', 'percentage', 'min_amount'); foreach ($args as $arg) { ${$arg} = mysql_real_escape_string($_POST[$arg]); } $role_id = $project->addRole($project_id, $role_title, $percentage, $min_amount); } if (isset($_POST['edit_role'])) { $args = array('role_id', 'role_title', 'percentage', 'min_amount'); foreach ($args as $arg) { ${$arg} = mysql_real_escape_string($_POST[$arg]); } $res = $project->editRole($role_id, $role_title, $percentage, $min_amount); } if (isset($_POST['delete_role'])) { $role_id = mysql_real_escape_string($_POST['role_id']); $res = $project->deleteRole($role_id); } } /* Prevent reposts on refresh */ if (!empty($_POST)) { unset($_POST); header('Location: ' . $projectName); exit; } $edit_mode = false; if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'edit' && ($is_admin || $is_owner)) { $edit_mode = true; } $this->write('project', $project); $this->write('edit_mode', $edit_mode); $this->write('is_owner', $is_owner); parent::run(); }
public function add() { $this->view = null; if (isset($_POST['api_key'])) { Utils::validateAPIKey(); $user = User::find($_POST['creator']); $userId = $user->getId(); } else { Utils::checkLogin(); $userId = Session::uid(); } if (!$userId) { header('HTTP/1.1 401 Unauthorized', true, 401); echo json_encode(array('error' => "Invalid parameters !")); return; } if ($_SERVER['REQUEST_METHOD'] != 'POST') { $this->view = new AddJobView(); parent::run(); return; } $this->view = null; $journal_message = ''; $workitem_added = false; $nick = ''; $workitem = new WorkItem(); Utils::initUserById($userId); $user = new User(); $user->findUserById($userId); $nick = $user->getNickname(); $runner_id = Project::isAllowedRunnerForProject($user->getId(), $_REQUEST['project_id']) ? $userId : ''; $itemid = $_REQUEST['itemid']; $summary = $_REQUEST['summary']; $project_id = $_REQUEST['project_id']; $labels = $_REQUEST['labels']; $status = Project::isAllowedRunnerForProject($user->getId(), $_REQUEST['project_id']) || $user->getIs_admin() == 1 && $user->getIs_runner() ? $_REQUEST['status'] : 'Suggestion'; $notes = $_REQUEST['notes']; $is_expense = $_REQUEST['is_expense']; $is_rewarder = $_REQUEST['is_rewarder']; $is_internal = $_REQUEST['is_internal']; $fileUpload = $_REQUEST['fileUpload']; $assigned_id = 0; if ((int) $_REQUEST['assigned']) { $assignedUser = User::find($_REQUEST['assigned']); if ($assignedUser->isInternal()) { $assigned_id = $assignedUser->getId(); } } if (!empty($_POST['itemid'])) { $workitem->loadById($_POST['itemid']); } else { $workitem->setCreatorId($userId); $workitem_added = true; } $workitem->setSummary($summary); $labelsArr = explode(',', $labels); $workitem->setRunnerId($runner_id); $workitem->setProjectId($project_id); $workitem->setStatus($status); $workitem->setNotes($notes); $workitem->setWorkitemLabels($labelsArr); $workitem->setIs_internal($is_internal); $workitem->setAssigned_id($assigned_id); $workitem->save(); $related = $this->getRelated($notes); Notification::massStatusNotify($workitem); if ($assigned_id) { $emailTemplate = 'job-assigned'; $data = array('job_id' => $workitem->getId(), 'summary' => $workitem->getSummary(), 'assigner' => $user->getNickname(), 'assigned' => $assignedUser->getNickname()); $senderEmail = 'Worklist - ' . $user->getNickname() . ' <*****@*****.**> '; Utils::sendTemplateEmail($assignedUser->getUsername(), $emailTemplate, $data, $senderEmail); } // if files were uploaded, update their workitem id $file = new File(); // update images first if (isset($fileUpload['uploads'])) { foreach ($fileUpload['uploads'] as $image) { $file->findFileById($image); $file->setWorkitem($workitem->getId()); $file->save(); } } if (empty($_POST['itemid'])) { $bid_fee_itemid = $workitem->getId(); $journal_message .= "\\\\#" . $bid_fee_itemid . ' created by @' . $nick . ' Status set to ' . $status; if (!empty($_POST['files'])) { $files = explode(',', $_POST['files']); foreach ($files as $file) { $sql = 'UPDATE `' . FILES . '` SET `workitem` = ' . $bid_fee_itemid . ' WHERE `id` = ' . (int) $file; mysql_query($sql); } } } else { $bid_fee_itemid = $itemid; $journal_message .= '\\#' . $bid_fee_itemid . ' updated by ' . $nick . 'Status set to ' . $status; } $journal_message .= "{$related}. "; // don't send any journal notifications for DRAFTS if (!empty($journal_message) && $status != 'Draft') { Utils::systemNotification(stripslashes($journal_message)); if ($workitem_added) { $options = array('type' => 'workitem-add', 'workitem' => $workitem); $data = array('notes' => $notes, 'nick' => $nick, 'status' => $status); Notification::workitemNotifyHipchat($options, $data); } // workitem mentions $matches = array(); if (preg_match_all('/@(\\w+)/', $workitem->getNotes(), $matches, PREG_SET_ORDER)) { foreach ($matches as $mention) { // validate the username actually exists if ($recipient = User::find($mention[1])) { // exclude creator, designer, developer and followers if ($recipient->getId() != $workitem->getRunnerId() && $recipient->getId() != $workitem->getMechanicId() && $recipient->getId() != $workitem->getCreatorId() && !$workitem->isUserFollowing($recipient->getId())) { $emailTemplate = 'workitem-mention'; $data = array('job_id' => $workitem->getId(), 'summary' => $workitem->getSummary(), 'author' => $_SESSION['nickname'], 'text' => $workitem->getNotes(), 'link' => '<a href="' . WORKLIST_URL . $workitem->getId() . '">See the workitem</a>'); $senderEmail = 'Worklist - ' . $_SESSION['nickname'] . ' <*****@*****.**> '; Utils::sendTemplateEmail($recipient->getUsername(), $emailTemplate, $data, $senderEmail); } } } } } // Notify Runners of new suggested task if ($status == 'Suggestion' && $project_id != '') { $options = array('type' => 'suggested', 'workitem' => $workitem, 'recipients' => array('projectRunners')); $data = array('notes' => $notes, 'nick' => $nick, 'status' => $status); Notification::workitemNotify($options, $data); } echo json_encode(array('return' => "Done!", 'workitem' => $workitem->getId())); }
} $user = new User(); $user->findUserById(getSessionUserId()); // array of actions with audit permissions $auditActions = array('get-audit-list', 'update-rewarder-auditor'); if (in_array($_REQUEST['action'], $auditActions)) { if (!$user->getIs_auditor()) { echo json_encode(array('error' => 'unauthorized')); return; } } // array of actions with admin permissions $adminActions = array('end-period', 'reset_user_review'); if (in_array($_REQUEST['action'], $adminActions)) { // THIS IS TEMPORARY UNTIL LOGIN MODULE IS IN PLACE if (!$user->getIs_admin()) { echo json_encode(array('error' => 'unauthorized - not admin')); return; } } // array of required arguments for each action (when needed) $requiredArgs = array('get-rewarder-user-detail' => array('id'), 'get-rewarder-user' => array('id'), 'update-rewarder-user' => array('period_id'), 'update-rewarder-users' => array('period_id'), 'get-rewarder-list' => array('period_id'), 'populate-rewarder-list' => array('period_id'), 'update-rewarder-auditor' => array('id'), 'end-period' => array('reset', 'conversion_rate', 'signature'), 'reset_user_review' => array('user_id', 'review_id', 'period_id')); if (array_key_exists($_REQUEST['action'], $requiredArgs)) { foreach ($requiredArgs[$_REQUEST['action']] as $arg) { if (!isset($_REQUEST[$arg])) { echo json_encode(array('error' => 'args')); return; } } } $rewarder = new Rewarder($user->getId());
} else { $loadFirstTime = true; } /* End of modular initialization */ $showTab = 0; if (!empty($_REQUEST['view'])) { if ($_REQUEST['view'] == 'history') { $showTab = 1; } } $user = new User(); $user->findUserById($_SESSION['userid']); $rewarder = new Rewarder($user->getId()); $audit_mode = $user->getIs_auditor() && !empty($_REQUEST['audit']) ? 1 : 0; // THIS IS TEMPORARY UNTIL LOGIN MODULE IS IN PLACE!!! $is_admin = $user->getIs_admin() ? 1 : 0; /*** if ($audit_mode) { $userList = GetUserList($_SESSION['userid'], $_SESSION['nickname'], true, array('is_auditor')); } else { $userList = GetUserList($_SESSION['userid'], $_SESSION['nickname'], true); // Strip users already in the rewarderList $rewarderList = $rewarder->getRewarderUserList($_SESSION['userid']); foreach ($rewarderList as $info) { unset($userList[$info['id']]); } } // Get the users for the user selection $user_box = '<select id="user-list" name="userbox"><option value="0">Add Co-worker</option>'; foreach ($userList as $userid=>$nickname) {