protected function _get_query_condition($key, $value)
{
/**
* Returns a SQL condition for filtering.
*
* @param $key - The resource attribute on which we're filtering
* @param $value - The value it must have
*/
if ($key == 'reporter') {
return "n.reporter_id = " . (int) User::get_mantis_id_from_url($value);
} elseif ($key == 'private') {
return "n.view_state = " . ((int) $value ? VS_PRIVATE : VS_PUBLIC);
}
return NULL;
}
protected function _get_query_condition($key, $value)
{
if ($key == 'handler') {
return "b.handler_id = " . ($value ? User::get_mantis_id_from_url($value) : 0);
} elseif ($key == 'reporter') {
return "b.reporter_id = " . User::get_mantis_id_from_url($value);
} elseif ($key == 'duplicate') {
return "b.duplicate_id = " . Bug::get_mantis_id_from_url($value);
} elseif (in_array($key, array('priority', 'severity', 'reproducibility', 'status', 'resolution', 'projection', 'eta'))) {
return "b.{$key} = " . get_string_to_enum(config_get($key . "_enum_string"), $value);
} elseif ($key == "project_id") {
return "b.project_id = " . (int) $value;
}
return NULL;
}
protected function _get_mantis_attr($attr_name)
{
if ($attr_name == 'bug_id') {
return Bug::get_mantis_id_from_url($this->rsrc_data['bug']);
} elseif ($attr_name == 'reporter_id') {
return User::get_mantis_id_from_url($this->rsrc_data['reporter']);
} elseif ($attr_name == 'view_state') {
return $this->rsrc_data['private'] ? VS_PRIVATE : VS_PUBLIC;
} elseif ($attr_name == 'date_submitted' || $attr_name == 'last_modified') {
return date_to_sql_date($this->rsrc_data[$attr_name]);
} elseif ($attr_name == 'note') {
return $this->rsrc_data['text'];
} elseif (in_array($attr_name, Bugnote::$mantis_attrs)) {
return $this->rsrc_data[$attr_name];
}
}
protected function _get_mantis_attr($attr_name)
{
if ($attr_name == 'reporter_id') {
return User::get_mantis_id_from_url($this->rsrc_data['reporter']);
} elseif ($attr_name == 'handler_id') {
return $this->rsrc_data['handler'] ? User::get_mantis_id_from_url($this->rsrc_data['handler']) : 0;
} elseif ($attr_name == 'duplicate_id') {
return $this->rsrc_data['duplicate'] ? Bug::get_mantis_id_from_url($this->rsrc_data['duplicate']) : 0;
} elseif (in_array($attr_name, array('priority', 'severity', 'reproducibility', 'status', 'resolution', 'projection', 'eta'))) {
return get_string_to_enum(config_get($attr_name . "_enum_string"), $this->rsrc_data[$attr_name]);
} elseif ($attr_name == 'date_submitted' || $attr_name == 'last_updated') {
return date_to_timestamp($this->rsrc_data[$attr_name]);
} elseif ($attr_name == 'view_state') {
return $this->rsrc_data['private'] ? VS_PRIVATE : VS_PUBLIC;
} elseif (in_array($attr_name, Bug::$mantis_attrs)) {
return $this->rsrc_data[$attr_name];
}
}
public function put($request)
{
/**
* Updates the user.
*
* @param $request - The Request we're responding to
*/
$this->user_id = User::get_mantis_id_from_url($request->url);
if (!access_has_global_level(config_get('manage_user_threshold')) && auth_get_current_user_id() != $this->user_id) {
throw new HTTPException(403, "Access denied to edit user {$this->user_id}'s info");
}
$this->populate_from_repr($request->body);
# Do some validation on the inputs (from Mantis's user_create())
$username = db_prepare_string($this->rsrc_data['username']);
$realname = db_prepare_string($this->rsrc_data['realname']);
$password = db_prepare_string($this->rsrc_data['password']);
$email = db_prepare_string($this->rsrc_data['email']);
$access_level = db_prepare_int(get_string_to_enum(config_get('access_levels_enum_string'), $this->rsrc_data['access_level']));
$protected = db_prepare_bool($this->rsrc_data['protected']);
$enabled = db_prepare_bool($this->rsrc_data['enabled']);
user_ensure_name_valid($username);
user_ensure_realname_valid($realname);
user_ensure_realname_unique($username, $realname);
email_ensure_valid($email);
# The cookie string is based on email and username, so if either of those changed,
# we have to change the cookie string.
$user_row = user_get_row($this->user_id);
$username_key = array_key_exists('username', $user_row) ? 'username' : 1;
$email_key = array_key_exists('email', $user_row) ? 'email' : 3;
$cookie_string_key = array_key_exists('cookie_string', $user_row) ? 'cookie_string' : 13;
if ($user_row[$username_key] != $username || $user_row[$email_key] != $email) {
$seed = $email . $username;
$cookie_string = auth_generate_unique_cookie_string($seed);
} else {
$cookie_string = $user_row[$cookie_string_key];
}
$password_hash = auth_process_plain_password($password);
$user_table = config_get('mantis_user_table');
$query = "UPDATE {$user_table}\n\t\t\t\tSET username = '******',\n\t\t\t\t realname = '{$realname}',\n\t\t\t\t email = '{$email}',\n\t\t\t\t password = '******',\n\t\t\t\t enabled = {$enabled},\n\t\t\t\t protected = {$protected},\n\t\t\t\t access_level = {$access_level},\n\t\t\t\t cookie_string = '{$cookie_string}'\n\t\t\t\tWHERE id = {$this->user_id};";
db_query($query);
$resp = new Response();
$resp->status = 204;
return $resp;
}
