protected function _get_query_condition($key, $value) { /** * Returns a SQL condition for filtering. * * @param $key - The resource attribute on which we're filtering * @param $value - The value it must have */ if ($key == 'reporter') { return "n.reporter_id = " . (int) User::get_mantis_id_from_url($value); } elseif ($key == 'private') { return "n.view_state = " . ((int) $value ? VS_PRIVATE : VS_PUBLIC); } return NULL; }
protected function _get_query_condition($key, $value) { if ($key == 'handler') { return "b.handler_id = " . ($value ? User::get_mantis_id_from_url($value) : 0); } elseif ($key == 'reporter') { return "b.reporter_id = " . User::get_mantis_id_from_url($value); } elseif ($key == 'duplicate') { return "b.duplicate_id = " . Bug::get_mantis_id_from_url($value); } elseif (in_array($key, array('priority', 'severity', 'reproducibility', 'status', 'resolution', 'projection', 'eta'))) { return "b.{$key} = " . get_string_to_enum(config_get($key . "_enum_string"), $value); } elseif ($key == "project_id") { return "b.project_id = " . (int) $value; } return NULL; }
protected function _get_mantis_attr($attr_name) { if ($attr_name == 'bug_id') { return Bug::get_mantis_id_from_url($this->rsrc_data['bug']); } elseif ($attr_name == 'reporter_id') { return User::get_mantis_id_from_url($this->rsrc_data['reporter']); } elseif ($attr_name == 'view_state') { return $this->rsrc_data['private'] ? VS_PRIVATE : VS_PUBLIC; } elseif ($attr_name == 'date_submitted' || $attr_name == 'last_modified') { return date_to_sql_date($this->rsrc_data[$attr_name]); } elseif ($attr_name == 'note') { return $this->rsrc_data['text']; } elseif (in_array($attr_name, Bugnote::$mantis_attrs)) { return $this->rsrc_data[$attr_name]; } }
protected function _get_mantis_attr($attr_name) { if ($attr_name == 'reporter_id') { return User::get_mantis_id_from_url($this->rsrc_data['reporter']); } elseif ($attr_name == 'handler_id') { return $this->rsrc_data['handler'] ? User::get_mantis_id_from_url($this->rsrc_data['handler']) : 0; } elseif ($attr_name == 'duplicate_id') { return $this->rsrc_data['duplicate'] ? Bug::get_mantis_id_from_url($this->rsrc_data['duplicate']) : 0; } elseif (in_array($attr_name, array('priority', 'severity', 'reproducibility', 'status', 'resolution', 'projection', 'eta'))) { return get_string_to_enum(config_get($attr_name . "_enum_string"), $this->rsrc_data[$attr_name]); } elseif ($attr_name == 'date_submitted' || $attr_name == 'last_updated') { return date_to_timestamp($this->rsrc_data[$attr_name]); } elseif ($attr_name == 'view_state') { return $this->rsrc_data['private'] ? VS_PRIVATE : VS_PUBLIC; } elseif (in_array($attr_name, Bug::$mantis_attrs)) { return $this->rsrc_data[$attr_name]; } }
public function put($request) { /** * Updates the user. * * @param $request - The Request we're responding to */ $this->user_id = User::get_mantis_id_from_url($request->url); if (!access_has_global_level(config_get('manage_user_threshold')) && auth_get_current_user_id() != $this->user_id) { throw new HTTPException(403, "Access denied to edit user {$this->user_id}'s info"); } $this->populate_from_repr($request->body); # Do some validation on the inputs (from Mantis's user_create()) $username = db_prepare_string($this->rsrc_data['username']); $realname = db_prepare_string($this->rsrc_data['realname']); $password = db_prepare_string($this->rsrc_data['password']); $email = db_prepare_string($this->rsrc_data['email']); $access_level = db_prepare_int(get_string_to_enum(config_get('access_levels_enum_string'), $this->rsrc_data['access_level'])); $protected = db_prepare_bool($this->rsrc_data['protected']); $enabled = db_prepare_bool($this->rsrc_data['enabled']); user_ensure_name_valid($username); user_ensure_realname_valid($realname); user_ensure_realname_unique($username, $realname); email_ensure_valid($email); # The cookie string is based on email and username, so if either of those changed, # we have to change the cookie string. $user_row = user_get_row($this->user_id); $username_key = array_key_exists('username', $user_row) ? 'username' : 1; $email_key = array_key_exists('email', $user_row) ? 'email' : 3; $cookie_string_key = array_key_exists('cookie_string', $user_row) ? 'cookie_string' : 13; if ($user_row[$username_key] != $username || $user_row[$email_key] != $email) { $seed = $email . $username; $cookie_string = auth_generate_unique_cookie_string($seed); } else { $cookie_string = $user_row[$cookie_string_key]; } $password_hash = auth_process_plain_password($password); $user_table = config_get('mantis_user_table'); $query = "UPDATE {$user_table}\n\t\t\t\tSET username = '******',\n\t\t\t\t realname = '{$realname}',\n\t\t\t\t email = '{$email}',\n\t\t\t\t password = '******',\n\t\t\t\t enabled = {$enabled},\n\t\t\t\t protected = {$protected},\n\t\t\t\t access_level = {$access_level},\n\t\t\t\t cookie_string = '{$cookie_string}'\n\t\t\t\tWHERE id = {$this->user_id};"; db_query($query); $resp = new Response(); $resp->status = 204; return $resp; }