/**
* Build menu
*
* @param Menu $menu
* @param User $user
* @return array
*/
function incoming_mail_handle_on_build_menu(&$menu, &$user)
{
if (($user->isAdministrator() || $user->getSystemPermission('can_use_incoming_mail_frontend')) && ($count_pending = IncomingMails::countPending()) > 0) {
$menu->addToGroup(array(new MenuItem('incoming_mail', lang('Inbox'), assemble_url('incoming_mail'), get_image_url('icon_menu.gif', INCOMING_MAIL_MODULE), $count_pending)), 'main');
}
// if
}
/**
* Build menu
*
* @param Menu $menu
* @param User $user
* @return array
*/
function documents_handle_on_build_menu(&$menu, &$user)
{
if ($user->isAdministrator() || $user->getSystemPermission('can_use_documents')) {
$menu->addToGroup(array(new MenuItem('documents', lang('Docs'), assemble_url('documents'), get_image_url('icon.gif', DOCUMENTS_MODULE))), 'main');
}
// if
}
/**
* Handle on project options event
*
* @param NamedList $options
* @param Project $project
* @param User $user
* @return null
*/
function project_exporter_handle_on_project_options(&$options, $project, $user)
{
if ($user->isAdministrator() || $user->isProjectLeader($project) || $user->isProjectManager()) {
$options->add('export_project', array('url' => assemble_url('project_exporter', array('project_id' => $project->getId())), 'text' => lang('Export Project')));
}
//
}
/**
* Shows a particular model.
*/
public function actionShow()
{
if (!User::isClient() && !User::isManager() && !User::isAdministrator()) {
// not enough rights
MUserFlash::setTopError(Yii::t('hint', 'We are sorry, but you don\'t have enough rights to browse company payments.'));
$this->redirect($this->getGotoUrl());
}
$with = array('company');
/*if(User::isClient())
$with[]='company.allUser2Company';*/
$model = $this->loadModel(array('with' => $with));
// may member view this record?
if (User::isClient()) {
/*$allOwner=array();
if(isset($model->company->allUser2Company))
{
foreach($model->company->allUser2Company as $user2Company)
{
if($user2Company->position===Company::OWNER)
$allOwner[]=$user2Company->userId;
}
}
if(!in_array(Yii::app()->user->id,$allOwner))*/
if (!isset($model->company->id) || !$model->company->isOwner()) {
MUserFlash::setTopError(Yii::t('hint', 'We are sorry, but you don\'t have enough rights to view the company payment record number {id}.', array('{id}' => MHtml::wrapInTag($model->id, 'strong'))));
$this->redirect($this->getGotoUrl());
}
}
// render the view file
$this->render($this->action->id, array('model' => $model));
}
/**
* Add options to main menu
*
* @param Menu $menu
* @param User $user
* @return null
*/
function timetracking_handle_on_build_menu(&$menu, &$user)
{
if ($user->isAdministrator() || $user->getSystemPermission('use_time_reports')) {
$menu->addToGroup(array(new MenuItem('time', lang('Time'), 'https://www.healingcrystals.com/admin/timeSheets.php', get_image_url('navigation/time.gif'))), 'main');
}
// if
}
/**
* Add sidebars to project overview page
*
* @param array $sidebars
* @param Project $project
* @param User $user
* @return null
*/
function system_handle_on_project_overview_sidebars(&$sidebars, &$project, &$user)
{
// only project leader, system administrators and project manages can see last activity
$can_see_last_activity = $user->isProjectLeader($project) || $user->isAdministrator() || $user->isProjectManager();
$project_users = $project->getUsers();
if (is_foreachable($project_users)) {
$smarty =& Smarty::instance();
require_once SYSTEM_MODULE_PATH . '/helpers/function.user_link.php';
require_once SMARTY_PATH . '/plugins/modifier.ago.php';
$output = '';
$sorted_users = Users::groupByCompany($project_users);
foreach ($sorted_users as $sorted_user) {
$company = $sorted_user['company'];
$users = $sorted_user['users'];
if (is_foreachable($users)) {
$output .= '<h3><a href="' . $company->getViewUrl() . '">' . clean($company->getName()) . '</a></h3>';
$output .= '<ul class="company_users">';
foreach ($users as $current_user) {
$last_seen = '';
if ($can_see_last_activity && $user->getId() != $current_user->getId()) {
$last_seen = smarty_modifier_ago($current_user->getLastActivityOn());
}
// if
$output .= '<li><span class="icon_holder"><img src="' . $current_user->getAvatarUrl() . '" /></span> ' . smarty_function_user_link(array('user' => $current_user), $smarty) . ' ' . $last_seen . '</li>';
}
// foreach
$output .= '</ul>';
}
// if
}
// foreach
$sidebars[] = array('label' => lang('People on This Project'), 'is_important' => false, 'id' => 'project_people', 'body' => $output);
}
// if
}
/**
* Build menu
*
* @param Menu $menu
* @param User $user
* @return array
*/
function status_handle_on_build_menu(&$menu, &$user)
{
if ($user->isAdministrator() || $user->getSystemPermission('can_use_status_updates')) {
$last_visit = UserConfigOptions::getValue('status_update_last_visited', $user);
$menu->addToGroup(array(new MenuItem('status', lang('Status'), assemble_url('status_updates'), get_image_url('icon_menu.gif', STATUS_MODULE), StatusUpdates::countNewMessagesForUser($user, $last_visit))), 'main');
}
// if
}
/**
* Handle on inline tabs event
*
* @param NamedList $tabs
* @param ApplicationObject $object
* @param User $logged_user
* @param string $interface
* @return null
*/
function ac_gitolite_handle_on_inline_tabs(&$tabs, &$object, &$logged_user, $interface)
{
if ($object instanceof User) {
if ($object->getId() == $logged_user->getId() || $logged_user->isAdministrator() || $logged_user->isPeopleManager()) {
$tabs->add('view_keys', array('title' => lang('Public Keys'), 'url' => Router::assemble('get_public_keys', array('company_id' => $object->getCompanyId(), 'user_id' => $object->getId()))));
}
}
// if User
}
/**
* System module on_project_object_quick_options event handler
*
* @package activeCollab.modules.system
* @subpackage handlers
* @param NamedList $options
* @param ProjectObject $object
* @param User $user
* @return null
*/
function system_handle_on_project_object_quick_options(&$options, $object, $user)
{
/**
* Add a quick option which links to the list of commits related to the object
*/
if (instance_of($object, 'ProjectObject') && $object->getState() == STATE_DELETED && ($user->isAdministrator() || $user->getSystemPermission('manage_trash'))) {
$options->add('project_object_delete', array('text' => lang('Permanently delete'), 'url' => assemble_url('project_object_delete', array('project_id' => $object->getProjectId(), 'object_id' => $object->getId())), 'method' => 'post', 'confirm' => lang('Are you sure that you wish to permanently remove this :type?', array('type' => $object->getVerboseType(true)))));
}
// if
}
/**
* Check if specific user can delete this list
*
* @param User $user
* @return boolean
*/
function canDelete(User $user)
{
if ($user->isAdministrator()) {
return true;
// user is administrator or root
}
// if
return false;
// no no
}
public function post_login()
{
$input = Input::all();
$rules = array('username' => 'required|exists:tusuarios,username', 'password' => 'required');
$validator = Validator::make($input, $rules);
if ($validator->fails()) {
return Redirect::back()->withErrors($validator);
} else {
$username = Input::get('username');
$password = Input::get('password');
if ($user = User::where('username', '=', $username)->first()) {
if (Hash::check($password, $user->password)) {
Session::put('user_id', $user->idUsuario);
Session::put('user_username', $user->username);
Session::put('user_type', $user->tipo);
Session::put('user_estado', $user->estado);
if (Session::get('user_estado') == 'activo') {
if (User::isAdministrator()) {
Session::put('user_name', $user->username);
return Redirect::to('/');
} else {
if (User::isOrganizingCommittee()) {
Session::put('user_name', $user->DataComision[0]->nombre);
Session::put('user_idcom_orgdor', $user->DataComision[0]->codCom_Org);
return Redirect::to('comision/index.html');
} else {
if (User::isEquipo()) {
Session::put('user_name', $user->DataEquipo[0]->nombre);
Session::put('user_codequipo', $user->DataEquipo[0]->codEquipo);
return Redirect::to('equipo/index.html');
} else {
Session::flush();
$error = ['wilson' => 'tipo de usuario invalido'];
return Redirect::back()->withInput()->withErrors($error);
}
}
}
} else {
Session::flush();
$error = ['wilson' => 'Este usuario esta desactivado'];
return Redirect::back()->withInput()->withErrors($error);
}
} else {
//return Redirect::to('/login');
$error = ['wilson' => 'Contraseña incorrecta'];
return Redirect::back()->withInput()->withErrors($error);
}
} else {
$error = ['wilson' => 'este usuario no existe'];
return Redirect::back()->withInput()->withErrors($error);
//return Redirect::to('/login');
}
}
}
/**
* Return categories that have documents $user can see
*
* Only if $user is administrator or can see private objects all categories
* are returned
*
* @param User $user
* @return array
*/
function findAll($user)
{
if ($user->isAdministrator() || $user->canSeePrivate()) {
return DocumentCategories::find(array('order' => 'name'));
} else {
$document_categories_table = TABLE_PREFIX . 'document_categories';
$documents_table = TABLE_PREFIX . 'documents';
return DocumentCategories::findBySQL("SELECT DISTINCT {$document_categories_table}.* FROM {$document_categories_table}, {$documents_table} WHERE {$document_categories_table}.id = {$documents_table}.category_id AND {$documents_table}.visibility >= ? ORDER BY {$document_categories_table}.name", array(VISIBILITY_NORMAL));
}
// if
}
/**
* Does user have view access
*
* @param void
* @return boolean
*/
function canView(User $user)
{
if ($user->isAdministrator() || $user->isMemberOfOwnerCompany()) {
return true;
}
// if
if ($user->isProjectUser($this->getProject())) {
return true;
}
// if
return false;
}
/**
* Does user have view access
*
* @param void
* @return boolean
*/
function canView(User $user)
{
if ($user->isAdministrator() || $user->isMemberOfOwnerCompany()) {
return true;
}
// if
if ($user->getId() == $this->getEditor()) {
return true;
}
// if
return false;
}
/**
* This function will render system notices for this user
*
* @param User $user
* @return string
*/
function render_system_notices(User $user)
{
if (!$user->isAdministrator()) {
return;
}
$system_notices = array();
if (config_option('upgrade_check_enabled', false) && config_option('upgrade_last_check_new_version', false)) {
$system_notices[] = lang('new version available', get_url('administration', 'upgrade'));
}
if (count($system_notices)) {
tpl_assign('_system_notices', $system_notices);
return tpl_fetch(get_template_path('system_notices', 'application'));
}
// if
}
/**
* Return all groups ordered by name
*
* This function will return only groups visible to given user
*
* If $return_all is set to true all groups will be loaded and returned.
* This is used in situations where we need all of them regardels of user
* previous assignments (like select project group helper)
*
* @param User $user
* @param boolean $return_all
* @return array
*/
function findAll($user, $return_all = false)
{
if ($return_all || $user->isAdministrator() || $user->isProjectManager()) {
return ProjectGroups::find(array('order' => 'name'));
}
// if
$project_ids = Projects::findProjectIdsByUser($user);
if (is_foreachable($project_ids)) {
$projects_table = TABLE_PREFIX . 'projects';
$project_groups_table = TABLE_PREFIX . 'project_groups';
return ProjectGroups::findBySQL("SELECT DISTINCT {$project_groups_table}.* FROM {$projects_table}, {$project_groups_table} WHERE {$project_groups_table}.id = {$projects_table}.group_id AND {$projects_table}.id IN (?) ORDER BY {$project_groups_table}.name", array($project_ids));
} else {
return null;
}
// if
}
/**
* Update user's company and role information
*
* @param void
* @return null
*/
function edit_company_and_role()
{
$this->wireframe->print_button = false;
if ($this->active_user->isNew()) {
$this->httpError(HTTP_ERR_NOT_FOUND);
}
// if
if (!$this->active_user->canChangeRole($this->logged_user)) {
$this->httpError(HTTP_ERR_FORBIDDEN);
}
// if
$last_administrator = $this->active_user->isAdministrator() && Users::countAdministrators() <= 1;
if ($last_administrator) {
$this->wireframe->addPageMessage(lang('This user is the last adminstrator on the system. His role cannot be changed'));
}
// if
$user_data = $this->request->post('user');
if (!is_array($user_data)) {
$user_data = array('company_id' => $this->active_user->getCompanyId(), 'role_id' => $this->active_user->getRoleId());
}
// if
$this->smarty->assign(array('user_data' => $user_data, 'last_administrator' => $last_administrator));
if ($this->request->isSubmitted()) {
db_begin_work();
$this->active_user->setAttributes($user_data);
$save = $this->active_user->save();
if ($save && !is_error($save)) {
db_commit();
flash_success(":display's company and role information has been updated", array('display' => $this->active_user->getDisplayName()));
$this->redirectToUrl($this->active_user->getViewUrl());
} else {
db_rollback();
$this->smarty->assign('errors', $save);
}
// if
}
// if
}
/**
* Can the user delete this page
*
* @param mixed User object
* @return (bool)
*/
function canDelete(User $user)
{
//Only admins can delete a page
return $user->isAdministrator();
}
/**
* Check if specific user can delete this messages
*
* @access public
* @param User $user
* @return boolean
*/
function canDelete(User $user)
{
if (!$user->isProjectUser($this->getProject())) {
return false;
}
// user is on project
if ($user->isAdministrator()) {
return true;
}
// user is administrator or root
return false;
// no no
}
/**
* Check if this user can update this users permissions
*
* @param User $user
* @return boolean
*/
function canUpdatePermissions(User $user) {
if ($this->isAccountOwner()) {
return false; // noone will touch this
} // if
return $user->isAdministrator();
} // canUpdatePermissions
/**
* Check if this user can remove other user from project
*
* @access public
* @param User $user
* @param User $remove_user User that need to be removed
* @return boolean
*/
function canRemoveUserFromProject(User $user, User $remove_user)
{
if ($remove_user->isAccountOwner()) {
return false;
}
return $user->isAccountOwner() || $user->isAdministrator();
}
/**
* Constructor
*
* @param Request $request
* @return ApplicationController
*/
function __construct($request)
{
parent::__construct($request);
// Set detault layout for application pages
$this->setLayout(array('module' => SYSTEM_MODULE, 'layout' => 'wireframe'));
// Get Smarty instance... We need it
$this->smarty =& Smarty::instance();
// Load and init owner company
$this->owner_company = get_owner_company();
if (instance_of($this->owner_company, 'Company')) {
cache_set('owner_company', $this->owner_company);
} else {
$this->httpError(HTTP_ERR_NOT_FOUND, 'Owner company is not defined');
}
// if
$this->application =& application();
$this->authentication =& Authentication::instance();
$this->logged_user =& $this->authentication->provider->getUser();
$this->wireframe =& Wireframe::instance();
$this->wireframe->page_company = $this->owner_company;
$this->theme_name = instance_of($this->logged_user, 'User') ? UserConfigOptions::getValue('theme', $this->logged_user) : ConfigOptions::getValue('theme');
$this->smarty->assign(array('root_url' => ROOT_URL, 'assets_url' => ASSETS_URL));
// Maintenance mode
if (ConfigOptions::getValue('maintenance_enabled')) {
if (instance_of($this->logged_user, 'User') && $this->logged_user->isAdministrator()) {
$this->wireframe->addPageMessage(lang('System is in maintenance mode and can be used by administrators only. <a href=":url">Click here</a> to turn off maintenance mode', array('url' => assemble_url('admin_settings_maintenance'))), 'warning');
} else {
$additional_error_info = ConfigOptions::getValue('maintenance_message');
if ($additional_error_info) {
$additional_error_info .= "\n\n";
}
// if
$additional_error_info .= lang('When system is in maintenance mode, administrators can log in and access the system') . ": " . assemble_url('login');
$this->smarty->assign('additional_error_info', $additional_error_info);
if ($this->restrict_access_in_maintenance_mode) {
$this->httpError(503);
}
// if
}
// if
}
// if
// Check permissions
if ($this->login_required && !instance_of($this->logged_user, 'User')) {
// If async don't redirect to loging, just server proper HTTP code
if ($this->request->isAsyncCall()) {
$this->httpError(HTTP_ERR_UNAUTHORIZED, null, true, true);
// Not async? Redirect to login with extracted route data...
} else {
$params = array();
if ($request->matched_route != 'login') {
$params['re_route'] = $request->matched_route;
foreach ($this->request->url_params as $k => $v) {
if ($k == 'module' || $k == 'controller' || $k == 'action') {
continue;
}
// if
$params["re_{$k}"] = $v;
}
// foreach
}
// if
$this->redirectTo($this->login_route, $params);
}
// if
}
// if
if (instance_of($this->logged_user, 'User') && !$this->logged_user->getSystemPermission('system_access')) {
$this->authentication->provider->logUserOut();
$this->httpError(HTTP_ERR_FORBIDDEN);
}
// if
$loaded_modules = $this->application->getModules();
$assets_query_string = 'v=' . $this->application->version . '&modules=';
foreach ($loaded_modules as $loaded_module) {
$assets_query_string .= $loaded_module->getName() . ',';
}
// foreach
$this->smarty->assign(array('api_status' => API_STATUS, 'application' => $this->application, 'owner_company' => $this->owner_company, 'authentication' => $this->authentication, 'logged_user' => $this->logged_user, 'request' => $this->request, 'theme_name' => $this->theme_name, 'request_time' => $this->request_time, 'loaded_modules' => $this->application->getModules(), 'captcha_url' => ROOT_URL . '/captcha.php?id=' . md5(time()), 'assets_query_string' => $assets_query_string, 'js_disabled_url' => assemble_url('js_disabled')));
$this->smarty->assign_by_ref('wireframe', $this->wireframe);
js_assign(array('homepage_url' => ROOT_URL, 'assets_url' => ASSETS_URL, 'indicator_url' => get_image_url('indicator.gif'), 'big_indicator_url' => get_image_url('indicator_big.gif'), 'ok_indicator_url' => get_image_url('ok_indicator.gif'), 'warning_indicator_url' => get_image_url('warning_indicator.gif'), 'error_indicator_url' => get_image_url('error_indicator.gif'), 'pending_indicator_url' => get_image_url('pending_indicator.gif'), 'url_base' => URL_BASE, 'keep_alive_interval' => KEEP_ALIVE_INTERVAL, 'refresh_session_url' => assemble_url('refresh_session'), 'jump_to_project_url' => assemble_url('jump_to_project_widget'), 'quick_add_url' => assemble_url('quick_add'), 'path_info_through_query_string' => PATH_INFO_THROUGH_QUERY_STRING, 'image_picker_url' => assemble_url('image_picker'), 'copyright_removed' => LICENSE_COPYRIGHT_REMOVED, 'custom_tabs_manager' => assemble_url('custom_tabs_manager'), 'add_milestone_url' => assemble_url('project_milestones_add', array('project_id' => '--PROJECT_ID--')), 'add_checklist_url' => assemble_url('project_checklists_add', array('project_id' => '--PROJECT_ID--')), 'add_discussion_url' => assemble_url('project_discussions_add', array('project_id' => '--PROJECT_ID--')), 'add_file_url' => assemble_url('project_files_upload', array('project_id' => '--PROJECT_ID--')), 'add_page_url' => assemble_url('project_pages_add', array('project_id' => '--PROJECT_ID--')), 'add_ticket_url' => assemble_url('project_tickets_add', array('project_id' => '--PROJECT_ID--')), 'add_timerecord_url' => assemble_url('project_time_add', array('project_id' => '--PROJECT_ID--')), 'attachment_rename_url' => assemble_url('attachment_rename', array('project_id' => '--PROJECT_ID--', 'attachment_id' => '--ATTACHMENT_ID--')), 'attachment_copy_to_url' => assemble_url('attachment_copy_to', array('project_id' => '--PROJECT_ID--', 'attachment_id' => '--ATTACHMENT_ID--')), 'attachment_move_to_url' => assemble_url('attachment_move_to', array('project_id' => '--PROJECT_ID--', 'attachment_id' => '--ATTACHMENT_ID--')), 'image_uploader_url' => assemble_url('image_uploader'), 'render_comments_url' => assemble_url('render_comments'), 'move_task_url' => assemble_url('project_task_move', array('project_id' => '--PROJECT_ID--', 'task_id' => '--TASK_ID--')), 'get_collection_url' => assemble_url('collection'), 'quick_task_reminder_url' => assemble_url('project_task_quickreminder', array('project_id' => '--PROJECT_ID--', 'task_id' => '--TASK_ID--')), 'convert_to_ticket_url' => assemble_url('project_object_convert_to_ticket', array('project_id' => '--PROJECT_ID--', 'object_id' => '--OBJECT_ID--')), 'convert_to_milestone_url' => assemble_url('project_object_convert_to_milestone', array('project_id' => '--PROJECT_ID--', 'object_id' => '--OBJECT_ID--')), 'convert_to_page_url' => assemble_url('project_object_convert_to_page', array('project_id' => '--PROJECT_ID--', 'object_id' => '--OBJECT_ID--')), 'snooze_task_url' => assemble_url('project_task_snooze', array('project_id' => '--PROJECT_ID--', 'task_id' => '--TASK_ID--'))));
if ($this->logged_user) {
$link = mysql_connect(DB_HOST, DB_USER, DB_PASS);
mysql_select_db(DB_NAME);
if (!empty($_SESSION['pg_ttl'])) {
mysql_query("update healingcrystals_user_visited_pages set title='" . mysql_real_escape_string($_SESSION['pg_ttl']) . "' where user_id='" . $this->logged_user->getId() . "' and access_time='" . date('Y-m-d H:i:s', $_SESSION['temp_time']) . "'");
}
$current_url = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$pos = strpos($_SERVER['QUERY_STRING'], '%2F');
if ($pos !== false) {
$max_pages_count_per_user = 50;
//require_once SMARTY_PATH . '/plugins/function.page_title.php';
//$current_page_title = smarty_function_page_title(array('default' => 'Projects'));
//$current_page_title = PageConstruction::getPageTitle();
$_SESSION['temp_time'] = time();
mysql_query("insert into healingcrystals_user_visited_pages (user_id, page_url, title, access_time) values ('" . $this->logged_user->getId() . "', '" . $current_url . "', '', '" . date('Y-m-d H:i:s', $_SESSION['temp_time']) . "')");
//mysql_query("insert into healingcrystals_user_visited_pages (user_id, page_url, title, access_time) values ('" . $this->logged_user->getId() . "', '" . $current_url . "', '', now())");
$query = "select count(*) as count from healingcrystals_user_visited_pages where user_id='" . $this->logged_user->getId() . "'";
$result = mysql_query($query);
$info = mysql_fetch_assoc($result);
$current_count = $info['count'];
if ($current_count > $max_pages_count_per_user) {
$querries = array();
$query = "select * from healingcrystals_user_visited_pages where user_id='" . $this->logged_user->getId() . "' order by access_time limit 0, " . ($current_count - $max_pages_count_per_user);
$result = mysql_query($query);
while ($info = mysql_fetch_assoc($result)) {
$querries[] = "delete from healingcrystals_user_visited_pages where user_id='" . $this->logged_user->getId() . "' and page_url='" . $info['page_url'] . "' and access_time='" . $info['access_time'] . "'";
}
}
foreach ($querries as $query) {
mysql_query($query);
}
}
$_SESSION['pg_ttl'] = '';
mysql_close($link);
}
}
/**
* Empty implementation of static method. Update tag permissions are check by the taggable
* object, not tag itself
*
* @param User $user
* @return boolean
*/
function canDelete(User $user)
{
$project = $this->getProject();
if (!$project instanceof Project || !$user->isProjectUser($this->getProject())) {
return false;
}
// if
$object = $this->getObject();
if ($object instanceof ProjectDataObject) {
return $user->isAdministrator();
}
// if
return false;
}
/**
* Return true if $user can delete this group
*
* @param User $user
* @return boolean
*/
function canDelete($user)
{
return ($user->isProjectManager() || $user->isAdministrator()) && $this->getProjectsCount() == 0 && ProjectGroups::count() > 1;
}
/**
* Paginate trashed objects
*
* @param User $user
* @param integer $page
* @param integer $per_page
* @return null
*/
function paginateTrashed($user, $page = 1, $per_page = 30)
{
if ($user->isAdministrator() || $user->isProjectManager()) {
return ProjectObjects::paginate(array('conditions' => array("state = ? AND visibility >= ?", STATE_DELETED, $user->getVisibility()), 'order' => 'updated_on'), $page, $per_page);
} else {
$type_filter = ProjectUsers::getVisibleTypesFilter($user, array(PROJECT_STATUS_ACTIVE, PROJECT_STATUS_PAUSED, PROJECT_STATUS_CANCELED, PROJECT_STATUS_COMPLETED));
if ($type_filter) {
return ProjectObjects::paginate(array('conditions' => array($type_filter . ' AND state = ? AND visibility >= ?', STATE_DELETED, $user->getVisibility()), 'order' => 'updated_on'), $page, $per_page);
} else {
return array(null, new Pager(1, 0, $per_page));
}
// if
}
// if
}
/**
* Returns true if $user can change this users permissions on a $project
*
* @param User $user
* @param Project $project
* @return boolean
*/
function canChangeProjectPermissions($user, $project)
{
if ($user->isProjectLeader($project) || $user->isProjectManager() || $user->isAdministrator()) {
return false;
}
// if
return $this->isProjectLeader($project) || $this->isPeopleManager() || $this->isAdministrator();
}
/**
* Check if user can update permissions of this company
*
* @param User $user
* @return boolean
*/
function canUpdatePermissions(User $user)
{
if ($this->isOwner()) {
return false;
// owner company!
}
// if
return $user->isAdministrator();
}
/**
* Return project ID => project name map for a given user
*
* If $all_for_admins_and_pms is set to true system will return all projects
* if user is administrator or project manager
*
* @param User $user
* @param array $statuses
* @param array $exclude_ids
* @param boolean $all_for_admins_and_pms
* @return null
*/
function findNamesByUser($user, $statuses = null, $exclude_ids = null, $all_for_admins_and_pms = false)
{
$projects_table = TABLE_PREFIX . 'projects';
$project_users_table = TABLE_PREFIX . 'project_users';
$exclude_filter = null;
if (is_foreachable($exclude_ids)) {
$exclude_filter = " AND {$projects_table}.id NOT IN (" . implode(', ', $exclude_ids) . ") ";
}
// if
if ($all_for_admins_and_pms && ($user->isAdministrator() || $user->isProjectManager())) {
if ($statuses) {
$rows = db_execute_all("SELECT {$projects_table}.id, {$projects_table}.name FROM {$projects_table} WHERE {$projects_table}.type = ? AND {$projects_table}.status IN (?) {$exclude_filter} ORDER BY {$projects_table}.name", PROJECT_TYPE_NORMAL, $statuses);
} else {
$rows = db_execute_all("SELECT {$projects_table}.id, {$projects_table}.name FROM {$projects_table} WHERE {$projects_table}.type = ? {$exclude_filter} ORDER BY {$projects_table}.name", PROJECT_TYPE_NORMAL);
}
// if
} else {
if ($statuses) {
$rows = db_execute_all("SELECT {$projects_table}.id, {$projects_table}.name FROM {$projects_table}, {$project_users_table} WHERE {$project_users_table}.user_id = ? AND {$project_users_table}.project_id = {$projects_table}.id AND {$projects_table}.type = ? AND {$projects_table}.status IN (?) {$exclude_filter} ORDER BY {$projects_table}.name", $user->getId(), PROJECT_TYPE_NORMAL, $statuses);
} else {
$rows = db_execute_all("SELECT {$projects_table}.id, {$projects_table}.name FROM {$projects_table}, {$project_users_table} WHERE {$project_users_table}.user_id = ? AND {$project_users_table}.project_id = {$projects_table}.id AND {$projects_table}.type = ? {$exclude_filter} ORDER BY {$projects_table}.name", $user->getId(), PROJECT_TYPE_NORMAL);
}
// if
}
// if
$result = array();
if (is_foreachable($rows)) {
foreach ($rows as $row) {
$result[(int) $row['id']] = $row['name'];
}
// foreach
}
// if
return $result;
}
/**
* Can change status of this milestone (completed / open)
*
* @access public
* @param User $user
* @return boolean
*/
function canChangeStatus(User $user)
{
if ($user->getProjectPermission($this->getProject(), PermissionManager::CAN_CHANGE_STATUS_MILESTONES)) {
return true;
}
if ($this->getCreatedById() == $user->getId()) {
return true;
}
if ($user->isAdministrator()) {
return true;
}
// Additional check - is this milestone assigned to this user or its company
if ($this->getAssignedTo() instanceof User) {
if ($user->getId() == $this->getAssignedTo()->getObjectId()) {
return true;
}
} elseif ($this->getAssignedTo() instanceof Company) {
if ($user->getCompanyId() == $this->getAssignedTo()->getObjectId()) {
return true;
}
}
// if
return false;
}
/**
* Can the user unlock this page
*
* @param User $user
* @return boolean
*/
function canUnlock(User $user)
{
// Only admins can unlock a page
return $user->isAdministrator();
}
