public static function canExportData($usr_id)
{
$prj_id = Auth::getCurrentProject();
if (User::isPartner($usr_id)) {
$partner = Partner::canUserAccessFeature($usr_id, 'reports');
if (is_bool($partner)) {
return $partner;
}
}
return true;
}
/**
* Checks whether the given email address is allowed to send emails in the
* issue ID.
*
* @param integer $issue_id The issue ID
* @param string $sender_email The email address
* @return boolean
*/
public static function isAllowedToEmail($issue_id, $sender_email)
{
$prj_id = Issue::getProjectID($issue_id);
// check the workflow
$workflow_can_email = Workflow::canEmailIssue($prj_id, $issue_id, $sender_email);
if ($workflow_can_email != null) {
return $workflow_can_email;
}
$is_allowed = true;
$sender_usr_id = User::getUserIDByEmail($sender_email, true);
if (empty($sender_usr_id)) {
if (CRM::hasCustomerIntegration($prj_id)) {
// check for a customer contact with several email addresses
$crm = CRM::getInstance($prj_id);
try {
$contract = $crm->getContract(Issue::getContractID($issue_id));
$contact_emails = array_keys($contract->getContactEmailAssocList());
$contact_emails = array_map(function ($s) {
return strtolower($s);
}, $contact_emails);
} catch (CRMException $e) {
$contact_emails = array();
}
if (!in_array(strtolower($sender_email), $contact_emails) && !Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email)) {
$is_allowed = false;
}
} else {
if (!Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email)) {
$is_allowed = false;
}
}
} else {
// check if this user is not a customer and
// also not in the assignment list for the current issue and
// also not in the authorized repliers list
// also not the reporter
$details = Issue::getDetails($issue_id);
if ($sender_usr_id == $details['iss_usr_id']) {
$is_allowed = true;
} elseif (User::isPartner($sender_usr_id) && in_array(User::getPartnerID($sender_usr_id), Partner::getPartnerCodesByIssue($issue_id))) {
$is_allowed = true;
} elseif (!Issue::canAccess($issue_id, $sender_usr_id) && !Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email)) {
$is_allowed = false;
} elseif (!Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email) && !Issue::isAssignedToUser($issue_id, $sender_usr_id) && User::getRoleByUser($sender_usr_id, Issue::getProjectID($issue_id)) != User::getRoleID('Customer')) {
$is_allowed = false;
}
}
return $is_allowed;
}
/**
* Method used to send email notifications for a given issue.
*
* @param integer $issue_id The issue ID
* @param string $type The notification type
* @param int $entry_id The entries id that was changed
* @param bool $internal_only Whether the notification should only be sent to internal users or not
* @param array $extra_recipients
* @return bool
*/
public static function notify($issue_id, $type, $entry_id = null, $internal_only = false, $extra_recipients = null)
{
$prj_id = Issue::getProjectID($issue_id);
$extra = array();
if ($extra_recipients) {
foreach ($extra_recipients as $user) {
$extra[] = array('sub_usr_id' => $user, 'sub_email' => '');
}
}
$emails = array();
$users = self::getUsersByIssue($issue_id, $type);
if ($extra_recipients && count($extra) > 0) {
$users = array_merge($users, $extra);
}
$user_emails = Project::getUserEmailAssocList(Issue::getProjectID($issue_id), 'active', User::ROLE_CUSTOMER);
$user_emails = Misc::lowercase($user_emails);
foreach ($users as $user) {
if (empty($user['sub_usr_id'])) {
if ($internal_only == false || in_array(strtolower($user['sub_email']), array_values($user_emails))) {
$email = $user['sub_email'];
}
} else {
$prefs = Prefs::get($user['sub_usr_id']);
if (Auth::getUserID() == $user['sub_usr_id'] && (empty($prefs['receive_copy_of_own_action'][$prj_id]) || $prefs['receive_copy_of_own_action'][$prj_id] == false)) {
continue;
}
// if we are only supposed to send email to internal users, check if the role is lower than standard user
if ($internal_only == true && User::getRoleByUser($user['sub_usr_id'], Issue::getProjectID($issue_id)) < User::ROLE_USER) {
continue;
}
if ($type == 'notes' && User::isPartner($user['sub_usr_id']) && !Partner::canUserAccessIssueSection($user['sub_usr_id'], 'notes')) {
continue;
}
$email = User::getFromHeader($user['sub_usr_id']);
}
// now add it to the list of emails
if (!empty($email) && !in_array($email, $emails)) {
$emails[] = $email;
}
}
// prevent the primary customer contact from receiving two emails about the issue being closed
if ($type == 'closed') {
if (CRM::hasCustomerIntegration($prj_id)) {
$crm = CRM::getInstance($prj_id);
$stmt = 'SELECT
iss_customer_contact_id
FROM
{{%issue}}
WHERE
iss_id=?';
$customer_contact_id = DB_Helper::getInstance()->getOne($stmt, array($issue_id));
if (!empty($customer_contact_id)) {
try {
$contact = $crm->getContact($customer_contact_id);
$contact_email = $contact->getEmail();
} catch (CRMException $e) {
$contact_email = '';
}
foreach ($emails as $i => $email) {
$email = Mail_Helper::getEmailAddress($email);
if ($email == $contact_email) {
unset($emails[$i]);
$emails = array_values($emails);
break;
}
}
}
}
}
if (!$emails) {
return null;
}
$headers = false;
switch ($type) {
case 'closed':
$data = Issue::getDetails($issue_id);
$data['closer_name'] = User::getFullName(History::getIssueCloser($issue_id));
$subject = ev_gettext('Closed');
if ($entry_id) {
$data['reason'] = Support::getEmail($entry_id);
}
break;
case 'updated':
// this should not be used anymore
return false;
case 'notes':
$data = self::getNote($issue_id, $entry_id);
$headers = array('Message-ID' => $data['note']['not_message_id']);
if (@$data['note']['reference_msg_id'] != false) {
$headers['In-Reply-To'] = $data['note']['reference_msg_id'];
} else {
$headers['In-Reply-To'] = Issue::getRootMessageID($issue_id);
}
$headers['References'] = Mail_Helper::fold(implode(' ', Mail_Helper::getReferences($issue_id, @$data['note']['reference_msg_id'], 'note')));
$subject = 'Note';
break;
case 'emails':
// this should not be used anymore
return false;
case 'files':
$data = self::getAttachment($issue_id, $entry_id);
$subject = 'File Attached';
break;
}
// FIXME: $data and $subject might be used uninitialized
self::notifySubscribers($issue_id, $emails, $type, $data, $subject, $internal_only, $entry_id, $headers);
}
// | |
// | Free Software Foundation, Inc. |
// | 51 Franklin Street, Suite 330 |
// | Boston, MA 02110-1301, USA. |
// +----------------------------------------------------------------------+
// | Authors: João Prado Maia <*****@*****.**> |
// +----------------------------------------------------------------------+
require_once dirname(__FILE__) . '/../init.php';
$tpl = new Template_Helper();
$tpl->setTemplate('main.tpl.html');
Auth::checkAuthentication(APP_COOKIE);
$prj_id = Auth::getCurrentProject();
$role_id = Auth::getCurrentRole();
$usr_id = Auth::getUserID();
// redirect partners to list.php instead of sanitizing this page
if (User::isPartner($usr_id)) {
Auth::redirect('list.php');
}
if (isset($_REQUEST['hide_closed'])) {
Auth::setCookie(APP_HIDE_CLOSED_STATS_COOKIE, $_REQUEST['hide_closed'], time() + Date_Helper::YEAR);
$_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE] = $_REQUEST['hide_closed'];
}
if (isset($_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE])) {
$hide_closed = $_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE];
} else {
$hide_closed = 0;
}
$tpl->assign('hide_closed', $hide_closed);
if ($role_id == User::getRoleID('customer')) {
$crm = CRM::getInstance($prj_id);
// need the activity dashboard here
/**
* Routes a note to the correct issue
*
* @param string $full_message The full note
* @return mixed true or array(ERROR_CODE, ERROR_STRING) in case of failure
*/
public static function route_notes($full_message)
{
// save the full message for logging purposes
Note::saveRoutedNote($full_message);
// join the Content-Type line (for easier parsing?)
if (preg_match('/^boundary=/m', $full_message)) {
$pattern = "#(Content-Type: multipart/.+); ?\r?\n(boundary=.*)\$#im";
$replacement = '$1; $2';
$full_message = preg_replace($pattern, $replacement, $full_message);
}
list($headers) = Mime_Helper::splitHeaderBody($full_message);
// need some validation here
if (empty($full_message)) {
return array(self::EX_NOINPUT, ev_gettext('Error: The email message was empty.') . "\n");
}
// remove the reply-to: header
if (preg_match('/^reply-to:.*/im', $full_message)) {
$full_message = preg_replace("/^(reply-to:).*\n/im", '', $full_message, 1);
}
// check if the email routing interface is even supposed to be enabled
$setup = Setup::get();
if ($setup['note_routing']['status'] != 'enabled') {
return array(self::EX_CONFIG, ev_gettext('Error: The internal note routing interface is disabled.') . "\n");
}
if (empty($setup['note_routing']['address_prefix'])) {
return array(self::EX_CONFIG, ev_gettext('Error: Please configure the email address prefix.') . "\n");
}
if (empty($setup['note_routing']['address_host'])) {
return array(self::EX_CONFIG, ev_gettext('Error: Please configure the email address domain.') . "\n");
}
$structure = Mime_Helper::decode($full_message, true, true);
// find which issue ID this email refers to
if (isset($structure->headers['to'])) {
$issue_id = self::getMatchingIssueIDs($structure->headers['to'], 'note');
}
// validation is always a good idea
if (empty($issue_id) and isset($structure->headers['cc'])) {
// we need to try the Cc header as well
$issue_id = self::getMatchingIssueIDs($structure->headers['cc'], 'note');
}
if (empty($issue_id)) {
return array(self::EX_DATAERR, ev_gettext('Error: The routed note had no associated Eventum issue ID or had an invalid recipient address.') . "\n");
}
$prj_id = Issue::getProjectID($issue_id);
// check if the sender is allowed in this issue' project and if it is an internal user
$sender_email = strtolower(Mail_Helper::getEmailAddress($structure->headers['from']));
$sender_usr_id = User::getUserIDByEmail($sender_email, true);
if ((empty($sender_usr_id) || User::getRoleByUser($sender_usr_id, $prj_id) < User::ROLE_USER || User::isPartner($sender_usr_id) && !Access::canViewInternalNotes($issue_id, $sender_usr_id)) && !Workflow::canSendNote($prj_id, $issue_id, $sender_email, $structure)) {
return array(self::EX_NOPERM, ev_gettext("Error: The sender of this email is not allowed in the project associated with issue #{$issue_id}.") . "\n");
}
if (empty($sender_usr_id)) {
$sender_usr_id = APP_SYSTEM_USER_ID;
$unknown_user = $structure->headers['from'];
} else {
$unknown_user = false;
}
AuthCookie::setAuthCookie($sender_usr_id);
AuthCookie::setProjectCookie($prj_id);
// parse the Cc: list, if any, and add these internal users to the issue notification list
$addresses = array();
$to_addresses = Mail_Helper::getEmailAddresses(@$structure->headers['to']);
if (count($to_addresses)) {
$addresses = $to_addresses;
}
$cc_addresses = Mail_Helper::getEmailAddresses(@$structure->headers['cc']);
if (count($cc_addresses)) {
$addresses = array_merge($addresses, $cc_addresses);
}
$cc_users = array();
foreach ($addresses as $email) {
$cc_usr_id = User::getUserIDByEmail(strtolower($email), true);
if (!empty($cc_usr_id) && User::getRoleByUser($cc_usr_id, $prj_id) >= User::ROLE_USER) {
$cc_users[] = $cc_usr_id;
}
}
$body = $structure->body;
$reference_msg_id = Mail_Helper::getReferenceMessageID($headers);
if (!empty($reference_msg_id)) {
$parent_id = Note::getIDByMessageID($reference_msg_id);
} else {
$parent_id = false;
}
// insert the new note and send notification about it
$_POST = array('title' => @$structure->headers['subject'], 'note' => $body, 'note_cc' => $cc_users, 'add_extra_recipients' => 'yes', 'message_id' => @$structure->headers['message-id'], 'parent_id' => $parent_id);
// add the full email to the note if there are any attachments
// this is needed because the front end code will display attachment links
if (Mime_Helper::hasAttachments($structure)) {
$_POST['full_message'] = $full_message;
}
$usr_id = Auth::getUserID();
$res = Note::insertFromPost($usr_id, $issue_id, $unknown_user, false);
// need to handle attachments coming from notes as well
if ($res != -1) {
Support::extractAttachments($issue_id, $structure, true, $res);
}
// FIXME! $res == -2 is not handled
History::add($issue_id, $usr_id, 'note_routed', 'Note routed from {user}', array('user' => $structure->headers['from']));
return true;
}
