/** * Return tasks lists for the next two weeks which don't have due date and have not been completed. * * @param Project $project * @return array */ static function getPendingTasks(User $user, $project, $tag = null, $archived = false) { if ($project instanceof Project) { $project_ids = $project->getAllSubWorkspacesQuery(!$archived); $wsstring = ' AND ' . self::getWorkspaceString($project_ids); } else { $wsstring = ""; } if ($archived) { $archived_cond = " AND `archived_by_id` <> 0"; } else { $archived_cond = " AND `archived_by_id` = 0"; } $permissions = ' AND ( ' . permissions_sql_for_listings(ProjectTasks::instance(), ACCESS_LEVEL_READ, logged_user(), 'project_id') . ')'; $tagStr = $tag ? " AND id in (SELECT rel_object_id from " . TABLE_PREFIX . "tags t WHERE tag='" . $tag . "' AND t.rel_object_manager='ProjectTasks')" : ''; $objects = self::findAll(array('conditions' => array('((`assigned_to_user_id` = ? AND `assigned_to_company_id` = ? ) ' . ' OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) ' . ' OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?)) ' . ' AND `completed_on` = ? AND parent_id = ? AND (due_date > DATE(CURRENT_TIMESTAMP) OR due_date = \'00:00:00 00-00-0000\')' . ' AND `is_template` = false ' . $wsstring . $archived_cond . $permissions . $tagStr, $user->getId(), $user->getCompanyId(), 0, $user->getCompanyId(), 0, 0, EMPTY_DATETIME, 0, EMPTY_DATETIME), 'order' => 'priority DESC, `created_on` DESC')); return $objects; }
/** * Paginate active categories * * @param User $user * @param integer $page * @param integer $per_page * @return array */ function paginateActive($user, $page = 1, $per_page = 30) { $visible_ids = $user->visibleCompanyIds(); if (is_foreachable($visible_ids)) { return Companies::paginate(array('conditions' => array('(is_archived = ? OR id = ?) AND id IN (?)', false, $user->getCompanyId(), $visible_ids), 'order' => 'is_owner DESC, name'), $page, $per_page); } else { return array(null, new Pager(1, 0, $per_page)); } // if }
/** * Add options to main menu * * @param Menu $menu * @param User $user * @return null */ function invoicing_handle_on_build_menu(&$menu, &$user) { $company = $user->getCompany(); if ($user->getSystemPermission('can_manage_invoices')) { $menu->addToGroup(array(new MenuItem('invoicing', lang('Invoices'), assemble_url('invoices'), get_image_url('menu-icon.gif', INVOICING_MODULE), Invoices::countOverdue())), 'main'); } else { if ($user->isCompanyManager($company)) { $menu->addToGroup(array(new MenuItem('invoicing', lang('Invoices'), assemble_url('people_company_invoices', array('company_id' => $user->getCompanyId())), get_image_url('menu-icon.gif', INVOICING_MODULE), Invoices::countByCompany($user->getCompany(), array(INVOICE_STATUS_ISSUED)))), 'main'); } } // if }
/** * Update user's company and role information * * @param void * @return null */ function edit_company_and_role() { $this->wireframe->print_button = false; if ($this->active_user->isNew()) { $this->httpError(HTTP_ERR_NOT_FOUND); } // if if (!$this->active_user->canChangeRole($this->logged_user)) { $this->httpError(HTTP_ERR_FORBIDDEN); } // if $last_administrator = $this->active_user->isAdministrator() && Users::countAdministrators() <= 1; if ($last_administrator) { $this->wireframe->addPageMessage(lang('This user is the last adminstrator on the system. His role cannot be changed')); } // if $user_data = $this->request->post('user'); if (!is_array($user_data)) { $user_data = array('company_id' => $this->active_user->getCompanyId(), 'role_id' => $this->active_user->getRoleId()); } // if $this->smarty->assign(array('user_data' => $user_data, 'last_administrator' => $last_administrator)); if ($this->request->isSubmitted()) { db_begin_work(); $this->active_user->setAttributes($user_data); $save = $this->active_user->save(); if ($save && !is_error($save)) { db_commit(); flash_success(":display's company and role information has been updated", array('display' => $this->active_user->getDisplayName())); $this->redirectToUrl($this->active_user->getViewUrl()); } else { db_rollback(); $this->smarty->assign('errors', $save); } // if } // if }
/** * Return late tickets that are assigned to the user * * @param User $user * @param boolean $include_company includes tickets assigned to whole company * @return array */ function getLateTicketsByUser(User $user, $include_company = false) { $due_date = DateTimeValueLib::now()->beginningOfDay(); $projects = $user->getActiveProjects(); if (!is_array($projects) || !count($projects)) { return null; } // if $project_ids = array(); foreach ($projects as $project) { $project_ids[] = $project->getId(); } // foreach // TODO This request contains a hard-coded value for status. Might need to be changed // if ticket properties are made more generic if ($include_company) { return self::findAll(array('conditions' => array('(`assigned_to_user_id` = ? OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?)) AND `project_id` IN (?) AND `state` <> ?', $user->getId(), 0, $user->getCompanyId(), $project_ids, 'closed'), 'order' => '`state` ASC')); // findAll } else { return self::findAll(array('conditions' => array('`assigned_to_user_id` = ? AND `project_id` IN (?) AND `state` <> ?', $user->getId(), $project_ids, 'closed'), 'order' => '`state` ASC')); // findAll } // if }
/** * Returns true if this user can see $user * * @param User $user * @return boolean */ function canSeeUser(User $user) { if ($this->isMemberOfOwnerCompany()) { return true; // see all } // if if ($user->getCompanyId() == $this->getCompanyId()) { return true; // see members of your own company } // if if ($user->isMemberOfOwnerCompany()) { return true; // see members of owner company } // if return false; } // canSeeUser
/** * Return array of task that are assigned to specific user or his company * * @param User $user * @return array */ function getUsersTasks(User $user) { $task_lists = $this->getTaskLists(); if (!is_array($task_lists)) { return false; } // if $task_list_ids = array(); foreach ($task_lists as $task_list) { if (!$user->isMemberOfOwnerCompany() && $task_list->isPrivate()) { continue; } // if $task_list_ids[] = $task_list->getId(); } // if return ProjectTasks::findAll(array('conditions' => array('`task_list_id` IN (?) AND ((`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?)) AND `completed_on` = ?', $task_list_ids, $user->getId(), $user->getCompanyId(), 0, $user->getCompanyId(), 0, 0, EMPTY_DATETIME), 'order' => '`created_on`')); // findAll }
/** * Can $user delete this company * * @param User $user * @return boolean */ function canDelete($user) { if ($this->isOwner() || $user->getCompanyId() == $this->getId()) { return false; // Owner company cannot be deleted. Also, user cannot delete company he belongs to } // if return $user->isPeopleManager(); }
/** * Return array of task that are assigned to specific user or his company * * @param User $user * @return array */ function getUsersTickets(User $user) { if (!plugin_active('tickets')) return null; $conditions = DB::prepareString('`project_id` = ? AND ((`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) OR `created_by_id`= ?) AND `closed_on` = ?', array($this->getId(), $user->getId(), $user->getCompanyId(), 0, $user->getCompanyId(), 0, 0, $user->getId(), EMPTY_DATETIME)); if(!$user->isMemberOfOwnerCompany()) { $conditions .= DB::prepareString(' AND `is_private` = ?', array(0)); } // if return ProjectTickets::findAll(array( 'conditions' => $conditions, 'order' => '`created_on`' )); // findAll } // getUsersTickets
if (!$session->isLogin) { redirect("../login.php"); } $database = new Database(); $user = new User(); if (isset($_POST['privilege']) && isset($_POST['userId'])) { $isOk = false; $userID = $database->escapeString($_POST['userId']); $privilegeId = $database->escapeString($_POST['privilege']); if ($_SESSION['USPRID'] == 1) { $isOk = true; } else { if ($_SESSION['USPRID'] == 2) { $user->setId($userID); $user->getById($database); if ($user->getCompanyId() == $_SESSION['CID']) { $isOk = true; } } } if ($isOk) { $user->setPrivilegeId($privilegeId); $user->setId($userID); if ($user->changePrivilege()) { echo "true"; } else { echo "false"; } } else { echo "false"; }
/** * Check if specific user can update this task * * @access public * @param User $user * @return boolean */ function canEdit(User $user) { if (!$user->isProjectUser($this->getProject())) { return false; } // if if ($user->isAdministrator()) { return true; } // if $assigned_to = $this->getAssignedTo(); if ($assigned_to instanceof User) { if ($user->getId() == $assigned_to->getId()) { return true; } // if } elseif ($assigned_to instanceof Company) { if ($user->getCompanyId() == $assigned_to->getId()) { return true; } // if } else { return true; } // if // Client who created the task can edit it for the next 3 minutes if ($this->getCreatedById() == logged_user()->getId()) { $valid_time = DateTimeValueLib::now(); $valid_time->advance(180); if ($this->getCreatedOn()->getTimestamp() < $valid_time->getTimestamp()) { return true; } // if } // if $task_list = $this->getTaskList(); return $task_list instanceof ProjectTaskList ? $task_list->canEdit($user) : false; }
/** * Check if specific user can update this ticket * * @access public * @param User $user * @return boolean */ function canEdit(User $user) { if ($user->isAdministrator()) { return true; } // if if (!$user->isProjectUser($this->getProject())) { return false; } // if if ($this->isPrivate() && !$user->isMemberOfOwnerCompany()) { return false; // user that is not member of owner company can't access private objects } // if $assigned_to = $this->getAssignedTo(); if ($assigned_to instanceof User) { if ($user->getId() == $assigned_to->getId()) { return true; } // if } elseif ($assigned_to instanceof Company) { if ($user->getCompanyId() == $assigned_to->getId()) { return true; } // if } // if return $user->getProjectPermission($this->getProject(), ProjectTicket::CAN_MANAGE_TICKETS); }
/** * Return ID-s of companies $user can see * * @param User $user * @return array */ function findVisibleCompanyIds($user) { // Admins can see all companies in the database if ($user->isAdministrator() || $user->isPeopleManager()) { $rows = db_execute_all('SELECT id FROM ' . TABLE_PREFIX . 'companies ORDER BY name'); $result = array(); if (is_foreachable($rows)) { foreach ($rows as $row) { $result[] = (int) $row['id']; } // foreach } // if return $result; } // if $visible_user_ids = $user->visibleUserIds(); if (is_foreachable($visible_user_ids)) { $users_table = TABLE_PREFIX . 'users'; $companies_table = TABLE_PREFIX . 'companies'; $rows = db_execute_all("SELECT DISTINCT(company_id) FROM {$users_table}, {$companies_table} WHERE {$users_table}.id IN (?) ORDER BY {$companies_table}.is_owner DESC, {$companies_table}.name", $visible_user_ids); $result = array(); if (is_foreachable($rows)) { foreach ($rows as $row) { $result[] = (int) $row['company_id']; } // foreach } // if if (!in_array($user->getCompanyId(), $result)) { $result[] = $user->getCompanyId(); } // if $projects_table = TABLE_PREFIX . 'projects'; $project_users_table = TABLE_PREFIX . 'project_users'; $rows = db_execute_all("SELECT DISTINCT {$projects_table}.company_id AS 'company_id' FROM {$projects_table}, {$project_users_table} WHERE {$projects_table}.id = {$project_users_table}.project_id AND {$project_users_table}.user_id = ? AND {$projects_table}.company_id > 0 AND {$projects_table}.company_id NOT IN (?)", $user->getId(), $result); if (is_foreachable($rows)) { foreach ($rows as $row) { $result[] = (int) $row['company_id']; } // foreach } // if return $result; } else { return array($user->getCompanyId()); } // if }
/** * Return user profile day URL * * @param User $user * @param integer $year * @param integer $month * @param integer $day * @return string */ function getProfileDayUrl($user, $year, $month, $day) { return assemble_url('profile_calendar_day', array('user_id' => $user->getId(), 'company_id' => $user->getCompanyId(), 'year' => $year, 'month' => $month, 'day' => $day)); }
/** * Add task to this list * * @param string $text * @param User $assigned_to_user * @param Company $assigned_to_company * @return ProjectTask * @throws DAOValidationError */ function addTask($text, $assigned_to_user = null, $assigned_to_company = null) { $task = new ProjectTask(); $task->setText($text); if ($assigned_to_user instanceof User) { $task->setAssignedToUserId($assigned_to_user->getId()); $task->setAssignedToCompanyId($assigned_to_user->getCompanyId()); } elseif ($assigned_to_company instanceof Company) { $task->setAssignedToCompanyId($assigned_to_company->getId()); } // if $this->attachTask($task); // this one will save task return $task; }
/** * Can change status of this milestone (completed / open) * * @access public * @param User $user * @return boolean */ function canChangeStatus(User $user) { if ($user->getProjectPermission($this->getProject(), PermissionManager::CAN_CHANGE_STATUS_MILESTONES)) { return true; } if ($this->getCreatedById() == $user->getId()) { return true; } if ($user->isAdministrator()) { return true; } // Additional check - is this milestone assigned to this user or its company if ($this->getAssignedTo() instanceof User) { if ($user->getId() == $this->getAssignedTo()->getObjectId()) { return true; } } elseif ($this->getAssignedTo() instanceof Company) { if ($user->getCompanyId() == $this->getAssignedTo()->getObjectId()) { return true; } } // if return false; }
/** * Return array of task that are assigned to specific user or his company * * @param User $user * @param array $options * @param boolean $include_company * @return array */ function getUsersTickets(User $user, $options = null, $include_company = false) { if (!plugin_active('tickets')) { return null; } if ($include_company) { $conditions = DB::prepareString('`project_id` = ? AND ((`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) OR (`assigned_to_user_id` = ? AND `assigned_to_company_id` = ?) OR `created_by_id`= ?) AND `closed_on` = ?', array($this->getId(), $user->getId(), $user->getCompanyId(), 0, $user->getCompanyId(), 0, 0, $user->getId(), EMPTY_DATETIME)); } else { $conditions = DB::prepareString('`project_id` = ? AND `assigned_to_user_id` = ? AND `closed_on` = ?', array($this->getId(), $user->getId(), EMPTY_DATETIME)); } // if if (!$user->isMemberOfOwnerCompany()) { $conditions .= DB::prepareString(' AND `is_private` = ?', array(0)); } // if $options['conditions'] = $conditions; if (!isset($options['order'])) { $options['order'] = '`created_on`'; } return ProjectTickets::findAll($options); // findAll }