/**
* Attempts to login the user.
* If logged in successfully, return user information.
* If failed to login in, then throw a fault.
*/
function mc_login($p_username, $p_password)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
return mci_user_get($p_username, $p_password, $t_user_id);
}
/**
* Get the value for the specified user preference.
*
* @param string $p_username The user's username
* @param string $p_password The user's password
* @param int $p_project_id Project ID (0 = ALL_PROJECTS (mantisbt/core/constant_inc.php))
* @param string $p_pref_name The name of the preference
* @return string $t_user_pref The requested preference value
*/
function mc_user_pref_get_pref($p_username, $p_password, $p_project_id, $p_pref_name)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!mci_has_readonly_access($t_user_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
return user_pref_get_pref($t_user_id, $p_pref_name, $p_project_id);
}
/**
* Delete an issue attachment given its id.
*
* @param string $p_username The name of the user trying to add an attachment to an issue.
* @param string $p_password The password of the user.
* @param integer $p_issue_attachment_id The id of the attachment to be deleted.
* @return true: success, false: failure
*/
function mc_issue_attachment_delete( $p_username, $p_password, $p_issue_attachment_id ) {
$t_user_id = mci_check_login( $p_username, $p_password );
if( $t_user_id === false ) {
return mci_soap_fault_login_failed();
}
$t_bug_id = file_get_field( $p_issue_attachment_id, 'bug_id' );
if( !access_has_bug_level( config_get( 'update_bug_threshold' ), $t_bug_id, $t_user_id ) ) {
return mci_soap_fault_access_denied( $t_user_id );
}
return file_delete( $p_issue_attachment_id, 'bug' );
}
/**
*
* Deletes a tag
*
* @param string $p_username The user's username
* @param string $p_password The user's password * @param unknown_type $p_tag_id
* @param int $p_tag_id The id of the tag
* @return soap_fault|boolean
*/
function mc_tag_delete($p_username, $p_password, $p_tag_id)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!access_has_global_level(config_get('tag_edit_threshold'))) {
return mci_soap_fault_access_denied($t_user_id);
}
if (!tag_exists($p_tag_id)) {
return new soap_fault('Client', '', 'No tag with id ' . $p_tag_id);
}
return tag_delete($p_tag_id);
}
function mc_config_get_string($p_username, $p_password, $p_config_var)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!mci_has_readonly_access($t_user_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
if (config_is_private($p_config_var)) {
return SoapObjectsFactory::newSoapFault('Client', "Access to '{$p_config_var}' is denied");
}
if (!config_is_set($p_config_var)) {
return SoapObjectsFactory::newSoapFault('Client', "Config '{$p_config_var}' is undefined");
}
return config_get($p_config_var);
}
/**
* Delete an issue attachment given its id.
*
* @param string $p_username The name of the user trying to add an attachment to an issue.
* @param string $p_password The password of the user.
* @param integer $p_issue_attachment_id The id of the attachment to be deleted.
* @return true: success, false: failure
*/
function mc_issue_attachment_delete($p_username, $p_password, $p_issue_attachment_id)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
$t_bug_id = file_get_field($p_issue_attachment_id, 'bug_id');
# Perform access control checks
$t_attachment_owner = file_get_field($p_issue_attachment_id, 'user_id');
$t_current_user_is_attachment_owner = $t_attachment_owner == $t_user_id;
# Factor in allow_delete_own_attachments=ON|OFF
if (!$t_current_user_is_attachment_owner || $t_current_user_is_attachment_owner && !config_get('allow_delete_own_attachments')) {
# Check access against delete_attachments_threshold
if (!access_has_bug_level(config_get('delete_attachments_threshold'), $t_bug_id, $t_user_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
}
return file_delete($p_issue_attachment_id, 'bug');
}
/**
* Returns all the profiles for the user, including the global ones
*
* @param string $p_username The user's username.
* @param string $p_password The user's password.
* @param integer $p_page_number Page number.
* @param integer $p_per_page Results per page.
* @return mixed
*/
function mc_user_profiles_get_all($p_username, $p_password, $p_page_number, $p_per_page)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!mci_has_readonly_access($t_user_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_results = array();
$t_start = max(array(0, $p_page_number - 1)) * $p_per_page;
foreach (profile_get_all_for_user($t_user_id) as $t_profile_row) {
$t_result = array('id' => $t_profile_row['id'], 'description' => $t_profile_row['description'], 'os' => $t_profile_row['os'], 'os_build' => $t_profile_row['os_build'], 'platform' => $t_profile_row['platform']);
if ($t_profile_row['user_id'] != 0) {
$t_result['user_id'] = mci_account_get_array_by_id($t_profile_row['user_id']);
}
$t_results[] = $t_result;
}
# the profile_api does not implement pagination in the backend, so we emulate it here
# we can always push the pagination in the database, but this seems unlikely in the
# near future, as the number of profiles is expected to be small
$t_paged_results = array_slice($t_results, $t_start, $p_per_page);
return array('total_results' => count($t_results), 'results' => $t_paged_results);
}
/**
* Get appropriate users assigned to a project by access level.
*
* @param string $p_username The name of the user trying to access the versions.
* @param string $p_password The password of the user.
* @param integer $p_project_id The id of the project to retrieve the users for.
* @param integer $p_access Minimum access level.
* @return Array representing a ProjectAttachmentDataArray structure.
*/
function mc_project_get_users($p_username, $p_password, $p_project_id, $p_access)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
$t_users = array();
$t_users = project_get_all_user_rows($p_project_id, $p_access);
# handles ALL_PROJECTS case
$t_display = array();
$t_sort = array();
$t_show_realname = ON == config_get('show_realname');
$t_sort_by_last_name = ON == config_get('sort_by_last_name');
foreach ($t_users as $t_user) {
$t_user_name = string_attribute($t_user['username']);
$t_sort_name = strtolower($t_user_name);
if ($t_show_realname && $t_user['realname'] != "") {
$t_user_name = string_attribute($t_user['realname']);
if ($t_sort_by_last_name) {
$t_sort_name_bits = explode(' ', strtolower($t_user_name), 2);
$t_sort_name = (isset($t_sort_name_bits[1]) ? $t_sort_name_bits[1] . ', ' : '') . $t_sort_name_bits[0];
} else {
$t_sort_name = strtolower($t_user_name);
}
}
$t_display[] = $t_user_name;
$t_sort[] = $t_sort_name;
}
array_multisort($t_sort, SORT_ASC, SORT_STRING, $t_users, $t_display);
$t_result = array();
for ($i = 0; $i < count($t_sort); $i++) {
$t_row = $t_users[$i];
// This is not very performant - But we have to assure that the data returned is exactly
// the same as the data that comes with an issue (test for equality - $t_row[] does not
// contain email fields).
$t_result[] = mci_account_get_array_by_id($t_row['id']);
}
return $t_result;
}
/**
* Get an appropriate enumeration. (Should become an internal function.)
*
* @param string $p_username The name of the user trying to access the enumeration.
* @param string $p_password The password of the user.
* @param string $p_enumeration The enumeration to get.
* @return string The requested enumeration.
*/
function mc_enum_get($p_username, $p_password, $p_enumeration)
{
if (!mci_validate_enum_access($p_username, $p_password)) {
return mci_soap_fault_login_failed();
}
// safe to call directly after login checks
$t_user_id = auth_get_current_user_id();
$t_lang = mci_get_user_lang($t_user_id);
return lang_get($p_enumeration . '_enum_string', $t_lang);
}
/**
* Get all issues header matching the ids.
*
* @param string $p_username The name of the user trying to access the filters.
* @param string $p_password The password of the user.
* @param IntegerArray $p_issue_ids Number of issues to display per page.
* @return array that represents an IssueHeaderDataArray structure
*/
function mc_issues_get_header($p_username, $p_password, $p_issue_ids)
{
global $g_project_override;
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
$t_lang = mci_get_user_lang($t_user_id);
$t_result = array();
foreach ($p_issue_ids as $t_id) {
if (mci_check_access_to_bug($t_user_id, $t_id) === false) {
continue;
}
log_event(LOG_WEBSERVICE, 'getting details for issue \'' . $t_id . '\'');
$t_issue_data = bug_get($t_id, true);
$t_result[] = mci_issue_data_as_header_array($t_issue_data, $t_user_id, $t_lang);
}
return $t_result;
}
/**
* Get all issue ids matching the custom filter.
*
* @param string $p_username The name of the user trying to access the filters.
* @param string $p_password The password of the user.
* @param FilterSearchData $p_filter_search The custom filter.
* @param integer $p_page_number Start with the given page number (zero-based).
* @param integer $p_per_page Number of issues to display per page.
* @return array that represents an IntegerArray structure
*/
function mc_filter_search_issue_ids($p_username, $p_password, $p_filter_search, $p_page_number, $p_per_page)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
$t_rows = mci_filter_search_get_rows($t_user_id, $p_filter_search, $p_page_number, $p_per_page);
$t_result = array();
foreach ($t_rows as $t_issue_data) {
$t_result[] = $t_issue_data->id;
}
return $t_result;
}
/**
* Get the issue headers that match the specified filter and paging details.
*
* @param string $p_username The name of the user trying to access the filters.
* @param string $p_password The password of the user.
* @param integer $p_filter_id The id of the filter to apply.
* @param integer $p_page_number Start with the given page number (zero-based)
* @param integer $p_per_page Number of issues to display per page
* @return Array that represents an IssueDataArray structure
*/
function mc_filter_get_issue_headers($p_username, $p_password, $p_project_id, $p_filter_id, $p_page_number, $p_per_page)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!mci_has_readonly_access($t_user_id, $p_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_orig_page_number = $p_page_number < 1 ? 1 : $p_page_number;
$t_page_count = 0;
$t_bug_count = 0;
$t_filter = filter_db_get_filter($p_filter_id);
$t_filter_detail = explode('#', $t_filter, 2);
if (!isset($t_filter_detail[1])) {
return SoapObjectsFactory::newSoapFault('Server', 'Invalid Filter');
}
$t_filter = unserialize($t_filter_detail[1]);
$t_filter = filter_ensure_valid_filter($t_filter);
$t_result = array();
$t_rows = filter_get_bug_rows($p_page_number, $p_per_page, $t_page_count, $t_bug_count, $t_filter, $p_project_id);
// the page number was moved back, so we have exceeded the actual page number, see bug #12991
if ($t_orig_page_number > $p_page_number) {
return $t_result;
}
foreach ($t_rows as $t_issue_data) {
$t_result[] = mci_issue_data_as_header_array($t_issue_data);
}
return $t_result;
}
/**
* Delete the relationship with the specified target id.
*
* @param string $p_username The name of the user trying to add a note to an issue.
* @param string $p_password The password of the user.
* @param integer $p_issue_id The id of the source issue for the relationship
* @param integer $p_relationship_id The id of relationship to delete.
* @return true: success, false: failure
*/
function mc_issue_relationship_delete( $p_username, $p_password, $p_issue_id, $p_relationship_id ) {
$t_user_id = mci_check_login( $p_username, $p_password );
if( $t_user_id === false ) {
return mci_soap_fault_login_failed();
}
$t_project_id = bug_get_field( $p_issue_id, 'project_id' );
if( !mci_has_readwrite_access( $t_user_id, $t_project_id ) ) {
return mci_soap_fault_access_denied( $t_user_id );
}
# user has access to update the bug...
if( !access_has_bug_level( config_get( 'update_bug_threshold' ), $p_issue_id, $t_user_id ) ) {
return mci_soap_fault_access_denied( $t_user_id , "Active user does not have access level required to remove a relationship from this issue." );
}
# bug is not read-only...
if( bug_is_readonly( $p_issue_id ) ) {
return mci_soap_fault_access_denied( $t_user_id , "Issue '$p_issue_id' is readonly." );
}
# retrieve the destination bug of the relationship
$t_dest_issue_id = relationship_get_linked_bug_id( $p_relationship_id, $p_issue_id );
# user can access to the related bug at least as viewer, if it's exist...
if( bug_exists( $t_dest_issue_id ) ) {
if( !access_has_bug_level( VIEWER, $t_dest_issue_id, $t_user_id ) ) {
return mci_soap_fault_access_denied( $t_user_id , "The issue '$t_dest_issue_id' requires higher access level." );
}
}
$t_bug_relationship_data = relationship_get( $p_relationship_id );
$t_rel_type = $t_bug_relationship_data->type;
# delete relationship from the DB
relationship_delete( $p_relationship_id );
# update bug last updated
bug_update_date( $p_issue_id );
bug_update_date ( $t_dest_issue_id );
# set the rel_type for both bug and dest_bug based on $t_rel_type and on who is the dest bug
if( $p_issue_id == $t_bug_relationship_data->src_bug_id ) {
$t_bug_rel_type = $t_rel_type;
$t_dest_bug_rel_type = relationship_get_complementary_type( $t_rel_type );
} else {
$t_bug_rel_type = relationship_get_complementary_type( $t_rel_type );
$t_dest_bug_rel_type = $t_rel_type;
}
# send email and update the history for the src issue
history_log_event_special( $p_issue_id, BUG_DEL_RELATIONSHIP, $t_bug_rel_type, $t_dest_issue_id );
email_relationship_deleted( $p_issue_id, $t_dest_issue_id, $t_bug_rel_type );
if( bug_exists( $t_dest_issue_id ) ) {
# send email and update the history for the dest issue
history_log_event_special( $t_dest_issue_id, BUG_DEL_RELATIONSHIP, $t_dest_bug_rel_type, $p_issue_id );
email_relationship_deleted( $t_dest_issue_id, $p_issue_id, $t_dest_bug_rel_type );
}
return true;
}
/**
* Get the issue headers that match the specified filter and paging details.
*
* @param string $p_username The name of the user trying to access the filters.
* @param string $p_password The password of the user.
* @param integer $p_filter_id The id of the filter to apply.
* @param integer $p_page_number Start with the given page number (zero-based)
* @param integer $p_per_page Number of issues to display per page
* @return Array that represents an IssueDataArray structure
*/
function mc_filter_get_issue_headers($p_username, $p_password, $p_project_id, $p_filter_id, $p_page_number, $p_per_page)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!mci_has_readonly_access($t_user_id, $p_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_page_count = 0;
$t_bug_count = 0;
$t_filter = filter_db_get_filter($p_filter_id);
$t_filter_detail = explode('#', $t_filter, 2);
if (!isset($t_filter_detail[1])) {
return new soap_fault('Server', '', 'Invalid Filter');
}
$t_filter = unserialize($t_filter_detail[1]);
$t_filter = filter_ensure_valid_filter($t_filter);
$t_result = array();
$t_rows = filter_get_bug_rows($p_page_number, $p_per_page, $t_page_count, $t_bug_count, $t_filter, $p_project_id);
foreach ($t_rows as $t_issue_data) {
$t_id = $t_issue_data->id;
$t_issue = array();
$t_issue['id'] = $t_id;
$t_issue['view_state'] = $t_issue_data->view_state;
$t_issue['last_updated'] = timestamp_to_iso8601($t_issue_data->last_updated);
$t_issue['project'] = $t_issue_data->project_id;
$t_issue['category'] = mci_get_category($t_issue_data->category_id);
$t_issue['priority'] = $t_issue_data->priority;
$t_issue['severity'] = $t_issue_data->severity;
$t_issue['status'] = $t_issue_data->status;
$t_issue['reporter'] = $t_issue_data->reporter_id;
$t_issue['summary'] = $t_issue_data->summary;
if (!empty($t_issue_data->handler_id)) {
$t_issue['handler'] = $t_issue_data->handler_id;
}
$t_issue['resolution'] = $t_issue_data->resolution;
$t_issue['attachments_count'] = count(mci_issue_get_attachments($t_issue_data->id));
$t_issue['notes_count'] = count(mci_issue_get_notes($t_issue_data->id));
$t_result[] = $t_issue;
}
return $t_result;
}
/**
*
* Deletes a tag
*
* @param string $p_username The user's username
* @param string $p_password The user's password * @param unknown_type $p_tag_id
* @param int $p_tag_id The id of the tag
* @return soap_fault|boolean
*/
function mc_tag_delete($p_username, $p_password, $p_tag_id)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!access_has_global_level(config_get('tag_edit_threshold'))) {
return mci_soap_fault_access_denied($t_user_id);
}
if (!tag_exists($p_tag_id)) {
return SoapObjectsFactory::newSoapFault('Client', 'No tag with id ' . $p_tag_id);
}
log_event(LOG_WEBSERVICE, "deleting tag id '{$p_tag_id}'");
return tag_delete($p_tag_id);
}
/**
* Log a checkin event on the issue
*
* @param string $p_username The name of the user trying to access the issue.
* @param string $p_password The password of the user.
* @param integer $p_issue_id The id of the issue to log a checkin.
* @param string $p_comment The comment to add
* @param boolean $p_fixed True if the issue is to be set to fixed
* @return boolean true success, false otherwise.
*/
function mc_issue_checkin($p_username, $p_password, $p_issue_id, $p_comment, $p_fixed)
{
global $g_project_override;
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!bug_exists($p_issue_id)) {
return SoapObjectsFactory::newSoapFault('Client', "Issue '{$p_issue_id}' not found.");
}
$t_project_id = bug_get_field($p_issue_id, 'project_id');
$g_project_override = $t_project_id;
if (!mci_has_readwrite_access($t_user_id, $t_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
helper_call_custom_function('checkin', array($p_issue_id, $p_comment, '', '', $p_fixed));
return true;
}
