/**
* Return all read objects ( ReadObjects) for specific object and user
*
* @param ApplicationDataObject $object
* @return array
*/
static function getReadByObject(ApplicationDataObject $object, int $contact_id) {
return self::findAll(array(
'conditions' => array('(`rel_object_id` = ?) and `contact_id` = ? and is_read = 1',
$object->getObjectId(), $contact_id),
'order' => '`created_on`'
)); // findAll
} // getReadByObject
/**
* Clear tags of specific object
*
* @access public
* @param ApplicationDataObject $object
* @param string $manager_class
* @return boolean
*/
function clearObjectTags(ApplicationDataObject $object, $manager_class)
{
$tags = $object->getTags();
// save the tags list
if (is_array($tags)) {
foreach ($tags as $tag) {
$tag->delete();
}
}
// if
}
/**
* Return tag names as array for specific object
*
* @access public
* @param ApplicationDataObject $object
* @param string $manager_class
* @return array
*/
function getTagNamesByObject(ApplicationDataObject $object)
{
$rows = DB::executeAll('SELECT distinct `tag` FROM ' . self::instance()->getTableName(true) . ' WHERE `rel_object_id` = ? AND `rel_object_manager` = ? ORDER BY `tag`', $object->getId(), get_class($object->manager()));
if (!is_array($rows)) {
return array();
}
$tags = array();
foreach ($rows as $row) {
$tags[] = $row['tag'];
}
return $tags;
}
/**
* Return entries related to specific object
*
* $limit and $offset are there to control the range of the result,
* usually we don't want to pull the entire log but just the few most recent entries. If NULL they will be ignored
*
* @param ApplicationDataObject $object
* @param integer $limit
* @param integer $offset
* @return array
*/
static function getObjectLogs($object, $limit = null, $offset = null)
{
$private_filter = $include_private ? 1 : 0;
$silent_filter = $include_silent ? 1 : 0;
return self::findAll(array('conditions' => array('`rel_object_id` = (?)', $object->getId()), 'order' => '`created_on` DESC', 'limit' => $limit, 'offset' => $offset));
// findAll
}
/**
* Create new log entry and return it
*
* Delete actions are automaticly marked as silent if $is_silent value is not provided (not NULL)
*
* @param ApplicationDataObject $object
* @param Project $project
* @param DataManager $manager
* @param boolean $save Save log object before you save it
* @return ApplicationLog
*/
static function createLog(ApplicationDataObject $object, $project, $action = null, $is_private = false, $is_silent = null, $save = true)
{
if (is_null($action)) {
$action = self::ACTION_ADD;
}
// if
if (!self::isValidAction($action)) {
throw new Error("'{$action}' is not valid log action");
}
// if
if (is_null($is_silent)) {
$is_silent = $action == self::ACTION_DELETE;
} else {
$is_silent = (bool) $is_silent;
}
// if
$manager = $object->manager();
if (!$manager instanceof DataManager) {
throw new Error('Invalid object manager');
}
// if
$log = new ApplicationLog();
if ($project instanceof Project) {
$log->setProjectId($project->getId());
}
// if
$log->setTakenById(logged_user()->getId());
$log->setRelObjectId($object->getObjectId());
$log->setObjectName($object->getObjectName());
$log->setRelObjectManager(get_class($manager));
$log->setAction($action);
$log->setIsPrivate($is_private);
$log->setIsSilent($is_silent);
if ($save) {
$log->save();
}
// if
// Update is private for this object
if ($object instanceof ProjectDataObject) {
ApplicationLogs::setIsPrivateForObject($object);
}
// if
return $log;
}
/**
* Return object path (location of the object)
*
* @param void
* @return string
*/
function getObjectPath()
{
$path = parent::getObjectPath();
$p = $this->getProject();
if (!is_null($p)) {
$path[] = $p->getObjectName();
}
return $path;
}
/**
* Return unlink object URL
*
* @param ProjectDataObject $object
* @return string
*/
function getUnlinkObjectUrl(ApplicationDataObject $object)
{
return get_url('object', 'unlink_from_object', array('manager' => get_class($this->manager()), 'object_id' => $this->getObjectId(), 'rel_object_id' => $object->getId(), 'rel_object_manager' => get_class($object->manager())));
// get_url
}
/**
* Remove all relations by object
*
* @param ProjectDataObject $object
* @return boolean
*/
static function clearRelationsByObject(ApplicationDataObject $object)
{
return self::delete(array('(`object_id` = ? and `object_manager` = ?) or (`rel_object_id` = ? and `rel_object_manager` = ?)', $object->getId(), get_class($object->manager()), $object->getId(), get_class($object->manager())));
}
/**
* Drop columns content from table related to $object
*
* @param ApplicationDataObject $object
* @return boolean
*/
static function dropContentByObjectColumns(ApplicationDataObject $object, $columns = array())
{
$columns_csv = "'" . implode("','", $columns) . "'";
return SearchableObjects::delete(array('`rel_object_id` = ? AND `column_name` in (' . $columns_csv . ')', $object->getObjectId()));
}
/**
* Return true is $user has $access_level (R/W) over $object
*
* @param User $user
* @param ApplicationDataObject $object
* @param int $access_level // 1 = read ; 2 = write
* @return unknown
*/
function can_access(User $user, ApplicationDataObject $object, $access_level)
{
try {
if (!$object instanceof ApplicationDataObject) {
throw new Exception(lang('object dnx'));
}
$hookargs = array("user" => $user, "object" => $object, "access_level" => $access_level);
$ret = null;
Hook::fire('can_access', $hookargs, $ret);
if (is_bool($ret)) {
return $ret;
}
if ($object instanceof Comment) {
return can_access($user, $object->getObject(), $access_level);
}
if ($user->isGuest() && $access_level == ACCESS_LEVEL_WRITE) {
return false;
}
if ($object instanceof ProjectFileRevision) {
return can_access($user, $object->getFile(), $access_level);
}
if ($object->columnExists('project_id')) {
$user_id = $user->getId();
if (!$object instanceof ProjectContact && $object->getCreatedById() == $user_id) {
return true;
}
// the user is the creator of the object
if ($object instanceof ProjectDataObject && $object->getProject() instanceof Project && $object->getProject()->getId() == $user->getPersonalProjectId()) {
return true;
}
// The object belongs to the user's personal project
$perms = ObjectUserPermissions::getAllPermissionsByObject($object, $user->getId());
if ($perms && is_array($perms)) {
//if the permissions for the user in the object are specially set
return has_access_level($perms[0], $access_level);
}
$group_ids = GroupUsers::getGroupsCSVsByUser($user_id);
if ($group_ids && $group_ids != '') {
//user belongs to at least one group
$perms = ObjectUserPermissions::getAllPermissionsByObject($object, $group_ids);
if ($perms) {
foreach ($perms as $perm) {
if (has_access_level($perm, $access_level)) {
return true;
}
//there is one group permission that allows the user to access
}
}
}
if ($object instanceof ProjectDataObject && $object->getProject()) {
//if the object has a project assigned to it
$proj_perm = ProjectUsers::findOne(array('conditions' => array('user_id = ? AND project_id = ? ', $user_id, $object->getProject()->getId())));
if ($proj_perm && can_manage_type(get_class($object->manager()), $proj_perm, $access_level)) {
return true;
// if user has permissions over type of object in the project
}
if ($group_ids && $group_ids != '') {
//user belongs to at least one group
$proj_perms = ProjectUsers::findAll(array('conditions' => array('project_id = ' . $object->getProject()->getId() . ' AND user_id in (' . $group_ids . ')')));
if ($proj_perms) {
foreach ($proj_perms as $perm) {
if (can_manage_type(get_class($object->manager()), $perm, $access_level)) {
return true;
}
// if any group has permissions over type of object in the project
}
}
}
}
} else {
// handle object in multiple workspaces
$user_id = $user->getId();
if ($object->getCreatedById() == $user_id) {
return true;
// the user is the creator of the object
}
if ($object instanceof MailContent) {
$acc = MailAccounts::findById($object->getAccountId());
if (!$acc instanceof MailAccount) {
return false;
// it's an email with no account and not created by the user
} else {
if ($access_level == ACCESS_LEVEL_READ && $acc->canView($user) || $access_level == ACCESS_LEVEL_WRITE && $acc->canDelete($user)) {
return true;
}
}
}
$perms = ObjectUserPermissions::getAllPermissionsByObject($object, $user->getId());
if ($perms && is_array($perms)) {
//if the permissions for the user in the object are specially set
return has_access_level($perms[0], $access_level);
}
$group_ids = GroupUsers::getGroupsCSVsByUser($user_id);
if ($group_ids && $group_ids != '') {
//user belongs to at least one group
$perms = ObjectUserPermissions::getAllPermissionsByObject($object, $group_ids);
if ($perms) {
foreach ($perms as $perm) {
if (has_access_level($perm, $access_level)) {
return true;
//there is one group permission that allows the user to access
}
}
}
}
if ($object instanceof ProjectDataObject) {
$ws = $object->getWorkspaces();
foreach ($ws as $w) {
// if the object has a project assigned to it
$proj_perm = ProjectUsers::findOne(array('conditions' => array('user_id = ? AND project_id = ? ', $user_id, $w->getId())));
if ($proj_perm && can_manage_type(get_class($object->manager()), $proj_perm, $access_level)) {
return true;
// if user has permissions over type of object in the project
}
if ($group_ids && $group_ids != '') {
//user belongs to at least one group
$proj_perms = ProjectUsers::findAll(array('conditions' => array('project_id = ' . $w->getId() . ' AND user_id in (' . $group_ids . ')')));
if ($proj_perms) {
foreach ($proj_perms as $perm) {
if (can_manage_type(get_class($object->manager()), $perm, $access_level)) {
return true;
}
// if any group has permissions over type of object in the project
}
}
}
}
}
}
} catch (Exception $e) {
tpl_assign('error', $e);
return false;
}
return false;
}
function render_object_link_form(ApplicationDataObject $object, $extra_objects = null) {
require_javascript("og/ObjectPicker.js");
$objects = $object->getLinkedObjects();
if (is_array($extra_objects)) {
$objects = array_merge($objects, $extra_objects);
}
tpl_assign('objects', $objects);
return tpl_fetch(get_template_path('linked_objects', 'object'));
} // render_object_link_form
/**
* Remove all relations by object
*
* @param ProjectDataObject $object
* @return boolean
*/
static function clearRelationsByObject(ApplicationDataObject $object) {
return self::delete(array('(`object_id` = ?) or (`rel_object_id` = ?)',
$object->getId(), $object->getId()));
} // clearRelationsByObject
/**
* Return all read objects ( ReadObjects) for specific object and user
*
* @param ProjectDataObject $object
* @return array
*/
static function getReadByObject(ApplicationDataObject $object, int $user_id)
{
return self::findAll(array('conditions' => array('(`rel_object_manager` = ? and `rel_object_id` = ?) and `user_id` = ? and is_read = 1', get_class($object->manager()), $object->getObjectId(), $user_id), 'order' => '`created_on`'));
// findAll
}
/**
* Reaturn all permissions of a object
*
* @param Object $object
* @return array
*/
static function getAllPermissionsByObject(ApplicationDataObject $object, $user_id_csvs = null)
{
return self::getAllPermissionsByObjectIdAndManager($object->getId(), get_class($object->manager()), $user_id_csvs);
}
/**
* Return entries related to specific object
*
* $limit and $offset are there to control the range of the result,
* usually we don't want to pull the entire log but just the few most recent entries. If NULL they will be ignored
*
* @param ApplicationDataObject $object
* @param integer $limit
* @param integer $offset
* @return array
*/
static function getObjectLogs($object, $limit = null, $offset = null) {
return self::findAll(array(
'conditions' => array('`rel_object_id` = (?)', $object->getId()),
'order' => '`created_on` DESC',
'limit' => $limit,
'offset' => $offset,
)); // findAll
} // getObjectLogs
/**
* Copies custom properties from an object
* @param ApplicationDataObject $object
*/
function copyCustomPropertiesFrom($object)
{
$properties = $object->getCustomProperties();
foreach ($properties as $property) {
$copy = new ObjectProperty();
$copy->setPropertyName($property->getPropertyName());
$copy->setPropertyValue($property->getPropertyValue());
$copy->setObject($this);
$copy->save();
}
}
function clearEverything()
{
if ($this->isCommentable()) {
$this->clearComments();
}
// if
if ($this->isPropertyContainer()) {
$this->clearObjectProperties();
}
$this->removeFromCOTemplates();
$this->clearSubscriptions();
$this->clearReminders();
if ($this->allowsTimeslots()) {
$this->clearTimeslots();
}
$this->clearMembers();
$this->clearSharingTable();
$this->clearReads();
parent::clearEverything();
}
function clearEverything()
{
if ($this->isTaggable()) {
$this->clearTags();
}
// if
if ($this->isCommentable()) {
$this->clearComments();
}
// if
if ($this->isPropertyContainer()) {
$this->clearObjectProperties();
}
$this->removeFromCOTemplates();
$this->clearSubscriptions();
$this->clearReminders();
if ($this->allowsTimeslots()) {
$this->clearTimeslots();
}
$this->clearWorkspaces();
$this->clearShared();
$this->clearUserPermissions();
$this->clearReads();
parent::clearEverything();
}
/**
* Clear all attachments by object
*
* @param ApplicationDataObject
* @return boolean
*/
static function clearAttachmentsByObject(ApplicationDataObject $object)
{
return self::delete(array('`rel_object_manager` = ? AND `rel_object_id` = ?', get_class($object->manager()), $object->getObjectId()));
}
/**
* Return entries related to specific object
*
* If $include_private is set to true private entries will be included in result. If $include_silent is set to true
* logs marked as silent will also be included. $limit and $offset are there to control the range of the result,
* usually we don't want to pull the entire log but just the few most recent entries. If NULL they will be ignored
*
* @param ApplicationDataObject $object
* @param boolean $include_private
* @param boolean $include_silent
* @param integer $limit
* @param integer $offset
* @return array
*/
static function getObjectLogs($object, $include_private = false, $include_silent = false, $limit = null, $offset = null)
{
$private_filter = $include_private ? 1 : 0;
$silent_filter = $include_silent ? 1 : 0;
if (get_class($object->manager()) == 'Users') {
$private_filter = $include_private ? 1 : 0;
$silent_filter = $include_silent ? 1 : 0;
$userCond = " AND `taken_by_id` = " . $object->getId();
if (isset($project_ids) && $project_ids != null) {
$conditions = array('`is_private` <= ? AND `is_silent` <= ? AND ' . self::getWorkspaceString($project_ids) . $userCond, $private_filter, $silent_filter);
} else {
$conditions = array('`is_private` <= ? AND `is_silent` <= ?' . $userCond, $private_filter, $silent_filter);
}
// if
return self::findAll(array('conditions' => $conditions, 'order' => '`created_on` DESC', 'limit' => $limit, 'offset' => $offset));
// findAll
} else {
$logs = self::findAll(array('conditions' => array('`is_private` <= ? AND `is_silent` <= ? AND `rel_object_id` = (?) AND `rel_object_manager` = (?) OR `is_private` <= ? AND `is_silent` <= ? AND `rel_object_id`IN (SELECT `id` FROM ' . Comments::instance()->getTableName(true) . ' WHERE `rel_object_id` = (?) AND `rel_object_manager` = (?)) AND `rel_object_manager` = "Comments"', $private_filter, $silent_filter, $object->getId(), get_class($object->manager()), $private_filter, $silent_filter, $object->getId(), get_class($object->manager())), 'order' => '`created_on` DESC', 'limit' => $limit, 'offset' => $offset));
// findAll
}
$next_offset = $offset + $limit;
do {
// Look for objects that user cannot see
$removed = 0;
foreach ($logs as $k => $log) {
if ($log->getAction() == 'link') {
$id = explode(":", $log->getLogData());
$lobj = get_object_by_manager_and_id($id[1], $id[0]);
if (!$lobj instanceof ApplicationDataObject || !can_access(logged_user(), $lobj, ACCESS_LEVEL_READ)) {
$removed++;
unset($logs[$k]);
}
}
}
// Get more objects to substitute the removed ones
if ($limit && $removed > 0) {
$other_logs = self::findAll(array('conditions' => array('`is_private` <= ? AND `is_silent` <= ? AND `rel_object_id` = (?) AND `rel_object_manager` = (?) OR `is_private` <= ? AND `is_silent` <= ? AND `rel_object_id`IN (SELECT `id` FROM ' . Comments::instance()->getTableName(true) . ' WHERE `rel_object_id` = (?) AND `rel_object_manager` = (?)) AND `rel_object_manager` = "Comments"', $private_filter, $silent_filter, $object->getId(), get_class($object->manager()), $private_filter, $silent_filter, $object->getId(), get_class($object->manager())), 'order' => '`created_on` DESC', 'limit' => $next_offset + $removed, 'offset' => $next_offset));
// findAll
$logs = array_merge($logs, $other_logs);
$next_offset += $removed;
if (count($logs) > $limit) {
$logs = array_slice($logs, 0, $limit);
}
}
} while ($removed > 0);
return $logs;
}
/**
* Return entries related to specific object
*
* If $include_private is set to true private entries will be included in result. If $include_silent is set to true
* logs marked as silent will also be included. $limit and $offset are there to control the range of the result,
* usually we don't want to pull the entire log but just the few most recent entries. If NULL they will be ignored
*
* @param ApplicationDataObject $object
* @param boolean $include_private
* @param boolean $include_silent
* @param integer $limit
* @param integer $offset
* @return array
*/
static function getObjectLogs($object, $include_private = false, $include_silent = false, $limit = null, $offset = null) {
$private_filter = $include_private ? 1 : 0;
$silent_filter = $include_silent ? 1 : 0;
// User History
if ($object instanceof Contact && $object->isUser()){
$private_filter = $include_private ? 1 : 0;
$silent_filter = $include_silent ? 1 : 0;
$userCond = " AND `taken_by_id` = " . $object->getId();
$conditions = array(
'`is_private` <= ? AND `is_silent` <= ? '.$userCond,
$private_filter,
$silent_filter);
return self::findAll(array(
'conditions' => $conditions,
'order' => '`created_on` DESC',
'limit' => $limit,
'offset' => $offset,
)); // findAll
} else {
$logs = self::findAll(array(
'conditions' => array('`is_private` <= ? AND `is_silent` <= ? AND `rel_object_id` = (?) OR `is_private` <= ? AND `is_silent` <= ? AND (`rel_object_id`IN (SELECT `object_id` FROM '.Comments::instance()->getTableName(true).' WHERE `rel_object_id` = (?)) OR `rel_object_id`IN (SELECT `object_id` FROM '.Timeslots::instance()->getTableName(true).' WHERE `rel_object_id` = (?)))', $private_filter, $silent_filter, $object->getId(),$private_filter, $silent_filter, $object->getId(), $object->getId()),
'order' => '`created_on` DESC',
'limit' => $limit,
'offset' => $offset,
)); // findAll
}
$next_offset = $offset + $limit;
do {
// Look for objects that user cannot see
$removed = 0;
foreach ($logs as $k => $log) {
if ($log->getAction() == 'link') {
$id = explode(":", $log->getLogData());
$lobj = Objects::findObject($id[1]);
if (!$lobj instanceof ApplicationDataObject || !can_access(logged_user(), $lobj->getMembers(), $lobj->getObjectTypeId(), ACCESS_LEVEL_READ)) {
$removed++;
unset($logs[$k]);
}
}
}
// Get more objects to substitute the removed ones
if ($limit && $removed > 0) {
$other_logs = self::findAll(array(
'conditions' => array('`is_private` <= ? AND `is_silent` <= ? AND `rel_object_id` = (?) OR `is_private` <= ? AND `is_silent` <= ? AND (`rel_object_id`IN (SELECT `id` FROM '.Comments::instance()->getTableName(true).' WHERE `rel_object_id` = (?)) AND `rel_object_id`IN (SELECT `object_id` FROM '.Timeslots::instance()->getTableName(true).' WHERE `rel_object_id` = (?)))', $private_filter, $silent_filter, $object->getId(),$private_filter, $silent_filter, $object->getId(), $object->getId()),
'order' => '`created_on` DESC',
'limit' => $next_offset + $removed,
'offset' => $next_offset,
)); // findAll
$logs = array_merge($logs, $other_logs);
$next_offset += $removed;
if (count($logs) > $limit) $logs = array_slice($logs, 0, $limit);
}
} while ($removed > 0);
return $logs;
} // getObjectLogs
static function deleteByObjectAndName(ApplicationDataObject $object, $name) {
return self::delete('`rel_object_id` = '.$object->getId()." AND `name` = " . DB::escape($name));
}
/**
* Delete object and drop content from search table
*
* @param void
* @return boolean
*/
function delete()
{
if ($this->isTaggable()) {
$this->clearTags();
}
// if
if ($this->isSearchable()) {
$this->clearSearchIndex();
}
// if
if ($this->isCommentable()) {
$this->clearComments();
}
// if
if ($this->isFileContainer()) {
$this->clearAttachedFiles();
}
// if
return parent::delete();
}
