/**
* @param int $issue_id
* @param int $project_id
* @param string $new_replier
* @return string
* @access protected
*/
public function addAuthorizedReplier($issue_id, $project_id, $new_replier)
{
$usr_id = Auth::getUserID();
$replier_usr_id = User::getUserIDByEmail($new_replier);
// if this is an actual user, not just an email address check permissions
if (!empty($replier_usr_id)) {
// check if the assignee is even allowed to be in the given project
$projects = Project::getRemoteAssocListByUser($replier_usr_id);
if (!in_array($project_id, array_keys($projects))) {
throw new RemoteApiException("The given user is not permitted in the project associated with issue #{$issue_id}");
}
}
// check if user is already authorized
if (Authorized_Replier::isAuthorizedReplier($issue_id, $new_replier)) {
throw new RemoteApiException("The given user is already an authorized replier on issue #{$issue_id}");
}
$res = Authorized_Replier::remoteAddAuthorizedReplier($issue_id, $usr_id, $new_replier);
if ($res == -1) {
throw new RemoteApiException("Could not add '{$new_replier}' as an authorized replier to issue #{$issue_id}");
}
return 'OK';
}
/**
* Checks whether the given email address is allowed to send emails in the
* issue ID.
*
* @param integer $issue_id The issue ID
* @param string $sender_email The email address
* @return boolean
*/
public static function isAllowedToEmail($issue_id, $sender_email)
{
$prj_id = Issue::getProjectID($issue_id);
// check the workflow
$workflow_can_email = Workflow::canEmailIssue($prj_id, $issue_id, $sender_email);
if ($workflow_can_email != null) {
return $workflow_can_email;
}
$is_allowed = true;
$sender_usr_id = User::getUserIDByEmail($sender_email, true);
if (empty($sender_usr_id)) {
if (CRM::hasCustomerIntegration($prj_id)) {
// check for a customer contact with several email addresses
$crm = CRM::getInstance($prj_id);
try {
$contract = $crm->getContract(Issue::getContractID($issue_id));
$contact_emails = array_keys($contract->getContactEmailAssocList());
$contact_emails = array_map(function ($s) {
return strtolower($s);
}, $contact_emails);
} catch (CRMException $e) {
$contact_emails = array();
}
if (!in_array(strtolower($sender_email), $contact_emails) && !Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email)) {
$is_allowed = false;
}
} else {
if (!Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email)) {
$is_allowed = false;
}
}
} else {
// check if this user is not a customer and
// also not in the assignment list for the current issue and
// also not in the authorized repliers list
// also not the reporter
$details = Issue::getDetails($issue_id);
if ($sender_usr_id == $details['iss_usr_id']) {
$is_allowed = true;
} elseif (User::isPartner($sender_usr_id) && in_array(User::getPartnerID($sender_usr_id), Partner::getPartnerCodesByIssue($issue_id))) {
$is_allowed = true;
} elseif (!Issue::canAccess($issue_id, $sender_usr_id) && !Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email)) {
$is_allowed = false;
} elseif (!Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email) && !Issue::isAssignedToUser($issue_id, $sender_usr_id) && User::getRoleByUser($sender_usr_id, Issue::getProjectID($issue_id)) != User::getRoleID('Customer')) {
$is_allowed = false;
}
}
return $is_allowed;
}
/**
* Checks whether the given email address is allowed to send emails in the
* issue ID.
*
* @access public
* @param integer $issue_id The issue ID
* @param string $sender_email The email address
* @return boolean
*/
function isAllowedToEmail($issue_id, $sender_email)
{
$prj_id = Issue::getProjectID($issue_id);
// check the workflow
$workflow_can_email = Workflow::canEmailIssue($prj_id, $issue_id, $sender_email);
if ($workflow_can_email != null) {
return $workflow_can_email;
}
$is_allowed = true;
$sender_usr_id = User::getUserIDByEmail($sender_email);
if (empty($sender_usr_id)) {
if (Customer::hasCustomerIntegration($prj_id)) {
// check for a customer contact with several email addresses
$customer_id = Issue::getCustomerID($issue_id);
$contact_emails = array_keys(Customer::getContactEmailAssocList($prj_id, $customer_id, Issue::getContractID($issue_id)));
$contact_emails = array_map('strtolower', $contact_emails);
if (!in_array(strtolower($sender_email), $contact_emails) && !Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email)) {
$is_allowed = false;
}
} else {
if (!Authorized_Replier::isAuthorizedReplier($issue_id, $sender_email)) {
$is_allowed = false;
}
}
} else {
// check if this user is not a customer and
// also not in the assignment list for the current issue and
// also not in the authorized repliers list
// also not the reporter
$details = Issue::getDetails($issue_id);
if (!Issue::canAccess($issue_id, $sender_usr_id)) {
$is_allowed = false;
}
if ($sender_usr_id != $details['iss_usr_id'] && !Authorized_Replier::isUserAuthorizedReplier($issue_id, $sender_usr_id) && !Issue::isAssignedToUser($issue_id, $sender_usr_id) && User::getRoleByUser($sender_usr_id, Issue::getProjectID($issue_id)) != User::getRoleID('Customer')) {
$is_allowed = false;
} elseif (User::getRoleByUser($sender_usr_id, Issue::getProjectID($issue_id)) == User::getRoleID('Customer') && User::getCustomerID($sender_usr_id) != Issue::getCustomerID($issue_id)) {
$is_allowed = false;
}
}
return $is_allowed;
}
function addAuthorizedReplier($p)
{
$email = XML_RPC_decode($p->getParam(0));
$password = XML_RPC_decode($p->getParam(1));
$auth = authenticate($email, $password);
if (is_object($auth)) {
return $auth;
}
$issue_id = XML_RPC_decode($p->getParam(2));
$project_id = XML_RPC_decode($p->getParam(3));
$new_replier = XML_RPC_decode($p->getParam(4));
$usr_id = User::getUserIDByEmail($email);
$replier_usr_id = User::getUserIDByEmail($new_replier);
// if this is an actual user, not just an email address check permissions
if (!empty($replier_usr_id)) {
// check if the assignee is even allowed to be in the given project
$projects = Project::getRemoteAssocListByUser($replier_usr_id);
if (!in_array($project_id, array_keys($projects))) {
return new XML_RPC_Response(0, $XML_RPC_erruser + 1, "The given user is not permitted in the project associated with issue #{$issue_id}");
}
}
// check if user is already authorized
if (Authorized_Replier::isAuthorizedReplier($issue_id, $new_replier)) {
return new XML_RPC_Response(0, $XML_RPC_erruser + 1, "The given user is already an authorized replier on issue #{$issue_id}");
}
$res = Authorized_Replier::remoteAddAuthorizedReplier($issue_id, $usr_id, $new_replier);
if ($res == -1) {
return new XML_RPC_Response(0, $XML_RPC_erruser + 1, "Could not add '{$new_replier}' as an authorized replier to issue #{$issue_id}");
} else {
return new XML_RPC_Response(XML_RPC_Encode('OK'));
}
}
/**
* Adds the specified email address to the list of authorized users.
*
* @access public
* @param integer $issue_id The id of the issue.
* @param string $email The email of the user.
* @param boolean $add_history If this should be logged.
*/
function manualInsert($issue_id, $email, $add_history = true)
{
if (Authorized_Replier::isAuthorizedReplier($issue_id, $email)) {
return -1;
} else {
$email = strtolower(Mail_API::getEmailAddress($email));
$workflow = Workflow::handleAuthorizedReplierAdded(Issue::getProjectID($issue_id), $issue_id, $email);
if ($workflow === false) {
// cancel subscribing the user
return -1;
}
// first check if this is an actual user or just an email address
$user_emails = User::getAssocEmailList();
$user_emails = array_map('strtolower', $user_emails);
if (in_array($email, array_keys($user_emails))) {
return Authorized_Replier::addUser($issue_id, $user_emails[$email], $add_history);
}
$stmt = "INSERT INTO\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue_user_replier\n (\n iur_iss_id,\n iur_usr_id,\n iur_email\n ) VALUES (\n " . Misc::escapeInteger($issue_id) . ",\n " . APP_SYSTEM_USER_ID . ",\n '" . Misc::escapeString($email) . "'\n )";
$res = $GLOBALS["db_api"]->dbh->query($stmt);
if (PEAR::isError($res)) {
Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__);
return -1;
} else {
if ($add_history) {
// add the change to the history of the issue
$summary = $email . ' added to the authorized repliers list by ' . User::getFullName(Auth::getUserID());
History::add($issue_id, Auth::getUserID(), History::getTypeID('replier_other_added'), $summary);
}
}
return 1;
}
}
