function get_tasks_gantt(&$tasks, $project_id, $project_start, $project_end, $parent_id = 0, $depth = 0, $show_actual = 0) { global $config; $id_user = $config["id_user"]; $result = mysql_query('SELECT * FROM ttask WHERE id_parent_task = ' . $parent_id . ' AND id_project = ' . $project_id); if ($result === false) { return; } while ($row = mysql_fetch_array($result)) { // ACL Check for this task // This user can see this task? $task_access = get_project_access($config["id_user"], $project_id, $row['id'], false, true); if ($task_access["read"]) { $task['id'] = $row['id']; $task['name'] = $row['name']; if ($show_actual) { $task["name"] .= " (" . __("Planned") . ")"; } $task['parent'] = $parent_id; $task['link'] = 'index.php?sec=projects&sec2=operation/projects/task_detail&id_project=' . $project_id . '&id_task=' . $row['id'] . '&operation=view'; // start > end $task['start'] = fix_date($row['start'], $project_start); $task['end'] = fix_date($row['end'], $project_end); if (date_to_epoch($task['start']) > date_to_epoch($task['end'])) { $temp = $task['start']; $task['start'] = $task['end']; $task['end'] = $temp; } $task['real_start'] = fix_date(get_db_sql('SELECT MIN(timestamp) FROM tworkunit, tworkunit_task WHERE tworkunit_task.id_workunit = tworkunit.id AND timestamp <> \'0000-00-00 00:00:00\' AND id_task = ' . $row['id']), $task['start']); $task['real_end'] = fix_date(get_db_sql('SELECT MAX(timestamp) FROM tworkunit, tworkunit_task WHERE tworkunit_task.id_workunit = tworkunit.id AND timestamp <> \'0000-00-00 00:00:00\' AND id_task = ' . $row['id']), $task['start']); $task['completion'] = $row['completion']; $task["actual_data"] = 0; $task["worked_hours"] = get_task_workunit_hours($row["id"]); $task["hours"] = $row["hours"]; array_push($tasks, $task); //Add another task to represent real effort for the task if ($show_actual) { $task_aux = array(); $task_aux["id"] = $task["id"] . "act"; $task_aux["actual_data"] = 1; $task_aux["parent"] = $task["parent"]; if ($task['real_start']) { $task_aux["start"] = $task['real_start']; } else { $task_aux["start"] = $task['start']; } if ($task['real_end']) { $task_aux["end"] = $task['real_end']; } else { $task_aux["end"] = $task['start']; } $task_aux["completion"] = 0; $task_aux["name"] = $row["name"] . " (" . __("Actual") . ")"; array_push($tasks, $task_aux); } get_tasks_gantt(&$tasks, $project_id, $project_start, $project_end, $task['id'], $depth + 1, $show_actual); } } }
public function checkPermission ($id_user, $acl = 'PR', $operation = '', $id_workunit = -1, $id_task = -1, $id_incident = -1) { $system = System::getInstance(); $permission = false; if (dame_admin($id_user)) { $permission = true; } else { // Section access if ($system->checkACL($acl)) { // workunit for task if ($id_task !== false && $id_task > 0) { if ( include_once ($system->getConfig('homedir')."/include/functions_projects.php") ) { $task_access = get_project_access ($id_user, 0, $id_task, false, true); // Task access if ($task_access["write"] || $task_access["manage"]) { // If the workunit exists, should belong to the user if ($operation != "" && $operation != "insert_workunit") { $user_workunit = get_db_value("id_user", "tworkunit", "id", $id_workunit); if (strcasecmp($id_user, $user_workunit) == 0) { $permission = true; } } else { $permission = true; } } } // workunit for incident } elseif ($id_incident > 0) { // Incident access if ($system->checkACL('IW') || $system->checkACL('IM')) { // If the workunit exists, should belong to the user if ($operation != "" && $operation != "insert_workunit") { $user_workunit = get_db_value("id_user", "tworkunit", "id", $id_workunit); if (strcasecmp($id_user, $user_workunit) == 0) { $permission = true; } } else { $permission = true; } } } else { $permission = true; } } } // With this operations, the workunit should have id if ( ($operation == "view" || $operation == "update_workunit" || $operation == "delete_workunit") && $id_workunit < 0) { $permission = false; } return $permission; }
$end_date = ""; $start_date = ""; $id_project = -1; // Create mode by default $result_output = ""; $id_project_group = 0; $action = (string) get_parameter('action'); $id_project = (int) get_parameter('id_project'); $create_project = (bool) get_parameter('create_project'); $graph_ttl = 1; if ($pdf_output) { $graph_ttl = 2; } $section_access = get_project_access($config['id_user']); if ($id_project) { $project_access = get_project_access($config['id_user'], $id_project); } // ACL - To access to this section, the required permission is PR if (!$section_access['read']) { audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to project detail section"); no_permission(); } // ACL - If creating, the required permission is PW if ($create_project && !$section_access['write']) { audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to create a project"); no_permission(); } // ACL - To view an existing project, belong to it is required if ($id_project && !$project_access['read']) { audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to view a project"); no_permission();
// Integria 2.0 - http://integria.sourceforge.net // ================================================== // Copyright (c) 2008 Artica Soluciones Tecnologicas // Copyright (c) 2008 Esteban Sanchez, estebans@artica.es // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; version 2 // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. check_login(); include_once "include/functions_projects.php"; $id = (int) get_parameter('id_project'); $project = get_db_row('tproject', 'id', $id); $project_access = get_project_access($config['id_user'], $project['id']); // ACL - To see the project, you should have read access if ($project === false || !$project_access['read']) { // Doesn't have access to this page audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access project " . $id); no_permission(); } echo '<h1>' . __('Project tracking') . ' » ' . $project['name'] . '</h1>'; $trackings = get_db_all_rows_field_filter('tproject_track', 'id_project', $id); if ($trackings !== false) { $table->width = "99%"; $table->class = 'listing'; $table->data = array(); $table->head = array(); $table->head[1] = __('Description'); $table->head[2] = __('User');
$prefix = 'last_'; } elseif ($first) { $prefix = 'first_'; $first = false; } else { $prefix = ''; } // Get projects info $projects = get_db_all_rows_sql("SELECT id, name FROM tproject WHERE disabled = 0 AND id_project_group = " . $group["id"]); if ($projects === false) { $projects = array(); } //Check project ACLs $aux_projects = array(); foreach ($projects as $p) { $project_access = get_project_access($config["id_user"], $p['id']); if ($project_access["read"]) { array_push($aux_projects, $p); } } //Set filtered projects $projects = $aux_projects; $nprojects = count($projects); echo "<tr>"; // Project group name echo "<td style='text-align:left; padding-bottom:0px; padding-top:0px;'>"; echo "<a href='javascript:'><img id='btn_" . $group["id"] . "' class='btn_tree' src='images/" . $prefix . "closed.png' style='float:left'></a>"; echo "<b><a href='index.php?sec=projects&sec2=operation/projects/project&search_id_project_group=" . $group["id"] . "'>" . $group["name"] . "</a></b>"; echo "</td>"; // Project group echo "<td>";
$operation = get_parameter ("operation"); $set_progress = (int) get_parameter ("set_progress", -1); $progress = 0; include_once ("include/functions_graph.php"); require_once ('include/functions_db.php'); require_once ('include/functions_ui.php'); require_once ('include/functions_user.php'); include_once ('include/functions_workorders.php'); include_once ('include/functions_projects.php'); $id = (int) get_parameter ("id"); $id_task = (int) get_parameter ("id_task"); $offset = get_parameter ("offset", 0); $section_permission = get_project_access ($config['id_user']); if (!$section_permission['read']) { audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", "Trying to access workorder section"); require ("general/noaccess.php"); exit; } if (defined ('AJAX')) { $change_combo_task = get_parameter ("change_combo_task", 0); if ($change_combo_task) { $id_user = get_parameter ("id_user", 0); $real_id_user = get_db_value ("id_usuario", "tusuario", "id_usuario", $id_user); if ($real_id_user) {
if (strlen($row["filename"]) > 35) $filename = substr($row["filename"],0,35)."..."; else $filename = $row["filename"]; $link = $config["base_url"]."/operation/common/download_file.php?type=project&id_attachment=".$row["id_attachment"]; $real_filename = $config["homedir"]."/attachment/".$row["id_attachment"]."_".rawurlencode ($row["filename"]); // Show data if ($id_task == -1) { $task_id = $row["task_id"]; // ACL $task_access = get_project_access ($config["id_user"], $id_project, $task_id, false, true); if (! $task_access["read"]) { continue; } echo "<tr><td class='$tdcolor' valign='top'>"; echo "<a href='index.php?sec=projects&sec2=operation/projects/task_detail&id_project=$id_project&id_task=$task_id&operation=view'>"; echo $row["name"]; echo "</a>"; echo "<td class='$tdcolor' valign='top'>"; echo '<b><a href="'.$link.'">'.$filename."</a></b>"; } else { echo "<tr><td class='$tdcolor' valign='top'>"; echo '<b><a href="'.$link.'">'.$filename."</a></b>"; }
/** * Get the number of readable tasks of a project for an user * * @param id_user User ID * @param id_project Project Id * @param id_parent Only count the tasks with that parent * * @return int Count of tasks */ function get_accesible_task_count($id_user, $id_project, $id_parent = false) { if ($id_parent !== false) { $parent = "id_parent_task={$id_parent}"; } else { $parent = "1=1"; } $sql = "SELECT id\n\t\t\tFROM ttask\n\t\t\tWHERE {$parent}\n\t\t\t\tAND id_project={$id_project}"; $count = 0; $new = true; while ($task = get_db_all_row_by_steps_sql($new, $result_project, $sql)) { $new = false; $task_access = get_project_access($id_user, $id_project, $task['id'], false, true); if ($task_access['read']) { $count++; } } return $count; }
function show_workunit_user($id_workunit, $full = 0, $show_multiple = true) { global $config; $sql = "SELECT * FROM tworkunit WHERE id = {$id_workunit}"; if ($res = mysql_query($sql)) { $row = mysql_fetch_array($res); } else { return; } $timestamp = $row["timestamp"]; $duration = $row["duration"]; $id_user = $row["id_user"]; $avatar = get_db_value("avatar", "tusuario", "id_usuario", $id_user); $nota = $row["description"]; $have_cost = $row["have_cost"]; $profile = $row["id_profile"]; $public = $row["public"]; $locked = $row["locked"]; $work_home = $row["work_home"]; $id_task = get_db_value("id_task", "tworkunit_task", "id_workunit", $row["id"]); if (!$id_task) { $id_incident = get_db_value("id_incident", "tworkunit_incident", "id_workunit", $row["id"]); } $id_project = get_db_value("id_project", "ttask", "id", $id_task); $id_profile = get_db_value("id_profile", "tworkunit", "id", $id_workunit); $task_title = get_db_value("name", "ttask", "id", $id_task); if (!$id_task) { $incident_title = get_db_value("titulo", "tincidencia", "id_incidencia", $id_incident); } $project_title = get_db_value("name", "tproject", "id", $id_project); // ACL Check for visibility if (!$public && $id_user != $config["id_user"]) { if ($id_task) { $task_access = get_project_access($config["id_user"], false, $id_task, false, true); if (!$task_access["manage"]) { return; } } elseif (!give_acl($config["id_user"], 0, "TM")) { return; } } echo "<form method='post' action='index.php?sec=projects&sec2=operation/projects/task_workunit'>"; // Show data echo "<div class='notetitle'>"; // titulo echo "<table class='blank' border=0 width='100%' cellspacing=0 cellpadding=0 style='margin-left: 0px;margin-top: 0px; background: transparent;'>"; echo "<tr><td rowspan=4 width='7%'>"; print_user_avatar($id_user, true); echo "<td width='60%'><b>"; if ($id_task) { echo __('Task') . " </b> : "; echo "<a href='index.php?sec=projects&sec2=operation/projects/task_detail&id_task={$id_task}&operation=view'>{$task_title}</A>"; } else { echo __('Ticket') . " </b> : "; echo "<a href='index.php?sec=incidents&sec2=operation/incidents/incident&id={$id_incident}'>{$incident_title}</A>"; } echo "</td>"; echo "<td width='13%'>"; echo "<b>" . __('Duration') . "</b>"; echo "</td>"; echo "<td width='20%'>"; echo " : " . format_numeric($duration); echo "</td>"; echo "<td>"; // Public WU ? echo "<span style='margin-bottom:0px; padding-right:10px;'>"; if ($public == 1) { echo "<img src='images/group.png' title='" . __('Public Workunit') . "' />"; } else { echo "<img src='images/delete.png' title='" . __('Non public Workunit') . "' />"; } echo "</span>"; echo "</td></tr>"; echo "<tr>"; echo "<td><b>"; if ($id_task) { echo __('Project') . " </b> : "; echo "<a href='index.php?sec=projects&sec2=operation/projects/task&id_project={$id_project}'>{$project_title}</A>"; } else { echo __('Group') . "</b> : "; echo dame_nombre_grupo(get_db_sql("SELECT id_grupo FROM tincidencia WHERE id_incidencia = {$id_incident}")); } echo "</td>"; echo "<td><b>"; if ($have_cost != 0) { $profile_cost = get_db_value("cost", "trole", "id", $profile); $cost = format_numeric($duration * $profile_cost); $cost = $cost . " €"; } else { $cost = __('N/A'); } echo __('Cost'); echo "</b>"; echo "</td>"; echo "<td>"; echo " : " . $cost; echo "</td>"; if ($show_multiple) { echo "<td>"; echo print_checkbox_extended('op_multiple[]', $id_workunit, false, false, '', '', true); echo "</td>"; } echo "</tr>"; echo "<tr>"; echo "<td><b>"; echo __('Work from home'); echo "</b>"; if ($work_home == 0) { $wfh = __('No'); } else { $wfh = __('Yes'); } echo " : " . $wfh; echo "</td>"; echo "<td><b>"; echo __('Profile'); echo "</b></td><td>"; echo " : " . get_db_value("name", "trole", "id", $profile); echo "<tr>"; echo "<td>"; echo "<a href='index.php?sec=users&sec2=operation/users/user_edit&id={$id_user}'>"; echo "<b>" . $id_user . "</b>"; echo "</a>"; echo " " . __('said on') . ' ' . $timestamp; echo "</td></tr>"; echo "</table>"; echo "</div>"; echo "</form>"; // Body //echo "<div class='notebody'>"; echo "<div class='notebody' id='wu_{$id_workunit}'>"; echo "<table width='100%' class='blank'>"; echo "<tr><td valign='top'>"; if (strlen($nota) > 1024 and $full == 0) { echo topi_richtext(clean_output_breaks(substr($nota, 0, 1024))); echo "<br><br>"; echo "<a href='index.php?sec=users&sec2=operation/users/user_workunit_report&id_workunit=" . $id_workunit . "&title={$task_title}'>"; echo __('Read more...'); echo "</a>"; } else { echo topi_richtext(clean_output_breaks($nota)); } echo "<td valign='top'>"; echo "<table width='100%' class='blank'>"; if ($_GET["sec2"] == "operation/users/user_workunit_report") { $myurl = "index.php?sec=users&sec2=operation/users/user_workunit_report&id={$id_user}"; } else { if ($id_project > 0) { $myurl = "index.php?sec=projects&sec2=operation/users/user_spare_workunit&id_project={$id_project}&id_task={$id_task}"; } else { $myurl = "index.php?sec=users&sec2=operation/users/user_workunit_report&id={$id_user}"; } } if (project_manager_check($id_project) == 1 or $id_user == $config["id_user"] or give_acl($config["id_user"], 0, "TM")) { echo "<tr><td align='right'>"; echo "<br>"; echo "<a class='delete-workunit' id='delete-{$id_workunit}' href='{$myurl}&id_workunit={$id_workunit}&operation=delete' onclick='if (!confirm(\"" . __('Are you sure?') . "\")) return false;'><img src='images/cross.png' title='" . __('Delete workunit') . "'/></a>"; } // Edit workunit if ((project_manager_check($id_project) == 1 or give_acl($config["id_user"], 0, "TM") or $id_user == $config["id_user"]) and ($locked == "" or give_acl($config["id_user"], 0, "UM"))) { echo "<tr><td align='right'>"; echo "<br>"; echo "<a class='edit-workunit' id='edit-{$id_workunit}' href='index.php?sec=projects&sec2=operation/users/user_spare_workunit&id_project={$id_project}&id_task={$id_task}&id_workunit={$id_workunit}&id_profile={$id_profile}'><img border=0 src='images/page_white_text.png' title='" . __('Edit workunit') . "'></a>"; echo "</td>"; } // Lock workunit if ((project_manager_check($id_project) == 1 or give_acl($config["id_user"], 0, "TM") or $id_user == $config["id_user"]) and $locked == "") { echo "<tr><td align='right'>"; echo "<br>"; echo "<a class='lock_workunit' id='lock-{$id_workunit}' href='{$myurl}&id_workunit={$id_workunit}&operation=lock'><img src='images/lock.png' title='" . __('Lock workunit') . "'></a>"; echo "</td>"; } else { echo "<tr><td align='right'>"; echo "<br><img src='images/rosette.png' title='" . __('Locked by') . " {$locked}'"; echo print_user_avatar($locked, true); echo "</td>"; } echo "</tr></table>"; echo "</tr></table>"; echo "</div>"; }
// http://integria.sourceforge.net // ================================================== // Copyright (c) 2008 Ártica Soluciones Tecnológicas // http://www.artica.es <*****@*****.**> // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; version 2 // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. global $config; include_once "include/functions_projects.php"; check_login(); $id_user = $config["id_user"]; $section_permission = get_project_access($id_user); if (!$section_permission["write"]) { audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to project group management"); no_permission(); } echo "<h1>" . __('Project group management') . "</h1>"; $id = (int) get_parameter('id'); $new_group = (bool) get_parameter('new_group'); $insert_group = (bool) get_parameter('insert_group'); $update_group = (bool) get_parameter('update_group'); $delete_group = (bool) get_parameter('delete_group'); if ($insert_group) { $name = (string) get_parameter('name'); $icon = (string) get_parameter('icon'); $sql = sprintf('INSERT INTO tproject_group (name, icon) VALUES ("%s", "%s")', $name, $icon);
function tasks_print_tree($id_project, $sql_search = '') { global $config; global $pdf_output; if ($pdf_output) { $graph_ttl = 2; } else { $graph_ttl = 1; } echo "<table class='blank' style='width:98%'>"; echo "<tr><td style='width:60%' valign='top'>"; $sql = "SELECT t.*\n\t\t\tFROM ttask t\n\t\t\tWHERE t.id_parent_task=0\n\t\t\t\tAND t.id>0\n\t\t\t\tAND t.id_project={$id_project}\n\t\t\t\t{$sql_search}\n\t\t\tORDER BY t.name"; //$sql_search = base64_encode($sql_search); $sql_count = "SELECT COUNT(*) AS num\n\t\t\tFROM ttask t\n\t\t\tWHERE t.id_parent_task=0\n\t\t\t\tAND t.id>0\n\t\t\t\tAND t.id_project={$id_project}\n\t\t\t\t{$sql_search}"; $countRows = process_sql($sql_count); if ($countRows === false) { $countRows = 0; } else { $countRows = (int) $countRows[0]['num']; } if ($countRows == 0) { echo '<h3 class="error">' . __('No tasks found') . '</h3>'; return; } $new = true; $count = 0; echo "<ul style='margin: 0; margin-top: 20px; padding: 0;'>\n"; $first = true; while ($task = get_db_all_row_by_steps_sql($new, $result, $sql)) { $new = false; $count++; echo "<li style='margin: 0; padding: 0;'>"; echo "<span style='display: inline-block;'>"; $branches = array(); if ($first) { if ($count != $countRows) { $branches[] = true; $img = print_image("images/tree/first_closed.png", true, array("style" => 'vertical-align: middle;', "id" => "tree_image" . $task['id'] . "_task_" . $task['id'], "pos_tree" => "0")); $first = false; } else { $branches[] = false; $img = print_image("images/tree/one_closed.png", true, array("style" => 'vertical-align: middle;', "id" => "tree_image" . $task['id'] . "_task_" . $task['id'], "pos_tree" => "1")); } } else { if ($count != $countRows) { $branches[] = true; $img = print_image("images/tree/closed.png", true, array("style" => 'vertical-align: middle;', "id" => "tree_image" . $task['id'] . "_task_" . $task['id'], "pos_tree" => "2")); } else { $branches[] = false; $img = print_image("images/tree/last_closed.png", true, array("style" => 'vertical-align: middle;', "id" => "tree_image" . $task['id'] . "_task_" . $task['id'], "pos_tree" => "3")); } } $task_access = get_project_access($config["id_user"], $id_project, $task["id"], false, true); if ($task_access["read"]) { // Background color if ($task["completion"] < 40) { $background_color = "background: #FFFFFF;"; } else { if ($task["completion"] < 90) { $background_color = "background: #FFE599;"; } else { if ($task["completion"] < 100) { $background_color = "background: #A4BCFA;"; } else { if ($task["completion"] == 100) { $background_color = "background: #B6D7A8;"; } else { $background_color = ""; } } } } // Priority $priority = print_priority_flag_image($task['priority'], true); // Task name $name = safe_output($task['name']); if (strlen($name) > 30) { $name = substr($name, 0, 30) . "..."; $name = "<a title='" . safe_output($task['name']) . "' href='index.php?sec=projects&sec2=operation/projects/task_detail\n\t\t\t\t\t&id_project=" . $task['id_project'] . "&id_task=" . $task['id'] . "&operation=view'>" . $name . "</a>"; } else { $name = "<a href='index.php?sec=projects&sec2=operation/projects/task_detail\n\t\t\t\t\t&id_project=" . $task['id_project'] . "&id_task=" . $task['id'] . "&operation=view'>" . $name . "</a>"; } if ($task["completion"] == 100) { $name = "<s>{$name}</s>"; } // Completion $progress = progress_bar($task['completion'], 70, 20, $graph_ttl); // Estimation $imghelp = "Estimated hours = " . $task['hours']; $taskhours = get_task_workunit_hours($task['id']); $imghelp .= ", Worked hours = {$taskhours}"; $a = round($task["hours"]); $b = round($taskhours); $mode = 2; if ($a > 0) { $estimation = histogram_2values($a, $b, __("Planned"), __("Real"), $mode, 60, 18, $imghelp, $graph_ttl); } else { $estimation = "--"; } // Time used on all child tasks + this task $recursive_timeused = task_duration_recursive($task["id"]); $time_used = _('Time used') . ": "; if ($taskhours == 0) { $time_used .= "--"; } elseif ($taskhours == $recursive_timeused) { $time_used .= $taskhours; } else { $time_used .= $taskhours . "<span title='Subtasks WU/HR'> (" . $recursive_timeused . ")</span>"; } $wu_incidents = get_incident_task_workunit_hours($task["id"]); if ($wu_incidents > 0) { $time_used .= "<span title='" . __("Time spent in related tickets") . "'> ({$wu_incidents})</span>"; } // People $people = combo_users_task($task['id'], 1, true); $people .= ' '; $people .= get_db_value('COUNT(DISTINCT(id_user))', 'trole_people_task', 'id_task', $task['id']); // Branches $branches_json = json_encode($branches); // New WO / Incident $wo_icon = print_image("images/paste_plain.png", true, array("style" => 'vertical-align: middle;', "id" => "wo_icon", "title" => __('Work order'))); $incident_icon = print_image("images/incident.png", true, array("style" => 'vertical-align: middle; height:19px; width:20px;', "id" => "incident_icon", "title" => __('Ticket'))); $wo_icon = "<a href='index.php?sec=projects&sec2=operation/workorders/wo&operation=create&id_task=" . $task['id'] . "'>{$wo_icon}</a>"; $incident_icon = "<a href='index.php?sec=incidents&sec2=operation/incidents/incident_detail&id_task=" . $task['id'] . "'>{$incident_icon}</a>"; $launch_icons = $wo_icon . " " . $incident_icon; echo "<a onfocus='JavaScript: this.blur()' href='javascript: loadTasksSubTree(" . $task['id_project'] . "," . $task['id'] . ",\"" . $branches_json . "\", " . $task['id'] . ",\"" . $sql_search . "\")'>"; echo "<script type=\"text/javascript\">\n\t\t\t\t\t \$(document).ready (function () {\n\t\t\t\t\t\t loadTasksSubTree(" . $task['id_project'] . "," . $task['id'] . ",\"" . $branches_json . "\", " . $task['id'] . ",\"" . $sql_search . "\");\n\t\t\t\t\t });\n\t\t\t\t </script>"; echo $img; echo "</a>"; echo "<span style='" . $background_color . " padding: 4px;'>"; echo "<span style='vertical-align:middle; display: inline-block;'>" . $priority . "</span>"; echo "<span style='margin-left: 5px; min-width: 250px; vertical-align:middle; display: inline-block;'>" . $name . "</span>"; echo "<span title='" . __('Progress') . "' style='margin-left: 15px; vertical-align:middle; display: inline-block;'>" . $progress . "</span>"; echo "<span style='margin-left: 15px; min-width: 70px; vertical-align:middle; display: inline-block;'>" . $estimation . "</span>"; echo "<span style='margin-left: 15px; vertical-align:middle; display: inline-block;'>" . $people . "</span>"; echo "<span style='margin-left: 15px; min-width: 200px; display: inline-block;'>" . $time_used . "</span>"; echo "<span style='margin-left: 15px; vertical-align:middle; display: inline-block;'>" . __('New') . ": " . $launch_icons . "</span>"; echo "</span>"; } else { // Task name $name = safe_output($task['name']); if (strlen($name) > 60) { $name = substr($name, 0, 60) . "..."; $name = "<div title='" . safe_output($task['name']) . "'>" . $name . "</a>"; } if ($task["completion"] == 100) { $name = "<s>{$name}</s>"; } // Priority $priority = print_priority_flag_image($task['priority'], true); // Branches $branches_json = json_encode($branches); echo "<a onfocus='JavaScript: this.blur()' href='javascript: loadTasksSubTree(" . $task['id_project'] . "," . $task['id'] . ",\"" . $branches_json . "\", " . $task['id'] . ",\"" . $sql_search . "\")'>"; echo "<script type=\"text/javascript\">\n\t\t\t\t\t \$(document).ready (function () {\n\t\t\t\t\t\t loadTasksSubTree(" . $task['id_project'] . "," . $task['id'] . ",\"" . $branches_json . "\", " . $task['id'] . ",\"" . $sql_search . "\");\n\t\t\t\t\t });\n\t\t\t\t </script>"; echo $img; echo "</a>"; echo "<span title='" . __('You are not assigned to this task') . "' style='padding: 4px;'>"; echo "<span style='vertical-align:middle; display: inline-block;'>" . $priority . "</span>"; echo "<span style='color: #D8D8D8; margin-left: 5px; display: inline-block;'>" . $name . "</span>"; echo "</span>"; } echo "<div hiddenDiv='1' loadDiv='0' style='display: none; margin: 0px; padding: 0px;' class='tree_view tree_div_" . $task['id'] . "' id='tree_div" . $task['id'] . "_task_" . $task['id'] . "'></div>"; echo "</li>"; } echo "</ul>"; echo "</td></tr>"; echo "</table>"; return; }
$new = true; $color = 1; while ($project = get_db_all_row_by_steps_sql($new, $result_project, $sql)) { $sql = get_tasks_query($id_user, $project['id'], "", 0, true); $new = true; $project_access = get_project_access($config['id_user'], $project['id']); // ACL - To see the project, you should have read access if (!$project_access['read']) { $new = false; continue; // Does not show this project tasks } while ($task = get_db_all_row_by_steps_sql($new, $result_task, $sql)) { $new = false; $belong_task = user_belong_task($id_user, $task['id'], true); $task_access = get_project_access($config['id_user'], $project['id'], $task['id'], false, true); // ACL - To see the task, you should have read access if (!$task_access['read']) { continue; // Does not show this task } $role = get_db_sql("SELECT name\n\t\t\t\t\t\t\t FROM trole\n\t\t\t\t\t\t\t WHERE id IN(SELECT id_role\n\t\t\t\t\t\t\t\t\t\t FROM trole_people_task\n\t\t\t\t\t\t\t\t\t\t WHERE id_user='******'\n\t\t\t\t\t\t\t\t\t\t\tAND id_task=" . $task['id'] . ")"); echo "<tr>"; echo "<td>"; echo "<a href='index.php?sec=projects&sec2=operation/projects/project_detail&id_project=" . $project['id'] . "'>" . $project['name'] . "</a>"; echo "<td><b><a href='index.php?sec=projects&sec2=operation/projects/task_detail&id_project=" . $project['id'] . "&id_task=" . $task['id'] . "&operation=view'>" . $task['name'] . "</a></b>"; echo "<td>" . $role; if ($belong_task) { echo "<td>" . get_task_workunit_hours_user($task["id"], $id_user); echo "<td>" . get_task_workunit_hours($task["id"]); } else {
$lead = get_db_row ("tlead", "id", $data["id_lead"]); $read_permission = check_crm_acl ('lead', 'cr', $config['id_user'], $data["id_lead"]); if (!$read_permission) { audit_db($config["id_user"],$config["REMOTE_ADDR"], "ACL Violation","Trying to access Downloads browser"); require ($general_error); exit; } break; case "project": $data = get_db_row ("tattachment", "id_attachment", $id_attachment); $id_task = $data["id_task"]; $task_access = get_project_access ($config["id_user"], 0, $id_task, false, true); if (! $task_access["read"]) { audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation","Trying to access to download project files without permission"); require ($general_error); exit; } break; case "contract": $read_permission = check_crm_acl ('contract', 'cr'); if (!$read_permission) { audit_db($config["id_user"],$config["REMOTE_ADDR"], "ACL Violation","Trying to access Downloads browser"); require ($general_error); exit;
function show_task_tree(&$table, $id_project, $level, $id_parent_task, $users) { global $config; $sql = sprintf('SELECT * FROM ttask WHERE id_project = %d AND id_parent_task = %d ORDER BY name', $id_project, $id_parent_task); $new = true; while ($task = get_db_all_row_by_steps_sql($new, $result, $sql)) { $new = false; //If user belong to task then create a new row in the table $task_access = get_project_access($config['id_user'], $id_project, $task['id'], false, true); if ($task_access['manage']) { //Each tr has the task id as the html id object! //Check completion for tr background color if ($task['completion'] < 40) { $color = "#FFFFFF"; } else { if ($task['completion'] < 90) { $color = "#FFE599"; } else { if ($task['completion'] < 100) { $color = "#A4BCFA"; } else { if ($task['completion'] == 100) { $color = "#B6D7A8"; } } } } echo "<tr id=" . $task['id'] . " bgcolor='{$color}'>"; show_task_row($table, $id_project, $task, $level, $users); echo "</tr>"; } show_task_tree($table, $id_project, $level + 1, $task['id'], $users); } }
if (!$id_workorder) { if ($id) { $id_workorder = $id; } else { audit_db($id_user, $REMOTE_ADDR, "ACL Violation", "Trying to access to workorder #" . $id_workorder); include "general/noaccess.php"; return; } } $id_task = get_db_value("id_task", "ttodo", "id", $id_workorder); if (!$id_task) { echo "<h3 class='error'>" . __("The workorder does not have a task associated") . "</h3>"; return; } $assigned_user = get_db_value("assigned_user", "ttodo", "id", $id_workorder); $task_permission = get_project_access($config['id_user'], false, $id_task, false, true); if (!$task_permission['read']) { audit_db($id_user, $REMOTE_ADDR, "ACL Violation", "Trying to access to workorder #" . $id_workorder); include "general/noaccess.php"; exit; } // Workunit ADD if ($insert_workunit) { $timestamp = print_mysql_timestamp(); $description = (string) get_parameter("nota"); $duration = (double) get_parameter('duration'); $have_cost = (int) get_parameter('have_cost'); $profile = (int) get_parameter('id_profile'); $public = (bool) get_parameter('public'); // Single day workunit $sql = sprintf('INSERT INTO tworkunit
$where_clause = ""; if ($search_text != "") { $where_clause .= sprintf (" AND (tproject.name LIKE '%%%s%%' OR tproject.description LIKE '%%%s%%')", $search_text, $search_text); } if ($search_id_project_group != 0) { $where_clause .= sprintf (" AND tproject.id_project_group=$search_id_project_group "); } $sql = get_projects_query ($config['id_user'], $where_clause, $view_disabled); $new = true; while ($project = get_db_all_row_by_steps_sql ($new, $result, $sql)) { $new = false; $project_permission = get_project_access ($config['id_user'], $project['id']); if (!$project_permission['read']) { continue; } $data = array (); // Project name $data[0] = '<a href="index.php?sec=projects&sec2=operation/projects/project_detail&id_project='.$project['id'].'">'.$project['name'].'</a>'; $data[1] = $project["id_owner"]; if ($project["start"] == $project["end"]) { $data[2] = __('Unlimited'); } else { $completion = format_numeric (calculate_project_progress ($project['id'])); $data[2] = progress_bar($completion, 90, 20); }
// GNU General Public License for more details. // Load global vars global $config; include_once "include/functions_projects.php"; include_once "include/functions_graph.php"; include_once "include/functions_user.php"; check_login(); $id_project = (int) get_parameter('id_project'); $id_user = $config["id_user"]; $start_date = get_parameter('start_date'); $end_date = get_parameter('end_date'); $id_user_filter = get_parameter('user', ""); $start_date = get_parameter('start_date', strftime("%F", strtotime("-1 year"))); $end_date = get_parameter('end_date', strftime("%F", strtotime("now"))); // ACL $project_access = get_project_access($id_user, $id_project); if (!$project_access["read"]) { // Doesn't have access to this page audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to project graph page"); no_permission(); } echo "<h1>" . __('Time graph') . "</h1>"; if ($id_project) { echo "<form id='form-time_graph' action='index.php?sec=projects&sec2=operation/projects/project_timegraph&id_project=" . $id_project . "' method='post'>"; echo '<table class="search-table-button" style="width: 99%;" border=0>'; echo '<tr>'; echo '<td width="25%"><b>' . __('User ') . ' </b>'; $params = array(); $params['input_value'] = $id_user_filter; $params['input_id'] = 'text-user'; $params['input_name'] = 'user';
// GNU General Public License for more details. global $config; check_login (); // Get parameters $id_project = get_parameter ('id_project'); $id_task = get_parameter ('id_task', -1); $project_manager = get_db_value ('id_owner', 'tproject', 'id', $id_project); $operation = (string) get_parameter ('operation'); $title = get_parameter ("title", ""); $description = get_parameter ("description", ""); // ACL $task_permission = get_project_access ($config["id_user"], $id_project, $id_task, false, true); if (!$task_permission["manage"]) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task email report without permission"); no_permission(); } if ($operation == "generate_email") { $task_participants = get_db_all_rows_sql ("SELECT direccion, nombre_real FROM tusuario, trole_people_task WHERE tusuario.id_usuario = trole_people_task.id_user AND trole_people_task.id_task = $id_task"); $participants =""; foreach ($task_participants as $participant){ $participant["direccion"]; $text = ascii_output ($description); $subject = ascii_output ($title); integria_sendmail ($participant["direccion"], $subject, $text); } echo ui_print_success_message (__("Operation successfully completed"), '', true, 'h3', true);
function print_task_tabs($selected_tab = '', $id_task_param = false) { global $config; $id_project = get_parameter('id_project', -1); $id_task = $id_task_param !== false ? $id_task_param : get_parameter('id_task', -1); // Get id_task but not id_project if ($id_task != -1 and $id_project == -1) { $id_project = get_db_value("id_project", "ttask", "id", $id_task); } $task_permission = array(); if ($id_task > 0) { $task_permission = get_project_access($config["id_user"], $id_project, $id_task, false, true); } $t_menu = array(); $t_menu['overview_project'] = array('title' => __('Project overview'), 'link' => "operation/projects/project_detail&id_project=" . $id_project, 'img' => "images/eye.png"); $t_menu['overview'] = array('title' => __('Tasks overview'), 'link' => "operation/projects/task&id_project=" . $id_project, 'img' => "images/tree_list.png"); $t_menu['detail'] = array('title' => __('Task detail'), 'link' => "operation/projects/task_detail&id_project=" . $id_project . "&id_task=" . $id_task . "&operation=view", 'img' => "images/inventory_dark.png"); $t_menu['tracking'] = array('title' => __('Task traking'), 'link' => "operation/projects/task_tracking&id_project=" . $id_project . "&id_task=" . $id_task . "&operation=view", 'img' => "images/clock_tab.png"); if ($task_permission['write']) { $t_menu['workunit_add'] = array('title' => __('Add workunit'), 'link' => "operation/users/user_spare_workunit&id_project=" . $id_project . "&id_task=" . $id_task, 'img' => "images/multiple_workunits_tab.png"); $t_menu['costs'] = array('title' => __('View external costs'), 'link' => "operation/projects/task_cost&id_project=" . $id_project . "&id_task=" . $id_task . "&operation=list", 'img' => "images/money.png"); } if ($task_permission['manage']) { $t_menu['people'] = array('title' => __('People'), 'link' => "operation/projects/people_manager&id_project=" . $id_project . "&id_task=" . $id_task, 'img' => "images/contacts.png"); $t_menu['email'] = array('title' => __('E-mail report'), 'link' => "operation/projects/task_emailreport&id_project=" . $id_project . "&id_task=" . $id_task, 'img' => "images/email_dark.png"); $t_menu['move'] = array('title' => __('Move task'), 'link' => "operation/projects/task_move&id_project=" . $id_project . "&id_task=" . $id_task, 'img' => "images/move_task.png"); } $totalhours = get_task_workunit_hours($id_task); $totalwu = get_task_count_workunits($id_task); if ($totalwu > 0) { $t_menu['workunits'] = array('title' => __('Workunits') . " (" . $totalhours . " " . __("Hours") . ")", 'link' => "operation/projects/task_workunit&id_project=" . $id_project . "&id_task=" . $id_task, 'img' => "images/workunit_tab.png"); } else { $t_menu['workunits'] = array('title' => __('Workunit') . " (" . __("Empty") . ")", 'link' => "", 'img' => "images/workunit_disabled.png"); } $numberfiles = give_number_files_project($id_project); //if ($numberfiles > 0){ $t_menu['files'] = array('title' => __('Files') . "(" . $numberfiles . ")", 'link' => "operation/projects/task_files&id_project=" . $id_project . "&id_task=" . $id_task, 'img' => "images/products/folder.png"); /*} else { $t_menu['files'] = array ( 'title' => __('Files') . "(" . __("Empty") . ")", 'img' => "images/folder_disabled.png", ); }*/ if ($selected_tab == 'detail') { $t_menu['report'] = array('title' => __('Task report'), 'link' => "operation/projects/task_report&id_project=" . $id_project . "&id_task=" . $id_task, 'img' => "images/chart_bar_dark.png"); } if ($selected_tab == 'workunits') { $t_menu['report_gant'] = array('title' => __('Tasks report'), 'link' => "operation/projects/task_workunit&id_project=" . $id_project . "&id_task=" . $id_task . "&pure=1", 'img' => "images/chart_bar_dark.png"); } return $t_menu; }