function populate() { if (!isModuleAdmin()) { $flash = Flash::Instance(); $flash->addError('You don\'t have permission to view the Sales Team summary EGlets'); $this->should_render = false; return false; } $db =& DB::Instance(); $query = 'SELECT s.id,s.name FROM opportunitystatus s WHERE usercompanyid=' . $db->qstr(EGS_COMPANY_ID) . ' ORDER BY position DESC'; $statuses = $db->GetAssoc($query); $query = 'SELECT DISTINCT assigned FROM opportunities o WHERE o.usercompanyid=' . EGS_COMPANY_ID . ' AND extract(\'' . $this->timeframe . '\' FROM o.enddate)=extract(\'' . $this->timeframe . '\' FROM now())'; $users = $db->GetCol($query); $options = array(); foreach ($users as $username) { if (empty($username)) { continue; } $data = array(); foreach ($statuses as $id => $status) { $query = 'SELECT COALESCE(sum(cost),0) FROM opportunities o WHERE o.assigned=' . $db->qstr($username) . ' AND o.status_id=' . $db->qstr($id) . ' AND o.usercompanyid=' . EGS_COMPANY_ID . ' AND extract(\'' . $this->timeframe . '\' FROM o.enddate)=extract(\'' . $this->timeframe . '\' FROM now())'; $data['x'][] = $status; $data['y'][] = (double) $db->GetOne($query); } $options['seriesList'][] = array('label' => $username, 'legendEntry' => TRUE, 'data' => $data); } if (!isset($options['seriesList']) || empty($options['seriesList'])) { return false; } $options['type'] = 'bar'; $options['identifier'] = __CLASS__ . $this->timeframe; $this->contents = json_encode($options); }
function load($sh, $c_query = null) { $db = DB::Instance(); $qb = new QueryBuilder($db, $this->_doname); if ($sh instanceof SearchHandler) { if ($this->_templateobject->isAccessControlled()) { if (isModuleAdmin()) { $cc = new ConstraintChain(); $cc->add(new Constraint('usercompanyid', '=', EGS_COMPANY_ID)); $cc->add(new Constraint('id', '=', EGS_COMPANY_ID), 'OR'); $sh->addConstraintChain($cc); $qb->setDistinct(); } else { $cc = new ConstraintChain(); $cc->add(new Constraint('usernameaccess', '=', EGS_USERNAME)); $cc->add(new Constraint('owner', '=', EGS_USERNAME), 'OR'); $cc2 = new ConstraintChain(); $cc2->add(new Constraint('usercompanyid', '=', EGS_COMPANY_ID)); $sh->addConstraintChain($cc); $sh->addConstraintChain($cc2); $qb->setDistinct(); } } $this->sh = $sh; } $this->_load($sh, $qb, $c_query); }
public function summary_report() { $users = array(); if (isModuleAdmin()) { $u = DataObjectFactory::Factory('User'); $users = $u->getAll(); } $this->view->set('users', $users); if (isset($this->_data['filter'])) { $cc = new ConstraintChain(); if (!empty($this->_data['from_date'])) { $cc->add(new Constraint('enddate', '>', fix_date($this->_data['from_date']))); } if (!empty($this->_data['to_date'])) { $cc->add(new Constraint('enddate', '<', fix_date($this->_data['to_date']))); } if (!isModuleAdmin()) { $cc->add(new Constraint('assigned', '=' . EGS_USERNAME)); } elseif (!empty($this->_data['assigned'])) { $cc->add(new Constraint('assigned', '=', $this->_data['assigned'])); } $opp_sh = new SearchHandler(new OpportunityCollection($this->_templateobject), false); $opp_sh->addConstraintChain($cc); $opp_sh->extract(); $os = DataObjectFactory::Factory('Opportunitystatus'); $os->addSearchHandler('opportunities', $opp_sh); $statuses = new OpportunitystatusCollection($os); $sh = new SearchHandler($statuses, false); $sh->extract(); $statuses->load($sh); $this->view->set('statuses', $statuses); $this->view->set('report_headings', array('name', 'company', 'person', 'enddate', 'type', 'cost', 'assigned')); $this->view->set('cc', $cc); } }
public function delete() { $flash = Flash::Instance(); if (!isModuleAdmin()) { $flash->addError('Sorry, must be a module admin to delete resource templates.'); sendBack(); } parent::delete('Resourcetemplate'); sendTo('resourcetemplate', 'index', 'projects'); }
function deleteAll($cc = null) { $db = DB::Instance(); $result = false; if (is_null($cc)) { $cc = new ConstraintChain(); } if ($cc instanceof ConstraintChain) { if ($this->_templateobject->isAccessControlled()) { if (!isModuleAdmin()) { $cc->add(new Constraint('usernameaccess', '=', EGS_USERNAME)); $cc->add(new Constraint('owner', '=', EGS_USERNAME), 'OR'); } } else { $cc->add(new Constraint('usercompanyid', '=', EGS_COMPANY_ID)); } $do = DataObjectFactory::Factory($this->_doname); $query = 'DELETE FROM ' . $do->getTableName() . ' where ' . $cc->__toString(); $result = $db->Execute($query); } return $result !== false; }
public static function useDefault($search_data = null, &$errors = array(), $defaults = null) { $search = new TicketsSearch($defaults); $search->addSearchField('id', 'ticket_#', 'equal'); $search->addSearchField('internal_status_code', 'status_is', 'ticket_status', array('NEW', 'OPEN')); $user = new User(); $user->loadBy('username', EGS_USERNAME); $search->addSearchField('originator_person_id', 'my_tickets_only', 'hide', false, 'advanced'); $search->setOnValue('originator_person_id', $user->username); $search->addSearchField('summary', 'summary_contains', 'contains'); $search->addSearchField('assigned_to', 'assigned_to', 'select', ''); $options = array('' => 'all', EGS_USERNAME => 'me', 'NULL' => 'noone'); if (isModuleAdmin()) { $users = User::getOtherUsers(); $options = array_merge($options, $users); } $search->setOptions('assigned_to', $options); $search->addSearchField('originator_company', 'company_name', 'begins', null, 'advanced'); $search->addSearchField('created', 'created_today', 'hide', false, 'advanced'); $cc = new ConstraintChain(); $cc->add(new Constraint('created', '>', date('Y-m-d', strtotime('yesterday')))); $cc->add(new Constraint('created', '<', date('Y-m-d', strtotime('tomorrow')))); $search->setConstraint('created', $cc); $queue = new TicketQueue(); $queues = $queue->getAll(); $search->addSearchField('ticket_queue_id', 'queue', 'multi_select', array_keys($queues), 'advanced'); $search->setOptions('ticket_queue_id', $queues); $search->addSearchField('ticket_release_version_id', 'release_version', 'select', '', 'advanced'); $releaseversion = new TicketReleaseVersion(); $releaseversions = $releaseversion->getAll(); $options = array('' => 'All'); $options += $releaseversions; $search->setOptions('ticket_release_version_id', $options); $search->setSearchData($search_data, $errors); return $search; }
public function view() { if (!$this->loadData()) { $this->dataError(); sendBack(); } $person = $this->_uses[$this->modeltype]; $person_id = $person->{$person->idField}; $party_id = $person->party_id; $company = DataObjectFactory::Factory('Company'); $slcustomer = DataObjectFactory::Factory('SLCustomer'); if ($person->isLoaded()) { $company->load($person->company_id); $slcustomer->loadBy('company_id', $person->company_id); } if (!$person->isLoaded()) { $flash = Flash::instance(); $flash->addError('You do not have permission to view this person.'); sendTo($this->name, 'index', $this->_modules); return; } $sidebar = new SidebarController($this->view); // Need loose coupling method - use person categories? $employee = DataObjectFactory::Factory('Employee'); $employee->loadBy('person_id', $person_id); if ($employee->isLoaded()) { $sidebar->addList('currently_viewing', array('view' => array('tag' => 'view ' . $person->fullname, 'link' => array('modules' => $this->_modules, 'controller' => $this->name, 'action' => 'view', 'id' => $person_id)))); } else { $sidebar->addCurrentBox('currently_viewing', $person->fullname, array('module' => 'contacts', 'controller' => 'persons', 'id' => $person->id)); } $items = array(); $ao = AccessObject::Instance(); if ($ao->hasPermission('crm')) { $items += array('opportunities' => array('tag' => 'Opportunities', 'link' => array('module' => 'crm', 'controller' => 'opportunitys', 'action' => 'viewperson', 'person_id' => $person_id), 'new' => array('module' => 'crm', 'controller' => 'opportunitys', 'action' => 'new', 'person_id' => $person_id)), 'activities' => array('tag' => 'Activities', 'link' => array('module' => 'crm', 'controller' => 'activitys', 'action' => 'viewperson', 'person_id' => $person_id), 'new' => array('module' => 'crm', 'controller' => 'activitys', 'action' => 'new', 'person_id' => $person_id))); } if ($ao->hasPermission('ticketing')) { $items += array('tickets' => array('tag' => 'Tickets', 'link' => array('module' => 'ticketing', 'controller' => 'tickets', 'action' => 'viewcompany', 'originator_person_id' => $person_id), 'new' => array('module' => 'ticketing', 'controller' => 'tickets', 'action' => 'new', 'originator_person_id' => $person_id))); } if (isModuleAdmin('projects')) { $items += array('resource_template' => array('tag' => 'Resource Template', 'link' => array('module' => 'projects', 'controller' => 'resourcetemplate', 'action' => 'viewperson', 'person_id' => $person_id), 'new' => array('module' => 'projects', 'controller' => 'resourcetemplate', 'action' => 'new', 'person_id' => $person_id))); } $items += array('spacer', 'notes' => array('tag' => 'Notes', 'link' => array('module' => 'contacts', 'controller' => 'partynotes', 'action' => 'viewperson', 'party_id' => $party_id), 'new' => array('module' => 'contacts', 'controller' => 'partynotes', 'action' => 'new', 'party_id' => $party_id)), 'spacer', 'attachments' => array('tag' => 'Attachments', 'link' => array('module' => 'contacts', 'controller' => 'personattachments', 'action' => 'index', 'person_id' => $person_id), 'new' => array('module' => 'contacts', 'controller' => 'personattachments', 'action' => 'new', 'data_model' => 'person', 'entity_id' => $person_id)), 'spacer', 'addresses' => array('tag' => 'Addresses', 'link' => array('module' => 'contacts', 'controller' => 'partyaddresss', 'action' => 'viewperson', 'party_id' => $party_id), 'new' => array('module' => 'contacts', 'controller' => 'partyaddresss', 'action' => 'new', 'party_id' => $party_id)), 'spacer', 'phone' => array('tag' => 'Phone', 'link' => array('module' => 'contacts', 'controller' => 'partycontactmethods', 'action' => 'viewperson', 'party_id' => $party_id, 'type' => 'T'), 'new' => array('module' => 'contacts', 'controller' => 'partycontactmethods', 'action' => 'new', 'party_id' => $party_id, 'type' => 'T')), 'mobile' => array('tag' => 'Mobile', 'link' => array('module' => 'contacts', 'controller' => 'partycontactmethods', 'action' => 'viewperson', 'party_id' => $party_id, 'type' => 'M'), 'new' => array('module' => 'contacts', 'controller' => 'partycontactmethods', 'action' => 'new', 'party_id' => $party_id, 'type' => 'M')), 'fax' => array('tag' => 'Fax', 'link' => array('module' => 'contacts', 'controller' => 'partycontactmethods', 'action' => 'viewperson', 'party_id' => $party_id, 'type' => 'F'), 'new' => array('module' => 'contacts', 'controller' => 'partycontactmethods', 'action' => 'new', 'party_id' => $party_id, 'type' => 'F')), 'email' => array('tag' => 'Email', 'link' => array('module' => 'contacts', 'controller' => 'partycontactmethods', 'action' => 'viewperson', 'party_id' => $party_id, 'type' => 'E'), 'new' => array('module' => 'contacts', 'controller' => 'partycontactmethods', 'action' => 'new', 'party_id' => $party_id, 'type' => 'E')), 'spacer', 'meetings' => array('tag' => 'Meetings', 'link' => array('module' => 'calendar', 'controller' => 'calendarevents', 'action' => 'viewperson', 'person_id' => $person_id), 'new' => array('module' => 'calendar', 'controller' => 'calendarevents', 'action' => 'new', 'person_id' => $person_id)), 'calls' => array('tag' => 'Calls', 'link' => array('module' => 'contacts', 'controller' => 'loggedcalls', 'action' => 'viewperson', 'person_id' => $person_id), 'new' => array('module' => 'contacts', 'controller' => 'loggedcalls', 'action' => 'new', 'person_id' => $person_id))); if ($slcustomer->isLoaded()) { $items += array('sorders' => array('tag' => 'Sales Orders/Quotes', 'link' => array('module' => 'sales_order', 'controller' => 'sorders', 'action' => 'viewperson', 'person_id' => $person_id), 'new' => array('module' => 'sales_order', 'controller' => 'sorders', 'action' => 'new', 'person_id' => $person_id, 'slmaster_id' => $slcustomer->id))); } $sidebar->addList('related_items', $items); $category = DataObjectFactory::Factory('peopleInCategories'); $this->view->set('categories', implode(',', $category->getCategorynames($person_id))); $current_categories = $category->getCategoryID($person_id); $ledger_category = DataObjectFactory::Factory('LedgerCategory'); foreach ($ledger_category->getPersonTypes($current_categories) as $model_name => $model_detail) { $do = DataObjectFactory::Factory($model_name); $do->loadBy('person_id', $person_id); if ($do->isLoaded()) { $sidebar->addList('related_items', array($model_name => array('tag' => $do->getTitle(), 'link' => array('module' => $model_detail['module'], 'controller' => $model_detail['controller'], 'action' => 'view', $do->idField => $do->{$do->idField})))); } else { $sidebar->addList('related_items', array($model_name => array('tag' => $do->getTitle(), 'new' => array('module' => $model_detail['module'], 'controller' => $model_detail['controller'], 'action' => 'new', 'person_id' => $person->{$person->idField})))); } } $this->view->register('sidebar', $sidebar); $this->view->set('sidebar', $sidebar); $category = DataObjectFactory::Factory('PeopleInCategories'); $this->view->set('categories', implode(',', $category->getCategorynames($person_id))); if ($person instanceof Person) { $pl = new PreferencePageList('recently_viewed_people' . EGS_COMPANY_ID); $pl->addPage(new Page(array('module' => 'contacts', 'controller' => 'persons', 'action' => 'view', 'id' => $person_id), 'person', $person->firstname . ' ' . $person->surname)); $pl->save(); } }
private function getHours() { $hours_cc = new ConstraintChain(); if (empty($this->_data['week_ending'])) { $this->_data['week_ending'] = date(DATE_FORMAT, strtotime('friday')); } $hours_cc->add(new Constraint('start_time', '<=', fix_date($this->_data['week_ending']))); $hours_cc->add(new Constraint('start_time', '>', date('Y-m-d', strtotime('last monday', strtotime(fix_date($this->_data['week_ending'])))))); if (!isModuleAdmin()) { $hours_cc->add(new Constraint('owner', '=', EGS_USERNAME)); } else { if (!empty($this->_data['username'])) { $hours_cc->add(new Constraint('owner', '=', $this->_data['username'])); } } if (!empty($this->_data['project_id'])) { $hours_cc > add(new Constraint('project_id', '=', $this->_data['project_id'])); //for a single project } $hours = Hour::getForTimesheet($hours_cc); return $hours; }
public function sharingsave($model = '') { // FIXME: Add injection protection $flash = Flash::Instance(); if (!$this->checkParams(array('id', 'model'), $flash)) { sendTo(); } if (empty($model)) { $modelname = $this->_data['model']; } else { $modelname = $model; } $object = $this->_uses[$modelname]; $object->load($this->_data['id'], true); // If we own it, we can do anything we like. // What if 'owner' is not a field on the model? if ($object->owner != EGS_USERNAME && !isModuleAdmin()) { // We're not the owner, are we /really/ allowed to read this company? $objectPermissions = new ObjectRoleCollection(); if ($objectPermissions->getRows($object->id, $object->getTableName(), 'write')->count() == 0) { if (empty($model)) { $flash = Flash::Instance(); $flash->addError('You do not have permission to edit this ' . $modelname); sendTo($this->name, 'view', $this->_data['module'], array('id' => $this->_data['id'])); } return false; } } // Get rid of existing roles for this object // $objectrole = new ObjectRole(); $objectrole = DataObjectFactory::Factory('ObjectRole'); $objectrole->deleteAll($objectrole->getIds($object->id, $object->getTableName())); // Note permissions that are needed and for which roles $roles = array(); if (isset($this->_data['read'])) { foreach ($this->_data['read'] as $role) { $roles[$role][] = 'read'; } } if (isset($this->_data['write'])) { foreach ($this->_data['write'] as $role) { $roles[$role][] = 'write'; } } foreach ($roles as $role => $permissions) { $roles_data = array(); $roles_data['object_id'] = $this->_data['id']; $roles_data['object_type'] = $object->getTableName(); $roles_data['role_id'] = $role; foreach ($permissions as $permission) { $roles_data[$permission] = true; } $errors = array(); $objectrole = ObjectRole::Factory($roles_data, $errors, 'ObjectRole'); $objectrole->save(); } $flash = Flash::instance(); $flash->addMessage('Sharing changes saved.'); if (empty($model)) { sendTo($this->name, 'view', $this->_data['module'], array('id' => $this->_data['id'])); } return true; }
function update($fields, $values, $sh, $c_query = null) { if (!is_array($fields)) { $fields = array($fields); } if (!is_array($values)) { $values = array($values); } $db = DB::Instance(); $qb = new QueryBuilder($db, $this->_templateobject); // Collection may be based on a view so need to get the base table // of the DataObject model associated with this DataObjectCollection $this->_tablename = $this->getModel()->getTableName(); $table_columns = $db->MetaColumnNames($this->_tablename); if (in_array('lastupdated', $table_columns) && !in_array('lastupdated', $fields)) { $fields[] = 'lastupdated'; $values[] = 'now()'; } if (in_array('alteredby', $table_columns) && !in_array('alteredby', $fields)) { $fields[] = 'alteredby'; $values[] = EGS_USERNAME; } if ($sh instanceof SearchHandler) { if ($this->_templateobject->isAccessControlled()) { if (isModuleAdmin()) { $qb->setDistinct(); } else { $sh->addConstraintChain($this->_templateobject->getAccessConstraint('write')); } } $this->sh = $sh; } return $this->_update($fields, $values, $sh, $qb, $c_query); }
/** * Saves the current state of the Object to the database. * Assumes data has been validated, so will result in exception if update/insert fails * Will call save() on any loaded hasMany() relationships. (Actual DB-updates on such Objects will depend on their check for modification) * @throws Exception * @return boolean true on success, false otherwise * @todo Use a 'modified' variable to avoid un-necessary saves * @todo If caching is implemented elsewhere, will probably need to be able to flush appropriate bits from here */ function save($debug = FALSE) { $this->debug('DataObject(' . get_class($this) . ')::save model ' . get_class($this)); if (!$this->_valid) { return FALSE; } $db =& DB::Instance(); if ($debug) { $db->debug = TRUE; } $data = array(); $myIdField = $this->{$this->idField}; foreach ($this->getFields() as $key => $field) { if ($field->ignoreField) { continue; } $value = $field->finalvalue; if (in_array($key, $this->force_change)) { $value = $this->autoHandle($key); } // TODO: Something looks wrong here - if the field is type file // and value empty, then saveFile?!? if ($field->type == 'file' && empty($value)) { $this->saveFile(); continue; } if ($field->type == 'timestamp' && trim($value) === '' || substr($field->type, 0, 3) == 'int' && trim($value) === '' || $field->type == 'numeric' && trim($value) === '' || $field->type == 'varchar' && trim($value) === '' && $field->not_null !== TRUE || $field->type == 'date' && trim($value) === '') { $data[$key] = 'NULL'; } elseif ($field->type == 'date' && is_int($value)) { $data[$key] = fix_date(date(DATE_FORMAT, $value)); } else { $data[$key] = $value; } } foreach ($this->hashes as $fieldname => $array) { $data[$fieldname] = base64_encode(serialize($array)); } if (isset($data[$this->idField]) && $data[$this->idField] == 'NULL') { unset($data[$this->idField]); } // Need a method of checking whether insert is allowed // - assume it is since we have got to this point if (!isset($data[$this->idField]) || isset($data[$this->idField]) && ($this->isAccessAllowed($data[$this->idField], 'write') || isModuleAdmin())) { $ret = $db->Replace($this->_tablename, $data, $this->idField, TRUE); } else { return FALSE; } if ($debug) { $db->debug = FALSE; } if ($ret === 0) { $this->debug('DataObject(' . get_class($this) . ')::save Save of ' . get_class($this) . ' failed: ' . $db->ErrorMsg()); return FALSE; } else { $this->_loaded = TRUE; return TRUE; } }