if (!$id_project) {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager without project");
no_permission();
}
$project_access = get_project_access($config["id_user"], $id_project);
if (!$project_access["read"]) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager of unauthorized project");
no_permission();
}
$project = get_db_row('tproject', 'id', $id_project);
$update = get_parameter("update");
$create = get_parameter("create");
$delete = get_parameter("delete");
if (!$update && !$create && !$delete) {
if (!manage_any_task($config["id_user"], $id_project)) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager of unauthorized project");
no_permission();
}
}
//Delete task
if ($delete) {
$task_access = get_project_access($config["id_user"], $id_project, $delete);
//Check if admin or project manager before delete the task
if (!$task_access["manage"]) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to delete a task without permission");
no_permission();
}
delete_task($delete);
echo '<h3 class="suc">' . __('Successfully deleted') . '</h3>';
project_tracking($id_project, PROJECT_TASK_DELETED);
global $show_setup;
global $show_wiki;
// PROJECTS
if ($sec == "projects" && give_acl($config["id_user"], 0, "PR") && $show_projects != MENU_HIDDEN) {
$id_project = get_parameter('id_project', -1);
$id_task = get_parameter('id_task', -1);
// Get id_task but not id_project
if ($id_task != -1 and $id_project == -1) {
$id_project = get_db_value("id_project", "ttask", "id", $id_task);
}
// ACL Permissions
$section_permission = get_project_access($config["id_user"]);
$manage_any_task = manage_any_task($config["id_user"]);
if ($id_project > 0) {
$project_permission = get_project_access($config["id_user"], $id_project);
$manage_any_task_in_project = manage_any_task($config["id_user"], $id_project);
}
if ($id_task > 0) {
$task_permission = get_project_access($config["id_user"], $id_project, $id_task, false, true);
}
echo "<div class='portlet' style='border:padding: 0px; margin: 0px;'>";
//echo '<a href="javascript:;" onclick="$(\'#projects\').slideToggle (); return false">';
echo "<h3>" . __('Projects') . "</h3>";
//echo "</a>";
echo "<div id=projects style='padding: 0px; margin: 0px'>";
echo "<ul class='sidemenu'>";
// Project overview
if ($sec2 == "operation/projects/project_overview") {
echo "<li id='sidesel'>";
} else {
echo "<li>";
global $show_kb;
global $show_file_releases;
global $show_people;
global $show_todo;
global $show_agenda;
global $show_setup;
global $show_wiki;
// PROJECTS
echo "<nav id='menu_nav'>";
echo "<ul id='menu_slide'>";
if ($sec == "projects" && give_acl ($config["id_user"], 0, "PR") && $show_projects != MENU_HIDDEN) {
$section_permission = get_project_access ($config["id_user"]);
$manage_any_task = manage_any_task ($config["id_user"]);
// if for active li project
if (($sec2 == "operation/projects/project_overview") ||
($sec2 == "operation/projects/user_project_timegraph") ||
($sec2 == "operation/projects/project_detail") ||
($sec2 == "operation/projects/role_user_global") ||
($sec2 == "operation/projects/project") ||
($sec2 == "operation/projects/project_detail") ||
($sec2 == "operation/projects/task_planning") ||
($sec2 == "operation/projects/project_timegraph") ||
($sec2 == "operation/projects/project_tracking") ||
($sec2 == "operation/projects/task") ||
($sec2 == "operation/projects/project_report") ||
($sec2 == "operation/projects/task_detail") ||
($sec2 == "operation/projects/gantt") ||
include_once "include/functions_tasks.php";
// Get our main stuff
$id_project = get_parameter('id_project', -1);
$id_task = get_parameter('id_task', -1);
$operation = (string) get_parameter('operation');
$gantt_editor = (int) get_parameter("gantt_editor");
$hours = 0;
$estimated_cost = 0;
// ACL Check for this task
$project_permission = get_project_access($config["id_user"], $id_project);
$task_permission = get_project_access($config["id_user"], $id_project, $id_task, false, true);
if ($operation == "") {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task detail without operation");
no_permission();
} elseif ($operation == "create" && !manage_any_task($config['id_user'], $id_project)) {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to create a task without access");
no_permission();
} elseif ($operation == "insert") {
$id_parent = (int) get_parameter('parent');
if ($id_parent == 0) {
if (!$project_permission['manage']) {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to insert a task without access");
no_permission();
}
}
$task_permission = get_project_access($config["id_user"], $id_project, $id_parent, false, true);
if (!$task_permission['manage']) {
// Doesn't have access to this page
function print_project_tabs($selected_tab = '')
{
global $config;
$id_project = get_parameter('id_project', -1);
$id_task = get_parameter('id_task', -1);
// Get id_task but not id_project
if ($id_task != -1 and $id_project == -1) {
$id_project = get_db_value("id_project", "ttask", "id", $id_task);
}
// ACL Permissions
$section_permission = get_project_access($config["id_user"]);
$manage_any_task = manage_any_task($config["id_user"]);
if ($id_project > 0) {
$project_permission = get_project_access($config["id_user"], $id_project);
$manage_any_task_in_project = manage_any_task($config["id_user"], $id_project);
}
$p_menu = array();
$p_menu['overview'] = array('title' => __('Project overview'), 'link' => "operation/projects/project_detail&id_project=" . $id_project, 'img' => "images/eye.png");
if ($manage_any_task_in_project) {
$p_menu['task_plan'] = array('title' => __('Task planning'), 'link' => "operation/projects/task_planning&id_project=" . $id_project, 'img' => "images/task_planning.png");
}
$p_menu['time'] = array('title' => __('Time graph'), 'link' => "operation/projects/project_timegraph&id_project=" . $id_project, 'img' => "images/chart_pie.png");
$p_menu['tracking'] = array('title' => __('Project traking'), 'link' => "operation/projects/project_tracking&id_project=" . $id_project, 'img' => "images/clock_tab.png");
$task_number = get_tasks_count_in_project($id_project);
if ($task_number > 0) {
$p_menu['task_list'] = array('title' => __('Task list') . " (" . $task_number . ")", 'link' => "operation/projects/task&id_project=" . $id_project, 'img' => "images/tree_list.png");
} else {
$p_menu['task_list'] = array('title' => __('Task list') . " (" . __("Empty") . ")", 'img' => "images/tree_list_disabled.png");
}
if ($manage_any_task_in_project) {
$p_menu['task_new'] = array('title' => __('New task'), 'link' => "operation/projects/task_detail&operation=create&id_project=" . $id_project, 'img' => "images/new_tab.png");
}
$p_menu['gantt'] = array('title' => __('Gantt chart'), 'link' => "operation/projects/gantt&id_project=" . $id_project, 'img' => "images/gantt.png");
$p_menu['milestones'] = array('title' => __('Milestones'), 'link' => "operation/projects/milestones&id_project=" . $id_project, 'img' => "images/milestone.png");
if ($project_permission['manage']) {
$p_menu['people'] = array('title' => __('People'), 'link' => "operation/projects/people_manager&id_project=" . $id_project, 'img' => "images/contacts.png");
}
$totalhours = get_project_workunit_hours($id_project);
$totalwu = get_project_count_workunits($id_project);
if ($totalwu > 0) {
$p_menu['workunits'] = array('title' => __('Workunits') . " (" . $totalhours . " " . __("Hours") . ")", 'link' => "operation/projects/task_workunit&id_project=" . $id_project, 'img' => "images/workunit_tab.png");
} else {
$p_menu['workunits'] = array('title' => __('Workunit') . " (" . __("Empty") . ")", 'img' => "images/workunit_disabled.png");
}
$numberfiles = give_number_files_project($id_project);
if ($numberfiles > 0) {
$p_menu['files'] = array('title' => __('Files') . "(" . $numberfiles . ")", 'link' => "operation/projects/task_files&id_project=" . $id_project, 'img' => "images/products/folder.png");
} else {
$p_menu['files'] = array('title' => __('Files') . "(" . __("Empty") . ")", 'img' => "images/folder_disabled.png");
}
if ($selected_tab == 'overview') {
$p_menu['report'] = array('title' => __('Project report'), 'link' => "operation/projects/project_report&id_project=" . $id_project, 'img' => "images/chart_bar_dark.png");
}
if ($selected_tab == 'task_list') {
$p_menu['report_task'] = array('title' => __('Tasks report'), 'link' => "operation/projects/task&id_project=" . $id_project . "&pure=1", 'img' => "images/chart_bar_dark.png");
}
if ($selected_tab == 'gantt') {
$p_menu['report_gant'] = array('title' => __('Full screen Gantt'), 'link' => "operation/projects/gantt&id_project=" . $id_project . "&clean_output=1", 'img' => "images/chart_bar_dark.png", 'target' => "top");
}
if ($selected_tab == 'workunits') {
$p_menu['report_gant'] = array('title' => __('Tasks report'), 'link' => "operation/projects/task_workunit&id_project=" . $id_project . "&pure=1", 'img' => "images/chart_bar_dark.png");
}
return $p_menu;
}