public function action_update($id) { // RESTful update from Backbone $officer = Officer::find($id); $json = Input::json(true); if (isset($json["command"])) { if (Auth::officer()->is_role_or_higher(Officer::ROLE_SUPER_ADMIN) && !$officer->is_role_or_higher(Officer::ROLE_SUPER_ADMIN) && Auth::officer()->id != $officer->id) { if ($json["command"] == "ban") { $officer->ban(); } if ($json["command"] == "unban") { $officer->unban(); } $officer->save(); $officer = Officer::find($id); } return Response::json($officer->to_array()); } // We can update the officer's role if we are an Admin or a Super Admin. // If we're a Super Admin, we can change the roles of other Super Admins. // Super Admins can never modify their own role. if (Auth::officer()->is_role_or_higher(Officer::ROLE_ADMIN)) { if (isset($json["role"]) && ($officer->role != Officer::ROLE_SUPER_ADMIN || Auth::officer()->is_role_or_higher(Officer::ROLE_SUPER_ADMIN)) && ($officer->role != Officer::ROLE_SUPER_ADMIN || Auth::officer()->id != $officer->id)) { $officer->role = $json["role"]; } } $officer->save(); return Response::json($officer->to_array()); }
public function is_mine() { if (!Auth::officer()) { return false; } return Auth::officer()->id == $this->officer->id ? true : false; }
public function action_update() { $question = Config::get('question'); $answer = trim(Input::get('answer')); if ($answer && $answer != "") { $question->answer = $answer; $question->answered_by = Auth::officer()->id; $question->save(); return Response::json(array("status" => "success", "question" => $question->to_array(), "html" => View::make('projects.partials.question')->with('question', $question)->render())); } else { return Response::json(array("status" => "error", "errors" => array('No answer provided.'))); } }
public function action_create() { $json = Input::json(); $project = Config::get('project'); $comment = new Comment(array('project_id' => $project->id, 'officer_id' => Auth::officer()->id)); $comment->body = $json->body; $comment->save(); foreach ($comment->project->officers as $officer) { if (Auth::officer()->id != $officer->id) { Notification::send("Comment", array('comment' => $comment, 'target_id' => $officer->user->id)); } } return Response::json($comment->to_array()); }
Section::inject('no_page_header', true); ?> <div class="subheader"> <?php if (!Auth::user()) { ?> <p class="lead well">Ready to start bidding? <a href="<?php echo e(route('new_vendors')); ?> ">Sign up</a> in minutes!</p> <?php } ?> <h4> <?php echo Auth::officer() ? 'Everybody\'s Projects' : 'Projects'; ?> <small>(<a href="<?php echo e(route('project_rss', 'rss')); ?> ">rss</a> / <a href="<?php echo e(route('project_rss', 'atom')); ?> ">atom</a>)</small> <a class="officer-only toggle-my-all-projects" href="<?php echo e(route('my_projects')); ?> ">my projects only</a> <div class="search-projects pull-right"> <input id="filter-projects-input" class="search-query" type="search" placeholder="Filter projects..." /> </div>
<div class="comments-list"> <script type="text/javascript"> $(function(){ new Rfpez.Backbone.Comments( <?php echo $project->id; ?> , <?php echo $comments; ?> ) }) </script> </div> <div class="form-actions"></div> <h5>Add Comment</h5> <form id="add-comment-form" action="<?php echo e('comments'); ?> " method="POST" data-officer-name="<?php echo e(Auth::officer()->name); ?> " data-officer-user-id="<?php echo e(Auth::officer()->user_id); ?> "> <textarea class="span5" name="body"></textarea> </form> <div> <button class="btn btn-primary">Submit Comment</button> </div> </div>
?> A: <?php echo nl2br(e($question->answer)); ?> <div class="answerer"> <em>Answered by <?php echo e($question->answerer->user->email); ?> </em> </div> <?php } else { ?> <em><?php echo e(__("r.projects.partials.question.not_answered")); ?> </em> <?php if (Auth::officer() && Auth::officer()->collaborates_on($question->project->id)) { ?> <div class="answer-question"> <a class="answer-question-toggle">Answer Question</a> </div> <?php } ?> <?php } ?> </div> </div>
<?php return array('title' => '', 'models' => array('bid' => array('title' => 'Bid', 'model' => 'AdminModels\\Bid'), 'outboundexits' => array('title' => 'Outbound', 'model' => 'AdminModels\\Outboundexit'), 'comment' => array('title' => 'Cmmnt', 'model' => 'AdminModels\\Comment'), 'deliverable' => array('title' => 'Deliv', 'model' => 'AdminModels\\Deliverable'), 'notification' => array('title' => 'Notif', 'model' => 'AdminModels\\Notification'), 'officer' => array('title' => 'Officer', 'model' => 'AdminModels\\Officer'), 'project' => array('title' => 'Project', 'model' => 'AdminModels\\Project'), 'projectcollaborator' => array('title' => 'Collab', 'model' => 'AdminModels\\ProjectCollaborator'), 'projectsection' => array('title' => 'Section', 'model' => 'AdminModels\\ProjectSection'), 'projectsectiontype' => array('title' => 'Section-Type', 'model' => 'AdminModels\\ProjectSectionType'), 'projecttype' => array('title' => 'Proj type', 'model' => 'AdminModels\\ProjectType'), 'question' => array('title' => 'Q+As', 'model' => 'AdminModels\\Question'), 'service' => array('title' => 'Service', 'model' => 'AdminModels\\Service'), 'servicevendor' => array('title' => 'Serv-Vend', 'model' => 'AdminModels\\ServiceVendor'), 'user' => array('title' => 'User', 'model' => 'AdminModels\\User'), 'vendor' => array('title' => 'Vendor', 'model' => 'AdminModels\\Vendor')), 'auth_check' => function () { return Auth::officer() && Auth::officer()->is_role_or_higher(Officer::ROLE_SUPER_ADMIN); }, 'login_path' => '/signin', 'login_redirect_key' => 'redirect', 'global_per_page' => NULL);
public function action_amendment_no_changes_post() { $project = Config::get('project'); if (!Auth::officer()->is_role_or_higher(Officer::ROLE_CONTRACTING_OFFICER)) { // @todo add instructions for contacting admin to get verified Helper::flash_errors('Sorry, you haven\'t been verified as a contracting officer on RFP-EZ. Please <a href="mailto:rfpez@gsa.gov">email us</a>.'); return Redirect::to_route('project_repost_on_fbo', array($project->id)); } $project->end_amending(); return Redirect::to_route('project', array($project->id)); }
foreach (Bid::where_not_null('submitted_at')->get() as $bid) { if (!isset($total_prices[$bid->project_id])) { $total_prices[$bid->project_id] = array('num_bids' => 0, 'total_price' => 0); } $total_prices[$bid->project_id]['num_bids']++; $total_prices[$bid->project_id]['total_price'] += $bid->total_price_integer(); $total_bids_in_all++; $total_price_for_all += $bid->total_price_integer(); } $avg_prices = array(); foreach (Project::where_not_null('posted_to_fbo_at')->get() as $project) { array_push($avg_prices, array('project_id' => $project->id, 'project_title' => $project->title, 'avg_price' => isset($total_prices[$project->id]) ? $total_prices[$project->id]['total_price'] / $total_prices[$project->id]['num_bids'] : 0)); } $avg_price_total = $total_price_for_all / $total_bids_in_all; $view->total_signups = $num_signups; $view->total_new_to_contracting = $num_new; $view->signups_per_day = $signups_per_day; $view->signups_per_day_flat = $signups_per_day_flat; $view->new_to_contracting = $new_to_contracting; $view->bids_per_project = $bids_per_project; $view->avg_bids_per_project = $avg_bids_per_project; $view->avg_prices = $avg_prices; $view->avg_price_total = $avg_price_total; $this->layout->content = $view; } } Route::filter('admin_only', function () { if (!Auth::officer()->is_role_or_higher(Officer::ROLE_ADMIN)) { return Redirect::to('/'); } });
<div class="subheader"> <?php Section::inject('page_title', "{$project->title}"); ?> <?php if ($project->is_mine() || Auth::officer() && Auth::officer()->is_role_or_higher(Officer::ROLE_SUPER_ADMIN)) { ?> <?php Section::inject('no_page_header', true); ?> <?php echo View::make('projects.partials.toolbar')->with('project', $project); ?> <?php echo View::make('projects.partials.answer_question_form'); ?> <?php } else { ?> <div class="subheader-secondline"><?php echo $project->agency; ?> </div> <?php } ?> </div><!-- subheader --> <div class="container inner-container inner-container-show-project"> <?php Section::inject('active_subnav', "view");
public function award($message) { $this->awarded_at = new \DateTime(); $this->awarded_message = $message; $this->awarded_by = Auth::officer()->id; $this->save(); Notification::send("Award", array('actor_id' => Auth::user()->id, 'bid' => $this)); // Dismiss all the other bids. foreach ($this->project->bids as $bid) { if ($bid->id != $this->id && !$bid->dismissed_at) { $bid->dismiss(); } } if (trim($message) != "") { Mailer::send("BidAwarded", array('bid' => $this)); } }
</a> <?php if ($bid->awarded_at) { ?> <span class="label label-success">Winning Bid!</span> <?php } ?> </td> <td><?php echo e($bid->display_price()); ?> </td> <td> <?php if (Auth::officer()->is_verified_contracting_officer()) { ?> <?php if (!$bid->awarded_at) { ?> <?php if ($bid->dismissed()) { ?> <a class="btn btn-info undismiss-button" data-move-to-table="true">Un-decline</a> <div> <em>Declined: <?php echo e($bid->dismissal_reason); ?> </em> </div> <?php
echo Helper::asset('js/global'); ?> <?php if (Auth::user()) { ?> <?php if (Auth::officer() && Auth::officer()->is_role_or_higher(Officer::ROLE_ADMIN)) { ?> <?php echo Helper::asset('js/admin'); ?> <?php } ?> <?php if (Auth::officer()) { ?> <?php echo Helper::asset('js/officer'); ?> <?php } else { ?> <?php echo Helper::asset('js/vendor'); ?> <?php } ?> <?php }
<a href="<?php echo e(route('reports')); ?> ">Reports</a> </li> <li> <a href="<?php echo e(route('admin_home')); ?> ">Admin</a> </li> <?php } ?> <?php if (Auth::officer()->is_role_or_higher(Officer::ROLE_SUPER_ADMIN)) { ?> <li> <a href="/superadmin">Super Admin</a> </li> <?php } ?> <?php } else { ?> <?php if (!Config::get('application.maint') == true) { ?> <li> <a href="<?php
} public function action_delete() { Config::get('deliverable')->delete(); return Response::json("success"); } } Route::filter('project_exists', function () { $id = Request::$route->parameters[0]; $project = Project::find($id); if (!$project) { return Redirect::to('/'); } Config::set('project', $project); }); Route::filter('i_am_collaborator', function () { // also allowed if user is ADMIN $project = Config::get('project'); if (!$project->is_mine() && !Auth::officer()->is_role_or_higher(Officer::ROLE_ADMIN)) { return Redirect::to('/'); } }); Route::filter('deliverable_exists', function () { $id = Request::$route->parameters[1]; $project = Config::get('project'); $deliverable = $project->deliverables()->where_id($id)->first(); if (!$deliverable) { return Redirect::to('/'); } Config::set('deliverable', $deliverable); });
| Route::filter('filter', function() | { | return 'Filtered!'; | }); | | Next, attach the filter to a route: | | Router::register('GET /', array('before' => 'filter', function() | { | return 'Hello World!'; | })); | */ Route::filter('before', function () { // Do stuff before every request to your application... if (Config::get('application.maint') == true && !Request::route()->is('maint') && !Request::route()->is('reports') && !Request::route()->is('admin') && !Request::route()->is('superadmin') && !Request::route()->is('signin') && !Request::route()->is('signout') && !Request::route()->is('account') && (!Auth::officer() || !Auth::officer()->is_role_or_higher(Officer::ROLE_ADMIN))) { return Redirect::to('/maint'); } if (Auth::user() && Auth::user()->banned_at) { Auth::logout(); return Redirect::to('/')->with('errors', array(__("r.flashes.account_banned"))); } }); Route::filter('after', function ($response) { // Do stuff after every request to your application... $response->header('X-XHR-Current-Location', URL::full()); }); Route::filter('csrf', function () { if (Request::forged()) { return Response::error('500'); }
echo __("r.bids.partials.award_modal.co_warning"); ?> </p> <?php if ($project->is_open_for_bids()) { ?> <div class="alert alert-danger"><?php echo __("r.bids.partials.award_modal.due_date_warning"); ?> </div> <?php } ?> <label class="bold-label">Message to vendor: (will be sent to <em class="vendor-email"></em>)</label> <textarea class="awarded-message" name="awarded_message"><?php echo __("r.bid_award_message", array("title" => $project->title, "officer_name" => Auth::officer()->name, "officer_email" => Auth::officer()->user->email)); ?> </textarea> <label class="checkbox"> <?php echo __("r.bids.partials.award_modal.no_email_label"); ?> <input class="manual-awarded-message-checkbox" type="checkbox" /> </label> </div> <div class="modal-footer"> <button class="btn" data-dismiss="modal">Cancel</button> <button class="btn btn-primary award-btn" data-loading-text="Awarding...">Award</button> </div> </form> </div>
public function is_mine() { if (!Auth::user() || !Auth::user()->officer) { return false; } if (self::$my_project_ids === false) { self::$my_project_ids = ProjectCollaborator::where_officer_id(Auth::officer()->id)->lists('project_id'); } if (in_array($this->id, self::$my_project_ids)) { return true; } return false; }