?>
] = '<?php
echo $dot->getName();
?>
';
<?php
}
foreach (Plugins::instance()->getActive() as $p) {
$js_code = 'if (og.' . $p->getName() . ' && og.' . $p->getName() . '.init) og.' . $p->getName() . '.init();' . "\n";
echo $js_code;
}
?>
og.dimension_object_type_contents = [];
<?php
$dotcs = DimensionObjectTypeContents::findAll();
foreach ($dotcs as $dotc) {
/* @var $dotc DimensionObjectTypeContent */
?>
var dim = <?php
echo $dotc->getDimensionId();
?>
;
var dot = <?php
echo $dotc->getDimensionObjectTypeId();
?>
;
var cot = <?php
echo $dotc->getContentObjectTypeId();
?>
;
/**
* Finish the installation - create owner company and administrator
*
* @param void
* @return null
*/
function complete_installation()
{
if (Contacts::getOwnerCompany() instanceof Contact) {
die('Owner company already exists');
// Somebody is trying to access this method even if the user already exists
}
// if
$form_data = array_var($_POST, 'form');
tpl_assign('form_data', $form_data);
if (array_var($form_data, 'submited') == 'submited') {
try {
$admin_password = trim(array_var($form_data, 'admin_password'));
$admin_password_a = trim(array_var($form_data, 'admin_password_a'));
if (trim($admin_password) == '') {
throw new Error(lang('password value required'));
}
// if
if ($admin_password != $admin_password_a) {
throw new Error(lang('passwords dont match'));
}
// if
DB::beginWork();
Contacts::delete();
// clear users table
// Create a company
$company = new Contact();
$company->setFirstName(array_var($form_data, 'company_name'));
$company->setObjectName();
$company->setIsCompany(true);
$company->save();
// Init default colors
set_config_option('brand_colors_head_back', "424242");
set_config_option('brand_colors_tabs_back', "e7e7e7");
set_config_option('brand_colors_head_font', "FFFFFF");
set_config_option('brand_colors_tabs_font', "333333");
// Create the administrator user
$administrator = new Contact();
$pergroup = PermissionGroups::findOne(array('conditions' => "`name`='Super Administrator'"));
$administrator->setUserType($pergroup->getId());
$administrator->setCompanyId($company->getId());
$administrator->setUsername(array_var($form_data, 'admin_username'));
$administrator->setPassword($admin_password);
$administrator->setFirstname(array_var($form_data, 'admin_username'));
$administrator->setObjectName();
$administrator->save();
$user_password = new ContactPassword();
$user_password->setContactId($administrator->getId());
$user_password->password_temp = $admin_password;
$user_password->setPasswordDate(DateTimeValueLib::now());
$user_password->setPassword(cp_encrypt($admin_password, $user_password->getPasswordDate()->getTimestamp()));
$user_password->save();
//Add email after save because is needed.
$administrator->addEmail(array_var($form_data, 'admin_email'), 'personal', true);
//permissions
$permission_group = new PermissionGroup();
$permission_group->setName('Account Owner');
$permission_group->setContactId($administrator->getId());
$permission_group->setIsContext(false);
$permission_group->setType("permission_groups");
$permission_group->save();
$administrator->setPermissionGroupId($permission_group->getId());
$administrator->save();
$company->setCreatedById($administrator->getId());
$company->setUpdatedById($administrator->getId());
$company->save();
$contact_pg = new ContactPermissionGroup();
$contact_pg->setContactId($administrator->getId());
$contact_pg->setPermissionGroupId($permission_group->getId());
$contact_pg->save();
// tab panel permissions
$panels = TabPanels::getEnabled();
foreach ($panels as $panel) {
$tpp = new TabPanelPermission();
$tpp->setPermissionGroupId($administrator->getPermissionGroupId());
$tpp->setTabPanelId($panel->getId());
$tpp->save();
}
// dimension permissions
$dimensions = Dimensions::findAll();
foreach ($dimensions as $dimension) {
if ($dimension->getDefinesPermissions()) {
$cdp = ContactDimensionPermissions::findOne(array("conditions" => "`permission_group_id` = " . $administrator->getPermissionGroupId() . " AND `dimension_id` = " . $dimension->getId()));
if (!$cdp instanceof ContactDimensionPermission) {
$cdp = new ContactDimensionPermission();
$cdp->setPermissionGroupId($administrator->getPermissionGroupId());
$cdp->setContactDimensionId($dimension->getId());
}
$cdp->setPermissionType('allow all');
$cdp->save();
// contact member permisssion entries
$members = $dimension->getAllMembers();
foreach ($members as $member) {
$ots = DimensionObjectTypeContents::getContentObjectTypeIds($dimension->getId(), $member->getObjectTypeId());
$ots[] = $member->getObjectId();
foreach ($ots as $ot) {
$cmp = ContactMemberPermissions::findOne();
if (!$cmp instanceof ContactMemberPermission) {
$cmp = new ContactMemberPermission(array("conditions" => "`permission_group_id` = " . $administrator->getPermissionGroupId() . " AND `member_id` = " . $member->getId() . " AND `object_type_id` = {$ot}"));
$cmp->setPermissionGroupId($administrator->getPermissionGroupId());
$cmp->setMemberId($member->getId());
$cmp->setObjectTypeId($ot);
}
$cmp->setCanWrite(1);
$cmp->setCanDelete(1);
$cmp->save();
}
}
}
}
// system permissions
$sp = new SystemPermission();
$sp->setPermissionGroupId($administrator->getPermissionGroupId());
$sp->setAllPermissions(true);
$sp->save();
// root permissions
DB::executeAll("\r\n\t\t\t\tINSERT INTO " . TABLE_PREFIX . "contact_member_permissions (permission_group_id, member_id, object_type_id, can_delete, can_write)\r\n\t\t\t\t SELECT " . $administrator->getPermissionGroupId() . ", 0, rtp.object_type_id, rtp.can_delete, rtp.can_write FROM " . TABLE_PREFIX . "role_object_type_permissions rtp \r\n\t\t\t\t WHERE rtp.object_type_id NOT IN (SELECT id FROM " . TABLE_PREFIX . "object_types WHERE name IN ('mail','template','file_revision')) AND rtp.role_id in (\r\n\t\t\t\t SELECT pg.id FROM " . TABLE_PREFIX . "permission_groups pg WHERE pg.type='roles' AND pg.name IN ('Super Administrator','Administrator','Manager','Executive')\r\n\t\t\t\t )\r\n\t\t\t\tON DUPLICATE KEY UPDATE member_id=0;");
Hook::fire('after_user_add', $administrator, $null);
DB::commit();
$this->redirectTo('access', 'login');
} catch (Exception $e) {
tpl_assign('error', $e);
DB::rollback();
}
// try
}
// if
}
function getAllowedObjectTypeContents()
{
return DimensionObjectTypeContents::findAll(array('conditions' => array("`dimension_id` = ?\n\t\t\tAND (`content_object_type_id` IN (SELECT `id` FROM " . ObjectTypes::instance()->getTableName(true) . " WHERE `type` = 'located')\n\t\t\tOR ( \n\t\t\t\t`content_object_type_id` NOT IN (SELECT `object_type_id` FROM " . TabPanels::instance()->getTableName(true) . " WHERE `enabled` = 0) \n\t \t\t\tAND `content_object_type_id` IN (\n\t \t\t\t\tSELECT `id` FROM " . ObjectTypes::instance()->getTableName(true) . " WHERE `type` = 'content_object' AND `name` <> 'file revision'\n\t \t\t\t\t\tAND IF(plugin_id is NULL OR plugin_id = 0, TRUE, plugin_id IN (SELECT id FROM " . TABLE_PREFIX . "plugins WHERE is_activated > 0 AND is_installed > 0))\n\t \t\t\t)\n \t\t\t))", $this->getId()), 'distinct' => true));
}
static function prepareAssociationConditions($redefined_context, $dimensions, $properties, $pg_ids, $selection_members)
{
$is_property = array();
foreach ($properties as $p => $value) {
//obtener miembros de la dimension asociada que tienen como propiedad los miembros seleccionados de esta dimension
foreach ($value as $v) {
$associations = DimensionMemberAssociations::getAllAssociations($v, $p);
if (!is_null($associations)) {
foreach ($associations as $association) {
$is_property[$v] = true;
$v_ids_csv = is_array($dimensions[$v]['allowed_members']) && count($dimensions[$v]['allowed_members']) > 0 ? implode(",", $dimensions[$v]['allowed_members']) : '0';
$p_ids_csv = is_array($dimensions[$p]['allowed_members']) && count($dimensions[$p]['allowed_members']) > 0 ? implode(",", $dimensions[$p]['allowed_members']) : '0';
$prop_members = MemberPropertyMembers::getAssociatedMembers($association->getId(), $v_ids_csv, $p_ids_csv);
if (count($prop_members) > 0) {
$property_members[] = $prop_members;
}
}
}
}
}
// intersect the allowed members for each property
$member_intersection = array_var($property_members, 0, array());
if (count($property_members) > 1) {
$k = 1;
while ($k < count($property_members)) {
$member_intersection = array_intersect($member_intersection, $property_members[$k++]);
}
}
$association_conditions = "";
foreach ($redefined_context as $key => $value) {
$dimension = Dimensions::getDimensionById($value);
$object_types = $dimensions[$value]['object_types'];
if (!isset($is_property[$value])) {
$member_ids = $dimensions[$value]['allowed_members'];
} else {
$member_ids = $member_intersection;
}
$association_conditions .= self::prepareQuery($association_conditions, $dimension, $member_ids, $object_types, $pg_ids, 'AND', $selection_members);
}
$dims = Dimensions::findAll();
foreach ($dims as $dim) {
if (!in_array($dim->getId(), $redefined_context) && !isset($properties[$dim->getId()]) && $dim->canContainObjects()) {
$member_ids = array();
$all_members = $dim->getAllMembers();
foreach ($all_members as $member) {
$member_ids[] = $member->getId();
}
$object_types = DimensionObjectTypeContents::getContentObjectTypeIds($dimension->getId());
$association_conditions .= self::prepareQuery($association_conditions, $dim, $member_ids, $object_types, $pg_ids, 'OR', $selection_members, true);
}
}
return $association_conditions;
}
function index()
{
$tasksUserId = array_var($_GET, 'tu');
if (is_null($tasksUserId)) {
$tasksUserId = user_config_option('TM tasks user filter', logged_user()->getId());
} else {
if (user_config_option('TM tasks user filter') != $tasksUserId) {
set_user_config_option('TM tasks user filter', $tasksUserId, logged_user()->getId());
}
}
$timeslotsUserId = array_var($_GET, 'tsu');
if (is_null($timeslotsUserId)) {
$timeslotsUserId = user_config_option('TM user filter', 0);
} else {
if (user_config_option('TM user filter') != $timeslotsUserId) {
set_user_config_option('TM user filter', $timeslotsUserId, logged_user()->getId());
}
}
$showTimeType = array_var($_GET, 'stt');
if (is_null($showTimeType)) {
$showTimeType = user_config_option('TM show time type', 0);
} else {
if (user_config_option('TM show time type') != $showTimeType) {
set_user_config_option('TM show time type', $showTimeType, logged_user()->getId());
}
}
$start = array_var($_GET, 'start', 0);
$limit = 20;
$tasksUser = Contacts::findById($tasksUserId);
$timeslotsUser = Contacts::findById($timeslotsUserId);
//Active tasks view
$open_timeslots = Timeslots::instance()->listing(array("extra_conditions" => " AND end_time = '" . EMPTY_DATETIME . "' AND contact_id = " . $tasksUserId))->objects;
$tasks = array();
foreach ($open_timeslots as $open_timeslot) {
$task = ProjectTasks::findById($open_timeslot->getRelObjectId());
if ($task instanceof ProjectTask && !$task->isCompleted() && !$task->isTrashed() && !$task->isArchived()) {
$tasks[] = $task;
}
}
ProjectTasks::populateTimeslots($tasks);
//Timeslots view
$total = 0;
switch ($showTimeType) {
case 0:
//Show only timeslots added through the time panel
$result = Timeslots::getGeneralTimeslots(active_context(), $timeslotsUser, $start, $limit);
$timeslots = $result->objects;
$total = $result->total;
break;
default:
throw new Error('Unrecognised TM show time type: ' . $showTimeType);
}
//Get Users Info
$users = array();
$context = active_context();
if (!can_manage_time(logged_user())) {
if (can_add(logged_user(), $context, Timeslots::instance()->getObjectTypeId())) {
$users = array(logged_user());
}
} else {
if (logged_user()->isMemberOfOwnerCompany()) {
$users = Contacts::getAllUsers();
} else {
$users = logged_user()->getCompanyId() > 0 ? Contacts::getAllUsers(" AND `company_id` = " . logged_user()->getCompanyId()) : array(logged_user());
}
$tmp_users = array();
foreach ($users as $user) {
if (can_add($user, $context, Timeslots::instance()->getObjectTypeId())) {
$tmp_users[] = $user;
}
}
$users = $tmp_users;
}
//Get Companies Info
if (logged_user()->isMemberOfOwnerCompany() || logged_user()->isAdminGroup()) {
$companies = Contacts::getCompaniesWithUsers();
} else {
$companies = array();
if (logged_user()->getCompanyId() > 0) {
$companies[] = logged_user()->getCompany();
}
}
$required_dimensions = DimensionObjectTypeContents::getRequiredDimensions(Timeslots::instance()->getObjectTypeId());
$draw_inputs = !$required_dimensions || count($required_dimensions) == 0;
if (!$draw_inputs) {
$ts_ots = DimensionObjectTypeContents::getDimensionObjectTypesforObject(Timeslots::instance()->getObjectTypeId());
$context = active_context();
foreach ($context as $sel) {
if ($sel instanceof Member) {
foreach ($ts_ots as $ts_ot) {
if ($sel->getDimensionId() == $ts_ot->getDimensionId() && $sel->getObjectTypeId() == $ts_ot->getDimensionObjectTypeId()) {
$draw_inputs = true;
break;
}
}
if ($draw_inputs) {
break;
}
}
}
}
tpl_assign('draw_inputs', $draw_inputs);
tpl_assign('selected_user', logged_user()->getId());
tpl_assign('timeslots', $timeslots);
tpl_assign('tasks', $tasks);
if (count($tasks) > 0) {
tpl_assign('all_users', Contacts::getAllUsers());
}
tpl_assign('users', $users);
tpl_assign('start', $start);
tpl_assign('limit', $limit);
tpl_assign('total', $total);
tpl_assign('companies', $companies);
ajx_set_no_toolbar(true);
}
/**
* Enter description here ...
* @param Contact $contact
* @param array of ObjectType $types
* @param array of int $members
*/
function grantAllPermissions(Contact $contact, $members)
{
if ($contact->getUserType() > 0 && count($members)) {
$userType = $contact->getUserTypeName();
$permissions = array();
// TO fill sharing table
$gid = $contact->getPermissionGroupId();
foreach ($members as $member_id) {
//new
$member = Members::findById($member_id);
$dimension = $member->getDimension();
$types = array();
$member_types = DimensionObjectTypeContents::getContentObjectTypeIds($dimension->getId(), $member->getObjectTypeId());
if (count($member_types)) {
switch ($userType) {
case 'Super Administrator':
case 'Administrator':
case 'Manager':
case 'Executive':
$types = $member_types;
break;
case 'Collaborator Customer':
case 'Non-Exec Director':
foreach (ObjectTypes::findAll(array("conditions" => " name NOT IN ('mail') ")) as $type) {
//TODO This sucks
$types[] = $type->getId();
}
break;
case 'Internal Collaborator':
case 'External Collaborator':
foreach (ObjectTypes::findAll(array("conditions" => " name NOT IN ('mail','contact', 'report') ")) as $type) {
//TODO This sucks
$types[] = $type->getId();
}
break;
case 'Guest Customer':
foreach (ObjectTypes::findAll(array("conditions" => " name IN ('message', 'weblink', 'event', 'file') ")) as $type) {
//TODO This sucks
$types[] = $type->getId();
}
break;
case 'Guest':
foreach (ObjectTypes::findAll(array("conditions" => " name IN ('message', 'weblink', 'event') ")) as $type) {
//TODO This sucks
$types[] = $type->getId();
}
break;
}
}
foreach ($types as $type_id) {
if (!ContactMemberPermissions::instance()->findOne(array("conditions" => "permission_group_id = {$gid}\tAND \n\t\t\t\t\t\t\tmember_id = {$member_id} AND \n\t\t\t\t\t\t\tobject_type_id = {$type_id}"))) {
$cmp = new ContactMemberPermission();
$cmp->setPermissionGroupId($gid);
$cmp->setMemberId($member_id);
$cmp->setObjectTypeId($type_id);
if ($userType != "Guest" && $userType != "Guest Customer") {
$cmp->setCanWrite(1);
$cmp->setCanDelete(1);
} else {
$cmp->setCanWrite(0);
$cmp->setCanDelete(0);
}
$cmp->save();
$perm = new stdClass();
$perm->m = $member_id;
$perm->r = 1;
$perm->w = 1;
$perm->d = 1;
$perm->o = $type_id;
$permissions[] = $perm;
}
}
}
if (count($permissions)) {
$stCtrl = new SharingTableController();
$stCtrl->afterPermissionChanged($contact->getPermissionGroupId(), $permissions);
}
}
}
function create_user($user_data, $permissionsString) {
// try to find contact by some properties
$contact_id = array_var($user_data, "contact_id") ;
$contact = Contacts::instance()->findById($contact_id) ;
if (!is_valid_email(array_var($user_data, 'email'))) {
throw new Exception(lang("email value is required"));
}
if (!$contact instanceof Contact) {
// Create a new user
$contact = new Contact();
$contact->setUsername(array_var($user_data, 'username'));
$contact->setDisplayName(array_var($user_data, 'display_name'));
$contact->setCompanyId(array_var($user_data, 'company_id'));
$contact->setUserType(array_var($user_data, 'type'));
$contact->setTimezone(array_var($user_data, 'timezone'));
$contact->setFirstname($contact->getObjectName() != "" ? $contact->getObjectName() : $contact->getUsername());
$contact->setObjectName();
} else {
// Create user from contact
$contact->setUserType(array_var($user_data, 'type'));
if (array_var($user_data, 'company_id')) {
$contact->setCompanyId(array_var($user_data, 'company_id'));
}
$contact->setUsername(array_var($user_data, 'username'));
$contact->setTimezone(array_var($user_data, 'timezone'));
}
$contact->save();
if (is_valid_email(array_var($user_data, 'email'))) {
$contact->addEmail(array_var($user_data, 'email'), 'personal', true);
}
//permissions
$permission_group = new PermissionGroup();
$permission_group->setName('User '.$contact->getId().' Personal');
$permission_group->setContactId($contact->getId());
$permission_group->setIsContext(false);
$permission_group->setType("permission_groups");
$permission_group->save();
$contact->setPermissionGroupId($permission_group->getId());
$contact_pg = new ContactPermissionGroup();
$contact_pg->setContactId($contact->getId());
$contact_pg->setPermissionGroupId($permission_group->getId());
$contact_pg->save();
if ( can_manage_security(logged_user()) ) {
$sp = new SystemPermission();
$rol_permissions=SystemPermissions::getRolePermissions(array_var($user_data, 'type'));
foreach($rol_permissions as $pr){
$sp->setPermission($pr);
}
$sp->setPermissionGroupId($permission_group->getId());
$sp->setCanManageSecurity(array_var($user_data, 'can_manage_security'));
$sp->setCanManageConfiguration(array_var($user_data, 'can_manage_configuration'));
$sp->setCanManageTemplates(array_var($user_data, 'can_manage_templates'));
$sp->setCanManageTime(array_var($user_data, 'can_manage_time'));
$sp->setCanAddMailAccounts(array_var($user_data, 'can_add_mail_accounts'));
$sp->setCanManageDimensions(array_var($user_data, 'can_manage_dimensions'));
$sp->setCanManageDimensionMembers(array_var($user_data, 'can_manage_dimension_members'));
$sp->setCanManageTasks(array_var($user_data, 'can_manage_tasks'));
$sp->setCanTasksAssignee(array_var($user_data, 'can_task_assignee'));
$sp->setCanManageBilling(array_var($user_data, 'can_manage_billing'));
$sp->setCanViewBilling(array_var($user_data, 'can_view_billing'));
Hook::fire('add_user_permissions', $sp, $other_permissions);
if (!is_null($other_permissions) && is_array($other_permissions)) {
foreach ($other_permissions as $k => $v) {
$sp->setColumnValue($k, array_var($user_data, $k));
}
}
$sp->save();
if ($contact->isAdminGroup()) {
// allow all un all dimensions if new user is admin
$dimensions = Dimensions::findAll();
$permissions = array();
foreach ($dimensions as $dimension) {
if ($dimension->getDefinesPermissions()) {
$cdp = ContactDimensionPermissions::findOne(array("conditions" => "`permission_group_id` = ".$contact->getPermissionGroupId()." AND `dimension_id` = ".$dimension->getId()));
if (!$cdp instanceof ContactDimensionPermission) {
$cdp = new ContactDimensionPermission();
$cdp->setPermissionGroupId($contact->getPermissionGroupId());
$cdp->setContactDimensionId($dimension->getId());
}
$cdp->setPermissionType('allow all');
$cdp->save();
// contact member permisssion entries
$members = $dimension->getAllMembers();
foreach ($members as $member) {
$ots = DimensionObjectTypeContents::getContentObjectTypeIds($dimension->getId(), $member->getObjectTypeId());
$ots[]=$member->getObjectId();
foreach ($ots as $ot) {
$cmp = ContactMemberPermissions::findOne(array("conditions" => "`permission_group_id` = ".$contact->getPermissionGroupId()." AND `member_id` = ".$member->getId()." AND `object_type_id` = $ot"));
if (!$cmp instanceof ContactMemberPermission) {
$cmp = new ContactMemberPermission();
$cmp->setPermissionGroupId($contact->getPermissionGroupId());
$cmp->setMemberId($member->getId());
$cmp->setObjectTypeId($ot);
}
$cmp->setCanWrite(1);
$cmp->setCanDelete(1);
$cmp->save();
// Add persmissions to sharing table
$perm = new stdClass();
$perm->m = $member->getId();
$perm->r= 1;
$perm->w= 1;
$perm->d= 1;
$perm->o= $ot;
$permissions[] = $perm ;
}
}
}
}
if(count($permissions)){
$sharingTableController = new SharingTableController();
$sharingTableController->afterPermissionChanged($contact->getPermissionGroupId(), $permissions);
}
}
}
if(!isset($_POST['sys_perm'])){
$rol_permissions=SystemPermissions::getRolePermissions(array_var($user_data, 'type'));
$_POST['sys_perm']=array();
foreach($rol_permissions as $pr){
$_POST['sys_perm'][$pr]=1;
}
}
if(!isset($_POST['mod_perm'])){
$tabs_permissions=TabPanelPermissions::getRoleModules(array_var($user_data, 'type'));
$_POST['mod_perm']=array();
foreach($tabs_permissions as $pr){
$_POST['mod_perm'][$pr]=1;
}
}
$password = '';
if (array_var($user_data, 'password_generator') == 'specify') {
$perform_password_validation = true;
// Validate input
$password = array_var($user_data, 'password');
if (trim($password) == '') {
throw new Error(lang('password value required'));
} // if
if ($password <> array_var($user_data, 'password_a')) {
throw new Error(lang('passwords dont match'));
} // if
} else {
$user_data['password_generator'] = 'link';
$perform_password_validation = false;
}
$contact->setPassword($password);
$contact->save();
$user_password = new ContactPassword();
$user_password->setContactId($contact->getId());
$user_password->setPasswordDate(DateTimeValueLib::now());
$user_password->setPassword(cp_encrypt($password, $user_password->getPasswordDate()->getTimestamp()));
$user_password->password_temp = $password;
$user_password->perform_validation = $perform_password_validation;
$user_password->save();
if (array_var($user_data, 'autodetect_time_zone', 1) == 1) {
set_user_config_option('autodetect_time_zone', 1, $contact->getId());
}
/* create contact for this user*/
ApplicationLogs::createLog($contact, ApplicationLogs::ACTION_ADD);
// Set role permissions for active members
$active_context = active_context();
$sel_members = array();
foreach ($active_context as $selection) {
if ($selection instanceof Member) {
$sel_members[] = $selection;
$has_project_permissions = ContactMemberPermissions::instance()->count("permission_group_id = '".$contact->getPermissionGroupId()."' AND member_id = ".$selection->getId()) > 0;
if (!$has_project_permissions) {
RoleObjectTypePermissions::createDefaultUserPermissions($contact, $selection);
}
}
}
save_permissions($contact->getPermissionGroupId(), $contact->isGuest());
Hook::fire('after_user_add', $contact, $null);
// add user content object to associated members
if (count($sel_members) > 0) {
ObjectMembers::addObjectToMembers($contact->getId(), $sel_members);
$contact->addToSharingTable();
}
// Send notification
try {
if (array_var($user_data, 'send_email_notification') && $contact->getEmailAddress()) {
if (array_var($user_data, 'password_generator', 'link') == 'link') {
// Generate link password
$user = Contacts::getByEmail(array_var($user_data, 'email'));
$token = sha1(gen_id() . (defined('SEED') ? SEED : ''));
$timestamp = time() + 60*60*24;
set_user_config_option('reset_password', $token . ";" . $timestamp, $user->getId());
Notifier::newUserAccountLinkPassword($contact, $password, $token);
} else {
Notifier::newUserAccount($contact, $password);
}
}
} catch(Exception $e) {
Logger::log($e->getTraceAsString());
} // try
return $contact;
}
/**
* Return true if $user can add an object of type $object_type_id in $member. False otherwise.
*
* @param Contact $user
* @param array $context
* @param $object_type_id
* @return boolean
*/
function can_add(Contact $user, $context, $object_type_id, &$notAllowedMember = '')
{
if ($user->isGuest()) {
return false;
}
$membersInContext = 0;
$can_add = false;
$required_dimensions_ids = DimensionObjectTypeContents::getRequiredDimensions($object_type_id);
$dimensions_in_context = array();
$no_required_dimensions = count($required_dimensions_ids) == 0;
foreach ($required_dimensions_ids as $id) {
$dimensions_in_context[$id] = false;
}
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false);
if (is_array($context)) {
foreach ($context as $selection) {
$sel_dimension = $selection instanceof Dimension ? $selection : ($selection instanceof Member ? $selection->getDimension() : null);
if ($sel_dimension instanceof Dimension && $sel_dimension->getOptions(1) && isset($sel_dimension->getOptions(1)->hidden) && $sel_dimension->getOptions(1)->hidden) {
continue;
}
//$can_add = false;
if ($selection instanceof Member) {
$membersInContext++;
if (can_add_to_member($user, $selection, $context, $object_type_id)) {
//if ($no_required_dimensions) return true;
$dimension_id = $selection->getDimensionId();
$can_add = true;
$dimensions_in_context[$dimension_id] = true;
} else {
$notAllowedMember = $selection->getName();
return false;
}
}
// Revoke explicty permission
if ($can_add && !$no_required_dimensions) {
foreach ($dimensions_in_context as $key => $value) {
$dim = Dimensions::getDimensionById($key);
if (!$value && $dim->getDefinesPermissions() && $dim->deniesAllForContact($contact_pg_ids)) {
$can_add = false;
}
}
}
}
}
// All dimensions in 'all'.
// If The object has no required dimensions, and no dimensions are selected: CAN ADD = True
if ($no_required_dimensions && !$membersInContext) {
$can_add = true;
}
// All dimensions in 'all'.
// if there are required dimensions and no members selected then show correct error message.
if (!$no_required_dimensions && !$membersInContext && !$can_add) {
$dim_names = array();
$required_dimensions = Dimensions::findAll(array('conditions' => 'id IN (' . implode(',', $required_dimensions_ids) . ')'));
foreach ($required_dimensions as $dim) {
$dim_names[] = $dim->getName();
}
$notAllowedMember = "-- req dim --" . implode(",", $dim_names);
}
return $can_add;
}
/**
* Finish the installation - create owner company and administrator
*
* @param void
* @return null
*/
function complete_installation() {
if(Contacts::getOwnerCompany() instanceof Contact) {
die('Owner company already exists'); // Somebody is trying to access this method even if the user already exists
} // if
$form_data = array_var($_POST, 'form');
tpl_assign('form_data', $form_data);
if(array_var($form_data, 'submited') == 'submited') {
try {
$admin_password = trim(array_var($form_data, 'admin_password'));
$admin_password_a = trim(array_var($form_data, 'admin_password_a'));
if(trim($admin_password) == '') {
throw new Error(lang('password value required'));
} // if
if($admin_password <> $admin_password_a) {
throw new Error(lang('passwords dont match'));
} // if
DB::beginWork();
Contacts::delete(); // clear users table
// Create a company
$company = new Contact();
$company->setFirstName(array_var($form_data, 'company_name'));
$company->setObjectName();
$company->setIsCompany(true);
$company->save();
// Init default colors
set_config_option('brand_colors_head_back', "000000");
set_config_option('brand_colors_tabs_back', "14780e");
set_config_option('brand_colors_head_font', "ffffff");
set_config_option('brand_colors_tabs_font', "ffffff");
// Create the administrator user
$administrator = new Contact();
$pergroup = PermissionGroups::findOne(array('conditions'=>"`name`='Super Administrator'"));
$administrator->setUserType($pergroup->getId());
$administrator->setCompanyId($company->getId());
$administrator->setUsername(array_var($form_data, 'admin_username'));
$administrator->setPassword($admin_password);
$administrator->setFirstname(array_var($form_data, 'admin_username'));
$administrator->setObjectName();
$administrator->save();
$user_password = new ContactPassword();
$user_password->setContactId($administrator->getId());
$user_password->password_temp = $admin_password;
$user_password->setPasswordDate(DateTimeValueLib::now());
$user_password->setPassword(cp_encrypt($admin_password, $user_password->getPasswordDate()->getTimestamp()));
$user_password->save();
//Add email after save because is needed.
$administrator->addEmail(array_var($form_data, 'admin_email'), 'personal', true);
//permissions
$permission_group = new PermissionGroup();
$permission_group->setName('Account Owner');
$permission_group->setContactId($administrator->getId());
$permission_group->setIsContext(false);
$permission_group->setType("permission_groups");
$permission_group->save();
$administrator->setPermissionGroupId($permission_group->getId());
$administrator->save();
$company->setCreatedById($administrator->getId());
$company->setUpdatedById($administrator->getId());
$company->save();
$contact_pg = new ContactPermissionGroup();
$contact_pg->setContactId($administrator->getId());
$contact_pg->setPermissionGroupId($permission_group->getId());
$contact_pg->save();
// tab panel permissions
$panels = TabPanels::getEnabled();
foreach ($panels as $panel) {
$tpp = new TabPanelPermission();
$tpp->setPermissionGroupId($administrator->getPermissionGroupId());
$tpp->setTabPanelId($panel->getId());
$tpp->save();
}
// dimension permissions
$dimensions = Dimensions::findAll();
foreach ($dimensions as $dimension) {
if ($dimension->getDefinesPermissions()) {
$cdp = ContactDimensionPermissions::findOne(array("conditions" => "`permission_group_id` = ".$administrator->getPermissionGroupId()." AND `dimension_id` = ".$dimension->getId()));
if (!$cdp instanceof ContactDimensionPermission) {
$cdp = new ContactDimensionPermission();
$cdp->setPermissionGroupId($administrator->getPermissionGroupId());
$cdp->setContactDimensionId($dimension->getId());
}
$cdp->setPermissionType('allow all');
$cdp->save();
// contact member permisssion entries
$members = $dimension->getAllMembers();
foreach ($members as $member) {
$ots = DimensionObjectTypeContents::getContentObjectTypeIds($dimension->getId(), $member->getObjectTypeId());
$ots[]=$member->getObjectId();
foreach ($ots as $ot) {
$cmp = ContactMemberPermissions::findOne();
if (!$cmp instanceof ContactMemberPermission) {
$cmp = new ContactMemberPermission(array("conditions" => "`permission_group_id` = ".$administrator->getPermissionGroupId()." AND `member_id` = ".$member->getId()." AND `object_type_id` = $ot"));
$cmp->setPermissionGroupId($administrator->getPermissionGroupId());
$cmp->setMemberId($member->getId());
$cmp->setObjectTypeId($ot);
}
$cmp->setCanWrite(1);
$cmp->setCanDelete(1);
$cmp->save();
}
}
}
}
// system permissions
$sp = new SystemPermission();
$sp->setPermissionGroupId($administrator->getPermissionGroupId());
$sp->setAllPermissions(true);
$sp->save();
Hook::fire('after_user_add', $administrator, $null);
DB::commit();
$this->redirectTo('access', 'login');
} catch(Exception $e) {
tpl_assign('error', $e);
DB::rollback();
} // try
} // if
} // complete_installation
function canBeDeleted(&$error_message)
{
$childs = $this->getAllChildren();
if (MemberPropertyMembers::isMemberAssociated($this->getId())) {
$error_message = lang("cannot delete member is associated");
return false;
}
$continue_check = false;
if (count($childs) == 0) {
$continue_check = true;
} else {
if ($this->getParentMemberId() > 0) {
$child_ots = DimensionObjectTypeHierarchies::getAllChildrenObjectTypeIds($this->getDimensionId(), $this->getParentMember()->getObjectTypeId(), false);
}
foreach ($childs as $child) {
// check if child can be put in the parent (or root)
if ($this->getParentMemberId() == 0) {
$dim_ot = DimensionObjectTypes::findOne(array("conditions" => array("`dimension_id` = ? AND `object_type_id` = ?", $this->getDimensionId(), $child->getObjectTypeId())));
if (!$dim_ot->getIsRoot()) {
$error_message = lang("cannot delete member cannot be root");
return false;
}
} else {
if (!in_array($child->getObjectTypeId(), $child_ots)) {
$error_message = lang("cannot delete member childs cannot be moved to parent");
return false;
}
}
}
$continue_check = true;
}
if (!$continue_check) {
return false;
} else {
$child_ids = $this->getAllChildrenIds();
$child_ids[] = $this->getId();
$child_ids_str = implode(",", $child_ids);
$objects_in_member = ObjectMembers::instance()->findAll(array('conditions' => 'member_id = ' . $this->getId()));
if (!$objects_in_member || count($objects_in_member) == 0) {
return true;
} else {
$more_conditions = "";
if (Plugins::instance()->isActivePlugin('core_dimensions')) {
$person_dim = Dimensions::findByCode('feng_persons')->getId();
$more_conditions = " AND member_id NOT IN (SELECT id FROM " . TABLE_PREFIX . "members WHERE dimension_id={$person_dim})";
}
$object_id_condition = $this->getObjectId() > 0 ? " AND o.id <> " . $this->getObjectId() : "";
foreach ($objects_in_member as $om) {
$obj_members = ObjectMembers::findAll(array("conditions" => array("`object_id` = ? AND `is_optimization` = 0 AND member_id IN ({$child_ids_str}) AND EXISTS (SELECT o.id FROM " . TABLE_PREFIX . "objects o WHERE o.id = ? AND o.trashed_by_id=0 {$object_id_condition})" . $more_conditions, $om->getObjectId(), $om->getObjectId())));
if (count($obj_members) >= 1) {
$error_message = lang("cannot delete member has objects");
return false;
}
$db_res = DB::execute("SELECT object_type_id FROM " . TABLE_PREFIX . "objects WHERE id=" . $om->getObjectId());
$row = $db_res->fetchRow();
if ($row && array_var($row, 'object_type_id')) {
$req_dim_ids = DimensionObjectTypeContents::getRequiredDimensions(array_var($row, 'object_type_id'));
if (in_array($this->getDimensionId(), $req_dim_ids)) {
$error_message = lang("cannot delete member is required for objects");
return false;
}
}
}
}
}
return true;
}
/**
* Return manager instance
*
* @access protected
* @param void
* @return Dimensions
*/
function manager()
{
if (!$this->manager instanceof DimensionObjectTypeContents) {
$this->manager = DimensionObjectTypeContents::instance();
}
return $this->manager;
}
/**
* Used for Drag & Drop, adds objects to a member
* @author alvaro
*/
function add_objects_to_member() {
$ids = json_decode(array_var($_POST, 'objects'));
$mem_id = array_var($_POST, 'member');
if (!is_array($ids) || count($ids) == 0) {
ajx_current("empty");
return;
}
$member = Members::findById($mem_id);
try {
DB::beginWork();
$objects = array();
$from = array();
foreach ($ids as $oid) {
/* @var $obj ContentDataObject */
$obj = Objects::findObject($oid);
if ($obj instanceof ContentDataObject && $obj->canAddToMember(logged_user(), $member, active_context())) {
$dim_obj_type_content = DimensionObjectTypeContents::findOne(array('conditions' => array('`dimension_id`=? AND `dimension_object_type_id`=? AND `content_object_type_id`=?', $member->getDimensionId(), $member->getObjectTypeId(), $obj->getObjectTypeId())));
if (!($dim_obj_type_content instanceof DimensionObjectTypeContent)) continue;
if (!$dim_obj_type_content->getIsMultiple() || array_var($_POST, 'remove_prev')) {
$db_res = DB::execute("SELECT group_concat(om.member_id) as old_members FROM ".TABLE_PREFIX."object_members om INNER JOIN ".TABLE_PREFIX."members m ON om.member_id=m.id WHERE m.dimension_id=".$member->getDimensionId()." AND om.object_id=".$obj->getId());
$row = $db_res->fetchRow();
if (array_var($row, 'old_members') != "") $from[$obj->getId()] = $row['old_members'];
// remove from previous members
ObjectMembers::delete('`object_id` = ' . $obj->getId() . ' AND `member_id` IN (SELECT `m`.`id` FROM `'.TABLE_PREFIX.'members` `m` WHERE `m`.`dimension_id` = '.$member->getDimensionId().')');
}
$obj->addToMembers(array($member));
$obj->addToSharingTable();
$objects[] = $obj;
if ($obj->allowsTimeslots()) {
$timeslots = $obj->getTimeslots();
foreach ($timeslots as $timeslot) {
$ts_mids = ObjectMembers::getMemberIdsByObject($timeslot->getId());
// if classified then reclassify
if (count($ts_mids)) {
if (array_var($_POST, 'remove_prev')) {
ObjectMembers::delete('`object_id` = ' . $timeslot->getId() . ' AND `member_id` IN (SELECT `m`.`id` FROM `'.TABLE_PREFIX.'members` `m` WHERE `m`.`dimension_id` = '.$member->getDimensionId().')');
}
$timeslot->addToMembers(array($member));
$timeslot->addToSharingTable();
$objects[] = $timeslot;
}
}
}
if ($obj instanceof MailContent) {
$conversation = MailContents::getMailsFromConversation($obj);
foreach ($conversation as $conv_email) {
if (array_var($_POST, 'attachment') && $conv_email->getHasAttachments()) {
MailUtilities::parseMail($conv_email->getContent(), $decoded, $parsedEmail, $warnings);
$classification_data = array();
for ($j=0; $j < count(array_var($parsedEmail, "Attachments", array())); $j++) {
$classification_data["att_".$j] = true;
}
MailController::classifyFile($classification_data, $conv_email, $parsedEmail, array($member), array_var($_POST, 'remove_prev'));
}
}
}
} else {
throw new Exception(lang('you dont have permissions to classify object in member', $obj->getName(), $member->getName()));
}
}
Hook::fire('after_dragdrop_classify', $objects, $member);
DB::commit();
// add to application logs
foreach ($objects as $object) {
$action = array_var($from, $obj->getId()) ? ApplicationLogs::ACTION_MOVE : ApplicationLogs::ACTION_COPY;
$log_data = (array_var($from, $obj->getId()) ? "from:" . array_var($from, $obj->getId()) . ";" : "") . "to:" . $member->getId();
ApplicationLogs::instance()->createLog($object, $action, false, true, true, $log_data);
}
$lang_key = count($ids)>1 ? 'objects moved to member success' : 'object moved to member success';
flash_success(lang($lang_key, $member->getName()));
if (array_var($_POST, 'reload')) ajx_current('reload');
else ajx_current('empty');
} catch (Exception $e) {
DB::rollback();
ajx_current("empty");
flash_error($e->getMessage());
}
}
function getDimensionObjectTypes()
{
return DimensionObjectTypeContents::getDimensionObjectTypesforObject($this->getObjectTypeId());
}
/**
* Used for Drag & Drop, adds objects to a member
* @author alvaro
*/
function add_objects_to_member()
{
$ids = json_decode(array_var($_POST, 'objects'));
$mem_id = array_var($_POST, 'member');
if (!is_array($ids) || count($ids) == 0) {
ajx_current("empty");
return;
}
try {
DB::beginWork();
if ($mem_id) {
$user_ids = array();
$member = Members::findById($mem_id);
$objects = array();
$from = array();
foreach ($ids as $oid) {
/* @var $obj ContentDataObject */
$obj = Objects::findObject($oid);
if ($obj instanceof ContentDataObject && $obj->canAddToMember(logged_user(), $member, active_context())) {
$dim_obj_type_content = DimensionObjectTypeContents::findOne(array('conditions' => array('`dimension_id`=? AND `dimension_object_type_id`=? AND `content_object_type_id`=?', $member->getDimensionId(), $member->getObjectTypeId(), $obj->getObjectTypeId())));
if (!$dim_obj_type_content instanceof DimensionObjectTypeContent) {
continue;
}
if (!$dim_obj_type_content->getIsMultiple() || array_var($_POST, 'remove_prev')) {
$db_res = DB::execute("SELECT group_concat(om.member_id) as old_members FROM " . TABLE_PREFIX . "object_members om INNER JOIN " . TABLE_PREFIX . "members m ON om.member_id=m.id WHERE m.dimension_id=" . $member->getDimensionId() . " AND om.object_id=" . $obj->getId());
$row = $db_res->fetchRow();
if (array_var($row, 'old_members') != "") {
$from[$obj->getId()] = $row['old_members'];
}
// remove from previous members
ObjectMembers::delete('`object_id` = ' . $obj->getId() . ' AND `member_id` IN (SELECT `m`.`id` FROM `' . TABLE_PREFIX . 'members` `m` WHERE `m`.`dimension_id` = ' . $member->getDimensionId() . ')');
}
$obj->addToMembers(array($member));
$obj->addToSharingTable();
$objects[] = $obj;
if (Plugins::instance()->isActivePlugin('mail') && $obj instanceof MailContent) {
$conversation = MailContents::getMailsFromConversation($obj);
foreach ($conversation as $conv_email) {
if (array_var($_POST, 'attachment') && $conv_email->getHasAttachments()) {
MailUtilities::parseMail($conv_email->getContent(), $decoded, $parsedEmail, $warnings);
$classification_data = array();
for ($j = 0; $j < count(array_var($parsedEmail, "Attachments", array())); $j++) {
$classification_data["att_" . $j] = true;
}
MailController::classifyFile($classification_data, $conv_email, $parsedEmail, array($member), array_var($_POST, 'remove_prev'), false);
}
}
}
// if object is contact ask to add default permissions in member
if ($obj instanceof Contact && $obj->isUser() && can_manage_security(logged_user())) {
$user_ids[] = $obj->getId();
}
} else {
throw new Exception(lang('you dont have permissions to classify object in member', $obj->getName(), $member->getName()));
}
}
// if object is contact ask to add default permissions in member
if (can_manage_security(logged_user()) && count($user_ids) > 0 && $member->getDimension()->getDefinesPermissions()) {
evt_add('ask to assign default permissions', array('user_ids' => $user_ids, 'member' => array('id' => $member->getId(), 'name' => clean($member->getName())), ''));
}
Hook::fire('after_dragdrop_classify', $objects, $member);
$display_name = $member->getName();
$lang_key = count($ids) > 1 ? 'objects moved to member success' : 'object moved to member success';
$log_datas = array();
$actions = array();
// add to application logs
foreach ($objects as $obj) {
$actions[$obj->getId()] = array_var($from, $obj->getId()) ? ApplicationLogs::ACTION_MOVE : ApplicationLogs::ACTION_COPY;
$log_datas[$obj->getId()] = (array_var($from, $obj->getId()) ? "from:" . array_var($from, $obj->getId()) . ";" : "") . "to:" . $member->getId();
}
} else {
if ($dim_id = array_var($_POST, 'dimension')) {
$dimension = Dimensions::getDimensionById($dim_id);
$from = array();
foreach ($ids as $oid) {
/* @var $obj ContentDataObject */
$obj = Objects::findObject($oid);
if ($obj instanceof ContentDataObject) {
$db_res = DB::execute("SELECT group_concat(om.member_id) as old_members FROM " . TABLE_PREFIX . "object_members om INNER JOIN " . TABLE_PREFIX . "members m ON om.member_id=m.id WHERE m.dimension_id=" . $dim_id . " AND om.object_id=" . $obj->getId());
$row = $db_res->fetchRow();
if (array_var($row, 'old_members') != "") {
$from[$obj->getId()] = $row['old_members'];
}
// remove from previous members
ObjectMembers::delete('`object_id` = ' . $obj->getId() . ' AND `member_id` IN (
SELECT `m`.`id` FROM `' . TABLE_PREFIX . 'members` `m` WHERE `m`.`dimension_id` = ' . $dim_id . ')');
}
$obj->addToMembers(array());
$obj->addToSharingTable();
$objects[] = $obj;
}
$display_name = $dimension->getName();
$lang_key = count($ids) > 1 ? 'objects removed from' : 'object removed from';
$log_datas = array();
$actions = array();
// add to application logs
foreach ($objects as $obj) {
$actions[$obj->getId()] = array_var($from, $obj->getId()) ? ApplicationLogs::ACTION_MOVE : ApplicationLogs::ACTION_COPY;
$log_datas[$obj->getId()] = array_var($from, $obj->getId()) ? "from:" . array_var($from, $obj->getId()) . ";" : "";
}
}
}
DB::commit();
foreach ($objects as $object) {
ApplicationLogs::instance()->createLog($object, $actions[$object->getId()], false, true, true, $log_datas[$object->getId()]);
}
flash_success(lang($lang_key, $display_name));
if (array_var($_POST, 'reload')) {
ajx_current('reload');
} else {
ajx_current('empty');
}
} catch (Exception $e) {
DB::rollback();
ajx_current("empty");
flash_error($e->getMessage());
}
}
/**
* This function will return paginated result. Result is an array where first element is
* array of returned object and second populated pagination object that can be used for
* obtaining and rendering pagination data using various helpers.
*
* Items and pagination array vars are indexed with 0 for items and 1 for pagination
* because you can't use associative indexing with list() construct
*
* @access public
* @param array $arguments Query argumens (@see find()) Limit and offset are ignored!
* @param integer $items_per_page Number of items per page
* @param integer $current_page Current page number
* @return array
*/
function paginate($arguments = null, $items_per_page = 10, $current_page = 1)
{
if (isset($this) && instance_of($this, 'DimensionObjectTypeContents')) {
return parent::paginate($arguments, $items_per_page, $current_page);
} else {
return DimensionObjectTypeContents::instance()->paginate($arguments, $items_per_page, $current_page);
}
// if
}
/**
* Used for Drag & Drop, adds objects to a member
* @author alvaro
*/
function add_objects_to_member()
{
$ids = json_decode(array_var($_POST, 'objects'));
$mem_id = array_var($_POST, 'member');
if (!is_array($ids) || count($ids) == 0) {
ajx_current("empty");
return;
}
$member = Members::findById($mem_id);
try {
DB::beginWork();
$objects = array();
$from = array();
foreach ($ids as $oid) {
/* @var $obj ContentDataObject */
$obj = Objects::findObject($oid);
$dim_obj_type_content = DimensionObjectTypeContents::findOne(array('conditions' => array('`dimension_id`=? AND `dimension_object_type_id`=? AND `content_object_type_id`=?', $member->getDimensionId(), $member->getObjectTypeId(), $obj->getObjectTypeId())));
if (!$dim_obj_type_content instanceof DimensionObjectTypeContent) {
continue;
}
if (!$dim_obj_type_content->getIsMultiple() || array_var($_POST, 'remove_prev')) {
$db_res = DB::execute("SELECT group_concat(om.member_id) as old_members FROM " . TABLE_PREFIX . "object_members om INNER JOIN " . TABLE_PREFIX . "members m ON om.member_id=m.id WHERE m.dimension_id=" . $member->getDimensionId() . " AND om.object_id=" . $obj->getId());
$row = $db_res->fetchRow();
if (array_var($row, 'old_members') != "") {
$from[$obj->getId()] = $row['old_members'];
}
// remove from previous members
ObjectMembers::delete('`object_id` = ' . $obj->getId() . ' AND `member_id` IN (SELECT `m`.`id` FROM `' . TABLE_PREFIX . 'members` `m` WHERE `m`.`dimension_id` = ' . $member->getDimensionId() . ')');
}
$obj->addToMembers(array($member));
$obj->addToSharingTable();
$objects[] = $obj;
}
DB::commit();
// add to application logs
foreach ($objects as $object) {
$action = array_var($from, $obj->getId()) ? ApplicationLogs::ACTION_MOVE : ApplicationLogs::ACTION_COPY;
$log_data = (array_var($from, $obj->getId()) ? "from:" . array_var($from, $obj->getId()) . ";" : "") . "to:" . $member->getId();
ApplicationLogs::instance()->createLog($object, $action, false, true, true, $log_data);
}
$lang_key = count($ids) > 1 ? 'objects moved to member success' : 'object moved to member success';
flash_success(lang($lang_key, $member->getName()));
if (array_var($_POST, 'reload')) {
ajx_current('reload');
} else {
ajx_current('empty');
}
} catch (Exception $e) {
DB::rollback();
ajx_current("empty");
flash_error(lang('unable to move objects'));
}
}
/**
* Return true if $user can add an object of type $object_type_id in $member. False otherwise.
*
* @param Contact $user
* @param array $context
* @param $object_type_id
* @return boolean
*/
function can_add(Contact $user, $context, $object_type_id, &$notAllowedMember = '')
{
if ($user->isGuest()) {
return false;
}
$membersInContext = 0;
$can_add = false;
$required_dimensions_ids = DimensionObjectTypeContents::getRequiredDimensions($object_type_id);
$dimensions_in_context = array();
$no_required_dimensions = count($required_dimensions_ids) == 0;
foreach ($required_dimensions_ids as $id) {
$dimensions_in_context[$id] = false;
}
$enabled_dimensions = config_option('enabled_dimensions');
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false);
if (is_array($context)) {
foreach ($context as $selection) {
$sel_dimension = $selection instanceof Dimension ? $selection : ($selection instanceof Member ? $selection->getDimension() : null);
//$can_add = false;
if ($selection instanceof Member) {
$dimension = $selection->getDimension();
if (!$dimension->getDefinesPermissions() || !in_array($dimension->getId(), $enabled_dimensions)) {
continue;
}
$membersInContext++;
if (can_add_to_member($user, $selection, $context, $object_type_id)) {
//if ($no_required_dimensions) return true;
$dimension_id = $selection->getDimensionId();
$can_add = true;
$dimensions_in_context[$dimension_id] = true;
} else {
$notAllowedMember = $selection->getName();
return false;
}
}
// Revoke explicty permission
if ($can_add && !$no_required_dimensions) {
foreach ($dimensions_in_context as $key => $value) {
$dim = Dimensions::getDimensionById($key);
if (!$value && $dim->getDefinesPermissions() && $dim->deniesAllForContact($contact_pg_ids)) {
$can_add = false;
}
}
}
}
}
// All dimensions in 'all'.
// If The object has no required dimensions, and no dimensions are selected: check for contact_member_permissions with member_id=0
if ($no_required_dimensions && $membersInContext == 0) {
$mailot = ObjectTypes::findByName('mail');
if ($mailot instanceof ObjectType && $mailot->getId() == $object_type_id) {
$can_add = true;
} else {
$can_add = false;
if (config_option('let_users_create_objects_in_root') && $contact_pg_ids != '' && ($user->isAdminGroup() || $user->isExecutive() || $user->isManager())) {
$cmp = ContactMemberPermissions::findOne(array('conditions' => 'member_id=0 AND object_type_id=' . $object_type_id . ' AND permission_group_id IN (' . $contact_pg_ids . ')'));
$can_add = $cmp instanceof ContactMemberPermission && $cmp->getCanWrite();
}
}
}
// All dimensions in 'all'.
// if there are required dimensions and no members selected then show correct error message.
if (!$no_required_dimensions && $membersInContext == 0 && !$can_add) {
$dim_names = array();
$required_dimensions = Dimensions::findAll(array('conditions' => 'id IN (' . implode(',', $required_dimensions_ids) . ')'));
foreach ($required_dimensions as $dim) {
$dim_names[] = $dim->getName();
}
$notAllowedMember = "-- req dim --" . implode(",", $dim_names);
}
return $can_add;
}
