/**
* Render project users combo.
*
* @param String $name
* @param array $attributes
* @return String All users I am sharing something with.
*/
function render_sharing_users($name, $attributes = null)
{
//TODO: This functions must be rebuilt
$perms = ObjectUserPermissions::getAllPermissionsByUser(logged_user());
$options = array(option_tag(lang('none'), 0));
$my_id = logged_user()->getId();
if (isset($perms)) {
foreach ($perms as $perm) {
$file_id = $perm->getFileId();
if (trim($file_id) != '') {
$users = ObjectUserPermissions::getAllPermissionsByObjectIdAndManager($file_id, 'ProjectFiles');
foreach ($users as $user_perm) {
$user_id = $user_perm->getUserId();
if ($user_id != null && trim($user_id) != '' && $user_id != $my_id) {
$user = Users::findById($user_id);
if ($user != null) {
//foreach user
$options[] = option_tag($user->getUserName(), $user->getUserName());
}
}
}
}
}
}
$options = array_unique($options);
return select_box($name, $options, $attributes);
}
/**
* Return parent object object
*
* @param void
* @return ProjectObject
*/
function getObject()
{
if (is_null($this->object)) {
$this->object = ObjectUserPermissions::findById($this->getObjectId());
}
// if
return $this->object;
}
/**
* Return manager instance
*
* @access protected
* @param void
* @return ObjectUserPermission
*/
function manager()
{
if (!$this->manager instanceof ObjectUserPermissions) {
$this->manager = ObjectUserPermissions::instance();
}
return $this->manager;
}
/**
* Return true is $user has $access_level (R/W) over $object
*
* @param User $user
* @param ApplicationDataObject $object
* @param int $access_level // 1 = read ; 2 = write
* @return unknown
*/
function can_access(User $user, ApplicationDataObject $object, $access_level)
{
try {
if (!$object instanceof ApplicationDataObject) {
throw new Exception(lang('object dnx'));
}
$hookargs = array("user" => $user, "object" => $object, "access_level" => $access_level);
$ret = null;
Hook::fire('can_access', $hookargs, $ret);
if (is_bool($ret)) {
return $ret;
}
if ($object instanceof Comment) {
return can_access($user, $object->getObject(), $access_level);
}
if ($user->isGuest() && $access_level == ACCESS_LEVEL_WRITE) {
return false;
}
if ($object instanceof ProjectFileRevision) {
return can_access($user, $object->getFile(), $access_level);
}
if ($object->columnExists('project_id')) {
$user_id = $user->getId();
if (!$object instanceof ProjectContact && $object->getCreatedById() == $user_id) {
return true;
}
// the user is the creator of the object
if ($object instanceof ProjectDataObject && $object->getProject() instanceof Project && $object->getProject()->getId() == $user->getPersonalProjectId()) {
return true;
}
// The object belongs to the user's personal project
$perms = ObjectUserPermissions::getAllPermissionsByObject($object, $user->getId());
if ($perms && is_array($perms)) {
//if the permissions for the user in the object are specially set
return has_access_level($perms[0], $access_level);
}
$group_ids = GroupUsers::getGroupsCSVsByUser($user_id);
if ($group_ids && $group_ids != '') {
//user belongs to at least one group
$perms = ObjectUserPermissions::getAllPermissionsByObject($object, $group_ids);
if ($perms) {
foreach ($perms as $perm) {
if (has_access_level($perm, $access_level)) {
return true;
}
//there is one group permission that allows the user to access
}
}
}
if ($object instanceof ProjectDataObject && $object->getProject()) {
//if the object has a project assigned to it
$proj_perm = ProjectUsers::findOne(array('conditions' => array('user_id = ? AND project_id = ? ', $user_id, $object->getProject()->getId())));
if ($proj_perm && can_manage_type(get_class($object->manager()), $proj_perm, $access_level)) {
return true;
// if user has permissions over type of object in the project
}
if ($group_ids && $group_ids != '') {
//user belongs to at least one group
$proj_perms = ProjectUsers::findAll(array('conditions' => array('project_id = ' . $object->getProject()->getId() . ' AND user_id in (' . $group_ids . ')')));
if ($proj_perms) {
foreach ($proj_perms as $perm) {
if (can_manage_type(get_class($object->manager()), $perm, $access_level)) {
return true;
}
// if any group has permissions over type of object in the project
}
}
}
}
} else {
// handle object in multiple workspaces
$user_id = $user->getId();
if ($object->getCreatedById() == $user_id) {
return true;
// the user is the creator of the object
}
if ($object instanceof MailContent) {
$acc = MailAccounts::findById($object->getAccountId());
if (!$acc instanceof MailAccount) {
return false;
// it's an email with no account and not created by the user
} else {
if ($access_level == ACCESS_LEVEL_READ && $acc->canView($user) || $access_level == ACCESS_LEVEL_WRITE && $acc->canDelete($user)) {
return true;
}
}
}
$perms = ObjectUserPermissions::getAllPermissionsByObject($object, $user->getId());
if ($perms && is_array($perms)) {
//if the permissions for the user in the object are specially set
return has_access_level($perms[0], $access_level);
}
$group_ids = GroupUsers::getGroupsCSVsByUser($user_id);
if ($group_ids && $group_ids != '') {
//user belongs to at least one group
$perms = ObjectUserPermissions::getAllPermissionsByObject($object, $group_ids);
if ($perms) {
foreach ($perms as $perm) {
if (has_access_level($perm, $access_level)) {
return true;
//there is one group permission that allows the user to access
}
}
}
}
if ($object instanceof ProjectDataObject) {
$ws = $object->getWorkspaces();
foreach ($ws as $w) {
// if the object has a project assigned to it
$proj_perm = ProjectUsers::findOne(array('conditions' => array('user_id = ? AND project_id = ? ', $user_id, $w->getId())));
if ($proj_perm && can_manage_type(get_class($object->manager()), $proj_perm, $access_level)) {
return true;
// if user has permissions over type of object in the project
}
if ($group_ids && $group_ids != '') {
//user belongs to at least one group
$proj_perms = ProjectUsers::findAll(array('conditions' => array('project_id = ' . $w->getId() . ' AND user_id in (' . $group_ids . ')')));
if ($proj_perms) {
foreach ($proj_perms as $perm) {
if (can_manage_type(get_class($object->manager()), $perm, $access_level)) {
return true;
}
// if any group has permissions over type of object in the project
}
}
}
}
}
}
} catch (Exception $e) {
tpl_assign('error', $e);
return false;
}
return false;
}
function setObjUserPermission($user, $obj, $canWrite)
{
$obj_perm = ObjectUserPermissions::findOne(array('conditions' => "rel_object_id = " . $obj->getId() . " AND rel_object_manager = '" . $obj->getObjectManagerName() . "' AND user_id = " . $user->getId()));
if ($obj_perm) {
$obj_perm->setColumnValue('can_write', $canWrite);
} else {
$obj_perm = new ObjectUserPermission();
$obj_perm->setFromAttributes(array('rel_object_id' => $obj->getId(), 'rel_object_manager' => $obj->getObjectManagerName(), 'user_id' => $user->getId(), 'can_read' => 1, 'can_write' => $canWrite));
}
try {
DB::beginWork();
$obj_perm->save();
DB::commit();
} catch (Exception $e) {
DB::rollback();
flash_error($e->getMessage());
ajx_current("empty");
}
}
function clearUserPermissions()
{
return ObjectUserPermissions::delete(array("`rel_object_manager` = ? AND `rel_object_id` = ?", $this->getObjectManagerName(), $this->getId()));
}
/**
* This function will return paginated result. Result is an array where first element is
* array of returned object and second populated pagination object that can be used for
* obtaining and rendering pagination data using various helpers.
*
* Items and pagination array vars are indexed with 0 for items and 1 for pagination
* because you can't use associative indexing with list() construct
*
* @access public
* @param array $arguments Query argumens (@see find()) Limit and offset are ignored!
* @param integer $items_per_page Number of items per page
* @param integer $current_page Current page number
* @return array
*/
function paginate($arguments = null, $items_per_page = 10, $current_page = 1)
{
if (isset($this) && instance_of($this, 'ObjectUserPermissions')) {
return parent::paginate($arguments, $items_per_page, $current_page);
} else {
return ObjectUserPermissions::instance()->paginate($arguments, $items_per_page, $current_page);
//$instance =& ObjectUserPermissions::instance();
//return $instance->paginate($arguments, $items_per_page, $current_page);
}
// if
}
