public static function getRightsForItems($moduleId, $projectId, $userId, array $itemIds)
{
$acl = Phprojekt_Item_Rights::getItemRights($moduleId, $itemIds, $userId);
return self::mergeWithRole($moduleId, $projectId, $userId, $acl);
}
public function testSaveRights()
{
$this->markTestSkipped('Do not use Helpdesk model outside of Helpdesk tests');
$model = new Helpdesk_Models_Helpdesk(array('db' => $this->sharedFixture));
$model->title = 'test';
$model->projectId = 1;
$model->ownerId = 1;
$model->attachments = '3bc3369dd33d3ab9c03bd76262cff633|LICENSE';
$model->status = 3;
$model->author = 1;
$model->save();
$model->saveRights(array(1 => 255));
$rights = new Phprojekt_Item_Rights();
$this->assertEquals(255, $rights->getItemRight(10, $model->id, 1));
$this->assertEquals(0, $rights->getItemRight(10, $model->id, 10));
}
/**
* Saves the new values of the projects dates.
*
* OPTIONAL request parameters:
* <pre>
* - array <b>projects</b> Array with projectId,startDate and endDate by comma separated
* </pre>
*
* If there is an error, the save will return a Zend_Controller_Action_Exception,
* if not, it returns a string in JSON format with:
* <pre>
* - type => 'success'.
* - message => Success message.
* - id => 0.
* </pre>
*
* @throws Zend_Controller_Action_Exception On error in the action save or wrong parameters.
*
* @return void
*/
public function jsonSaveAction()
{
$projects = (array) $this->getRequest()->getParam('projects', array());
$activeRecord = new Project_Models_Project();
$rights = new Phprojekt_Item_Rights();
$userId = Phprojekt_Auth::getUserId();
$this->setCurrentProjectId();
// Error check: no project received
if (empty($projects)) {
$label = Phprojekt::getInstance()->translate('Projects');
$message = Phprojekt::getInstance()->translate('No project info was received');
throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400);
}
foreach ($projects as $project) {
list($id, $startDate, $endDate) = explode(",", $project);
// Check: are the three values available?
if (empty($id) || empty($startDate) || empty($endDate)) {
$label = Phprojekt::getInstance()->translate('Projects');
$message = Phprojekt::getInstance()->translate('Incomplete data received');
throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400);
}
$id = (int) $id;
$activeRecord->find($id);
// Check: project id exists?
if (empty($activeRecord->id)) {
$label = Phprojekt::getInstance()->translate('Project');
$message = Phprojekt::getInstance()->translate('Id not found #') . $id;
throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400);
}
// Check: dates are valid?
$validStart = Cleaner::validate('date', $startDate, false);
$validEnd = Cleaner::validate('date', $endDate, false);
if (!$validStart || !$validEnd) {
$label = Phprojekt::getInstance()->translate('Project id #') . $id;
if (!$validStart) {
$message = Phprojekt::getInstance()->translate('Start date invalid');
} else {
$message = Phprojekt::getInstance()->translate('End date invalid');
}
throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400);
}
// Check: start date after end date?
$startDateTemp = strtotime($startDate);
$endDateTemp = strtotime($endDate);
if ($startDateTemp > $endDateTemp) {
$label = Phprojekt::getInstance()->translate('Project id #') . $id;
$message = Phprojekt::getInstance()->translate('Start date can not be after End date');
throw new Zend_Controller_Action_Exception($label . ': ' . $message, 400);
}
$activeRecord->startDate = $startDate;
$activeRecord->endDate = $endDate;
if ($rights->getItemRight(1, $id, $userId) >= Phprojekt_Acl::WRITE) {
$activeRecord->parentSave();
}
}
$message = Phprojekt::getInstance()->translate(self::EDIT_MULTIPLE_TRUE_TEXT);
$return = array('type' => 'success', 'message' => $message, 'id' => 0);
Phprojekt_Converter_Json::echoConvert($return);
}
/**
* Extencion of the ActiveRecord save adding default permissions.
*
* @return boolean True for a sucessful save.
*/
public function save()
{
if ($this->id == 0) {
if (parent::save()) {
// adding default values
$rights = new Phprojekt_Item_Rights();
$rights->saveDefaultRights($this->id);
return true;
}
} else {
return parent::save();
}
}
/**
* Save the rights for the current item.
*
* The users are a POST array with user IDs.
*
* @param array $rights Array of user IDs with the bitmask access.
*
* @return void
*/
public function saveRights($rights)
{
// Do the default action
parent::saveRights($rights);
// Update access and delete the cache also for the children
$itemRights = new Phprojekt_Item_Rights();
$activeRecord = new Project_Models_Project();
$tree = new Phprojekt_Tree_Node_Database($activeRecord, $this->id);
$tree = $tree->setup();
$users = array();
foreach ($rights as $userId => $access) {
$users[] = (int) $userId;
}
// Just a check
if (empty($users)) {
$users[] = 1;
}
// Keep on the childen only the access for the allowed users in the parent
foreach ($tree as $node) {
$projectId = (int) $node->id;
// Delete users that are not allowed in the parent
$where = sprintf('module_id = 1 AND item_id = %d AND user_id NOT IN (%s)', $projectId, implode(",", $users));
$itemRights->delete($where);
}
}
