/** * Validate the data of the current record. * * @return boolean True for valid. */ public function recordValidate() { // One is the unique value available because is a global module if (Phprojekt_Module::getSaveType(Phprojekt_Module::getId($this->getModelName())) >= 1) { $this->projectId = 1; } return true; }
public static function mergeWithRole($moduleId, $projectId, $userId, $itemRights) { /* there is currently only an implementation for standard modules with * save type NORMAL */ if (Phprojekt_Module::getSaveType($moduleId) == Phprojekt_Module::TYPE_NORMAL) { $roleRights = new Phprojekt_RoleRights($projectId, $moduleId, 0, $userId); $roleRightRead = $roleRights->hasRight('read'); $roleRightWrite = $roleRights->hasRight('write'); $roleRightCreate = $roleRights->hasRight('create'); $roleRightAdmin = $roleRights->hasRight('admin'); // Map roles with item rights and make one array foreach ($itemRights as $itemId => $accessMask) { $access = Phprojekt_Acl::NONE; if ($roleRightAdmin) { $access |= $accessMask & Phprojekt_Acl::ADMIN; } if ($roleRightRead || $roleRightWrite || $roleRightAdmin) { $access |= $accessMask & Phprojekt_Acl::DOWNLOAD; } if ($roleRightWrite || $roleRightAdmin) { $access |= $accessMask & Phprojekt_Acl::DELETE; } if ($roleRightWrite || $roleRightCreate || $roleRightAdmin) { $access |= $accessMask & Phprojekt_Acl::COPY; } if ($roleRightWrite || $roleRightCreate || $roleRightAdmin) { $access |= $accessMask & Phprojekt_Acl::CREATE; } if ($roleRightRead || $roleRightWrite || $roleRightCreate || $roleRightAdmin) { $access |= $accessMask & Phprojekt_Acl::ACCESS; } if ($roleRightWrite || $roleRightCreate || $roleRightAdmin) { $access |= $accessMask & Phprojekt_Acl::WRITE; } if ($roleRightRead || $roleRightWrite || $roleRightAdmin) { $access |= $accessMask & Phprojekt_Acl::READ; } $itemRights[$itemId] = $access; } } return $itemRights; }
/** * Validate the data of the current record. * * @return boolean True for valid. */ public function recordValidate() { // one is the unique value available because calendar is a global module if (Phprojekt_Module::getSaveType(Phprojekt_Module::getId($this->getModelName())) >= 1) { $this->projectId = 1; } if (strtotime($this->startDatetime) >= strtotime($this->endDatetime)) { $this->_validate->error->addError(array('field' => "Event duration", 'label' => Phprojekt::getInstance()->translate('Event duration'), 'message' => Phprojekt::getInstance()->translate('End date and time has to be after Start date and ' . 'time'))); return false; } return parent::recordValidate(); }
/** * Returns some params for the body of the notification * according to the current module and the event we are informing to the users. * * @return array Array with options. */ public function getBodyParams() { $bodyParams = array(); // Action switch ($this->_lastHistory[0]['action']) { case self::LAST_ACTION_ADD: $bodyParams['actionLabel'] = "created"; break; case self::LAST_ACTION_EDIT: default: $bodyParams['actionLabel'] = "modified"; break; } // Module $bodyParams['moduleTable'] = $this->_model->getModelName(); // Url $url = Phprojekt::getInstance()->getConfig()->webpath . "index.php#" . $this->_model->getModelName(); $saveType = Phprojekt_Module::getSaveType(Phprojekt_Module::getId($this->_model->getModelName())); if ($saveType == 0) { $url .= "," . $this->_model->projectId; } $url .= ",id," . $this->_model->id; $bodyParams['url'] = $url; return $bodyParams; }
/** * Check if the user has delete access to the item if is not a global module. * * @param Phprojekt_Model_Interface $model The model to save. * @param string $moduleName The current module. * * @return boolean True for a valid right. */ private static function _checkItemRights($model, $moduleName) { $canDelete = false; if ($moduleName == 'Core') { return Phprojekt_Auth::isAdminUser(); } else { if (Phprojekt_Module::getSaveType(Phprojekt_Module::getId($moduleName)) == 0) { $itemRights = $model->getRights(); if (isset($itemRights['currentUser'])) { if (!$itemRights['currentUser']['delete'] && !$itemRights['currentUser']['admin']) { $canDelete = false; } else { $canDelete = true; } } } else { $canDelete = true; } } return $canDelete; }
/** * Returns the right merged with the role for each user has on a Phprojekt item. * * @param array $rights Array of rights per user. * * @return array Array of rights per user. */ public function _mergeRightsAndRole($rights) { $moduleId = Phprojekt_Module::getId($this->getModelName()); $saveType = Phprojekt_Module::getSaveType($moduleId); switch ($saveType) { case Phprojekt_Module::TYPE_NORMAL: $roleRights = new Phprojekt_RoleRights($this->projectId, $moduleId, $this->id); $roleRightRead = $roleRights->hasRight('read'); $roleRightWrite = $roleRights->hasRight('write'); $roleRightCreate = $roleRights->hasRight('create'); $roleRightAdmin = $roleRights->hasRight('admin'); // Map roles with item rights and make one array foreach ($rights as $userId => $access) { foreach ($access as $name => $value) { switch ($name) { case 'admin': $rights[$userId]['admin'] = $roleRightAdmin && $value; break; case 'download': $rights[$userId]['download'] = ($roleRightRead || $roleRightWrite || $roleRightAdmin) && $value; break; case 'delete': $rights[$userId]['delete'] = ($roleRightWrite || $roleRightAdmin) && $value; break; case 'copy': $rights[$userId]['copy'] = ($roleRightWrite || $roleRightCreate || $roleRightAdmin) && $value; break; case 'create': $rights[$userId]['create'] = ($roleRightWrite || $roleRightCreate || $roleRightAdmin) && $value; break; case 'access': $rights[$userId]['access'] = ($roleRightRead || $roleRightWrite || $roleRightCreate || $roleRightAdmin) && $value; break; case 'write': $rights[$userId]['write'] = ($roleRightWrite || $roleRightCreate || $roleRightAdmin) && $value; break; case 'read': $rights[$userId]['read'] = ($roleRightRead || $roleRightWrite || $roleRightAdmin) && $value; break; case 'none': $rights[$userId]['none'] = $value; break; } } } break; case Phprojekt_Module::TYPE_GLOBAL: break; case Phprojekt_Module::TYPE_MIX: // Implement saveType 2 break; } return $rights; }
/** * Parse the rights for all the users and return it into a bitmask per user. * * @param array $params The post values. * @param string $type Type of right, for users or modules. * @param string $moduleId The module ID. * @param boolean $newItem If is a new item or not. * @param integer $ownerId The owner ID or 0 for the current user. * * @return array Array with user IDs per access. */ private static function getRights($params, $type, $moduleId = 0, $newItem = false, $ownerId = 0) { $right = array(); $rights = array(); if (isset($params['dataAccess'])) { $ids = array_keys($params['dataAccess']); foreach ($ids as $accessId) { $right = array(); $right['none'] = self::_checked($params, 'checkNoneAccess', $accessId); $right['read'] = self::_checked($params, 'checkReadAccess', $accessId); $right['write'] = self::_checked($params, 'checkWriteAccess', $accessId); $right['access'] = self::_checked($params, 'checkAccessAccess', $accessId); $right['create'] = self::_checked($params, 'checkCreateAccess', $accessId); $right['copy'] = self::_checked($params, 'checkCopyAccess', $accessId); $right['delete'] = self::_checked($params, 'checkDeleteAccess', $accessId); $right['download'] = self::_checked($params, 'checkDownloadAccess', $accessId); $right['admin'] = self::_checked($params, 'checkAdminAccess', $accessId); $rights[$accessId] = Phprojekt_Acl::convertArrayToBitmask($right); } } if ($type == self::ITEM_TYPE) { // Only set the full access if is a new item if ($newItem) { if ($ownerId == 0) { $ownerId = Phprojekt_Auth::getUserId(); } $rights[$ownerId] = Phprojekt_Acl::ALL; } // Return access only for allowed users $activeRecord = Phprojekt_Loader::getLibraryClass('Phprojekt_User_User'); $result = $activeRecord->getAllowedUsers(); $resultRights = array(); foreach ($result as $node) { if (isset($rights[$node['id']])) { $resultRights[$node['id']] = $rights[$node['id']]; } } if (isset($params['dataAccess'])) { $moduleType = Phprojekt_Module::getSaveType($moduleId); if ($moduleType != 1) { // Items under a project => add admin with full access $resultRights[1] = Phprojekt_Acl::ALL; } } } else { $resultRights = $rights; } return $resultRights; }