public function indexAction()
{
$projectId = (int) $this->getRequest()->getParam('projectId', 0);
$range = $this->getRequest()->getHeader('range');
sscanf($range, 'items=%d-%d', $start, $end);
$count = $end - $start + 1;
$sort = $this->getRequest()->getParam('sort', null);
$recursive = $this->getRequest()->getParam('recursive', 'false');
$recursive = $recursive === 'true';
$model = $this->newModelObject();
$moduleId = Phprojekt_Module::getId($this->getRequest()->getModuleName());
$isGlobal = Phprojekt_Module::saveTypeIsGlobal($moduleId);
if (empty($projectId) && !$isGlobal) {
throw new Zend_Controller_Action_Exception('projectId not given for non-global module', 422);
} else {
if (!empty($projectId) && $isGlobal) {
throw new Zend_Controller_Action_Exception('projectId given for global module', 422);
}
}
$recursive = $isGlobal ? false : $recursive;
$records = array();
$recordCount = 0;
if ($recursive) {
$tree = new Phprojekt_Tree_Node_Database(new Project_Models_Project(), $projectId);
$tree->setup();
$where = $this->getFilterWhere();
$records = $tree->getRecordsFor($model, $count, $start, $where, $sort);
$recordCount = $tree->getRecordsCount($model, $where);
} else {
if (!empty($projectId) && $model->hasField('projectId')) {
$where = Phprojekt::getInstance()->getDb()->quoteInto('project_id = ?', (int) $projectId);
} else {
$where = null;
}
$where = $this->getFilterWhere($where);
$records = $model->fetchAll($where, $sort, $count, $start);
$recordCount = $model->count($where);
}
$end = min($end, $recordCount);
$this->getResponse()->setHeader('Content-Range', "items {$start}-{$end}/{$recordCount}");
Phprojekt_CompressedSender::send(Zend_Json::encode(Phprojekt_Model_Converter::convertModels($records)));
}
/**
* Help to save a model by setting the models properties.
* Validation is based on the ModelInformation implementation.
*
* @param Phprojekt_Model_Interface $model The model
* @param array $params The parameters used to feed the model.
*
* @throws Exception If validation of parameters fails.
*
* @return boolean True for a sucessful save.
*/
protected static function _saveModel(Phprojekt_Model_Interface $model, array $params)
{
foreach ($params as $k => $v) {
if (isset($model->{$k})) {
// Don't allow to set the id on save, since it is done by the ActiveRecord
if (!in_array($k, array('id'))) {
$model->{$k} = $v;
}
}
}
if (empty($model->id)) {
$newItem = true;
} else {
$newItem = false;
}
// Set the owner
if ($newItem && isset($model->ownerId)) {
$model->ownerId = Phprojekt_Auth::getUserId();
}
// Parent Project
if (isset($model->projectId)) {
$projectId = $model->projectId;
} else {
$projectId = 0;
}
// Checks
$moduleName = Phprojekt_Loader::getModuleFromObject($model);
$moduleId = Phprojekt_Module::getId($moduleName);
if (!$model->recordValidate()) {
$errors = $model->getError();
$error = array_pop($errors);
throw new Phprojekt_PublishedException($error['label'] . ': ' . $error['message']);
} else {
if (!self::_checkModule($moduleId, $projectId)) {
throw new Phprojekt_PublishedException('The parent project do not have enabled this module');
} else {
if (!self::_checkItemRights($model, $moduleName)) {
throw new Phprojekt_PublishedException('You do not have access to do this action');
} else {
// Set the projectId to 1 for global modules
if (isset($model->projectId) && Phprojekt_Module::saveTypeIsGlobal($moduleId)) {
$model->projectId = 1;
}
$model->save();
// Save access only if the user have "admin" right
$itemRights = Phprojekt_Loader::getLibraryClass('Phprojekt_Item_Rights');
$check = $itemRights->getRights($moduleId, $model->id);
if ($check['currentUser']['admin']) {
if ($moduleName == 'Core') {
$rights = Default_Helpers_Right::getModuleRights($params);
} else {
$rights = Default_Helpers_Right::getItemRights($params, $moduleId, $newItem);
}
if (count($rights) > 0) {
$model->saveRights($rights);
}
}
return $model;
}
}
}
}
/**
* Help to save a model by setting the models properties.
* Validation is based on the ModelInformation implementation.
*
* @param Phprojekt_Model_Interface $model The model
* @param array $params The parameters used to feed the model.
*
* @throws Exception If validation of parameters fails.
*
* @return boolean True for a sucessful save.
*/
protected static function _saveModel(Phprojekt_Model_Interface $model, array $params)
{
$newItem = empty($params['id']);
$model = self::parameterToModel($model, $params, $newItem);
$projectId = $model->hasField('projectId') ? $model->projectId : 0;
$userId = Phprojekt_Auth_Proxy::getEffectiveUserId();
$moduleName = Phprojekt_Loader::getModuleFromObject($model);
$moduleId = Phprojekt_Module::getId($moduleName);
if (!$model->recordValidate()) {
$errors = $model->getError();
$error = array_pop($errors);
throw new Zend_Controller_Action_Exception($error['label'] . ': ' . $error['message'], 400);
}
if (!self::_checkModule($moduleId, $projectId)) {
throw new Zend_Controller_Action_Exception('The parent project do not have enabled this module', 400);
}
$rights = Default_Helpers_Right::getRights($params);
if ($model instanceof Phprojekt_Item_Abstract) {
if ($newItem && !Phprojekt_Module::saveTypeIsGlobal($moduleId)) {
$project = new Project_Models_Project();
$project->find($projectId);
if (!$project->hasRight($userId, Phprojekt_Acl::CREATE)) {
throw new Zend_Controller_Action_Exception('You do not have the necessary create right', 403);
}
$rights[$userId] = Phprojekt_Acl::ALL;
} else {
if (!$model->hasRight($userId, Phprojekt_Acl::WRITE)) {
throw new Zend_Controller_Action_Exception('You do not have the necessary write right', 403);
}
}
// Set the projectId to 1 for global modules
// @TODO Remove the Timecard limitation
if ($model->hasField('projectId') && Phprojekt_Module::saveTypeIsGlobal($moduleId) && Phprojekt_Module::getModuleName($moduleId) != 'Timecard') {
$model->projectId = 1;
}
$model->save();
// Save access only if the user have "admin" right
if ($newItem || $model->hasRight(Phprojekt_Auth_Proxy::getEffectiveUserId(), Phprojekt_Acl::ADMIN)) {
if (!Phprojekt_Auth_Proxy::isAdminUser() && count($rights) <= 0) {
throw new Zend_Controller_Action_Exception('At least one person must have access to this item', 400);
}
$model->saveRights($rights);
}
} else {
$model->save();
$model->saveRights($rights);
}
return $model;
}
/**
* Parse the rights for all the users and return it into a bitmask per user.
*
* @param array $params The post values.
* @param string $type Type of right, for users or modules.
* @param string $moduleId The module ID.
* @param boolean $newItem If is a new item or not.
* @param integer $ownerId The owner ID or 0 for the current user.
*
* @return array Array with user IDs per access.
*/
private static function getRights($params, $type, $moduleId = 0, $newItem = false, $ownerId = 0)
{
$right = array();
$rights = array();
if (isset($params['dataAccess'])) {
$ids = array_keys($params['dataAccess']);
foreach ($ids as $accessId) {
$right = array();
$right['none'] = self::_checked($params, 'checkNoneAccess', $accessId);
$right['read'] = self::_checked($params, 'checkReadAccess', $accessId);
$right['write'] = self::_checked($params, 'checkWriteAccess', $accessId);
$right['access'] = self::_checked($params, 'checkAccessAccess', $accessId);
$right['create'] = self::_checked($params, 'checkCreateAccess', $accessId);
$right['copy'] = self::_checked($params, 'checkCopyAccess', $accessId);
$right['delete'] = self::_checked($params, 'checkDeleteAccess', $accessId);
$right['download'] = self::_checked($params, 'checkDownloadAccess', $accessId);
$right['admin'] = self::_checked($params, 'checkAdminAccess', $accessId);
$rights[$accessId] = Phprojekt_Acl::convertArrayToBitmask($right);
}
}
if ($type == self::ITEM_TYPE) {
// Only set the full access if is a new item
if ($newItem) {
if ($ownerId == 0) {
$ownerId = Phprojekt_Auth::getUserId();
}
$rights[$ownerId] = Phprojekt_Acl::ALL;
}
// Return access only for allowed users
$activeRecord = Phprojekt_Loader::getLibraryClass('Phprojekt_User_User');
$result = $activeRecord->getAllowedUsers();
$resultRights = array();
foreach ($result as $node) {
if (isset($rights[$node['id']])) {
$resultRights[$node['id']] = $rights[$node['id']];
}
}
if (isset($params['dataAccess'])) {
if (!Phprojekt_Module::saveTypeIsGlobal($moduleId)) {
// Items under a project => add admin with full access
$resultRights[1] = Phprojekt_Acl::ALL;
}
}
} else {
$resultRights = $rights;
}
return $resultRights;
}
