public function setUserRequestToState($reqid, $stateid)
{
$err = '';
$reqs = null;
$req = null;
$states = null;
if (is_numeric($reqid) === false) {
$err = 'Invalid user request id given.';
} else {
if (is_numeric($stateid) === false) {
$err = 'Invalid state given.';
} else {
$reqs = new Default_Model_UserRequests();
$reqs->filter->id->equals($reqid);
if ($reqs->count() === 0) {
$err = 'User request not found.';
} else {
$states = new Default_Model_UserRequestStates();
$states->filter->id->equals($stateid);
if ($states->count() === 0) {
$err = 'User request state not found.';
}
}
}
}
if ($err !== '') {
echo "<response error='" . $err . "'></response>";
return;
}
db()->beginTransaction();
try {
$req = $reqs->items[0];
$user = new Default_Model_Researchers();
$user->filter->id->equals($this->session->userid);
$actorguid = $user->items[0]->guid;
$actorid = $user->items[0]->id;
//Get group id
if ($req->requestType->name === "accessgroup") {
$groups = new Default_Model_ActorGroups();
$groups->filter->guid->equals($req->targetguid);
$group = $groups->items[0];
$groupid = $group->id;
} else {
//Get application id
$apps = new Default_Model_Applications();
$apps->filter->guid->equals($req->targetguid);
$app = $apps->items[0];
$appid = $app->id;
}
//Get user(requestor) id
$users = new Default_Model_Researchers();
$users->filter->guid->equals($req->userguid);
$user = $users->items[0];
$userid = $user->id;
$userguid = $user->guid;
//Check if actor is the owner of the application in case of release manager request
if ($req->requestType->name == "releasemanager") {
if ($app->ownerid != $actorid && $app->addedby != $actorid && !userIsAdminOrManager($actorid)) {
db()->rollBack();
echo "<response error='User needs to be owner of the software in order to grant release management privileges to other users.'></response>";
return;
}
}
if ($req->requestType->name !== "accessgroup") {
//in case of access groups we first include user and then accept or reject
//NOTE:Must update request state before inserting in order to
//prevent database triggers from claiming the request.
//Update request state
$trans = 0;
$req->stateid = $stateid;
$req->actorguid = $actorguid;
$req->save();
$trans = 1;
if ($req->requestType->name == "joinapplication" && $stateid == 2) {
//if accepted add to related contacts
//Set relation between researcher and application(if there is none)
$resapp = new Default_Model_ResearchersApps();
$resappfilter = new Default_Model_ResearchersAppsFilter();
$resapp->filter->appid->equals($appid)->and($resapp->filter->researcherid->equals($userid));
if ($resapp->count() === 0) {
$resapp = new Default_Model_ResearchersApp();
$resapp->appid = $appid;
$resapp->researcherid = $userid;
$resapp->save();
}
} else {
if ($req->requestType->name == "releasemanager" && $stateid == 2) {
$privs = new Default_Model_Privileges();
$privs->filter->actor->equals($user->guid)->and($privs->filter->actionid->equals(30)->and($privs->filter->object->equals($app->guid)));
if (count($privs->items) == 0) {
$prv = new Default_Model_Privilege();
$prv->actor = $user->guid;
$prv->actionid = 30;
$prv->object = $app->guid;
$prv->save();
}
}
}
db()->commit();
//Send email notification to requestor
try {
UserRequests::sendEmailResponseNotification($user, $app, $stateid, $req->requestType->name);
} catch (Exception $e) {
error_log("EMAIL ERROR:Could not send email notification to user request response.Details:" . $e->getMessage());
}
} else {
if ($req->requestType->name === "accessgroup" && intval($stateid) === 2) {
AccessGroups::handleUserGroupAction($this->session->userid, $user, "accept", array($group->id));
} else {
if ($req->requestType->name === "accessgroup" && intval($stateid) === 3) {
AccessGroups::handleUserGroupAction($this->session->userid, $user, "reject", array($group->id));
}
}
}
db()->commit();
} catch (Exception $e) {
db()->rollBack();
error_log("Error while setting User request:" . $e->getMessage());
if ($trans == 0) {
echo "<response error='Error while updating user request'>" . $e->getMessage() . "</response>";
} else {
if ($trans == 1) {
echo "<response error='Error while updating software contact association'>" . $e->getMessage() . "</response>";
} else {
echo "<response error='Error while processing user request'>" . $e->getMessage() . "</response>";
}
}
return;
}
echo "<response id='" . $req->id . "' state='" . $stateid . "' ></response>";
}
/**
* Requests of $targetUser to be included in the access groups given by $groupids. ($sourceUser must be $targetUser).
*
* @param Default_Model_Researcher|integer $sourceUser User profile object or id.
* @param Default_Model_Researcher|integer $targetUser User profile object or id.
* @param integer[] $groupIds The ids of the access groups.
* @param {id, name, canAdd, canRemove, canRequest, canAcceptReject, hasRequest}[] $accesspermissions Optional array of $sourceUser's access groups permissions.
* @return boolean|string True on success, text message on error, False on unknown error.
*/
private static function requestForGroups($sourceUser, $targetUser, $groupids, $accesspermissions)
{
if ($sourceUser->id !== $targetUser->id) {
return "Cannot make a user request on behalf of another user";
}
if (is_array($groupids) === false) {
if (is_numeric($groupids) === false) {
return false;
} else {
$groupids = array($groupids);
}
}
$res = array();
foreach ($groupids as $gid) {
$g = array($gid => self::canPerformAction($targetUser, $targetUser, "request", $gid, $accesspermissions));
$res[] = $g;
if ($g[$gid] !== true) {
continue;
}
//if request exists for this group then return true.
$ur = self::getAccessGroupRequests($targetUser, $gid);
if (count($ur) > 0) {
return true;
}
//If group id does not exist ignore
$group = self::getGroupById($gid);
if ($group === null) {
continue;
}
$userrequest = new Default_Model_UserRequest();
$userrequest->typeid = 3;
$userrequest->userguid = $targetUser->guid;
$userrequest->targetguid = $group->guid;
$userrequest->stateid = 1;
$userrequest->save();
//Dispatch mail to user and managers, appdb administrators and associated NILs
UserRequests::sendEmailAccessGroupRequestNotifications($targetUser, $group);
}
return true;
}
public function requestreleasemanagerAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
header('Content-type: text/xml');
$appid = -1;
$app = null;
//Validate user input data
$err = "";
$uid = $this->session->userid;
//Get current user GUID
$ps = new Default_Model_Researchers();
$ps->filter->id->equals($uid);
$user = $ps->items[0];
$uguid = $user->guid;
//Various validations
if (is_null($uid)) {
$err = 'Must be logged in';
} else {
if (isset($_GET["id"]) == false) {
$err = 'Software id is required';
} else {
if (is_numeric($_GET["id"]) == false) {
$err = 'Software id is not valid';
} else {
$appid = $_GET["id"];
$apps = new Default_Model_Applications();
$apps->filter->appid->equals($appid);
if (count($apps->items) === 0) {
$err = "Software not found";
}
}
}
}
if ($err === "") {
$app = $apps->items[0];
$appguid = $app->guid;
$perms = new Default_Model_Permissions();
$perms->filter->researcherid->equals($uid)->and($perms->filter->actionid->equals(30)->and($perms->filter->uuid->equals($appguid)));
if (count($perms->items) > 0) {
$err = "Already have permissions to manage releases";
}
}
//Check if requestor is associated with the application
if ($err === "") {
$app = $apps->items[0];
$rs = $app->getResearchers();
$found = false;
if (count($rs) > 0) {
foreach ($rs as $r) {
if ($r->id == $uid) {
$found = true;
break;
}
}
}
if ($found == false) {
$err = "User must be associated to the software item as a contact.";
}
}
//Check if any error occured during validations
if ($err !== "") {
echo "<response error='" . $err . "'></response>";
return;
}
//User only checks the state of request
if (isset($_GET["state"])) {
$urs = new Default_Model_UserRequests();
$s1 = new Default_Model_UserRequestTypesFilter();
$s1->name->equals("releasemanager");
$s2 = new Default_Model_UserRequestsFilter();
$s2->targetguid->equals($app->guid)->and($s2->userguid->equals($uguid));
$s4 = new Default_Model_UserRequestStatesFilter();
$s4->id->equals(1);
$urs->filter->chain($s1->chain($s2->chain($s4, "AND"), "AND"), "AND");
if ($urs->count() > 0) {
echo "<response>pending</response>";
} else {
echo "<response>false</response>";
}
return;
}
//Validation is OK, continue to user request submition
db()->beginTransaction();
try {
$msg = isset($_GET["m"]) ? $_GET["m"] : "";
//If not in base64 format it will crash
if ($msg !== "") {
//do nothing
}
//Check inclusion list. This receiver will get the notification even if he is not allowed.
if (isset($_GET["r"])) {
//TODO
}
//Check exclution list. This receivers won't get the mail notification.
if (isset($_GET["e"])) {
//TODO
}
//save request
$ur = new Default_Model_UserRequest();
$ur->typeid = 2;
//releasemanager
$ur->userguid = $uguid;
$ur->userdata = $msg;
$ur->targetguid = $app->guid;
$ur->stateid = 1;
//submitted;
$ur->save();
db()->commit();
} catch (Exception $e) {
db()->rollBack();
echo "<response error='Could not save request' >" . $e->getMessage() . "</response>";
return;
}
// Send E-Mail notifications to receivers
try {
UserRequests::sendEmailRequestNotifications($user, $app, $msg, "releasemanager");
} catch (Exception $e) {
error_log("EMAIL ERROR:Could not send email notification about user request to join software.Details:" . $e->getMessage());
}
//respond OK
echo "<response>ok</response>";
}