function wiki_replace_link_callback($matches)
{
if (count($matches) < 2) {
return null;
}
if ($matches[1] == 'wiki') {
$rev = Revisions::instance()->getTableName(true);
$page = Wiki::instance()->getTableName(true);
$where1 = 'WHERE page_id = ' . $matches[2] . ' AND project_id = ' . active_project()->getId();
$where2 = 'WHERE id = ' . $matches[2] . ' AND project_id = ' . active_project()->getId();
$sql = "SELECT page_id, name FROM {$rev} {$where1} ";
$sql .= "AND revision = ( select revision from {$page} {$where2} )";
//echo $sql;
$row = DB::executeOne($sql);
if (!count($row)) {
return null;
}
$url = get_url($matches[1], 'view', array('id' => $matches[2]));
$url = str_replace('&', '&', $url);
return '"' . $row['name'] . '(' . $row['page_id'] . ')":' . $url;
}
$user = Users::instance()->getTableName(true);
$where1 = 'WHERE id = ' . $matches[2];
$sql = "SELECT id, display_name FROM {$user} {$where1} ";
echo $sql;
$row = DB::executeOne($sql);
if (!count($row)) {
return null;
}
$url = get_url($matches[1], 'card', array('id' => $matches[2]));
$url = str_replace('&', '&', $url);
return '"' . $row['display_name'] . '(' . $row['id'] . ')":' . $url;
}
/**
* Return all companies that have system users
*
* @param void
* @return array
*/
static function getCompaniesWithUsers()
{
$user_table = Users::instance()->getTableName();
$companies_table = Companies::instance()->getTableName();
return Companies::findAll(array('conditions' => array("EXISTS (SELECT `id` FROM {$user_table} WHERE {$user_table}.`company_id` = {$companies_table}.`id` )"), 'order' => '`client_of_id`'));
// findAll
}
/**
* Return all users that are involved in specific project
*
* @access public
* @param Project $project
* @param string $additional_conditions
* @return array
*/
function getUsersByProject(Project $project, $additional_conditions = null)
{
$contacts_table = Contacts::instance()->getTableName(true);
$users_table = Users::instance()->getTableName(true);
$project_users_table = ProjectUsers::instance()->getTableName(true);
$users = array();
$sql = "SELECT {$users_table}.* FROM {$users_table}, {$project_users_table}, {$contacts_table} WHERE ({$users_table}.`id` = {$project_users_table}.`user_id` AND {$contacts_table}.`user_id` = {$users_table}.`id` AND {$project_users_table}.`project_id` = " . DB::escape($project->getId()) . ')';
if (trim($additional_conditions) != '') {
$sql .= " AND ({$additional_conditions})";
}
$sql .= " ORDER BY ({$contacts_table}.`display_name`)";
$rows = DB::executeAll($sql);
if (is_array($rows)) {
foreach ($rows as $row) {
$users[] = Users::instance()->loadFromRow($row);
}
// foreach
}
// if
return count($users) ? $users : null;
}
/**
* This function will return paginated result. Result is an array where first element is
* array of returned object and second populated pagination object that can be used for
* obtaining and rendering pagination data using various helpers.
*
* Items and pagination array vars are indexed with 0 for items and 1 for pagination
* because you can't use associative indexing with list() construct
*
* @access public
* @param array $arguments Query argumens (@see find()) Limit and offset are ignored!
* @param integer $items_per_page Number of items per page
* @param integer $current_page Current page number
* @return array
*/
function paginate($arguments = null, $items_per_page = 10, $current_page = 1)
{
if (isset($this) && instance_of($this, 'Users')) {
return parent::paginate($arguments, $items_per_page, $current_page);
} else {
return Users::instance()->paginate($arguments, $items_per_page, $current_page);
//$instance =& Users::instance();
//return $instance->paginate($arguments, $items_per_page, $current_page);
}
// if
}
/**
* Return manager instance
*
* @access protected
* @param void
* @return Users
*/
function manager()
{
if (!$this->manager instanceof Users) {
$this->manager = Users::instance();
}
return $this->manager;
}
/**
* Return users that have auto assign value set to true
*
* @access public
* @param void
* @return array
*/
function getAutoAssignUsers()
{
$users_table = Users::instance()->getTableName(true);
$contacts_table = Contacts::instance()->getTableName(true);
$users = array();
$sql = "SELECT {$users_table}.* FROM {$users_table}, {$contacts_table} WHERE ({$users_table}.`id` = {$contacts_table}.`user_id` AND {$contacts_table}.`company_id` = " . DB::escape($this->getId()) . " AND {$users_table}.`auto_assign` > " . DB::escape(0) . " )";
$rows = DB::executeAll($sql);
if (is_array($rows)) {
foreach ($rows as $row) {
$users[] = Users::instance()->loadFromRow($row);
}
// foreach
}
// if
return count($users) ? $users : null;
}
/**
* Return users of specific company involeved in specific project
*
* @access public
* @param Company $company
* @param Project $project
* @return array
*/
function getCompanyUsersByProject(Company $company, Project $project)
{
$users_table = Users::instance()->getTableName(true);
return self::getUsersByProject($project, "{$users_table}.`company_id` = " . DB::escape($company->getId()));
}
/**
* Enter description here...
* assumes manager has one field as PK
*
* @param DataManager $manager
* @param $access_level ACCESS_LEVEL_XX objects that defines which permission is being checked
* @param string $project_id string that will be compared to the project id while searching project_user table
* @param int $user_id user whose permissions are being checked
* @return unknown
*/
function permissions_sql_for_listings(DataManager $manager, $access_level, User $user, $project_id = '`project_id`', $table_alias = null)
{
if (!$manager instanceof DataManager) {
throw new Exception("Invalid manager '{$manager}' in permissions helper", -1);
return '';
}
$user_id = $user->getId();
$oup_tablename = ObjectUserPermissions::instance()->getTableName(true);
$wo_tablename = WorkspaceObjects::instance()->getTableName(true);
$users_table_name = Users::instance()->getTableName(true);
$pu_table_name = ProjectUsers::instance()->getTableName(true);
if ($user->isGuest() && $access_level == ACCESS_LEVEL_WRITE) {
return 'false';
}
if (isset($table_alias) && $table_alias && $table_alias != '') {
$object_table_name = $table_alias;
} else {
$object_table_name = $manager->getTableName();
}
if (!is_numeric($project_id)) {
$project_id = "{$object_table_name}.{$project_id}";
}
$object_id_field = $manager->getPkColumns();
$object_id = $object_table_name . '.' . $object_id_field;
$object_manager = get_class($manager);
$access_level_text = access_level_field_name($access_level);
$item_class = $manager->getItemClass();
$is_project_data_object = new $item_class() instanceof ProjectDataObject;
// permissions for contacts
if ($manager instanceof Contacts && can_manage_contacts($user)) {
return 'true';
}
if ($manager instanceof Companies && can_manage_contacts($user)) {
return 'true';
}
// permissions for file revisions
if ($manager instanceof ProjectFileRevisions) {
$pfTableName = "`" . TABLE_PREFIX . "project_files`";
return "{$object_table_name}.`file_id` IN (SELECT `id` FROM {$pfTableName} WHERE " . permissions_sql_for_listings(ProjectFiles::instance(), $access_level, $user) . ")";
}
// permissions for projects
if ($manager instanceof Projects) {
$pcTableName = "`" . TABLE_PREFIX . 'project_users`';
return "{$object_table_name}.`id` IN (SELECT `project_id` FROM {$pcTableName} `pc` WHERE `user_id` = {$user_id})";
}
// permissions for users
if ($manager instanceof Users) {
if (logged_user()->isMemberOfOwnerCompany()) {
return "true";
} else {
return "{$object_table_name}.`company_id` = " . owner_company()->getId() . " OR {$object_table_name}.`company_id` = " . logged_user()->getCompanyId();
}
}
$can_manage_object = manager_class_field_name($object_manager, $access_level);
// user is creator
$str = " ( `created_by_id` = {$user_id}) ";
// element belongs to personal project
/*if($is_project_data_object) // TODO: type of element belongs to a project
if (!in_array('project_id', $manager->getColumns())) {
$str .= "\n OR ( EXISTS(SELECT * FROM $users_table_name `xx_u`, $wo_tablename `xx_wo`
WHERE `xx_u`.`id` = $user_id
AND `xx_u`.`personal_project_id` = `xx_wo`.`workspace_id`
AND `xx_wo`.`object_id` = $object_id
AND `xx_wo`.`object_manager` = '$object_manager' )) ";
} else {
$str .= "\n OR ( $project_id = (SELECT `personal_project_id` FROM $users_table_name `xx_u` WHERE `xx_u`.`id` = $user_id)) ";
}
*/
// user or group has specific permissions over object
$group_ids = $user->getGroupsCSV();
$all_ids = '(' . $user_id . ($group_ids != '' ? ',' . $group_ids : '') . ')';
$str .= "\n OR ( EXISTS ( SELECT * FROM {$oup_tablename} `xx_oup` \n\t\t\t\tWHERE `xx_oup`.`rel_object_id` = {$object_id} \n\t\t\t\t\tAND `xx_oup`.`rel_object_manager` = '{$object_manager}' \n\t\t\t\t\tAND `xx_oup`.`user_id` IN {$all_ids} \n\t\t\t\t\tAND `xx_oup`.{$access_level_text} = true) )";
if ($is_project_data_object) {
// TODO: type of element belongs to a project
if (!in_array('project_id', $manager->getColumns())) {
$str .= "\n OR ( EXISTS ( SELECT * FROM {$pu_table_name} `xx_pu`, {$wo_tablename} `xx_wo` \n\t\t\t\tWHERE `xx_pu`.`user_id` IN {$all_ids} \n\t\t\t\t\tAND `xx_pu`.`project_id` = `xx_wo`.`workspace_id`\n\t\t\t\t\tAND `xx_wo`.`object_id` = {$object_id} \n\t\t\t\t\tAND `xx_wo`.`object_manager` = '{$object_manager}'\n\t\t\t\t\tAND `xx_pu`.{$can_manage_object} = true ) ) ";
} else {
$str .= "\n OR ( EXISTS ( SELECT * FROM {$pu_table_name} `xx_pu` \n\t\t\t\tWHERE `xx_pu`.`user_id` IN {$all_ids} \n\t\t\t\t\tAND `xx_pu`.`project_id` = {$project_id} \n\t\t\t\t\tAND `xx_pu`.{$can_manage_object} = true ) ) ";
}
}
// check account permissions in case of emails
if ($manager instanceof MailContents) {
$maccTableName = MailAccountUsers::instance()->getTableName(true);
$str .= "\n OR EXISTS(SELECT `id` FROM {$maccTableName} WHERE `account_id` = {$object_table_name}.`account_id` AND `user_id` = {$user_id})";
if (user_config_option('view deleted accounts emails', null, $user_id)) {
$str .= "\n OR ((SELECT count(*) FROM `" . TABLE_PREFIX . "mail_accounts` WHERE `id` = {$object_table_name}.`account_id`) = 0) AND `created_by_id` = {$user_id}";
}
}
$hookargs = array('manager' => $manager, 'access_level' => $access_level, 'user' => $user, 'project_id' => $project_id, 'table_alias' => $table_alias);
Hook::fire('permissions_sql', $hookargs, $str);
return ' (' . $str . ') ';
}
function getCompanyUsersByWorkspaces(Company $company, $ws)
{
$users_table = Users::instance()->getTableName(true);
return self::getUsersByWorkspaces($ws, "{$users_table}.`company_id` = " . DB::escape($company->getId()));
}
public function getUsers($limit, $type = '', $fromId = 0)
{
$users = Users::instance();
return $users->getUsers($this, $limit, $type, $fromId);
}
/**
* Do a SELECT query over database with specified arguments
*
* @access public
* @param array $arguments Array of query arguments. Fields:
*
* - one - select first row
* - conditions - additional conditions
* - order - order by string
* - offset - limit offset, valid only if limit is present
* - limit
*
* @return one or Users objects
* @throws DBQueryError
*/
function find($arguments = null)
{
if (isset($this) && instance_of($this, 'UserPasswords')) {
return parent::find($arguments);
} else {
return Users::instance()->find($arguments);
}
// if
}
