function header($params) { global $DOCUMENT_ROOT, $HTML, $group_id; use_javascript('/js/sortable.js'); html_use_jquery(); $params['toptab'] = 'taskboard'; $params['group'] = $group_id; $labels[] = _("View Taskboard"); $links[] = '/plugins/taskboard/index.php?group_id=' . $group_id; if (session_loggedin()) { if (forge_check_perm('tracker', $this->getID(), 'manager')) { $labels[] = _('Administration'); $links[] = '/plugins/taskboard/admin/index.php?group_id=' . $group_id; $action = getStringFromRequest('action'); if ($action == 'edit_column') { $labels[] = _('Configure Columns'); $links[] = '/plugins/taskboard/admin/index.php?group_id=' . $group_id . '&action=columns'; $column_id = getStringFromRequest('column_id', ''); if ($column_id) { $labels[] = _('Delete Column'); $links[] = '/plugins/taskboard/admin/index.php?group_id=' . $group_id . '&action=delete_column&column_id=' . $column_id; } } } } $params['submenu'] = $HTML->subMenu($labels, $links); site_project_header($params); }
/** * get_public_active_projects_asc() - Get a list of rows for public active projects (initially in trove/full_list) * * @param int Opional Maximum number of rows to limit query length· */ function get_public_active_projects_asc($max_query_limit = -1) { $private_access = db_es(Project::ACCESS_PRIVATE); $res_grp = db_query("\n SELECT group_id, group_name, unix_group_name, short_description, register_time\n FROM groups\n WHERE status = 'A' AND access != '{$private_access}' AND group_id > 4 AND register_time > 0\n ORDER BY group_name ASC\n\t\t\t"); $projects = array(); while ($row_grp = db_fetch_array($res_grp)) { if (!forge_check_perm('project_read', $row_grp['group_id'])) { continue; } $projects[] = $row_grp; } return $projects; }
/** * update - update a role in the database. * * @param string The name of the role. * @param array A multi-dimensional array of data in this format: $data['section_name']['ref_id']=$val * @param boolean Perform permission checking * @return boolean True on success or false on failure. */ function update($role_name, $data, $check_perms = true) { global $SYS; if (USE_PFO_RBAC) { if ($check_perms) { if ($this->getHomeProject() == NULL) { if (!forge_check_global_perm('forge_admin')) { $this->setPermissionDeniedError(); return false; } } elseif (!forge_check_perm('project_admin', $this->getHomeProject()->getID())) { $this->setPermissionDeniedError(); return false; } } } else { $perm =& $this->Group->getPermission(); if (!$perm || !is_object($perm) || $perm->isError() || !$perm->isAdmin()) { $this->setPermissionDeniedError(); return false; } // // Cannot update role_id=1 // if ($this->getID() == 1) { $this->setError('Cannot Update Default Role'); return false; } } db_begin(); if (USE_PFO_RBAC) { if ($role_name != $this->getName()) { $this->setName($role_name); } foreach ($data as $sect => $refs) { foreach ($refs as $refid => $value) { $this->setSetting($sect, $refid, $value); } if ($sect == 'scm') { foreach ($this->getUsers() as $u) { if (!$SYS->sysGroupCheckUser($refid, $u->getID())) { $this->setError($SYS->getErrorMessage()); db_rollback(); return false; } } } } } else { if (!$this->setName($role_name)) { db_rollback(); return false; } // Delete extra settings db_query_params('DELETE FROM role_setting WHERE role_id=$1 AND section_name <> ALL ($2)', array($this->getID(), db_string_array_to_any_clause(array_keys($this->role_values)))); db_query_params('DELETE FROM role_setting WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)', array($this->getID(), 'tracker', db_int_array_to_any_clause(array_keys($data['tracker'])))); db_query_params('DELETE FROM role_setting WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)', array($this->getID(), 'forum', db_int_array_to_any_clause(array_keys($data['forum'])))); db_query_params('DELETE FROM role_setting WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)', array($this->getID(), 'pm', db_int_array_to_any_clause(array_keys($data['pm'])))); ////$data['section_name']['ref_id']=$val $arr1 = array_keys($data); for ($i = 0; $i < count($arr1); $i++) { // array_values($Report->adjust_days) $arr2 = array_keys($data[$arr1[$i]]); for ($j = 0; $j < count($arr2); $j++) { $usection_name = $arr1[$i]; $uref_id = $arr2[$j]; $uvalue = $data[$usection_name][$uref_id]; if (!$uref_id) { $uref_id = 0; } if (!$uvalue) { $uvalue = 0; } // // See if this setting changed. If so, then update it // // if ($this->getVal($usection_name,$uref_id) != $uvalue) { $res = db_query_params('UPDATE role_setting SET value=$1 WHERE role_id=$2 AND section_name=$3 AND ref_id=$4', array($uvalue, $this->getID(), $usection_name, $uref_id)); if (!$res || db_affected_rows($res) < 1) { $res = db_query_params('INSERT INTO role_setting (role_id, section_name, ref_id, value) VALUES ($1, $2, $3, $4)', array($this->getID(), $usection_name, $uref_id, $uvalue)); if (!$res) { $this->setError('update::rolesettinginsert::' . db_error()); db_rollback(); return false; } } if ($usection_name == 'frs') { $update_usergroup = true; } elseif ($usection_name == 'scm') { //$update_usergroup=true; //iterate all users with this role $res = db_query_params('SELECT user_id FROM user_group WHERE role_id=$1', array($this->getID())); for ($z = 0; $z < db_numrows($res); $z++) { //TODO - Shell should be separate flag // If user acquired admin access to CVS, // one to be given normal shell on CVS machine, // else - restricted. // $cvs_flags = $data['scm'][0]; $res2 = db_query_params('UPDATE user_group SET cvs_flags=$1 WHERE user_id=$2', array($cvs_flags, db_result($res, $z, 'user_id'))); if (!$res2) { $this->setError('update::scm::' . db_error()); db_rollback(); return false; } // I have doubt the following is usefull // This is probably buggy if used if ($cvs_flags > 1) { if (!$SYS->sysUserSetAttribute(db_result($res, $z, 'user_id'), "debGforgeCvsShell", "/bin/bash")) { $this->setError($SYS->getErrorMessage()); db_rollback(); return false; } } else { if (!$SYS->sysUserSetAttribute(db_result($res, $z, 'user_id'), "debGforgeCvsShell", "/bin/cvssh")) { $this->setError($SYS->getErrorMessage()); db_rollback(); return false; } } // // If user acquired at least commit access to CVS, // one to be promoted to CVS group, else, demoted. // if ($uvalue > 0) { if (!$SYS->sysGroupAddUser($this->Group->getID(), db_result($res, $z, 'user_id'), 1)) { $this->setError($SYS->getErrorMessage()); db_rollback(); return false; } } else { if (!$SYS->sysGroupRemoveUser($this->Group->getID(), db_result($res, $z, 'user_id'), 1)) { $this->setError($SYS->getErrorMessage()); db_rollback(); return false; } } } } elseif ($usection_name == 'docman') { $update_usergroup = true; } elseif ($usection_name == 'forumadmin') { $update_usergroup = true; } elseif ($usection_name == 'trackeradmin') { $update_usergroup = true; } elseif ($usection_name == 'projectadmin') { $update_usergroup = true; } elseif ($usection_name == 'pmadmin') { $update_usergroup = true; } // } } } // if ($update_usergroup) { $keys = array('forumadmin', 'pmadmin', 'trackeradmin', 'docman', 'scm', 'frs', 'projectadmin'); foreach ($keys as $k) { if (!array_key_exists($k, $data)) { $data[$k] = array(0); } } $res = db_query_params('UPDATE user_group SET admin_flags=$1, forum_flags=$2, project_flags=$3, doc_flags=$4, cvs_flags=$5, release_flags=$6, artifact_flags=$7 WHERE role_id=$8', array($data['projectadmin'][0], $data['forumadmin'][0], $data['pmadmin'][0], $data['docman'][0], $data['scm'][0], $data['frs'][0], $data['trackeradmin'][0], $this->getID())); if (!$res) { $this->setError('::update::usergroup::' . db_error()); db_rollback(); return false; } // } } // USE_PFO_RBAC $hook_params = array(); $hook_params['role'] =& $this; $hook_params['role_id'] = $this->getID(); $hook_params['data'] = $data; plugin_hook("role_update", $hook_params); db_commit(); $this->fetchData($this->getID()); return true; }
/** * Returns true if current user can modify artifacts * * @return boolean */ function isTechnician() { $ret = true; $tasks_trackers = $this->TaskBoard->getUsedTrackersData(); foreach ($tasks_trackers as $tasks_tracker_data) { error_log($tasks_tracker_data['group_artifact_id']); if (!forge_check_perm('tracker', $tasks_tracker_data['group_artifact_id'], 'tech')) { $ret = false; } } return $ret; }