function reportBugFormTop($p_event, $p_project_id) { # allow to change reporter_id (if access level is higher than defined) $t_user_id = auth_get_current_user_id(); $t_access_level = user_get_access_level($t_user_id, $p_project_id); if ($t_access_level >= plugin_config_get('select_threshold')) { ?> <tr <?php echo helper_alternate_class(); ?> > <td class="category" width="30%"> <?php echo lang_get('reporter'); ?> </td> <td width="70%"> <select <?php echo helper_get_tab_index(); ?> name="reporter_id"> <?php print_reporter_option_list($t_user_id, $p_project_id); ?> </select> </td> </tr> <?php } }
function footer() { $t_project_id = helper_get_current_project(); $t_user_id = auth_get_current_user_id(); $t_user_has_level = user_get_access_level($t_user_id, $t_project_id) >= plugin_config_get('BackgroundImageAccessLevel', PLUGINS_BACKGROUNDIMAGEVIEW_THRESHOLD_LEVEL_DEFAULT); if (plugin_config_get('ShowInFooter') == 1 && $t_user_has_level) { return '<address>' . $this->name . ' ' . $this->version . ' Copyright © 2015 by <a href="mailto://' . $this->contact . '">' . $this->author . '</a></address>'; } return null; }
function add_columns() { $t_project_id = helper_get_current_project(); $t_user_id = auth_get_current_user_id(); $t_user_has_level = user_get_access_level($t_user_id, $t_project_id) >= plugin_config_get('RelationshipColumnAccessLevel', PLUGINS_RELATIONSHIPCOLUMNVIEW_THRESHOLD_LEVEL_DEFAULT); $t_result = array(); if (plugin_config_get('ShowRelationshipColumn') == gpc_get_int('ShowRelationshipColumn', ON) && $t_user_has_level) { if ('1.2.' == substr(MANTIS_VERSION, 0, 4)) { require_once 'classes' . DIRECTORY_SEPARATOR . 'RelationshipColumn.class.1.2.0.php'; } else { require_once 'classes' . DIRECTORY_SEPARATOR . 'RelationshipColumn.class.1.3.0.php'; } $t_result[] = 'RelationshipColumn'; } return $t_result; }
public function get($request) { /* * Returns a Response with a representation of the note list. * * @param $request - The Request we're responding to */ $this->bug_id = BugnoteList::get_bug_id_from_url($request->url); # Access checking and note gathering is based on Mantis's # email_build_visible_bug_data(). $project_id = bug_get_field($this->bug_id, 'project_id'); $user_id = auth_get_current_user_id(); $access_level = user_get_access_level($user_id, $project_id); if (!access_has_bug_level(VIEWER, $this->bug_id)) { throw new HTTPException(403, "Access denied"); } $visible_notes = bugnote_get_all_visible_bugnotes($this->bug_id, $access_level, 'ASC', 0); $visible_note_ids = array(); foreach ($visible_notes as $n) { $visible_note_ids[] = (int) $n->id; } # Apply conditions and sorts $sql_to_add = $this->_build_sql_from_querystring($request->query); $note_ids = array(); if ($sql_to_add) { $mantis_bugnote_table = config_get('mantis_bugnote_table'); $query = "SELECT n.id FROM {$mantis_bugnote_table} n {$sql_to_add};"; $result = db_query($query); foreach ($result as $r) { if (in_array((int) $r[0], $visible_note_ids)) { $note_ids[] = (int) $r[0]; } } } else { $note_ids = $visible_note_ids; } $this->rsrc_data = array(); $this->rsrc_data['results'] = array(); foreach ($note_ids as $n) { $config = get_config(); $this->rsrc_data['results'][] = Bugnote::get_url_from_mantis_id($n); } $resp = new Response(); $resp->status = 200; $resp->body = $this->_repr($request); return $resp; }
function menu() { if (plugin_config_get('show_menu')) { require_once __DIR__ . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'wmApi.php'; $projectId = helper_get_current_project(); $userId = auth_get_current_user_id(); $userAccessLevel = user_get_access_level($userId, $projectId); $whiteboardPlugins = wmApi::getWhiteboardPlugins(); $showMenu = false; foreach ($whiteboardPlugins as $whiteboardPlugin) { $pluginAccessLevel = $whiteboardPlugin[2]; if (user_is_administrator($userId) || $userAccessLevel >= $pluginAccessLevel) { $showMenu = true; break; } } if ($showMenu) { return '<a href="' . plugin_page('whiteboard_menu') . '">' . plugin_lang_get('menu_title') . '</a>'; } } return null; }
function print_users_in_group_option_list($usergroup_id) { if (plugin_config_get('assign_to_groups', '') == 1 && plugin_config_get('assign_group_threshold', '') <= user_get_access_level(auth_get_current_user_id())) { $show_groups = 1; } else { $show_groups = 0; } $t_table_users = plugin_table('users'); $t_user_table = db_get_table('mantis_user_table'); $query = "SELECT * FROM ("; $query .= " SELECT u.id, u.username, u.realname, ug.group_user_id"; $query .= " FROM {$t_user_table} AS u"; $query .= " LEFT JOIN {$t_table_users} AS ug ON (u.id=ug.user)"; //if( plugin_config_get('assign_to_groups', '') == 0 || plugin_config_get('assign_group_threshold','') > user_get_access_level( auth_get_current_user_id() ) ) if ($show_groups == 0) { $query .= " WHERE u.username NOT LIKE " . db_param(); } $query .= ") AS t1 WHERE group_user_id=" . db_param() . " OR group_user_id IS NULL ORDER BY username ASC"; if ($show_groups == 0) { $result = db_query_bound($query, array(plugin_config_get('group_prefix') . '%', (int) $usergroup_id)); } else { $result = db_query_bound($query, array((int) $usergroup_id)); } $count = db_num_rows($result); for ($i = 0; $i < $count; $i++) { $row = db_fetch_array($result); if ($row['id'] == $usergroup_id) { continue; //usergroup must not be nested with itself } echo '<option value="' . $row['id'] . '" '; if (!is_null($row['group_user_id'])) { echo 'selected="selected"'; } else { echo ''; } echo '>' . $row['username'] . '</option>'; } }
/** * print menu entrys for each plugin */ public static function printWhiteboardMenu() { $projectId = helper_get_current_project(); $userId = auth_get_current_user_id(); $userAccessLevel = user_get_access_level($userId, $projectId); $whiteboardPlugins = self::getWhiteboardPlugins(); $whiteboardPluginCount = count($whiteboardPlugins); echo '<div class="table">'; for ($index = 0; $index < $whiteboardPluginCount; $index++) { $whiteboardPlugin = $whiteboardPlugins[$index]; $plugin = $whiteboardPlugin[1]; $pluginAccessLevel = $whiteboardPlugin[2]; $pluginShowMenu = $whiteboardPlugin[3]; if ((user_is_administrator($userId) || $userAccessLevel >= $pluginAccessLevel) && $pluginShowMenu == 1) { if ($index > 0) { echo '<div class="item"> | </div>'; } $pluginLink = $whiteboardPlugin[4]; echo '<div class="item"><a href="' . $pluginLink . '">' . plugin_lang_get('menu_title', $plugin) . '</a></div>'; } } echo '</div>'; }
/** * Build the bugnotes array for the given bug_id filtered by specified $p_user_access_level. * Bugnotes are sorted by date_submitted according to 'bugnote_order' configuration setting. * Return BugnoteData class object with raw values from the tables except the field * last_modified - it is UNIX_TIMESTAMP. * @param int $p_bug_id bug id * @param int $p_user_bugnote_order sort order * @param int $p_user_bugnote_limit number of bugnotes to display to user * @param int $p_user_id user id * @return array array of bugnotes * @access public */ function bugnote_get_all_visible_bugnotes($p_bug_id, $p_user_bugnote_order, $p_user_bugnote_limit, $p_user_id = null) { if ($p_user_id === null) { $t_user_id = auth_get_current_user_id(); } else { $t_user_id = $p_user_id; } $t_project_id = bug_get_field($p_bug_id, 'project_id'); $t_user_access_level = user_get_access_level($t_user_id, $t_project_id); $t_all_bugnotes = bugnote_get_all_bugnotes($p_bug_id); $t_private_bugnote_threshold = config_get('private_bugnote_threshold'); $t_private_bugnote_visible = access_compare_level($t_user_access_level, config_get('private_bugnote_threshold')); $t_time_tracking_visible = access_compare_level($t_user_access_level, config_get('time_tracking_view_threshold')); $t_bugnotes = array(); $t_bugnote_count = count($t_all_bugnotes); $t_bugnote_limit = $p_user_bugnote_limit > 0 ? $p_user_bugnote_limit : $t_bugnote_count; $t_bugnotes_found = 0; # build a list of the latest bugnotes that the user can see for ($i = 0; $i < $t_bugnote_count && $t_bugnotes_found < $t_bugnote_limit; $i++) { $t_bugnote = array_pop($t_all_bugnotes); if ($t_private_bugnote_visible || $t_bugnote->reporter_id == $t_user_id || VS_PUBLIC == $t_bugnote->view_state) { # If the access level specified is not enough to see time tracking information # then reset it to 0. if (!$t_time_tracking_visible) { $t_bugnote->time_tracking = 0; } $t_bugnotes[$t_bugnotes_found++] = $t_bugnote; } } # reverse the list for users with ascending view preferences if ('ASC' == $p_user_bugnote_order) { $t_bugnotes = array_reverse($t_bugnotes); } return $t_bugnotes; }
function project_add_user($p_project_id, $p_user_id, $p_access_level) { $t_project_user_list_table = config_get('mantis_project_user_list_table'); $c_project_id = db_prepare_int($p_project_id); $c_user_id = db_prepare_int($p_user_id); $c_access_level = db_prepare_int($p_access_level); if (DEFAULT_ACCESS_LEVEL == $p_access_level) { # Default access level for this user $c_access_level = db_prepare_int(user_get_access_level($p_user_id)); } $query = "INSERT\r\n\t\t\t\t INTO {$t_project_user_list_table}\r\n\t\t\t\t ( project_id, user_id, access_level )\r\n\t\t\t\t VALUES\r\n\t\t\t\t ( '{$c_project_id}', '{$c_user_id}', '{$c_access_level}')"; db_query($query); # db_query errors on failure so: return true; }
* Created: 2008-01-05 * Last update: 2012-05-23 * * @link http://deboutv.free.fr/mantis/ * @copyright * @author Vincent DEBOUT <*****@*****.**> * @author Jiri Hron <*****@*****.**> */ require_once 'core.php'; require_once 'bug_api.php'; html_page_top(plugin_lang_get('display_page_title')); $t_user_id = auth_get_current_user_id(); $t_project_id = helper_get_current_project(); $t_releases = version_get_all_rows($t_project_id, 1); $t_project_name = project_get_name($t_project_id); $t_user_has_upload_level = user_get_access_level($t_user_id, $t_project_id) >= plugin_config_get('upload_threshold_level', PLUGINS_RELEASEMGT_UPLOAD_THRESHOLD_LEVEL_DEFAULT); echo '<br /><span class="pagetitle">', string_display($t_project_name), ' - ', plugin_lang_get('display_page_title'), '</span><br /><br />'; foreach ($t_releases as $t_release) { $t_prj_id = $t_release['project_id']; $t_project_name = project_get_field($t_prj_id, 'name'); $t_release_title = string_display($t_project_name) . ' - ' . string_display($t_release['version']); echo '<tt>' . $t_release_title . '<br />'; echo str_pad('', strlen($t_release_title), '='), '</tt><br /><br />'; $t_query = 'SELECT id, title, description FROM ' . plugin_table('file') . ' WHERE project_id=' . db_prepare_int($t_prj_id) . ' AND version_id=' . db_prepare_int($t_release['id']) . ' ORDER BY title ASC'; $t_result = db_query($t_query); while ($t_row = db_fetch_array($t_result)) { echo '- <a href="' . plugin_page('download') . '&id=' . $t_row['id'] . '" title="' . plugin_lang_get('download_link') . '">' . $t_row['title'] . '</a>'; if ($t_user_has_upload_level) { echo ' '; echo '- [ <a href="' . plugin_page('delete') . '&id=' . $t_row['id'] . '" onclick="return confirm(\'Are you sure?\');" title=" ' . lang_get('delete_link') . '">' . lang_get('delete_link') . '</a> ]'; }
/** * Get history details about an issue. * * @param string $p_username The name of the user trying to access the issue. * @param string $p_password The password of the user. * @param integer $p_issue_id The id of the issue to retrieve. * @return array that represents a HistoryDataArray structure */ function mc_issue_get_history($p_username, $p_password, $p_issue_id) { global $g_project_override; $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if (!bug_exists($p_issue_id)) { return SoapObjectsFactory::newSoapFault('Client', 'Issue does not exist'); } $t_project_id = bug_get_field($p_issue_id, 'project_id'); if (!mci_has_readonly_access($t_user_id, $t_project_id)) { return mci_soap_fault_access_denied($t_user_id); } $g_project_override = $t_project_id; if (!access_has_bug_level(config_get('view_bug_threshold', null, null, $t_project_id), $p_issue_id, $t_user_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_user_access_level = user_get_access_level($t_user_id, $t_project_id); if (!access_compare_level($t_user_access_level, config_get('view_history_threshold'))) { return mci_soap_fault_access_denied($t_user_id); } log_event(LOG_WEBSERVICE, 'retrieving history for issue \'' . $p_issue_id . '\''); $t_bug_history = history_get_raw_events_array($p_issue_id, $t_user_id); return $t_bug_history; }
/** * Get all visible notes for a specific issue * * @param integer $p_issue_id The id of the issue to retrieve the notes for * @return Array that represents an IssueNoteData structure */ function mci_issue_get_notes($p_issue_id) { $t_user_id = auth_get_current_user_id(); $t_lang = mci_get_user_lang($t_user_id); $t_project_id = bug_get_field($p_issue_id, 'project_id'); $t_user_access_level = user_get_access_level($t_user_id, $t_project_id); $t_user_bugnote_order = 'ASC'; // always get the notes in ascending order for consistency to the calling application. $t_result = array(); foreach (bugnote_get_all_visible_bugnotes($p_issue_id, $t_user_access_level, $t_user_bugnote_order, 0) as $t_value) { $t_bugnote = array(); $t_bugnote['id'] = $t_value->id; $t_bugnote['reporter'] = mci_account_get_array_by_id($t_value->reporter_id); $t_bugnote['date_submitted'] = timestamp_to_iso8601($t_value->date_submitted); $t_bugnote['last_modified'] = timestamp_to_iso8601($t_value->last_modified); $t_bugnote['text'] = $t_value->note; $t_bugnote['view_state'] = mci_enum_get_array_by_id($t_value->view_state, 'view_state', $t_lang); $t_result[] = $t_bugnote; } return $t_result; }
function getUserHasLevel() { $project_id = helper_get_current_project(); $user_id = auth_get_current_user_id(); return user_get_access_level($user_id, $project_id) >= plugin_config_get('UserProjectAccessLevel', PLUGINS_USERPROJECTVIEW_THRESHOLD_LEVEL_DEFAULT); }
/** * Returns the access level of the current user in the current project * * @return access level code * @access public */ function current_user_get_access_level() { return user_get_access_level(auth_get_current_user_id(), helper_get_current_project()); }
/** * Print the option panel where the user manage user->project-assignments and the overall amount of issues * for each status under the user table * * @param $stat_issue_count */ function print_option_panel($stat_issue_count) { global $print; $user_has_level = false; $project_ids = array(); $current_project_id = helper_get_current_project(); array_push($project_ids, $current_project_id); $sub_project_ids = project_hierarchy_get_all_subprojects($current_project_id); foreach ($sub_project_ids as $sub_project_id) { array_push($project_ids, $sub_project_id); } foreach ($project_ids as $project_id) { $access_level = user_get_access_level(auth_get_current_user_id(), $project_id); if ($access_level >= plugin_config_get('UserProjectAccessLevel')) { $user_has_level = true; } } echo '<tr>' . PHP_EOL; echo '<td colspan="' . userprojectapi::get_project_hierarchy_spec_colspan(6, true) . '">'; if (!$print) { if ($user_has_level) { echo '<label for="option"></label>'; echo '<select id="option" name="option">'; echo '<option value="removeSingle">' . plugin_lang_get('remove_selectSingle') . '</option>'; echo '<option value="removeAll">' . plugin_lang_get('remove_selectAll') . '</option>'; echo '</select>'; echo ' <input type="submit" name="formSubmit" class="button" value="' . lang_get('ok') . '"/>'; } } echo '</td>' . PHP_EOL; for ($stat_index = 1; $stat_index <= userprojectapi::get_stat_count(); $stat_index++) { echo '<td>' . $stat_issue_count[$stat_index] . '</td>' . PHP_EOL; } echo '<td></td>' . PHP_EOL; echo '</tr>' . PHP_EOL; }
function project_add_user($p_project_id, $p_user_id, $p_access_level) { $t_project_user_list_table = db_get_table('project_user_list'); $c_project_id = db_prepare_int($p_project_id); $c_user_id = db_prepare_int($p_user_id); $c_access_level = db_prepare_int($p_access_level); if (DEFAULT_ACCESS_LEVEL == $p_access_level) { # Default access level for this user $c_access_level = db_prepare_int(user_get_access_level($p_user_id)); } $query = "INSERT\n\t\t\t\t INTO {$t_project_user_list_table}\n\t\t\t\t ( project_id, user_id, access_level )\n\t\t\t\t VALUES\n\t\t\t\t ( " . db_param() . ', ' . db_param() . ', ' . db_param() . ')'; db_query_bound($query, array($c_project_id, $c_user_id, $c_access_level)); # db_query errors on failure so: return true; }
/** * Check with a user has administrative access to the webservice * @param integer $p_user_id User id. * @param integer $p_project_id Project Id ( Default All Projects ). * @return boolean indicating whether user has the required access */ function mci_has_administrator_access($p_user_id, $p_project_id = ALL_PROJECTS) { $t_access_level = user_get_access_level($p_user_id, $p_project_id); return $t_access_level >= config_get('webservice_admin_access_level_threshold'); }
<?php /** * ReleaseMgt plugin * * Original author Vincent DEBOUT * modified for new Mantis plugin system by Jiri Hron * * Created: 2008-01-05 * Last update: 2012-05-23 * * @link http://deboutv.free.fr/mantis/ * @copyright * @author Vincent DEBOUT <*****@*****.**> * @author Jiri Hron <*****@*****.**> */ require_once 'core.php'; require_once 'bug_api.php'; require_once 'releasemgt_api.php'; $t_id = gpc_get_int('id'); $t_current_user_id = auth_get_current_user_id(); if (user_get_access_level($t_current_user_id) < plugin_config_get('upload_threshold_level', PLUGINS_RELEASEMGT_UPLOAD_THRESHOLD_LEVEL_DEFAULT)) { access_denied(); } plugins_releasemgt_file_delete($t_id); release_mgt_successful_redirect(plugin_page('releases', true));
/** * add user with the specified access level to a project * @param integer $p_project_id A project identifier. * @param integer $p_user_id A valid user id identifier. * @param integer $p_access_level The access level to add the user with. * @return void */ function project_add_user($p_project_id, $p_user_id, $p_access_level) { $t_access_level = (int) $p_access_level; if (DEFAULT_ACCESS_LEVEL == $t_access_level) { # Default access level for this user $t_access_level = user_get_access_level($p_user_id); } $t_query = 'INSERT INTO {project_user_list} ( project_id, user_id, access_level ) VALUES ( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ')'; db_query($t_query, array((int) $p_project_id, (int) $p_user_id, $t_access_level)); }
* * @uses check_api.php * @uses config_api.php * @uses user_api.php */ if (!defined('CHECK_ANONYMOUS_INC_ALLOW')) { return; } /** * MantisBT Check API */ require_once 'check_api.php'; require_api('config_api.php'); require_api('user_api.php'); check_print_section_header_row('Anonymous access'); $t_anonymous_access_enabled = config_get_global('allow_anonymous_login'); check_print_info_row('Anonymous access is enabled', $t_anonymous_access_enabled ? 'Yes' : 'No'); if (!$t_anonymous_access_enabled) { return; } $t_anonymous_account = config_get_global('anonymous_account'); check_print_test_row('anonymous_account configuration option is specified', $t_anonymous_account !== '', array(true => 'The account currently being used for anonymous access is: ' . htmlentities($t_anonymous_account), false => 'The anonymous_account configuration option must specify the username of an account to use for anonymous logins.')); if ($t_anonymous_account === '') { return; } $t_anonymous_user_id = user_get_id_by_name($t_anonymous_account); check_print_test_row('anonymous_account is a valid user account', $t_anonymous_user_id !== false, array(false => 'You need to specify a valid user account to use with the anonymous_account configuration options.')); check_print_test_row('anonymous_account user has the enabled flag set', user_is_enabled($t_anonymous_user_id), array(false => 'The anonymous user account must be enabled before it can be used.')); check_print_test_row('anonymous_account user has the protected flag set', user_get_field($t_anonymous_user_id, 'protected'), array(false => 'The anonymous user account needs to have the protected flag set to prevent anonymous users modifying the account.')); check_print_test_row('anonymous_account user does not have administrator permissions', !user_is_administrator($t_anonymous_user_id), array(true => 'The anonymous user account currently has an access level of: ' . htmlentities(get_enum_element('access_levels', user_get_access_level($t_anonymous_user_id))), false => 'The anonymous user account should not have administrator level permissions.'));
function getWriteLevel() { $project_id = helper_get_current_project(); $user_id = auth_get_current_user_id(); return user_get_access_level($user_id, $project_id) >= plugin_config_get('WriteAccessLevel', PLUGINS_SPECMANAGEMENT_WRITE_LEVEL_DEFAULT); }
require_api('authentication_api.php'); require_api('config_api.php'); require_api('event_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('print_api.php'); require_api('project_api.php'); form_security_validate('manage_proj_update'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_name = gpc_get_string('name'); $f_description = gpc_get_string('description'); $f_status = gpc_get_int('status'); $f_view_state = gpc_get_int('view_state'); $f_file_path = gpc_get_string('file_path', ''); $f_enabled = gpc_get_bool('enabled'); $f_inherit_global = gpc_get_bool('inherit_global', 0); $t_manage_project_threshold = config_get('manage_project_threshold'); access_ensure_project_level($t_manage_project_threshold, $f_project_id); # Save current access level to that project, so we can restore it if needed $t_user_id = auth_get_current_user_id(); $t_access_level = user_get_access_level($t_user_id, $f_project_id); project_update($f_project_id, $f_name, $f_description, $f_status, $f_view_state, $f_file_path, $f_enabled, $f_inherit_global); # User just locked themselves out of the project by making it private, # so we add them to the project with their previous access level if (VS_PRIVATE == $f_view_state && !access_has_project_level($t_manage_project_threshold, $f_project_id)) { project_add_user($f_project_id, $t_user_id, $t_access_level); } event_signal('EVENT_MANAGE_PROJECT_UPDATE', array($f_project_id)); form_security_purge('manage_proj_update'); print_header_redirect('manage_proj_page.php');
return; } $t_anonymous_user_id = user_get_id_by_name( $t_anonymous_account ); check_print_test_row( 'anonymous_account is a valid user account', $t_anonymous_user_id !== false, array( false => 'You need to specify a valid user account to use with the anonymous_account configuration options.' ) ); check_print_test_row( 'anonymous_account user has the enabled flag set', user_is_enabled( $t_anonymous_user_id ), array( false => 'The anonymous user account must be enabled before it can be used.' ) ); check_print_test_row( 'anonymous_account user has the protected flag set', user_get_field( $t_anonymous_user_id, 'protected' ), array( false => 'The anonymous user account needs to have the protected flag set to prevent anonymous users modifying the account.' ) ); check_print_test_row( 'anonymous_account user does not have administrator permissions', !user_is_administrator( $t_anonymous_user_id ), array( true => 'The anonymous user account currently has an access level of: ' . htmlentities( get_enum_element( 'access_levels', user_get_access_level( $t_anonymous_user_id ) ) ), false => 'The anonymous user account should not have administrator level permissions.' ) );
/** * Process $p_string, looking for bugnote ID references and creating bug view * links for them. * * Returns the processed string. * * If $p_include_anchor is true, include the href tag, otherwise just insert * the URL * * The bugnote tag ('~' by default) must be at the beginning of the string or * preceeded by a character that is not a letter, a number or an underscore * * if $p_include_anchor = false, $p_fqdn is ignored and assumed to true. * @param string $p_string String to be processed. * @param boolean $p_include_anchor Whether to include the href tag or just the URL. * @param boolean $p_detail_info Whether to include more detailed information (e.g. title attribute / project) in the returned string. * @param boolean $p_fqdn Whether to return an absolute or relative link. * @return string */ function string_process_bugnote_link($p_string, $p_include_anchor = true, $p_detail_info = true, $p_fqdn = false) { static $s_bugnote_link_callback = array(); $t_tag = config_get('bugnote_link_tag'); # bail if the link tag is blank if ('' == $t_tag || $p_string == '') { return $p_string; } if (!isset($s_bugnote_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn])) { if ($p_include_anchor) { $s_bugnote_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn] = function ($p_array) use($p_detail_info, $p_fqdn) { global $g_project_override; if (bugnote_exists((int) $p_array[2])) { $t_bug_id = bugnote_get_field((int) $p_array[2], 'bug_id'); if (bug_exists($t_bug_id)) { $g_project_override = bug_get_field($t_bug_id, 'project_id'); if (access_compare_level(user_get_access_level(auth_get_current_user_id(), bug_get_field($t_bug_id, 'project_id')), config_get('private_bugnote_threshold')) || bugnote_get_field((int) $p_array[2], 'reporter_id') == auth_get_current_user_id() || bugnote_get_field((int) $p_array[2], 'view_state') == VS_PUBLIC) { $g_project_override = null; return $p_array[1] . string_get_bugnote_view_link($t_bug_id, (int) $p_array[2], (bool) $p_detail_info, (bool) $p_fqdn); } $g_project_override = null; } } return $p_array[0]; }; # end of bugnote link callback closure } else { $s_bugnote_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn] = function ($p_array) { $t_bug_id = bugnote_get_field((int) $p_array[2], 'bug_id'); if ($t_bug_id && bug_exists($t_bug_id)) { return $p_array[1] . string_get_bugnote_view_url_with_fqdn($t_bug_id, (int) $p_array[2]); } else { return $p_array[0]; } }; # end of bugnote link callback closure } } $p_string = preg_replace_callback('/(^|[^\\w])' . preg_quote($t_tag, '/') . '(\\d+)\\b/', $s_bugnote_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn], $p_string); return $p_string; }
function group_project_get_all_user_rows($p_event, $p_chained_param) { //prepare $p_chained_param $t_users = array(); foreach ($p_chained_param as $t_user) { $t_users[$t_user['id']] = $t_user; } $p_chained_param = $t_users; //prepare $p_chained_param end $t_users = array(); foreach ($p_chained_param as $key => $t_user) { if (strpos($t_user['username'], plugin_config_get('group_prefix')) !== FALSE) { //username is a group $t_table_users = plugin_table('users'); $t_user_table = db_get_table('mantis_user_table'); $query = "SELECT u.id, u.username, u.realname FROM {$t_table_users} AS ug JOIN {$t_user_table} AS u ON (u.id=ug.user) WHERE group_user_id=" . db_param(); $result = db_query_bound($query, array((int) $t_user['id'])); $count = db_num_rows($result); for ($i = 0; $i < $count; $i++) { $row = db_fetch_array($result); //echo '<pre>'.print_r($row['username'], 1).'</pre>'; //if user has its own access level if (array_key_exists($row['id'], $p_chained_param)) { if ($p_chained_param[$row['id']]['access_level'] < $t_user['access_level']) { //if user has lower level, adjust to group level $t_users[$row['id']] = $p_chained_param[$row['id']]; $t_users[$row['id']]['access_level'] = $t_user['access_level']; continue; } else { //if user has higher level, do nothing continue; } } if (plugin_config_get('nested_groups') === 1) { if (strpos($row['username'], plugin_config_get('group_prefix')) !== FALSE) { //username is a group $t_group[$row['id']] = array('id' => $row['id'], 'username' => $row['username'], 'realname' => $row['realname'], 'access_level' => $t_user['access_level']); //echo '<pre>'.print_r($t_group, 1).'</pre>'; $t_nested_group = $this->group_project_get_all_user_rows($p_event, $t_group); $t_users = array_merge($t_users, $t_nested_group); continue; } } $t_users[$row['id']] = array('id' => $row['id'], 'username' => $row['username'], 'realname' => $row['realname'], 'access_level' => $t_user['access_level']); } if (plugin_config_get('assign_to_groups', '') == 1 && plugin_config_get('assign_group_threshold', '') <= user_get_access_level(auth_get_current_user_id(), helper_get_current_project())) { $t_users[$key] = $t_user; } } else { //username is not a group $t_users[$key] = $t_user; } } return $t_users; }
/** * Build the bug raw data visible for specified user to be translated and sent by email to the user * (Filter the bug data according to user access level) * return array with bug data. See usage in email_format_bug_message(...) * @param int $p_user_id * @param int $p_bug_id * @param string $p_message_id * @return array */ function email_build_visible_bug_data($p_user_id, $p_bug_id, $p_message_id) { $t_project_id = bug_get_field($p_bug_id, 'project_id'); $t_user_access_level = user_get_access_level($p_user_id, $t_project_id); $t_user_bugnote_order = user_pref_get_pref($p_user_id, 'bugnote_order'); $t_user_bugnote_limit = user_pref_get_pref($p_user_id, 'email_bugnote_limit'); $row = bug_get_extended_row($p_bug_id); $t_bug_data = array(); $t_bug_data['email_bug'] = $p_bug_id; if ($p_message_id !== 'email_notification_title_for_action_bug_deleted') { $t_bug_data['email_bug_view_url'] = string_get_bug_view_url_with_fqdn($p_bug_id); } if (access_compare_level($t_user_access_level, config_get('view_handler_threshold'))) { if (0 != $row['handler_id']) { $t_bug_data['email_handler'] = user_get_name($row['handler_id']); } else { $t_bug_data['email_handler'] = ''; } } $t_bug_data['email_reporter'] = user_get_name($row['reporter_id']); $t_bug_data['email_project_id'] = $row['project_id']; $t_bug_data['email_project'] = project_get_field($row['project_id'], 'name'); $t_category_name = category_full_name($row['category_id'], false); $t_bug_data['email_category'] = $t_category_name; $t_bug_data['email_date_submitted'] = $row['date_submitted']; $t_bug_data['email_last_modified'] = $row['last_updated']; $t_bug_data['email_status'] = $row['status']; $t_bug_data['email_severity'] = $row['severity']; $t_bug_data['email_priority'] = $row['priority']; $t_bug_data['email_reproducibility'] = $row['reproducibility']; $t_bug_data['email_resolution'] = $row['resolution']; $t_bug_data['email_fixed_in_version'] = $row['fixed_in_version']; if (!is_blank($row['target_version']) && access_compare_level($t_user_access_level, config_get('roadmap_view_threshold'))) { $t_bug_data['email_target_version'] = $row['target_version']; } $t_bug_data['email_summary'] = $row['summary']; $t_bug_data['email_description'] = $row['description']; $t_bug_data['email_additional_information'] = $row['additional_information']; $t_bug_data['email_steps_to_reproduce'] = $row['steps_to_reproduce']; $t_bug_data['set_category'] = '[' . $t_bug_data['email_project'] . '] ' . $t_category_name; $t_bug_data['custom_fields'] = custom_field_get_linked_fields($p_bug_id, $t_user_access_level); $t_bug_data['bugnotes'] = bugnote_get_all_visible_bugnotes($p_bug_id, $t_user_bugnote_order, $t_user_bugnote_limit, $p_user_id); # put history data if (ON == config_get('history_default_visible') && access_compare_level($t_user_access_level, config_get('view_history_threshold'))) { $t_bug_data['history'] = history_get_raw_events_array($p_bug_id, $p_user_id); } # Sponsorship Information if (config_get('enable_sponsorship') == ON && access_has_bug_level(config_get('view_sponsorship_total_threshold'), $p_bug_id, $p_user_id)) { $t_sponsorship_ids = sponsorship_get_all_ids($p_bug_id); $t_bug_data['sponsorship_total'] = sponsorship_get_amount($t_sponsorship_ids); if (access_has_bug_level(config_get('view_sponsorship_details_threshold'), $p_bug_id, $p_user_id)) { $t_bug_data['sponsorships'] = array(); foreach ($t_sponsorship_ids as $id) { $t_bug_data['sponsorships'][] = sponsorship_get($id); } } } $t_bug_data['relations'] = relationship_get_summary_text($p_bug_id); return $t_bug_data; }
require_api('constant_inc.php'); require_api('form_api.php'); require_api('helper_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); require_api('string_api.php'); require_api('user_api.php'); auth_reauthenticate(); html_page_top(lang_get('manage_threshold_config')); print_manage_menu('adm_permissions_report.php'); print_manage_config_menu('manage_config_work_threshold_page.php'); $t_user = auth_get_current_user_id(); $t_project_id = helper_get_current_project(); $t_access = user_get_access_level($t_user, $t_project_id); $t_show_submit = false; $t_access_levels = MantisEnum::getAssocArrayIndexedByValues(config_get('access_levels_enum_string')); $t_overrides = array(); function set_overrides($p_config) { global $t_overrides; if (!in_array($p_config, $t_overrides)) { $t_overrides[] = $p_config; } } function get_section_begin_mcwt($p_section_name) { global $t_access_levels; echo '<table class="width100">'; echo '<tr><td class="form-title" colspan="' . (count($t_access_levels) + 2) . '">' . $p_section_name . '</td></tr>' . "\n";
function print_option_project_row($user_id, $project_id) { $access_level = user_get_access_level(auth_get_current_user_id(), $project_id); if ($access_level >= plugin_config_get('UserProjectAccessLevel')) { echo '<tr class="info" data-level="1" data-status="0">'; echo '<input type="hidden" name="recordset[]" value="' . $user_id . ',' . $project_id . '"/>'; echo '<td width="20px"></td>'; echo '<td class="user_row_bg" style="text-align: left" colspan="3">' . project_get_name($project_id) . '</td>'; echo '</tr>'; } }