Determines if the current user can edit a specific timeslice according to
the following rules: 'hermes:review' perms may edit any slice, the
current user can edit his/her own slice prior to submitting it. Otherwise
no editing allowed.
|
public static canEditTimeslice ( |
||
| $id | ||
| Résultat | ||
/**
* @TODO
*
* @param <type> $name
* @param <type> $params
* @return string
*/
public static function getTableData($name, $params)
{
switch ($name) {
case 'hours':
$time_data = $GLOBALS['injector']->getInstance('Hermes_Driver')->getHours($params);
$subtotal_column = null;
if ($search_mode = $GLOBALS['session']->get('hermes', 'search_mode')) {
switch ($search_mode) {
case 'date':
$subtotal_column = 'date';
break;
case 'employee':
$subtotal_column = 'employee';
break;
case 'client':
$subtotal_column = '_client_name';
break;
case 'jobtype':
$subtotal_column = '_type_name';
break;
case 'costobject':
$subtotal_column = '_costobject_name';
break;
}
$clients = Hermes::listClients();
$column = array();
foreach ($time_data as $key => $row) {
if (empty($row['client'])) {
$time_data[$key]['_client_name'] = _("no client");
} elseif (isset($clients[$row['client']])) {
$time_data[$key]['_client_name'] = $clients[$row['client']];
} else {
$time_data[$key]['_client_name'] = $row['client'];
}
if (!is_null($subtotal_column)) {
$column[$key] = $time_data[$key][$subtotal_column] . $time_data[$key]['date'];
}
}
if (!is_null($subtotal_column)) {
array_multisort($column, SORT_ASC, $time_data);
}
}
$total_hours = 0.0;
$total_billable_hours = 0.0;
$subtotal_hours = 0.0;
$subtotal_billable_hours = 0.0;
$subtotal_control = null;
$result['data'] = array();
foreach ($time_data as $k => $vals) {
// Initialize subtotal break value.
if (is_null($subtotal_control) && isset($vals[$subtotal_column])) {
$subtotal_control = $vals[$subtotal_column];
}
if (!empty($subtotal_column) && $vals[$subtotal_column] != $subtotal_control) {
Hermes_Api::renderSubtotals($result['data'], $subtotal_hours, $subtotal_billable_hours, $subtotal_column == 'date' ? strftime("%m/%d/%Y", $subtotal_control) : $subtotal_control);
$subtotal_hours = 0.0;
$subtotal_billable_hours = 0.0;
$subtotal_control = $vals[$subtotal_column];
}
// Set up edit/delete icons.
if (Hermes::canEditTimeslice($vals['id'])) {
$edit_link = Horde::url('entry.php', true)->add(array('id' => $vals['id'], 'url' => Horde::selfUrl(true, true, true)));
$vals['icons'] = Horde::link($edit_link, _("Edit Entry")) . Horde::img('edit.png', _("Edit Entry"), '') . '</a>';
if (empty($vals['submitted'])) {
$vals['checkbox'] = '<input type="checkbox" name="item[' . htmlspecialchars($vals['id']) . ']" checked="checked" />';
} else {
$vals['checkbox'] = '';
}
}
// Add to totals.
$subtotal_hours += (double) $vals['hours'];
$total_hours += (double) $vals['hours'];
if ($vals['billable']) {
$subtotal_billable_hours += (double) $vals['hours'];
$total_billable_hours += (double) $vals['hours'];
}
// Localize hours.
$vals['hours'] = sprintf('%.02f', $vals['hours']);
$result['data'][] = $vals;
}
if (!empty($subtotal_column)) {
Hermes_Api::renderSubtotals($result['data'], $subtotal_hours, $subtotal_billable_hours, $subtotal_column == 'date' ? strftime("%m/%d/%Y", $subtotal_control) : $subtotal_control);
}
// Avoid a divide by zero.
if ($total_hours == 0.0) {
$billable_pct = 0.0;
} else {
$billable_pct = round($total_billable_hours / $total_hours * 100.0);
}
$descr = _("Billable Hours") . ' (' . $billable_pct . '%)';
$result['footer'] = array();
$result['footer'][] = array('hours' => sprintf('%.02f', $total_billable_hours), 'description' => $descr);
$descr = _("Non-billable Hours") . ' (' . (100.0 - $billable_pct) . '%)';
$result['footer'][] = array('hours' => sprintf('%.02f', $total_hours - $total_billable_hours), 'description' => $descr);
$result['footer'][] = array('hours' => sprintf('%.02f', $total_hours), 'description' => _("Total Hours"), 'approval' => '<div id="approval">' . _("Approved By:") . ' ________________________________________ ' . ' </div>');
break;
}
return $result;
}
$notification->push(_("Your time was successfully entered."), 'horde.success', array('sticky'));
$GLOBALS['injector']->getInstance('Hermes_Driver')->enterTime($GLOBALS['registry']->getAuth(), $info);
}
} catch (Exception $e) {
Horde::log($e, 'ERR');
$notification->push(sprintf(_("There was an error storing your timesheet: %s"), $e->getMessage()), 'horde.error');
header('Location: ' . $url);
exit;
}
}
break;
default:
if ($vars->exists('id')) {
// We are updating a specific entry, load it into the form variables.
$id = $vars->get('id');
if (!Hermes::canEditTimeslice($id)) {
$notification->push(_("Access denied; user cannot modify this timeslice."), 'horde.error');
Horde::url('time.php')->redirect();
}
$myhours = $GLOBALS['injector']->getInstance('Hermes_Driver')->getHours(array('id' => $id));
if (is_array($myhours)) {
foreach ($myhours as $item) {
if (isset($item['id']) && $item['id'] == $id) {
foreach ($item as $key => $value) {
$vars->set($key, $value);
}
}
}
}
}
$form = new Hermes_Form_Time_Entry($vars);
/**
* Get the json representation of this slice. The resulting json contains
* the following properties
*<pre>
* c - client id
* cn - client object
* co - costobject id
* con - costobject name
* d - date
* desc - description
* e - employee
* h - hours
* i - slice id
* n - note
* r - rate
* s - submitted
* t - type id
* tn - type name
* b - billable
* x - can edit
*</pre>
*
* @return array
*/
public function toJson()
{
// @TODO: DO we need the *entire* contact object?
$cn = $GLOBALS['registry']->clients->getClients(array($this->_properties['client']));
$json = array('c' => $this->_properties['client'], 'cn' => current($cn), 'co' => $this->_properties['costobject'], 'con' => $this->_properties['_costobject_name'], 'd' => $this->_properties['date']->dateString(), 'desc' => $this->_properties['description'], 'e' => $this->_properties['employee'], 'h' => $this->_properties['hours'], 'i' => $this->_properties['id'], 'n' => $this->_properties['note'], 'r' => $this->_properties['rate'], 's' => $this->_properties['submitted'], 't' => $this->_properties['type'], 'tn' => $this->_properties['_type_name'], 'b' => $this->_properties['billable'], 'x' => Hermes::canEditTimeslice($this->_properties['id']));
return $json;
}
/**
* Update a set of billing information.
*
* @param array $entries The billing information to enter. Each array row
* must contain the following entries:
* 'id' The id of this time entry.
* 'date' The day the hours were worked (ISO format)
* 'client' The id of the client the work was done for.
* 'type' The type of work done.
* 'hours' The number of hours worked
* 'rate' The hourly rate the work was done at.
* 'billable' Whether or not the work is billable hours.
* 'description' A short description of the work.
* 'employee' The employee
*
* If any rows contain a 'delete' entry, those rows
* will be deleted instead of updated.
*
* @return integer The number of successful updates.
* @throws Horde_Exception_PermissionDenied
* @throws Hermes_Exception
*/
public function updateTime($entries)
{
foreach ($entries as $info) {
if (!Hermes::canEditTimeslice($info['id'])) {
throw new Horde_Exception_PermissionDenied(_("Access denied; user cannot modify this timeslice."));
}
if (!empty($info['delete'])) {
try {
return $this->_db->delete('DELETE FROM hermes_timeslices WHERE timeslice_id = ?', array((int) $info['id']));
} catch (Horde_Db_Exception $e) {
throw new Hermes_Exception($e);
}
} else {
if (isset($info['employee'])) {
$employee_cl = ' ,employee_id = ?';
} else {
$employee_cl = '';
}
$dt = new Horde_Date($info['date']);
$sql = 'UPDATE hermes_timeslices SET' . ' clientjob_id = ?, jobtype_id = ?,' . ' timeslice_hours = ?, timeslice_isbillable = ?,' . ' timeslice_date = ?, timeslice_description = ?,' . ' timeslice_note = ?, costobject_id = ?' . $employee_cl . ' WHERE timeslice_id = ?';
$values = array($info['client'], $info['type'], $info['hours'], isset($info['billable']) ? (int) $info['billable'] : 0, $dt->timestamp(), $this->_convertToDriver($info['description']), $this->_convertToDriver($info['note']), empty($info['costobject']) ? null : $info['costobject']);
if (!empty($employee_cl)) {
$values[] = $info['employee'];
}
$values[] = (int) $info['id'];
try {
return $this->_db->update($sql, $values);
} catch (Horde_Db_Exception $e) {
throw new Hermes_Exception($e);
}
}
}
}
