function users_and_groups() { if (!can_manage_security(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } tpl_assign('only_full_users', array_var($_REQUEST, 'only_full_users')); ajx_set_no_toolbar(); }
/** * Creates a system user, receiving a Contact id * */ function create_user() { $contact = Contacts::findById(get_id()); if (!$contact instanceof Contact) { flash_error(lang('contact dnx')); ajx_current("empty"); return; } // if if (!can_manage_security(logged_user())) { flash_error(lang('no permissions')); ajx_current("empty"); return; } // if $this->redirectTo('user', 'add', array('company_id' => $contact->getCompanyId(), 'contact_id' => $contact->getId())); }
<?php require_javascript('og/tasks/main.js'); require_javascript('og/time/main.js'); require_javascript('og/time/drawing.js'); $show_billing = can_manage_security(logged_user()) && logged_user()->isAdministrator(); $genid = gen_id(); $tasks_array = array(); $timeslots_array = array(); $users_array = array(); $companies_array = array(); if (isset($tasks)) { foreach ($tasks as $task) { $tasks_array[] = $task->getArrayInfo(); } } if (isset($timeslots)) { foreach ($timeslots as $timeslot) { $timeslots_array[] = $timeslot->getArrayInfo($show_billing); } } if (isset($users)) { foreach ($users as $user) { $users_array[] = $user->getArrayInfo(); } } if (isset($companies)) { foreach ($companies as $company) { $companies_array[] = $company->getArrayInfo(); } }
function edit_permissions() { if (!can_manage_security(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $member = Members::findById(get_id()); if (!$member instanceof Member) { flash_error(lang('member dnx')); ajx_current("empty"); return; } if (!array_var($_POST, 'permissions')) { $permission_parameters = permission_member_form_parameters($member); tpl_assign('permission_parameters', $permission_parameters); } else { try { DB::beginWork(); save_member_permissions($member); DB::commit(); flash_success(lang('success user permissions updated')); ajx_current("back"); } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); ajx_current("empty"); } } }
$indent = 16 * $mem->getDepth(); ?> <div style="margin-left:<?php echo $indent?>px;width:<?php echo 800 - $indent?>px;" id="abm-members-item-container-<?php echo $mem->getId() ?>" class="<?php echo ($mem->getArchivedById() > 0 ? "member-item-archived" : "")?><?php echo ($alt ? " edit-mem-alt" : "")?>" onmouseover="og.editMembers.showHideOptions('<?php echo $genid?>actions<?php echo $mem->getId()?>', <?php echo $mem->getId()?>, true);" onmouseout="og.editMembers.showHideOptions('<?php echo $genid?>actions<?php echo $mem->getId()?>', <?php echo $mem->getId()?>, false);"> <table style="width:100%;"><tr><td style="width:500px;"> <span class="coViewAction <?php echo $mem->getIconClass()?>"> </span> <span class="abm-members-name"><?php echo $mem->getName() . ($mem->getArchivedById() > 0 ? " (".lang('archived').")" : "");?></span> </td><td> <span style="float:right;opacity:0.25;filter:alpha(opacity=25);font-weight:normal;" id="<?php echo $genid?>actions<?php echo $mem->getId()?>"> <?php if (can_manage_dimension_members(logged_user())) : ?> <a href="<?php echo get_url('member', 'edit', array('id' => $mem->getId()))?>" class="db-ico ico-edit" style="padding:4px 10px 0 16px;"><?php echo lang('edit')?></a> <?php endif; ?> <?php if ($dimension->getDefinesPermissions() && can_manage_security(logged_user())) : ?> <a href="<?php echo get_url('member', 'edit_permissions', array('id' => $mem->getId()))?>" class="db-ico ico-permissions" style="padding:4px 10px 0 16px;"><?php echo lang('permissions')?></a> <?php endif; ?> <?php if (can_manage_dimension_members(logged_user())) : ?> <a href="<?php echo "javascript:if(confirm(lang('confirm delete permanently'))) og.openLink('" . get_url('member', 'delete', array('id' => $mem->getId(), 'dont_reload' => true)) ."', {callback: function(success, data){if (success) Ext.get('abm-members-item-container-".$mem->getId()."').remove()}});"?>" class="db-ico ico-delete" style="padding:4px 0 0 16px;"><?php echo lang('delete')?></a> <?php endif; ?> </span> </td></tr></table> </div> <?php } } ?> <?php if (can_manage_dimension_members(logged_user())) : ?> <div style="margin-top:10px;"><a class="db-ico ico-add" style="padding:3px 0 0 20px;" href="<?php echo get_url('member', 'add', array("dim_id" => $dimension->getId()))?>"> <?php echo lang('add member to this dimension')?> </a></div>
} $contacts = Contacts::findAll(array( 'conditions' => 'object_id IN ('.implode(',',$intersection).') AND `is_company` = 0 AND disabled = 0', 'limit' => $limit, 'order' => 'last_activity, updated_on', 'order_dir' => 'desc', )); $total = count($contacts); $widget_title = lang("people in", implode(", ", $mnames)); } else { $result = Contacts::instance()->listing(array( "order" => "last_activity, updated_on", "order_dir" => "desc", "extra_conditions" => " AND `is_company` = 0 AND disabled = 0 AND user_type > 0", "start" => 0, "limit" => $limit )); $total = $result->total ; $contacts = $result->objects; } $render_add = can_manage_security(logged_user()); $genid = gen_id(); if ($total > 0 || $render_add) { include_once 'template.php'; }
function documents_allow_submit() { ajx_current("empty"); if (!can_manage_security(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } foreach ($_POST['file_types'] as $id => $extension) { $allow = $extension['allow'] == "on" ? 1 : 0; if ($ft = FileTypes::instance()->findById($id)) { $ft->setIsAllow($allow); $ft->save(); } } flash_success(lang('success file extension')); }
/** * Check if specific user can edit this contact * * @access public * @param User $user * @return boolean */ function canEdit(User $user) { if ($this->getUserId()) { // a contact that has a user assigned to it can be modified by anybody that can manage security (this is: users and permissions) or the user himself. return can_manage_contacts($user, true) || can_manage_security($user) || $this->getUserId() == $user->getId() || can_write($user, $this); } else { return can_manage_contacts($user, true) || can_write($user, $this); } }
if (can_edit_company_data(logged_user())) { $icons[] = array('ico' => 'ico-large-user', 'url' => get_url('administration', 'members'), 'name' => lang('users'), 'extra' => '<a class="internalLink coViewAction ico-add" href="' . owner_company()->getAddUserUrl() . '">' . lang('add user') . '</a>'); } if (can_manage_security(logged_user())) { $icons[] = array('ico' => 'ico-large-group', 'url' => get_url('administration', 'groups'), 'name' => lang('groups'), 'extra' => '<a class="internalLink coViewAction ico-add" href="' . owner_company()->getAddGroupUrl() . '">' . lang('add group') . '</a>'); } if (can_manage_workspaces(logged_user())) { $icons[] = array('ico' => 'ico-large-workspace', 'url' => get_url('administration', 'projects'), 'name' => lang('projects'), 'extra' => '<a class="internalLink coViewAction ico-add" href="' . get_url('project', 'add') . '">' . lang('add project') . '</a>'); } if (can_manage_security(logged_user())) { $icons[] = array('ico' => 'ico-large-email', 'url' => get_url('administration', 'mail_accounts'), 'name' => lang('mail accounts'), 'extra' => '<a class="internalLink coViewAction ico-add" href="' . get_url('mail', 'add_account') . '">' . lang('add mail account') . '</a>'); } if (can_manage_templates(logged_user())) { $icons[] = array('ico' => 'ico-large-template', 'url' => get_url('template', 'index'), 'name' => lang('templates'), 'extra' => '<a class="internalLink coViewAction ico-add" href="' . get_url('template', 'add') . '">' . lang('add template') . '</a>'); } if (can_manage_security(logged_user())) { $icons[] = array('ico' => 'ico-large-billing', 'url' => get_url('billing', 'index'), 'name' => lang('billing'), 'extra' => '<a class="internalLink coViewAction ico-add" href="' . get_url('billing', 'add') . '">' . lang('add billing category') . '</a>'); } if (can_manage_configuration(logged_user())) { $icons[] = array('ico' => 'ico-large-custom-properties', 'url' => get_url('administration', 'custom_properties'), 'name' => lang('custom properties'), 'extra' => ''); $icons[] = array('ico' => 'ico-large-object-subtypes', 'url' => get_url('administration', 'object_subtypes'), 'name' => lang('object subtypes'), 'extra' => ''); $icons[] = array('ico' => 'ico-large-configuration', 'url' => get_url('administration', 'configuration'), 'name' => lang('configuration'), 'extra' => ''); $icons[] = array('ico' => 'ico-large-tools', 'url' => get_url('administration', 'tools'), 'name' => lang('administration tools'), 'extra' => ''); if (!defined('ALLOW_UPGRADING') || ALLOW_UPGRADING) { $icons[] = array('ico' => 'ico-large-upgrade', 'url' => get_url('administration', 'upgrade'), 'name' => lang('upgrade'), 'extra' => ''); } if (!defined('ALLOW_CONFIGURING_CRON') || ALLOW_CONFIGURING_CRON) { $icons[] = array('ico' => 'ico-large-cron', 'url' => get_url('administration', 'cron_events'), 'name' => lang('cron events'), 'extra' => ''); } } Hook::fire('render_administration_icons', null, $icons);
/** * Check if specific user can delete this account * * @access public * @param User $user * @return boolean */ function canDelete(Contact $user) { //$accountUser = MailAccountContacts::getByAccountAndContact($this, $user); $accountUser = MailAccountContacts::getByAccountAndContact($this, $user); return $accountUser instanceof MailAccountContact && $accountUser->getCanEdit() || can_manage_security(logged_user()); }
} if (array_var($_REQUEST, 'is_user') == 1 && isset($user_type) && $user_type > 0) { $on_submit = "og.ogPermPrepareSendData('{$genid}');" . $on_submit; } $has_custom_properties = CustomProperties::countAllCustomPropertiesByObjectType($object->getObjectTypeId()) > 0; $categories = array(); Hook::fire('object_edit_categories', $object, $categories); $add_contact_lang = lang('add contact'); $new_contact_lang = lang('new contact'); $edit_contact_lang = lang('edit contact'); if (array_var($_REQUEST, 'is_user') == 1 && isset($user_type) && $user_type > 0) { $add_contact_lang = lang('add user'); $new_contact_lang = lang('new user'); $edit_contact_lang = lang('edit user'); } $can_change_permissions = $contact->isNew() ? can_manage_security(logged_user()) : $contact->canUpdatePermissions(logged_user()); $all_user_groups = PermissionGroups::instance()->getUserGroupsInfo(); ?> <form id="<?php echo $genid; ?> submit-edit-form" onsubmit="<?php echo $on_submit; ?> " class="internalForm" action="<?php echo $contact->isNew() ? $contact->getAddUrl() : $contact->getEditUrl(); ?> " method="post"> <input id="<?php echo $genid;
function save_permissions($pg_id, $is_guest = false, $permissions_data = null, $save_cmps = true, $update_sharing_table = true, $fire_hook = true, $update_contact_member_cache = true, $users_ids_to_check = array(), $only_member_permissions = false) { if (is_null($permissions_data)) { // system permissions $sys_permissions_data = array_var($_POST, 'sys_perm'); // module permissions $mod_permissions_data = array_var($_POST, 'mod_perm'); // root permissions if ($rp_genid = array_var($_POST, 'root_perm_genid')) { $rp_permissions_data = array(); foreach ($_POST as $name => $value) { if (str_starts_with($name, $rp_genid . 'rg_root_')) { $rp_permissions_data[$name] = $value; } } } // member permissions $permissionsString = array_var($_POST, 'permissions'); } else { // system permissions $sys_permissions_data = array_var($permissions_data, 'sys_perm'); // module permissions $mod_permissions_data = array_var($permissions_data, 'mod_perm'); // root permissions $rp_genid = array_var($permissions_data, 'root_perm_genid'); $rp_permissions_data = array_var($permissions_data, 'root_perm'); // member permissions $permissionsString = array_var($permissions_data, 'permissions'); } try { DB::beginWork(); $changed_members = array(); // save module permissions if (!$only_member_permissions) { try { TabPanelPermissions::clearByPermissionGroup($pg_id, true); if (!is_null($mod_permissions_data) && is_array($mod_permissions_data)) { foreach ($mod_permissions_data as $tab_id => $val) { DB::execute("INSERT INTO " . TABLE_PREFIX . "tab_panel_permissions (permission_group_id,tab_panel_id) VALUES ('{$pg_id}','{$tab_id}') ON DUPLICATE KEY UPDATE permission_group_id=permission_group_id"); } } } catch (Exception $e) { Logger::log("Error saving module permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } $root_permissions_sharing_table_delete = array(); $root_permissions_sharing_table_add = array(); if (logged_user() instanceof Contact && can_manage_security(logged_user())) { try { if (!$only_member_permissions) { // save system permissions $system_permissions = SystemPermissions::findById($pg_id); if (!$system_permissions instanceof SystemPermission) { $system_permissions = new SystemPermission(); $system_permissions->setPermissionGroupId($pg_id); } $system_permissions->setAllPermissions(false); $other_permissions = array(); Hook::fire('add_user_permissions', $pg_id, $other_permissions); foreach ($other_permissions as $k => $v) { $system_permissions->setColumnValue($k, false); } // check max permissions for role, in case of modifying user's permissions $role_id = "-1"; $tmp_contact = Contacts::findOne(array('conditions' => 'permission_group_id = ' . $pg_id)); if ($tmp_contact instanceof Contact) { $role_id = $tmp_contact->getUserType(); } $max_role_system_permissions = MaxSystemPermissions::findOne(array('conditions' => 'permission_group_id = ' . $role_id)); if ($max_role_system_permissions instanceof MaxSystemPermission) { foreach ($sys_permissions_data as $col => &$val) { $max_val = $max_role_system_permissions->getColumnValue($col); if (!$max_val) { unset($sys_permissions_data[$col]); } } } // don't allow to write emails for collaborators and guests if ($tmp_contact instanceof Contact) { $user_type_name = $tmp_contact->getUserTypeName(); if (!in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive'))) { $mail_ot = ObjectTypes::findByName('mail'); if ($mail_ot instanceof ObjectType) { DB::executeAll("UPDATE " . TABLE_PREFIX . "contact_member_permissions SET can_write=0, can_delete=0 WHERE object_type_id=" . $mail_ot->getId() . " AND permission_group_id={$pg_id}"); } } } $sys_permissions_data['can_task_assignee'] = !$is_guest; $system_permissions->setFromAttributes($sys_permissions_data); $system_permissions->setUseOnDuplicateKeyWhenInsert(true); $system_permissions->save(); //object type root permissions $can_have_root_permissions = config_option('let_users_create_objects_in_root') && in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive')); if ($rp_genid && $can_have_root_permissions) { ContactMemberPermissions::delete("permission_group_id = {$pg_id} AND member_id = 0"); foreach ($rp_permissions_data as $name => $value) { if (str_starts_with($name, $rp_genid . 'rg_root_')) { $rp_ot = substr($name, strrpos($name, '_') + 1); if (is_numeric($rp_ot) && $rp_ot > 0 && $value == 0) { $root_permissions_sharing_table_delete[] = $rp_ot; } if (!is_numeric($rp_ot) || $rp_ot <= 0 || $value < 1) { continue; } $root_permissions_sharing_table_add[] = $rp_ot; // save with member_id = 0 $root_perm_cmp = new ContactMemberPermission(); $root_perm_cmp->setPermissionGroupId($pg_id); $root_perm_cmp->setMemberId('0'); $root_perm_cmp->setObjectTypeId($rp_ot); $root_perm_cmp->setCanWrite($value >= 2); $root_perm_cmp->setCanDelete($value >= 3); $root_perm_cmp->save(); } } } if (!$can_have_root_permissions) { ContactMemberPermissions::delete("permission_group_id = {$pg_id} AND member_id = 0"); $sh_controller = new SharingTableController(); $all_object_type_ids = ObjectTypes::findAll(array('id' => true)); $sh_controller->adjust_root_permissions($pg_id, array('root_permissions_sharing_table_delete' => $all_object_type_ids)); } } } catch (Exception $e) { Logger::log("Error saving system and root permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } // set all permissions to read_only if user is guest if ($is_guest) { try { $all_saved_permissions = ContactMemberPermissions::findAll(array("conditions" => "`permission_group_id` = {$pg_id}")); foreach ($all_saved_permissions as $sp) { /* @var $sp ContactMemberPermission */ if ($sp->getCanDelete() || $sp->getCanWrite()) { $sp->setCanDelete(false); $sp->setCanWrite(false); $sp->save(); } } $cdps = ContactDimensionPermissions::findAll(array("conditions" => "`permission_type` = 'allow all'")); foreach ($cdps as $cdp) { $cdp->setPermissionType('check'); $cdp->save(); } } catch (Exception $e) { Logger::log("Error setting guest user permissions to read_only for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } // check the status of the changed dimensions to set 'allow_all', 'deny_all' or 'check' try { $dimensions = Dimensions::findAll(array("conditions" => array("`id` IN (SELECT DISTINCT `dimension_id` FROM " . Members::instance()->getTableName(true) . " WHERE `id` IN (?))", $changed_members))); foreach ($dimensions as $dimension) { $dimension->setContactDimensionPermission($pg_id, 'check'); } } catch (Exception $e) { Logger::log("Error setting dimension permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } //member permissions if ($permissionsString && $permissionsString != '') { $permissions = json_decode($permissionsString); } if (isset($permissions) && !is_null($permissions) && is_array($permissions)) { try { $tmp_contact = Contacts::findOne(array('conditions' => 'permission_group_id = ' . $pg_id)); if ($tmp_contact instanceof Contact) { $user_type_name = $tmp_contact->getUserTypeName(); $role_id = $tmp_contact->getUserType(); $max_role_ot_perms = MaxRoleObjectTypePermissions::instance()->findAll(array('conditions' => "role_id = '{$role_id}'")); } $mail_ot = ObjectTypes::findByName('mail'); $sql_insert_values = ""; $member_object_types_to_delete = array(); $allowed_members_ids = array(); foreach ($permissions as &$perm) { if (!isset($all_perm_deleted[$perm->m])) { $all_perm_deleted[$perm->m] = true; } $allowed_members_ids[$perm->m] = array(); $allowed_members_ids[$perm->m]['pg'] = $pg_id; if ($perm->r) { if (isset($allowed_members_ids[$perm->m]['w'])) { if ($allowed_members_ids[$perm->m]['w'] != 1) { $allowed_members_ids[$perm->m]['w'] = $is_guest ? false : $perm->w; } } else { $allowed_members_ids[$perm->m]['w'] = $is_guest ? false : $perm->w; } if (isset($allowed_members_ids[$perm->m]['d'])) { if ($allowed_members_ids[$perm->m]['d'] != 1) { $allowed_members_ids[$perm->m]['d'] = $is_guest ? false : $perm->d; } } else { $allowed_members_ids[$perm->m]['d'] = $is_guest ? false : $perm->d; } // check max permissions for user type if ($tmp_contact instanceof Contact) { $max_perm = null; foreach ($max_role_ot_perms as $max_role_ot_perm) { if ($max_role_ot_perm->getObjectTypeId() == $perm->o) { $max_perm = $max_role_ot_perm; } } if ($max_perm) { if (!$max_perm->getCanDelete()) { $perm->d = 0; } if (!$max_perm->getCanWrite()) { $perm->w = 0; } } else { $perm->d = 0; $perm->w = 0; $perm->r = 0; } } if ($save_cmps) { // don't allow to write emails for collaborators and guests if ($tmp_contact instanceof Contact && !in_array($user_type_name, array('Super Administrator', 'Administrator', 'Manager', 'Executive'))) { if ($mail_ot instanceof ObjectType && $perm->o == $mail_ot->getId()) { $perm->d = 0; $perm->w = 0; } } $sql_insert_values .= ($sql_insert_values == "" ? "" : ",") . "('" . $pg_id . "','" . $perm->m . "','" . $perm->o . "','" . $perm->d . "','" . $perm->w . "')"; if (!isset($member_object_types_to_delete[$perm->m])) { $member_object_types_to_delete[$perm->m] = array(); } $member_object_types_to_delete[$perm->m][] = $perm->o; } $all_perm_deleted[$perm->m] = false; } else { if (is_numeric($perm->m) && is_numeric($perm->o)) { DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id='" . $perm->m . "' AND object_type_id='" . $perm->o . "' AND permission_group_id={$pg_id}"); } } $changed_members[] = $perm->m; } if ($save_cmps) { if (count($all_perm_deleted) > 0) { $member_ids_to_delete = array(); foreach ($all_perm_deleted as $mid => $del) { // also check in contact_member_permissions $cmps = ContactMemberPermissions::findAll(array('conditions' => 'permission_group_id=' . $pg_id . " AND member_id={$mid}")); if ($del && (!is_array($cmps) || count($cmps) == 0)) { $member_ids_to_delete[] = $mid; } } if (count($member_ids_to_delete) > 0) { DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id IN (" . implode(',', $member_ids_to_delete) . ") AND permission_group_id={$pg_id}"); } } foreach ($member_object_types_to_delete as $mid => $obj_type_ids) { if (count($obj_type_ids) > 0) { DB::execute("DELETE FROM " . TABLE_PREFIX . "contact_member_permissions WHERE member_id={$mid} AND object_type_id IN (" . implode(',', $obj_type_ids) . ") AND permission_group_id={$pg_id}"); } } if ($sql_insert_values != "") { DB::execute("INSERT INTO " . TABLE_PREFIX . "contact_member_permissions (permission_group_id, member_id, object_type_id, can_delete, can_write) VALUES {$sql_insert_values} ON DUPLICATE KEY UPDATE member_id=member_id"); } } } catch (Exception $e) { Logger::log("Error saving member permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } DB::commit(); } catch (Exception $e) { Logger::log("Error saving permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); DB::rollback(); } try { if (isset($permissions) && !is_null($permissions) && is_array($permissions)) { if ($update_sharing_table) { try { $sharingTablecontroller = new SharingTableController(); $rp_info = array('root_permissions_sharing_table_delete' => $root_permissions_sharing_table_delete, 'root_permissions_sharing_table_add' => $root_permissions_sharing_table_add); $sharingTablecontroller->afterPermissionChanged($pg_id, $permissions, $rp_info); } catch (Exception $e) { Logger::log("Error saving permissions to sharing table for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } if ($update_contact_member_cache) { try { $contactMemberCacheController = new ContactMemberCacheController(); $group = PermissionGroups::findById($pg_id); $real_group = null; if ($group->getType() == 'user_groups') { $real_group = $group; } $users = $group->getUsers(); $users_ids_checked = array(); foreach ($users as $us) { $users_ids_checked[] = $us->getId(); $contactMemberCacheController->afterUserPermissionChanged($us, $permissions, $real_group); } //check all users related to the group foreach ($users_ids_to_check as $us_id) { if (!in_array($us_id, $users_ids_checked)) { $users_ids_checked[] = $us_id; $us = Contacts::findById($us_id); if ($us instanceof Contact) { $contactMemberCacheController->afterUserPermissionChanged($us, $permissions, $real_group); } } } } catch (Exception $e) { Logger::log("Error saving permissions to contact member cache for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); throw $e; } } } } catch (Exception $e) { Logger::log("Error saving module permissions for permission group {$pg_id}: " . $e->getMessage() . "\n" . $e->getTraceAsString()); } if ($fire_hook) { Hook::fire('after_save_contact_permissions', $pg_id, $pg_id); } // remove contact object from members where permissions were deleted $user = Contacts::findOne(array('conditions' => 'permission_group_id=' . $pg_id)); if ($user instanceof Contact) { $to_remove = array(); if (isset($all_perm_deleted) && is_array($all_perm_deleted)) { foreach ($all_perm_deleted as $m_id => $must_remove) { if ($must_remove) { $to_remove[] = $m_id; } } ObjectMembers::removeObjectFromMembers($user, logged_user(), null, $to_remove); } } }
function create_user($user_data, $permissionsString) { $user = new User(); $user->setUsername(array_var($user_data, 'username')); $user->setDisplayName(array_var($user_data, 'display_name')); $user->setEmail(array_var($user_data, 'email')); $user->setCompanyId(array_var($user_data, 'company_id')); $user->setType(array_var($user_data, 'type')); $user->setTimezone(array_var($user_data, 'timezone')); if (!logged_user() instanceof User || can_manage_security(logged_user())) { $user->setCanEditCompanyData(array_var($user_data, 'can_edit_company_data')); $user->setCanManageSecurity(array_var($user_data, 'can_manage_security')); $user->setCanManageWorkspaces(array_var($user_data, 'can_manage_workspaces')); $user->setCanManageConfiguration(array_var($user_data, 'can_manage_configuration')); $user->setCanManageContacts(array_var($user_data, 'can_manage_contacts')); $user->setCanManageTemplates(array_var($user_data, 'can_manage_templates')); $user->setCanManageReports(array_var($user_data, 'can_manage_reports')); $user->setCanManageTime(array_var($user_data, 'can_manage_time')); $user->setCanAddMailAccounts(array_var($user_data, 'can_add_mail_accounts')); $other_permissions = array(); Hook::fire('add_user_permissions', $user, $other_permissions); foreach ($other_permissions as $k => $v) { $user->setColumnValue($k, array_var($user_data, $k)); } } if (array_var($user_data, 'password_generator', 'random') == 'random') { // Generate random password $password = UserPasswords::generateRandomPassword(); } else { // Validate input $password = array_var($user_data, 'password'); if (trim($password) == '') { throw new Error(lang('password value required')); } // if if ($password != array_var($user_data, 'password_a')) { throw new Error(lang('passwords dont match')); } // if } // if $user->setPassword($password); $user->save(); $user_password = new UserPassword(); $user_password->setUserId($user->getId()); $user_password->setPasswordDate(DateTimeValueLib::now()); $user_password->setPassword(cp_encrypt($password, $user_password->getPasswordDate()->getTimestamp())); $user_password->password_temp = $password; $user_password->save(); if (array_var($user_data, 'autodetect_time_zone', 1) == 1) { set_user_config_option('autodetect_time_zone', 1, $user->getId()); } if ($user->getType() == 'admin') { if ($user->getCompanyId() != owner_company()->getId() || logged_user() instanceof User && !can_manage_security(logged_user())) { // external users can't be admins or logged user has no rights to create admins => set as Normal $user->setType('normal'); } else { $user->setAsAdministrator(true); } } /* create contact for this user*/ if (array_var($user_data, 'create_contact', 1)) { // if contact with same email exists take it, else create new $contact = Contacts::getByEmail($user->getEmail(), true); if (!$contact instanceof Contact) { $contact = new Contact(); $contact->setEmail($user->getEmail()); } else { if ($contact->isTrashed()) { $contact->untrash(); } } $contact->setFirstname($user->getDisplayName()); $contact->setUserId($user->getId()); $contact->setTimezone($user->getTimezone()); $contact->setCompanyId($user->getCompanyId()); $contact->save(); } else { $contact_id = array_var($user_data, 'contact_id'); $contact = Contacts::findById($contact_id); if ($contact instanceof Contact) { // user created from a contact $contact->setUserId($user->getId()); $contact->save(); } else { // if contact with same email exists use it as user's contact, without changing it $contact = Contacts::getByEmail($user->getEmail(), true); if ($contact instanceof Contact) { $contact->setUserId($user->getId()); if ($contact->isTrashed()) { $contact->untrash(); } $contact->save(); } } } $contact = $user->getContact(); if ($contact instanceof Contact) { // update contact data with data entered for this user $contact->setCompanyId($user->getCompanyId()); if ($contact->getEmail() != $user->getEmail()) { // make user's email the contact's main email address if ($contact->getEmail2() == $user->getEmail()) { $contact->setEmail2($contact->getEmail()); } else { if ($contact->getEmail3() == $user->getEmail()) { $contact->setEmail3($contact->getEmail()); } else { if ($contact->getEmail2() == "") { $contact->setEmail2($contact->getEmail()); } else { $contact->setEmail3($contact->getEmail()); } } } } $contact->setEmail($user->getEmail()); $contact->save(); } if (!$user->isGuest()) { /* create personal project or assing the selected*/ //if recived a personal project assing this //project as personal project for this user $new_project = null; $personalProjectId = array_var($user_data, 'personal_project', 0); $project = Projects::findById($personalProjectId); if (!$project instanceof Project) { $project = new Project(); $wname = new_personal_project_name($user->getUsername()); $project->setName($wname); $wdesc = Localization::instance()->lang(lang('personal workspace description')); if (!is_null($wdesc)) { $project->setDescription($wdesc); } $project->setCreatedById($user->getId()); $project->save(); //Save to set an ID number $project->setP1($project->getId()); //Set ID number to the first project $project->save(); $new_project = $project; } $user->setPersonalProjectId($project->getId()); $project_user = new ProjectUser(); $project_user->setProjectId($project->getId()); $project_user->setUserId($user->getId()); $project_user->setCreatedById($user->getId()); $project_user->setAllPermissions(true); $project_user->save(); /* end personal project */ } $user->save(); ApplicationLogs::createLog($user, null, ApplicationLogs::ACTION_ADD); //TODO - Make batch update of these permissions if ($permissionsString && $permissionsString != '') { $permissions = json_decode($permissionsString); } else { $permissions = null; } if (is_array($permissions) && (!logged_user() instanceof User || can_manage_security(logged_user()))) { foreach ($permissions as $perm) { if (ProjectUser::hasAnyPermissions($perm->pr, $perm->pc)) { if (!$personalProjectId || $personalProjectId != $perm->wsid) { $relation = new ProjectUser(); $relation->setProjectId($perm->wsid); $relation->setUserId($user->getId()); $relation->setCheckboxPermissions($perm->pc, $user->isGuest() ? false : true); $relation->setRadioPermissions($perm->pr, $user->isGuest() ? false : true); $relation->save(); } } } } // if if ($new_project instanceof Project && logged_user() instanceof User && logged_user()->isProjectUser($new_project)) { evt_add("workspace added", array("id" => $new_project->getId(), "name" => $new_project->getName(), "color" => $new_project->getColor())); } // Send notification... try { if (array_var($user_data, 'send_email_notification')) { Notifier::newUserAccount($user, $password); } // if } catch (Exception $e) { } // try return $user; }
function create_user($user_data, $permissionsString, $rp_permissions_data = array(), $save_permissions = true) { // try to find contact by some properties $contact_id = array_var($user_data, "contact_id"); $contact = Contacts::instance()->findById($contact_id); if (!is_valid_email(array_var($user_data, 'email'))) { throw new Exception(lang("email value is required")); } if (!$contact instanceof Contact) { // Create a new user $contact = new Contact(); $contact->setUsername(array_var($user_data, 'username')); $contact->setDisplayName(array_var($user_data, 'display_name')); $contact->setCompanyId(array_var($user_data, 'company_id')); $contact->setUserType(array_var($user_data, 'type')); $contact->setTimezone(array_var($user_data, 'timezone')); $contact->setFirstname($contact->getObjectName() != "" ? $contact->getObjectName() : $contact->getUsername()); $contact->setObjectName(); $user_from_contact = false; } else { // Create user from contact $contact->setUserType(array_var($user_data, 'type')); if (array_var($user_data, 'company_id')) { $contact->setCompanyId(array_var($user_data, 'company_id')); } $contact->setUsername(array_var($user_data, 'username')); $contact->setTimezone(array_var($user_data, 'timezone')); $user_from_contact = true; } $contact->save(); if (is_valid_email(array_var($user_data, 'email'))) { $user = Contacts::getByEmail(array_var($user_data, 'email')); if (!$user) { $contact->addEmail(array_var($user_data, 'email'), 'personal', true); } } //permissions $additional_name = ""; $tmp_pg = PermissionGroups::findOne(array('conditions' => "`name`='User " . $contact->getId() . " Personal'")); if ($tmp_pg instanceof PermissionGroup) { $additional_name = "_" . gen_id(); } $permission_group = new PermissionGroup(); $permission_group->setName('User ' . $contact->getId() . $additional_name . ' Personal'); $permission_group->setContactId($contact->getId()); $permission_group->setIsContext(false); $permission_group->setType("permission_groups"); $permission_group->save(); $contact->setPermissionGroupId($permission_group->getId()); $null = null; Hook::fire('on_create_user_perm_group', $permission_group, $null); $contact_pg = new ContactPermissionGroup(); $contact_pg->setContactId($contact->getId()); $contact_pg->setPermissionGroupId($permission_group->getId()); $contact_pg->save(); if (can_manage_security(logged_user())) { $sp = new SystemPermission(); if (!$user_from_contact) { $rol_permissions = SystemPermissions::getRolePermissions(array_var($user_data, 'type')); if (is_array($rol_permissions)) { foreach ($rol_permissions as $pr) { $sp->setPermission($pr); } } } $sp->setPermissionGroupId($permission_group->getId()); if (isset($user_data['can_manage_security'])) { $sp->setCanManageSecurity(array_var($user_data, 'can_manage_security')); } if (isset($user_data['can_manage_configuration'])) { $sp->setCanManageConfiguration(array_var($user_data, 'can_manage_configuration')); } if (isset($user_data['can_manage_templates'])) { $sp->setCanManageTemplates(array_var($user_data, 'can_manage_templates')); } if (isset($user_data['can_manage_time'])) { $sp->setCanManageTime(array_var($user_data, 'can_manage_time')); } if (isset($user_data['can_add_mail_accounts'])) { $sp->setCanAddMailAccounts(array_var($user_data, 'can_add_mail_accounts')); } if (isset($user_data['can_manage_dimensions'])) { $sp->setCanManageDimensions(array_var($user_data, 'can_manage_dimensions')); } if (isset($user_data['can_manage_dimension_members'])) { $sp->setCanManageDimensionMembers(array_var($user_data, 'can_manage_dimension_members')); } if (isset($user_data['can_manage_tasks'])) { $sp->setCanManageTasks(array_var($user_data, 'can_manage_tasks')); } if (isset($user_data['can_task_assignee'])) { $sp->setCanTasksAssignee(array_var($user_data, 'can_task_assignee')); } if (isset($user_data['can_manage_billing'])) { $sp->setCanManageBilling(array_var($user_data, 'can_manage_billing')); } if (isset($user_data['can_view_billing'])) { $sp->setCanViewBilling(array_var($user_data, 'can_view_billing')); } if (isset($user_data['can_see_assigned_to_other_tasks'])) { $sp->setColumnValue('can_see_assigned_to_other_tasks', array_var($user_data, 'can_see_assigned_to_other_tasks')); } Hook::fire('add_user_permissions', $sp, $other_permissions); if (!is_null($other_permissions) && is_array($other_permissions)) { foreach ($other_permissions as $k => $v) { $sp->setColumnValue($k, array_var($user_data, $k)); } } $sp->save(); $permissions_sent = array_var($_POST, 'manual_permissions_setted') == 1; // give permissions for user if user type defined in "give_member_permissions_to_new_users" config option $allowed_user_type_ids = config_option('give_member_permissions_to_new_users'); if ($contact->isAdministrator() || !$permissions_sent && in_array($contact->getUserType(), $allowed_user_type_ids)) { ini_set('memory_limit', '512M'); $permissions = array(); $default_permissions = RoleObjectTypePermissions::instance()->findAll(array('conditions' => 'role_id = ' . $contact->getUserType())); $dimensions = Dimensions::findAll(); foreach ($dimensions as $dimension) { if ($dimension->getDefinesPermissions()) { $cdp = ContactDimensionPermissions::findOne(array("conditions" => "`permission_group_id` = " . $contact->getPermissionGroupId() . " AND `dimension_id` = " . $dimension->getId())); if (!$cdp instanceof ContactDimensionPermission) { $cdp = new ContactDimensionPermission(); $cdp->setPermissionGroupId($contact->getPermissionGroupId()); $cdp->setContactDimensionId($dimension->getId()); } $cdp->setPermissionType('check'); $cdp->save(); // contact member permisssion entries $members = DB::executeAll('SELECT * FROM ' . TABLE_PREFIX . 'members WHERE dimension_id=' . $dimension->getId()); foreach ($members as $member) { foreach ($default_permissions as $p) { // Add persmissions to sharing table $perm = new stdClass(); $perm->m = $member['id']; $perm->r = 1; $perm->w = $p->getCanWrite(); $perm->d = $p->getCanDelete(); $perm->o = $p->getObjectTypeId(); $permissions[] = $perm; } } } } $_POST['permissions'] = json_encode($permissions); } else { if ($permissions_sent) { $_POST['permissions'] = $permissionsString; } else { $_POST['permissions'] = ""; } } if (config_option('let_users_create_objects_in_root') && ($contact->isAdminGroup() || $contact->isExecutive() || $contact->isManager())) { if ($permissions_sent) { foreach ($rp_permissions_data as $name => $value) { $ot_id = substr($name, strrpos($name, '_') + 1); $cmp = new ContactMemberPermission(); $cmp->setPermissionGroupId($permission_group->getId()); $cmp->setMemberId(0); $cmp->setObjectTypeId($ot_id); $cmp->setCanDelete($value >= 3); $cmp->setCanWrite($value >= 2); $cmp->save(); } } else { $default_permissions = RoleObjectTypePermissions::instance()->findAll(array('conditions' => 'role_id = ' . $contact->getUserType())); foreach ($default_permissions as $p) { $cmp = new ContactMemberPermission(); $cmp->setPermissionGroupId($permission_group->getId()); $cmp->setMemberId(0); $cmp->setObjectTypeId($p->getObjectTypeId()); $cmp->setCanDelete($p->getCanDelete()); $cmp->setCanWrite($p->getCanWrite()); $cmp->save(); } } } } if (!isset($_POST['sys_perm']) && !$user_from_contact) { $rol_permissions = SystemPermissions::getRolePermissions(array_var($user_data, 'type')); $_POST['sys_perm'] = array(); if (is_array($rol_permissions)) { foreach ($rol_permissions as $pr) { $_POST['sys_perm'][$pr] = 1; } } } if (!isset($_POST['mod_perm']) && !$user_from_contact) { $tabs_permissions = TabPanelPermissions::getRoleModules(array_var($user_data, 'type')); $_POST['mod_perm'] = array(); foreach ($tabs_permissions as $pr) { $_POST['mod_perm'][$pr] = 1; } } $password = ''; if (array_var($user_data, 'password_generator') == 'specify') { $perform_password_validation = true; // Validate input $password = array_var($user_data, 'password'); if (trim($password) == '') { throw new Error(lang('password value required')); } // if if ($password != array_var($user_data, 'password_a')) { throw new Error(lang('passwords dont match')); } // if } else { $user_data['password_generator'] = 'link'; $perform_password_validation = false; } $contact->setPassword($password); $contact->save(); $user_password = new ContactPassword(); $user_password->setContactId($contact->getId()); $user_password->setPasswordDate(DateTimeValueLib::now()); $user_password->setPassword(cp_encrypt($password, $user_password->getPasswordDate()->getTimestamp())); $user_password->password_temp = $password; $user_password->perform_validation = $perform_password_validation; $user_password->save(); if (array_var($user_data, 'autodetect_time_zone', 1) == 1) { set_user_config_option('autodetect_time_zone', 1, $contact->getId()); } /* create contact for this user*/ ApplicationLogs::createLog($contact, ApplicationLogs::ACTION_ADD); // Set role permissions for active members $active_context = active_context(); $sel_members = array(); if (is_array($active_context) && !$permissions_sent) { $tmp_perms = array(); if ($_POST['permissions'] != "") { $tmp_perms = json_decode($_POST['permissions']); } foreach ($active_context as $selection) { if ($selection instanceof Member) { $sel_members[] = $selection; $has_project_permissions = ContactMemberPermissions::instance()->count("permission_group_id = '" . $contact->getPermissionGroupId() . "' AND member_id = " . $selection->getId()) > 0; if (!$has_project_permissions) { $new_cmps = RoleObjectTypePermissions::createDefaultUserPermissions($contact, $selection); foreach ($new_cmps as $new_cmp) { $perm = new stdClass(); $perm->m = $new_cmp->getMemberId(); $perm->r = 1; $perm->w = $new_cmp->getCanWrite(); $perm->d = $new_cmp->getCanDelete(); $perm->o = $new_cmp->getObjectTypeId(); $tmp_perms[] = $perm; } } } } if (count($tmp_perms) > 0) { $_POST['permissions'] = json_encode($tmp_perms); } } if ($save_permissions) { //save_permissions($contact->getPermissionGroupId(), $contact->isGuest()); save_user_permissions_background(logged_user(), $contact->getPermissionGroupId(), $contact->isGuest()); } Hook::fire('after_user_add', $contact, $null); // add user content object to associated members if (count($sel_members) > 0) { ObjectMembers::addObjectToMembers($contact->getId(), $sel_members); $contact->addToSharingTable(); } return $contact; }
<tr> <td height=12></td> <td rowspan=<?php echo count($reportPages) + 2; ?> colspan=2 style="background-color:white"> <div style="padding:10px"> <?php // MAIN PAGES $show_help_option = user_config_option('show_context_help'); if ($show_help_option == 'always' || $show_help_option == 'until_close' && user_config_option('show_reporting_panel_context_help', true, logged_user()->getId())) { $hd_key = 'chelp reporting panel'; if (can_manage_reports(logged_user())) { $hd_key .= ' manage'; if (logged_user()->isAdministrator() && can_manage_security(logged_user())) { $hd_key .= ' admin'; } } render_context_help($this, $hd_key, 'reporting_panel'); echo '<br/>'; } foreach ($reportPages as $pageTitle => $pageInfo) { ?> <div class="inner_report_menu_div" id="<?php echo $genid . $pageTitle; ?> " style="display:<?php echo $pageTitle == $selectedPage ? 'block' : 'none'; ?> ">
function mail_render_administration_icons($ignored, &$icons) { if (can_manage_security(logged_user())) { $icons[] = array('ico' => 'ico-large-email', 'url' => get_url('administration', 'mail_accounts'), 'name' => lang('mail accounts'), 'extra' => '<a class="internalLink coViewAction ico-add" href="' . get_url('mail', 'add_account') . '">' . lang('add mail account') . '</a>'); } }
</div> <?php foreach ($categories as $category) { echo $category['content']; } ?> <div id="<?php echo $genid; ?> member_permissions_div" class="form-tab"> <?php if ($current_dimension->getDefinesPermissions() && can_manage_security(logged_user())) { ?> <label><?php echo lang("users and groups with permissions here"); ?> </label> <div class="clear"></div> <?php tpl_assign('genid', $genid); $this->includeTemplate(get_template_path('member_permissions_control', 'member')); ?> <?php } ?> </div> <div class="x-clear"></div>
/** * Check if this user can update this users permissions * * @param User $user * @return boolean */ function canUpdatePermissions(User $user) { // if($this->isAccountOwner()) { // return false; // noone will touch this // } // if return can_manage_security(logged_user()); }
/** * Delete group * * @param void * @return null */ function delete() { if (!can_manage_security(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } // if $group = Groups::findById(get_id()); if (!$group instanceof Group) { flash_error(lang('group dnx')); ajx_current("empty"); return; } // if try { DB::beginWork(); $group->delete(); ApplicationLogs::createLog($group, null, ApplicationLogs::ACTION_DELETE); DB::commit(); flash_success(lang('success delete group', $group->getName())); ajx_current("reload"); } catch (Exception $e) { DB::rollback(); flash_error(lang('error delete group')); ajx_current("empty"); } // try }
function create_user($user_data, $permissionsString) { // try to find contact by some properties $contact_id = array_var($user_data, "contact_id") ; $contact = Contacts::instance()->findById($contact_id) ; if (!is_valid_email(array_var($user_data, 'email'))) { throw new Exception(lang("email value is required")); } if (!$contact instanceof Contact) { // Create a new user $contact = new Contact(); $contact->setUsername(array_var($user_data, 'username')); $contact->setDisplayName(array_var($user_data, 'display_name')); $contact->setCompanyId(array_var($user_data, 'company_id')); $contact->setUserType(array_var($user_data, 'type')); $contact->setTimezone(array_var($user_data, 'timezone')); $contact->setFirstname($contact->getObjectName() != "" ? $contact->getObjectName() : $contact->getUsername()); $contact->setObjectName(); } else { // Create user from contact $contact->setUserType(array_var($user_data, 'type')); if (array_var($user_data, 'company_id')) { $contact->setCompanyId(array_var($user_data, 'company_id')); } $contact->setUsername(array_var($user_data, 'username')); $contact->setTimezone(array_var($user_data, 'timezone')); } $contact->save(); if (is_valid_email(array_var($user_data, 'email'))) { $contact->addEmail(array_var($user_data, 'email'), 'personal', true); } //permissions $permission_group = new PermissionGroup(); $permission_group->setName('User '.$contact->getId().' Personal'); $permission_group->setContactId($contact->getId()); $permission_group->setIsContext(false); $permission_group->setType("permission_groups"); $permission_group->save(); $contact->setPermissionGroupId($permission_group->getId()); $contact_pg = new ContactPermissionGroup(); $contact_pg->setContactId($contact->getId()); $contact_pg->setPermissionGroupId($permission_group->getId()); $contact_pg->save(); if ( can_manage_security(logged_user()) ) { $sp = new SystemPermission(); $rol_permissions=SystemPermissions::getRolePermissions(array_var($user_data, 'type')); foreach($rol_permissions as $pr){ $sp->setPermission($pr); } $sp->setPermissionGroupId($permission_group->getId()); $sp->setCanManageSecurity(array_var($user_data, 'can_manage_security')); $sp->setCanManageConfiguration(array_var($user_data, 'can_manage_configuration')); $sp->setCanManageTemplates(array_var($user_data, 'can_manage_templates')); $sp->setCanManageTime(array_var($user_data, 'can_manage_time')); $sp->setCanAddMailAccounts(array_var($user_data, 'can_add_mail_accounts')); $sp->setCanManageDimensions(array_var($user_data, 'can_manage_dimensions')); $sp->setCanManageDimensionMembers(array_var($user_data, 'can_manage_dimension_members')); $sp->setCanManageTasks(array_var($user_data, 'can_manage_tasks')); $sp->setCanTasksAssignee(array_var($user_data, 'can_task_assignee')); $sp->setCanManageBilling(array_var($user_data, 'can_manage_billing')); $sp->setCanViewBilling(array_var($user_data, 'can_view_billing')); Hook::fire('add_user_permissions', $sp, $other_permissions); if (!is_null($other_permissions) && is_array($other_permissions)) { foreach ($other_permissions as $k => $v) { $sp->setColumnValue($k, array_var($user_data, $k)); } } $sp->save(); if ($contact->isAdminGroup()) { // allow all un all dimensions if new user is admin $dimensions = Dimensions::findAll(); $permissions = array(); foreach ($dimensions as $dimension) { if ($dimension->getDefinesPermissions()) { $cdp = ContactDimensionPermissions::findOne(array("conditions" => "`permission_group_id` = ".$contact->getPermissionGroupId()." AND `dimension_id` = ".$dimension->getId())); if (!$cdp instanceof ContactDimensionPermission) { $cdp = new ContactDimensionPermission(); $cdp->setPermissionGroupId($contact->getPermissionGroupId()); $cdp->setContactDimensionId($dimension->getId()); } $cdp->setPermissionType('allow all'); $cdp->save(); // contact member permisssion entries $members = $dimension->getAllMembers(); foreach ($members as $member) { $ots = DimensionObjectTypeContents::getContentObjectTypeIds($dimension->getId(), $member->getObjectTypeId()); $ots[]=$member->getObjectId(); foreach ($ots as $ot) { $cmp = ContactMemberPermissions::findOne(array("conditions" => "`permission_group_id` = ".$contact->getPermissionGroupId()." AND `member_id` = ".$member->getId()." AND `object_type_id` = $ot")); if (!$cmp instanceof ContactMemberPermission) { $cmp = new ContactMemberPermission(); $cmp->setPermissionGroupId($contact->getPermissionGroupId()); $cmp->setMemberId($member->getId()); $cmp->setObjectTypeId($ot); } $cmp->setCanWrite(1); $cmp->setCanDelete(1); $cmp->save(); // Add persmissions to sharing table $perm = new stdClass(); $perm->m = $member->getId(); $perm->r= 1; $perm->w= 1; $perm->d= 1; $perm->o= $ot; $permissions[] = $perm ; } } } } if(count($permissions)){ $sharingTableController = new SharingTableController(); $sharingTableController->afterPermissionChanged($contact->getPermissionGroupId(), $permissions); } } } if(!isset($_POST['sys_perm'])){ $rol_permissions=SystemPermissions::getRolePermissions(array_var($user_data, 'type')); $_POST['sys_perm']=array(); foreach($rol_permissions as $pr){ $_POST['sys_perm'][$pr]=1; } } if(!isset($_POST['mod_perm'])){ $tabs_permissions=TabPanelPermissions::getRoleModules(array_var($user_data, 'type')); $_POST['mod_perm']=array(); foreach($tabs_permissions as $pr){ $_POST['mod_perm'][$pr]=1; } } $password = ''; if (array_var($user_data, 'password_generator') == 'specify') { $perform_password_validation = true; // Validate input $password = array_var($user_data, 'password'); if (trim($password) == '') { throw new Error(lang('password value required')); } // if if ($password <> array_var($user_data, 'password_a')) { throw new Error(lang('passwords dont match')); } // if } else { $user_data['password_generator'] = 'link'; $perform_password_validation = false; } $contact->setPassword($password); $contact->save(); $user_password = new ContactPassword(); $user_password->setContactId($contact->getId()); $user_password->setPasswordDate(DateTimeValueLib::now()); $user_password->setPassword(cp_encrypt($password, $user_password->getPasswordDate()->getTimestamp())); $user_password->password_temp = $password; $user_password->perform_validation = $perform_password_validation; $user_password->save(); if (array_var($user_data, 'autodetect_time_zone', 1) == 1) { set_user_config_option('autodetect_time_zone', 1, $contact->getId()); } /* create contact for this user*/ ApplicationLogs::createLog($contact, ApplicationLogs::ACTION_ADD); // Set role permissions for active members $active_context = active_context(); $sel_members = array(); foreach ($active_context as $selection) { if ($selection instanceof Member) { $sel_members[] = $selection; $has_project_permissions = ContactMemberPermissions::instance()->count("permission_group_id = '".$contact->getPermissionGroupId()."' AND member_id = ".$selection->getId()) > 0; if (!$has_project_permissions) { RoleObjectTypePermissions::createDefaultUserPermissions($contact, $selection); } } } save_permissions($contact->getPermissionGroupId(), $contact->isGuest()); Hook::fire('after_user_add', $contact, $null); // add user content object to associated members if (count($sel_members) > 0) { ObjectMembers::addObjectToMembers($contact->getId(), $sel_members); $contact->addToSharingTable(); } // Send notification try { if (array_var($user_data, 'send_email_notification') && $contact->getEmailAddress()) { if (array_var($user_data, 'password_generator', 'link') == 'link') { // Generate link password $user = Contacts::getByEmail(array_var($user_data, 'email')); $token = sha1(gen_id() . (defined('SEED') ? SEED : '')); $timestamp = time() + 60*60*24; set_user_config_option('reset_password', $token . ";" . $timestamp, $user->getId()); Notifier::newUserAccountLinkPassword($contact, $password, $token); } else { Notifier::newUserAccount($contact, $password); } } } catch(Exception $e) { Logger::log($e->getTraceAsString()); } // try return $contact; }
/** * Check if this user can update this users permissions * * @param Contact $user * @return boolean */ function canUpdatePermissions(Contact $user) { if (!$this->isUser()) { return false; } $actual_user_type = array_var(self::$pg_cache, $user->getUserType()); if (!$actual_user_type) { $actual_user_type = PermissionGroups::instance()->findOne(array("conditions" => "id = " . $user->getUserType())); } $this_user_type = array_var(self::$pg_cache, $this->getUserType()); if (!$this_user_type) { $this_user_type = PermissionGroups::instance()->findOne(array("conditions" => "id = " . $this->getUserType())); } $can_change_type = $actual_user_type->getId() < $this_user_type->getId() || $user->isAdminGroup() && $this->getId() == $user->getId() || $user->isAdministrator(); return can_manage_security($user) && $can_change_type; }
/** * Check if this user can remove other user from project * * @access public * @param User $user * @param User $remove_user User that need to be removed * @return boolean */ function canRemoveUserFromProject(User $user, User $remove_user) { if ($remove_user->isAccountOwner()) { return false; } return $user->isAccountOwner() || can_manage_workspaces(logged_user()) || can_manage_security(logged_user()); }
/** * Delete group * * @param void * @return null */ function delete() { if (!can_manage_security(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $group = PermissionGroups::findById(get_id()); if (!$group instanceof PermissionGroup) { flash_error(lang('group dnx')); ajx_current("empty"); return; } if ($group->getContactId() > 0) { flash_error(lang('cannot delete personal permissions')); ajx_current("empty"); return; } try { DB::beginWork(); $group->delete(); //ApplicationLogs::createLog($group, ApplicationLogs::ACTION_DELETE); DB::commit(); flash_success(lang('success delete group', $group->getName())); ajx_current("back"); } catch (Exception $e) { DB::rollback(); flash_error(lang('error delete group')); ajx_current("empty"); } // try }
function translate() { if (!can_manage_security(logged_user())) { die(lang('no access permissions')); } if (!defined('LANG_DIR')) { define('LANG_DIR', 'language'); } if (!defined('PLUGIN_LANG_DIR')) { define('PLUGIN_LANG_DIR', 'plugins'); } $download = array_var($_GET, 'download'); if (isset($download)) { // download zip file and die $this->download_zip_lang($download); die; } // save submissions $added = 0; $lang = array_var($_POST, 'lang'); $file = array_var($_POST, 'file'); $locale = array_var($_POST, 'locale'); if (is_array($lang)) { if ($file != '') { // langs of one file submitted $added += $this->write_translations($locale, $file, $lang); } else { // langs of several files submitted (e.g.: a result of a search query) // load all files $from = array_var($_GET, 'from', 'en_us'); $from_files = array(); $this->load_language_files($from_files, LANG_DIR . "/{$from}"); $this->load_language_files_plugins($from_files, LANG_DIR . "/{$from}", PLUGIN_LANG_DIR); // regroup langs foreach file $grouped_langs = array(); $original_langs = array(); foreach ($from_files as $f) { $original_langs[$f] = $this->load_file_translations($from, $f); $grouped_langs[$f] = array(); } foreach ($lang as $key => $value) { // determine which file is foreach lang foreach ($original_langs as $fname => $langs) { // if found in a file => set the (key,value) in the grouped langs for this file and continue with next translation if (array_key_exists($key, $langs)) { $grouped_langs[$fname][$key] = $value; } } } // save each file foreach ($grouped_langs as $fname => $langs) { $added += $this->write_translations($locale, $fname, $langs); } } } // parameters $from = array_var($_GET, 'from', 'en_us'); $to = array_var($_GET, 'to', ''); $file = array_var($_GET, "file", ""); $filter = array_var($_GET, "filter", "all"); $start = array_var($_GET, 'start', 0); $pagesize = array_var($_POST, 'pagesize', array_var($_GET, 'pagesize', 30)); $search = array_var($_REQUEST, 'search', ''); // load languages $languages = $this->load_languages(LANG_DIR, $from); sort($languages); if ($to != "") { // load from files $from_files = array(); $this->load_language_files($from_files, LANG_DIR . "/{$from}"); $this->load_language_files_plugins($from_files, LANG_DIR . "/{$from}", PLUGIN_LANG_DIR); sort($from_files); tpl_assign('from_files', $from_files); if ($file != "") { tpl_assign('from_file_translations', $this->load_file_translations($from, $file)); tpl_assign('to_file_translations', $this->load_file_translations($to, $file)); } else { // filter by search criteria if ($search != '') { $from_file_langs = array(); $to_file_langs = array(); foreach ($from_files as $f) { $from_file_langs = array_merge($from_file_langs, $this->load_file_translations($from, $f)); } foreach ($from_files as $f) { $to_file_langs = array_merge($to_file_langs, $this->load_file_translations($to, $f)); } $from_filtered_langs = $this->filter_langs($from_file_langs, $search); $to_filtered_langs = $this->filter_langs($to_file_langs, $search); foreach ($from_filtered_langs as $k => $v) { if (isset($to_file_langs[$k])) { $to_filtered_langs[$k] = $to_file_langs[$k]; } } tpl_assign('from_file_translations', $from_filtered_langs); tpl_assign('to_file_translations', $to_filtered_langs); } } } tpl_assign('added', $added); tpl_assign('from', $from); tpl_assign('to', $to); tpl_assign('file', $file); tpl_assign('filter', $filter); tpl_assign('search', $search); tpl_assign('start', $start); tpl_assign('pagesize', $pagesize); tpl_assign('languages', $languages); }
/** * Used for Drag & Drop, adds objects to a member * @author alvaro */ function add_objects_to_member() { $ids = json_decode(array_var($_POST, 'objects')); $mem_id = array_var($_POST, 'member'); if (!is_array($ids) || count($ids) == 0) { ajx_current("empty"); return; } try { DB::beginWork(); if ($mem_id) { $user_ids = array(); $member = Members::findById($mem_id); $objects = array(); $from = array(); foreach ($ids as $oid) { /* @var $obj ContentDataObject */ $obj = Objects::findObject($oid); if ($obj instanceof ContentDataObject && $obj->canAddToMember(logged_user(), $member, active_context())) { $dim_obj_type_content = DimensionObjectTypeContents::findOne(array('conditions' => array('`dimension_id`=? AND `dimension_object_type_id`=? AND `content_object_type_id`=?', $member->getDimensionId(), $member->getObjectTypeId(), $obj->getObjectTypeId()))); if (!$dim_obj_type_content instanceof DimensionObjectTypeContent) { continue; } if (!$dim_obj_type_content->getIsMultiple() || array_var($_POST, 'remove_prev')) { $db_res = DB::execute("SELECT group_concat(om.member_id) as old_members FROM " . TABLE_PREFIX . "object_members om INNER JOIN " . TABLE_PREFIX . "members m ON om.member_id=m.id WHERE m.dimension_id=" . $member->getDimensionId() . " AND om.object_id=" . $obj->getId()); $row = $db_res->fetchRow(); if (array_var($row, 'old_members') != "") { $from[$obj->getId()] = $row['old_members']; } // remove from previous members ObjectMembers::delete('`object_id` = ' . $obj->getId() . ' AND `member_id` IN (SELECT `m`.`id` FROM `' . TABLE_PREFIX . 'members` `m` WHERE `m`.`dimension_id` = ' . $member->getDimensionId() . ')'); } $obj->addToMembers(array($member)); $obj->addToSharingTable(); $objects[] = $obj; if (Plugins::instance()->isActivePlugin('mail') && $obj instanceof MailContent) { $conversation = MailContents::getMailsFromConversation($obj); foreach ($conversation as $conv_email) { if (array_var($_POST, 'attachment') && $conv_email->getHasAttachments()) { MailUtilities::parseMail($conv_email->getContent(), $decoded, $parsedEmail, $warnings); $classification_data = array(); for ($j = 0; $j < count(array_var($parsedEmail, "Attachments", array())); $j++) { $classification_data["att_" . $j] = true; } MailController::classifyFile($classification_data, $conv_email, $parsedEmail, array($member), array_var($_POST, 'remove_prev'), false); } } } // if object is contact ask to add default permissions in member if ($obj instanceof Contact && $obj->isUser() && can_manage_security(logged_user())) { $user_ids[] = $obj->getId(); } } else { throw new Exception(lang('you dont have permissions to classify object in member', $obj->getName(), $member->getName())); } } // if object is contact ask to add default permissions in member if (can_manage_security(logged_user()) && count($user_ids) > 0 && $member->getDimension()->getDefinesPermissions()) { evt_add('ask to assign default permissions', array('user_ids' => $user_ids, 'member' => array('id' => $member->getId(), 'name' => clean($member->getName())), '')); } Hook::fire('after_dragdrop_classify', $objects, $member); $display_name = $member->getName(); $lang_key = count($ids) > 1 ? 'objects moved to member success' : 'object moved to member success'; $log_datas = array(); $actions = array(); // add to application logs foreach ($objects as $obj) { $actions[$obj->getId()] = array_var($from, $obj->getId()) ? ApplicationLogs::ACTION_MOVE : ApplicationLogs::ACTION_COPY; $log_datas[$obj->getId()] = (array_var($from, $obj->getId()) ? "from:" . array_var($from, $obj->getId()) . ";" : "") . "to:" . $member->getId(); } } else { if ($dim_id = array_var($_POST, 'dimension')) { $dimension = Dimensions::getDimensionById($dim_id); $from = array(); foreach ($ids as $oid) { /* @var $obj ContentDataObject */ $obj = Objects::findObject($oid); if ($obj instanceof ContentDataObject) { $db_res = DB::execute("SELECT group_concat(om.member_id) as old_members FROM " . TABLE_PREFIX . "object_members om INNER JOIN " . TABLE_PREFIX . "members m ON om.member_id=m.id WHERE m.dimension_id=" . $dim_id . " AND om.object_id=" . $obj->getId()); $row = $db_res->fetchRow(); if (array_var($row, 'old_members') != "") { $from[$obj->getId()] = $row['old_members']; } // remove from previous members ObjectMembers::delete('`object_id` = ' . $obj->getId() . ' AND `member_id` IN ( SELECT `m`.`id` FROM `' . TABLE_PREFIX . 'members` `m` WHERE `m`.`dimension_id` = ' . $dim_id . ')'); } $obj->addToMembers(array()); $obj->addToSharingTable(); $objects[] = $obj; } $display_name = $dimension->getName(); $lang_key = count($ids) > 1 ? 'objects removed from' : 'object removed from'; $log_datas = array(); $actions = array(); // add to application logs foreach ($objects as $obj) { $actions[$obj->getId()] = array_var($from, $obj->getId()) ? ApplicationLogs::ACTION_MOVE : ApplicationLogs::ACTION_COPY; $log_datas[$obj->getId()] = array_var($from, $obj->getId()) ? "from:" . array_var($from, $obj->getId()) . ";" : ""; } } } DB::commit(); foreach ($objects as $object) { ApplicationLogs::instance()->createLog($object, $actions[$object->getId()], false, true, true, $log_datas[$object->getId()]); } flash_success(lang($lang_key, $display_name)); if (array_var($_POST, 'reload')) { ajx_current('reload'); } else { ajx_current('empty'); } } catch (Exception $e) { DB::rollback(); ajx_current("empty"); flash_error($e->getMessage()); } }
function add_project_timeslot() { if (!can_manage_time(logged_user(), true)) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } ajx_current("empty"); $timeslot_data = array_var($_POST, 'timeslot'); try { $hoursToAdd = array_var($timeslot_data, 'hours', 0); if (strpos($hoursToAdd, ',') && !strpos($hoursToAdd, '.')) { $hoursToAdd = str_replace(',', '.', $hoursToAdd); } if (strpos($hoursToAdd, ':') && !strpos($hoursToAdd, '.')) { $pos = strpos($hoursToAdd, ':') + 1; $len = strlen($hoursToAdd) - $pos; $minutesToAdd = substr($hoursToAdd, $pos, $len); if (!strlen($minutesToAdd) <= 2 || !strlen($minutesToAdd) > 0) { $minutesToAdd = substr($minutesToAdd, 0, 2); } $mins = $minutesToAdd / 60; $hours = substr($hoursToAdd, 0, $pos - 1); $hoursToAdd = $hours + $mins; } if ($hoursToAdd <= 0) { flash_error(lang('time has to be greater than 0')); return; } $startTime = getDateValue(array_var($timeslot_data, 'date')); $startTime = $startTime->add('h', 8 - logged_user()->getTimezone()); $endTime = getDateValue(array_var($timeslot_data, 'date')); $endTime = $endTime->add('h', 8 - logged_user()->getTimezone() + $hoursToAdd); $timeslot_data['start_time'] = $startTime; $timeslot_data['end_time'] = $endTime; $timeslot_data['object_id'] = array_var($timeslot_data, 'project_id'); $timeslot_data['object_manager'] = 'Projects'; $timeslot = new Timeslot(); //Only admins can change timeslot user if (!array_var($timeslot_data, 'user_id', false) || !logged_user()->isAdministrator()) { $timeslot_data['user_id'] = logged_user()->getId(); } $timeslot->setFromAttributes($timeslot_data); /* Billing */ $user = Users::findById($timeslot_data['user_id']); $billing_category_id = $user->getDefaultBillingId(); $project = Projects::findById(array_var($timeslot_data, 'project_id')); $timeslot->setBillingId($billing_category_id); $hourly_billing = $project->getBillingAmount($billing_category_id); $timeslot->setHourlyBilling($hourly_billing); $timeslot->setFixedBilling($hourly_billing * $hoursToAdd); $timeslot->setIsFixedBilling(false); DB::beginWork(); $timeslot->save(); DB::commit(); $show_billing = can_manage_security(logged_user()) && logged_user()->isAdministrator(); ajx_extra_data(array("timeslot" => $timeslot->getArrayInfo($show_billing))); } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); } // try }
$icons[] = array( 'ico' => 'ico-large-upgrade', 'url' => get_url('administration', 'upgrade'), 'name' => lang('upgrade'), 'extra' => '', ); }*/ if (!defined('ALLOW_CONFIGURING_CRON') || ALLOW_CONFIGURING_CRON) { $icons[] = array('ico' => 'ico-large-cron', 'url' => get_url('administration', 'cron_events'), 'name' => lang('cron events'), 'extra' => ''); } $icons[] = array('ico' => 'ico-large-tabs', 'url' => get_url('administration', 'tabs'), 'name' => lang('tabs'), 'extra' => ''); } if (can_manage_dimension_members(logged_user())) { $icons[] = array('ico' => 'ico-large-workspace', 'url' => get_url('administration', 'edit_members'), 'name' => lang('dimensions'), 'extra' => ''); } if (can_manage_security(logged_user()) && Plugins::instance()->isActivePlugin('income')) { $icons[] = array('ico' => 'ico-large-invoice', 'url' => get_url('income', 'administration'), 'name' => lang('income'), 'extra' => ''); } if (defined("PLUGIN_MANAGER") && PLUGIN_MANAGER && can_manage_plugins(logged_user())) { $icons[] = array('ico' => 'ico-large-plugins', 'url' => get_url('plugin', 'index'), 'name' => lang('plugins'), 'extra' => ''); } Hook::fire('render_administration_icons', null, $icons); if (count($icons > 0)) { } ?> <div class="coInputHeader"> <div class="coInputHeaderUpperRow"> <div class="coInputTitle"> <?php echo lang('administration');
/** * Check if specific user can delete this account * * @access public * @param User $user * @return boolean */ function canDelete(User $user) { $accountUser = MailAccountUsers::getByAccountAndUser($this, $user); return $accountUser instanceof MailAccountUser && $accountUser->getCanEdit() || can_manage_security(logged_user()); }
/** * @author Ignacio Vazquez <elpepe.uy at gmail dot com> * Handle quick add submit */ function quick_add() { if (array_var($_GET, 'current') == 'overview-panel') { ajx_current("reload"); }else { ajx_current("empty"); } //---------- REQUEST PARAMS -------------- // $_POST = Array ( // [member] => Array ( // [name] => pepe 333 // [dimension_id] => 1 // [parent_member_id] => 0 // [dimension_id] => 19 // ) // [contact] => Array ( // [email] => slkdjflksjdflksdf@kldsjflkdf.com // [user] => Array ( // [create-user]=>on // [type] => 25 // [first_name] => // [surname] => // ) //---------------------------------------- // Init variables $max_users = config_option('max_users'); if ($max_users && (Contacts::count() >= $max_users)) { flash_error(lang('maximum number of users reached error')); ajx_current("empty"); return; } if (!can_manage_security(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $email = trim(array_var(array_var($_POST, 'contact'),'email')) ; $member = array_var($_POST, 'member'); $name = array_var($member, 'name'); $firstName = trim(array_var(array_var($_POST, 'contact'),'first_name')); $surname = trim(array_var(array_var($_POST, 'contact'),'surname')); $parentMemberId = array_var($member, 'parent_member_id'); $objectType = ObjectTypes::findById(array_var($member, 'object_type_id'))->getName(); // 'person', 'company' $dimensionId = array_var($member, 'dimension_id'); $company = array_var(array_var(array_var($_POST, 'contact'),'user'),'company_id'); // Create new instance of Contact and set the basic fields $contact = new Contact(); $contact->setObjectName($name); if ($firstName) { $contact->setFirstName($firstName); }else{ $contact->setFirstName($name); } if ($surname) { $contact->setSurname($surname); } $contact->setCompanyId($company); $contact->setIsCompany($objectType == "company"); if ($parentMemberId){ if ( $companyId = Members::findById($parentMemberId)->getObjectId()) { $contact->setCompanyId($companyId); } } // Save Contact try { DB::beginWork(); $contact->save(); if ($email && is_valid_email($email)) { if (!Contacts::validateUniqueEmail($email)) { DB::rollback(); flash_error(lang("email address must be unique")); return false; }else{ if (!array_var (array_var(array_var($_POST, 'contact'),'user'), 'create-user')) { $contact->addEmail($email, 'personal', true); } flash_success(lang("success add contact", $contact->getObjectName())); } } // User settings $user = array_var(array_var($_POST, 'contact'),'user'); $user['username'] = str_replace(" ","",strtolower($name)) ; $this->createUserFromContactForm($user, $contact->getId(), $email); // Reload contact again due to 'createUserFromContactForm' changes Hook::fire("after_contact_quick_add", Contacts::instance()->findById($contact->getId()), $ret); DB::commit(); }catch (Exception $e){ DB::rollback(); flash_error($e->getMessage()); } // Reload evt_add("reload dimension tree", array('dim_id' => $dimensionId)); }
function translate() { if (!can_manage_security(logged_user())) { die(lang('no access permissions')); } if (!defined('LANG_DIR')) define('LANG_DIR', 'language'); if (!defined('PLUGIN_LANG_DIR')) define('PLUGIN_LANG_DIR', 'plugins'); $download = array_var($_GET, 'download'); if (isset($download)) { // download zip file and die $this->download_zip_lang($download); die(); } // save submissions $lang = array_var($_POST, 'lang'); $added = 0; if (isset($lang)) { $file = array_var($_POST, 'file'); $locale = array_var($_POST, 'locale'); $create_plugin_lang_js = false; $check_root_file = false; if (substr($file, -4) == '.php' || substr($file, -3) == '.js') { $rootfile = LANG_DIR . "/" . $locale . ".php"; $dirname = LANG_DIR . "/" . $locale; $filename = $dirname . "/" . $file; $check_root_file = true; } else { $name_plugin = $file; //$file = "lang.php"; $rootfile = PLUGIN_LANG_DIR . "/" . $name_plugin . "/" .LANG_DIR . "/" . $locale . ".php"; $dirname = PLUGIN_LANG_DIR . "/" . $name_plugin . "/" .LANG_DIR . "/" . $locale; $filename = $dirname . "/lang.php"; $create_plugin_lang_js = true; } if ($check_root_file && !is_file($rootfile)) { $f = fopen($rootfile, "w"); fwrite($f, '<?php if(!isset($this) || !($this instanceof Localization)) { throw new InvalidInstanceError(\'$this\', $this, "Localization", "File \'" . __FILE__ . "\' can be included only from Localization class"); } ?>'); fclose($f); } if (!is_dir($dirname)) { mkdir($dirname); } if (!is_file($filename)) { // create the file $f = fopen($filename, "w"); fclose($f); } if ($create_plugin_lang_js) { $jsfilename = PLUGIN_LANG_DIR . "/$name_plugin/" .LANG_DIR . "/$locale/lang.js"; if (!is_file($jsfilename)) { $f = fopen($jsfilename, "w"); fwrite($f, 'locale = "'.$locale.'"; var langObj = {}; <?php $lang_array = include "lang.php"; ?> <?php foreach ($lang_array as $k => $v): ?> langObj["<?php echo $k ;?>"] = "<?php echo $v ;?>"; <?php endforeach ;?> addLangs(langObj);'); fclose($f); } } $all = $this->load_file_translations($locale, $file); if (!is_array($all)) $all = array(); foreach ($lang as $k => $v) { if (trim($v) != "") { if (!isset($all[$k])) { $added++; } $all[$k] = $v; } } $f = fopen($filename, "w"); // write the translations to the file if (substr($filename, -4) == ".php") { fwrite($f, "<?php return array(\n"); foreach ($all as $k => $v) { fwrite($f, "\t'$k' => '" . $this->escape_lang("$v"). "',\n"); } fwrite($f, "); ?>\n"); } else if (substr($filename, -3) == ".js") { $total = count($all); fwrite($f, "locale = '$locale';\n"); fwrite($f, "addLangs({\n"); $count = 0; foreach ($all as $k => $v) { $count++; fwrite($f, "\t'$k': '" . $this->escape_lang_js($v). "'"); if ($count == $total) { fwrite($f, "\n"); } else { fwrite($f, ",\n"); } } fwrite($f, "});\n"); } fclose($f); } // parameters $from = array_var($_GET, 'from', 'en_us'); $to = array_var($_GET, 'to', ''); $file = array_var($_GET, "file", ""); $filter = array_var($_GET, "filter", "all"); $start = array_var($_GET, 'start', 0); $pagesize = array_var($_POST, 'pagesize', array_var($_GET, 'pagesize', 30)); // load languages $languages = $this->load_languages(LANG_DIR, $from); sort($languages); if ($to != "") { // load from files $from_files = array(); $this->load_language_files($from_files, LANG_DIR . "/$from"); $this->load_language_files_plugins($from_files, LANG_DIR . "/$from", PLUGIN_LANG_DIR); sort($from_files); tpl_assign('from_files', $from_files); if ($file != "") { tpl_assign('from_file_translations', $this->load_file_translations($from, $file)); tpl_assign('to_file_translations', $this->load_file_translations($to, $file)); } } tpl_assign('added', $added); tpl_assign('from', $from); tpl_assign('to', $to); tpl_assign('file', $file); tpl_assign('filter', $filter); tpl_assign('start', $start); tpl_assign('pagesize', $pagesize); tpl_assign('languages', $languages); }