/** * Get the value for the specified user preference. * * @param string $p_username The user's username * @param string $p_password The user's password * @param int $p_project_id Project ID (0 = ALL_PROJECTS (mantisbt/core/constant_inc.php)) * @param string $p_pref_name The name of the preference * @return string $t_user_pref The requested preference value */ function mc_user_pref_get_pref($p_username, $p_password, $p_project_id, $p_pref_name) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if (!mci_has_readonly_access($t_user_id)) { return mci_soap_fault_access_denied($t_user_id); } return user_pref_get_pref($t_user_id, $p_pref_name, $p_project_id); }
function mc_config_get_string($p_username, $p_password, $p_config_var) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return new soap_fault('Client', '', 'Access Denied'); } if (!mci_has_readonly_access($t_user_id)) { return new soap_fault('Client', '', 'Access Denied'); } if (mci_config_is_private($p_config_var)) { return new soap_fault('Client', '', "Access to '{$p_config_var}' is denied"); } if (!config_is_set($p_config_var)) { return new soap_fault('Client', '', "Config '{$p_config_var}' is undefined"); } return config_get($p_config_var); }
function mc_config_get_string($p_username, $p_password, $p_config_var) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if (!mci_has_readonly_access($t_user_id)) { return mci_soap_fault_access_denied($t_user_id); } if (config_is_private($p_config_var)) { return SoapObjectsFactory::newSoapFault('Client', "Access to '{$p_config_var}' is denied"); } if (!config_is_set($p_config_var)) { return SoapObjectsFactory::newSoapFault('Client', "Config '{$p_config_var}' is undefined"); } return config_get($p_config_var); }
/** * Returns all the profiles for the user, including the global ones * * @param string $p_username The user's username. * @param string $p_password The user's password. * @param integer $p_page_number Page number. * @param integer $p_per_page Results per page. * @return mixed */ function mc_user_profiles_get_all($p_username, $p_password, $p_page_number, $p_per_page) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if (!mci_has_readonly_access($t_user_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_results = array(); $t_start = max(array(0, $p_page_number - 1)) * $p_per_page; foreach (profile_get_all_for_user($t_user_id) as $t_profile_row) { $t_result = array('id' => $t_profile_row['id'], 'description' => $t_profile_row['description'], 'os' => $t_profile_row['os'], 'os_build' => $t_profile_row['os_build'], 'platform' => $t_profile_row['platform']); if ($t_profile_row['user_id'] != 0) { $t_result['user_id'] = mci_account_get_array_by_id($t_profile_row['user_id']); } $t_results[] = $t_result; } # the profile_api does not implement pagination in the backend, so we emulate it here # we can always push the pagination in the database, but this seems unlikely in the # near future, as the number of profiles is expected to be small $t_paged_results = array_slice($t_results, $t_start, $p_per_page); return array('total_results' => count($t_results), 'results' => $t_paged_results); }
/** * Validates that the user has access to the enumeration values * * @param string $p_username * @param string $p_password * @return boolean true if the user has access, false otherwise */ function mci_validate_enum_access($p_username, $p_password) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return false; } if (!mci_has_readonly_access($t_user_id)) { return false; } return true; }
function mc_project_get_issue_headers($p_username, $p_password, $p_project_id, $p_page_number, $p_per_page) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if (!project_exists($p_project_id)) { return new soap_fault('Client', '', "Project '{$p_project_id}' does not exist."); } if (!mci_has_readonly_access($t_user_id, $p_project_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_page_count = 0; $t_bug_count = 0; $t_rows = filter_get_bug_rows($p_page_number, $p_per_page, $t_page_count, $t_bug_count, null, $p_project_id); $t_result = array(); foreach ($t_rows as $t_issue_data) { $t_id = $t_issue_data->id; $t_issue = array(); $t_issue['id'] = $t_id; $t_issue['view_state'] = $t_issue_data->view_state; $t_issue['last_updated'] = timestamp_to_iso8601($t_issue_data->last_updated); $t_issue['project'] = $t_issue_data->project_id; $t_issue['category'] = mci_get_category($t_issue_data->category_id); $t_issue['priority'] = $t_issue_data->priority; $t_issue['severity'] = $t_issue_data->severity; $t_issue['status'] = $t_issue_data->status; $t_issue['reporter'] = $t_issue_data->reporter_id; $t_issue['summary'] = $t_issue_data->summary; if (!empty($t_issue_data->handler_id)) { $t_issue['handler'] = $t_issue_data->handler_id; } $t_issue['resolution'] = $t_issue_data->resolution; $t_issue['attachments_count'] = count(mci_issue_get_attachments($t_issue_data->id)); $t_issue['notes_count'] = count(mci_issue_get_notes($t_issue_data->id)); $t_result[] = $t_issue; } return $t_result; }
/** * Check if the bug exists and the user has a access right to read it. * * @param integer $p_user_id The user id. * @param integer $p_bug_id The bug id. * @return true if the user has access rights and the bug exists, otherwise return false */ function mci_check_access_to_bug($p_user_id, $p_bug_id) { if (!bug_exists($p_bug_id)) { return false; } $t_project_id = bug_get_field($p_bug_id, 'project_id'); $g_project_override = $t_project_id; if (!mci_has_readonly_access($p_user_id, $t_project_id)) { return false; } if (!access_has_bug_level(config_get('view_bug_threshold', null, null, $t_project_id), $p_bug_id, $p_user_id)) { return false; } return true; }
/** * Get all issue rows matching the custom filter. * * @param integer $p_user_id The user id. * @param FilterSearchData $p_filter_search The custom filter. * @param integer $p_page_number Start with the given page number (zero-based). * @param integer $p_per_page Number of issues to display per page. * @return array of issue rows */ function mci_filter_search_get_rows($p_user_id, $p_filter_search, $p_page_number, $p_per_page) { global $g_soap_api_to_filter_names; // object to array if (is_object($p_filter_search)) { $p_filter_search = get_object_vars($p_filter_search); } $t_project_id = array(); if (isset($p_filter_search['project_id'])) { // check access right to all projects foreach ($p_filter_search['project_id'] as $t_id) { if (mci_has_readonly_access($p_user_id, $t_id)) { $t_project_id[] = $t_id; } else { error_log('User: '******' has not access right to project: ' . $t_id . '.'); } } // user has not access right to any project if (count($t_project_id) < 1) { return mci_soap_fault_access_denied($p_user_id); } } else { if (!mci_has_readonly_access($p_user_id, ALL_PROJECTS)) { return mci_soap_fault_access_denied($p_user_id); } $t_project_id = array(ALL_PROJECTS); } $t_filter = array('_view_type' => 'advanced'); $t_filter['project_id'] = $t_project_id; // default fields foreach ($g_soap_api_to_filter_names as $t_soap_name => $t_filter_name) { if (isset($p_filter_search[$t_soap_name])) { $t_value = $p_filter_search[$t_soap_name]; $t_filter[$t_filter_name] = $t_value; } } // custom fields if (isset($p_filter_search['custom_fields'])) { foreach ($p_filter_search['custom_fields'] as $t_custom_field) { // object to array if (is_object($t_custom_field)) { $t_custom_field = get_object_vars($t_custom_field); } $t_field = $t_custom_field['field']; if (is_object($t_field)) { $t_field = get_object_vars($t_field); } // if is set custom_field's id, use it primary if (isset($t_field['id'])) { $t_custom_field_id = $t_field['id']; } else { $t_custom_field_id = custom_field_get_id_from_name($t_field['name']); } $t_value = $t_custom_field['value']; $t_filter['custom_fields'][$t_custom_field_id] = $t_value; } } $t_filter = filter_ensure_valid_filter($t_filter); $t_result = array(); $t_page_number = $p_page_number < 1 ? 1 : $p_page_number; $t_page_count = 0; $t_bug_count = 0; return filter_get_bug_rows($t_page_number, $p_per_page, $t_page_count, $t_bug_count, $t_filter); }
/** * Get Issue Headers * @param string $p_username The name of the user trying to access the versions. * @param string $p_password The password of the user. * @param integer $p_project_id The id of the project to retrieve the attachments for. * @param integer $p_page_number Page number. * @param integer $p_per_page Per page. * @return mixed */ function mc_project_get_issue_headers($p_username, $p_password, $p_project_id, $p_page_number, $p_per_page) { global $g_project_override; $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if ($p_project_id != ALL_PROJECTS && !project_exists($p_project_id)) { return SoapObjectsFactory::newSoapFault('Client', 'Project \'' . $p_project_id . '\' does not exist.'); } $g_project_override = $p_project_id; if (!mci_has_readonly_access($t_user_id, $p_project_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_orig_page_number = $p_page_number < 1 ? 1 : $p_page_number; $t_page_count = 0; $t_bug_count = 0; $t_rows = filter_get_bug_rows($p_page_number, $p_per_page, $t_page_count, $t_bug_count, null, $p_project_id); $t_result = array(); # the page number was moved back, so we have exceeded the actual page number, see bug #12991 if ($t_orig_page_number > $p_page_number) { return $t_result; } foreach ($t_rows as $t_issue_data) { $t_result[] = mci_issue_data_as_header_array($t_issue_data); } return $t_result; }
/** * Get the issue headers that match the specified filter and paging details. * * @param string $p_username The name of the user trying to access the filters. * @param string $p_password The password of the user. * @param integer $p_filter_id The id of the filter to apply. * @param integer $p_page_number Start with the given page number (zero-based) * @param integer $p_per_page Number of issues to display per page * @return Array that represents an IssueDataArray structure */ function mc_filter_get_issue_headers($p_username, $p_password, $p_project_id, $p_filter_id, $p_page_number, $p_per_page) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if (!mci_has_readonly_access($t_user_id, $p_project_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_orig_page_number = $p_page_number < 1 ? 1 : $p_page_number; $t_page_count = 0; $t_bug_count = 0; $t_filter = filter_db_get_filter($p_filter_id); $t_filter_detail = explode('#', $t_filter, 2); if (!isset($t_filter_detail[1])) { return SoapObjectsFactory::newSoapFault('Server', 'Invalid Filter'); } $t_filter = unserialize($t_filter_detail[1]); $t_filter = filter_ensure_valid_filter($t_filter); $t_result = array(); $t_rows = filter_get_bug_rows($p_page_number, $p_per_page, $t_page_count, $t_bug_count, $t_filter, $p_project_id); // the page number was moved back, so we have exceeded the actual page number, see bug #12991 if ($t_orig_page_number > $p_page_number) { return $t_result; } foreach ($t_rows as $t_issue_data) { $t_result[] = mci_issue_data_as_header_array($t_issue_data); } return $t_result; }
/** * Get the id of an issue via the issue's summary. * * @param string $p_username The name of the user trying to delete the issue. * @param string $p_password The password of the user. * @param string $p_summary The summary of the issue to retrieve. * @return integer The id of the issue with the given summary, 0 if there is no such issue. */ function mc_issue_get_id_from_summary( $p_username, $p_password, $p_summary ) { $t_user_id = mci_check_login( $p_username, $p_password ); if( $t_user_id === false ) { return mci_soap_fault_login_failed(); } $t_bug_table = db_get_table( 'bug' ); $query = "SELECT id FROM $t_bug_table WHERE summary = " . db_param(); $result = db_query_bound( $query, Array( $p_summary ), 1 ); if( db_num_rows( $result ) == 0 ) { return 0; } else { while(( $row = db_fetch_array( $result ) ) !== false ) { $t_issue_id = (int) $row['id']; $t_project_id = bug_get_field( $t_issue_id, 'project_id' ); if( mci_has_readonly_access( $t_user_id, $t_project_id ) ) { return $t_issue_id; } } // no issue found that belongs to a project that the user has read access to. return 0; } }
/** * Get the id of an issue via the issue's summary. * * @param string $p_username The name of the user trying to delete the issue. * @param string $p_password The password of the user. * @param string $p_summary The summary of the issue to retrieve. * @return integer The id of the issue with the given summary, 0 if there is no such issue. */ function mc_issue_get_id_from_summary( $p_username, $p_password, $p_summary ) { global $g_project_override; $t_user_id = mci_check_login( $p_username, $p_password ); if( $t_user_id === false ) { return mci_soap_fault_login_failed(); } $t_query = 'SELECT id FROM {bug} WHERE summary = ' . db_param(); $t_result = db_query( $t_query, array( $p_summary ), 1 ); if( db_num_rows( $t_result ) == 0 ) { return 0; } else { while( ( $t_row = db_fetch_array( $t_result ) ) !== false ) { $t_issue_id = (int)$t_row['id']; $t_project_id = bug_get_field( $t_issue_id, 'project_id' ); $g_project_override = $t_project_id; if( mci_has_readonly_access( $t_user_id, $t_project_id ) && access_has_bug_level( config_get( 'view_bug_threshold', null, null, $t_project_id ), $t_issue_id, $t_user_id ) ) { return $t_issue_id; } } # no issue found that belongs to a project that the user has read access to. return 0; } }
/** * Get an appropriate enumeration. (Should become an internal function.) * * @param string $p_username The name of the user trying to access the enumeration. * @param string $p_password The password of the user. * @param string $p_enumeration The enumeration to get. * @return string The requested enumeration. */ function mc_enum_get($p_username, $p_password, $p_enumeration) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return new soap_fault('Client', '', 'Access Denied'); } if (!mci_has_readonly_access($t_user_id)) { return new soap_fault('Client', '', 'Access Denied'); } $t_lang = mci_get_user_lang($t_user_id); return lang_get($p_enumeration . '_enum_string', $t_lang); }
/** * Get the issue headers that match the specified filter and paging details. * * @param string $p_username The name of the user trying to access the filters. * @param string $p_password The password of the user. * @param integer $p_filter_id The id of the filter to apply. * @param integer $p_page_number Start with the given page number (zero-based) * @param integer $p_per_page Number of issues to display per page * @return Array that represents an IssueDataArray structure */ function mc_filter_get_issue_headers($p_username, $p_password, $p_project_id, $p_filter_id, $p_page_number, $p_per_page) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if (!mci_has_readonly_access($t_user_id, $p_project_id)) { return mci_soap_fault_access_denied($t_user_id); } $t_page_count = 0; $t_bug_count = 0; $t_filter = filter_db_get_filter($p_filter_id); $t_filter_detail = explode('#', $t_filter, 2); if (!isset($t_filter_detail[1])) { return new soap_fault('Server', '', 'Invalid Filter'); } $t_filter = unserialize($t_filter_detail[1]); $t_filter = filter_ensure_valid_filter($t_filter); $t_result = array(); $t_rows = filter_get_bug_rows($p_page_number, $p_per_page, $t_page_count, $t_bug_count, $t_filter, $p_project_id); foreach ($t_rows as $t_issue_data) { $t_id = $t_issue_data->id; $t_issue = array(); $t_issue['id'] = $t_id; $t_issue['view_state'] = $t_issue_data->view_state; $t_issue['last_updated'] = timestamp_to_iso8601($t_issue_data->last_updated); $t_issue['project'] = $t_issue_data->project_id; $t_issue['category'] = mci_get_category($t_issue_data->category_id); $t_issue['priority'] = $t_issue_data->priority; $t_issue['severity'] = $t_issue_data->severity; $t_issue['status'] = $t_issue_data->status; $t_issue['reporter'] = $t_issue_data->reporter_id; $t_issue['summary'] = $t_issue_data->summary; if (!empty($t_issue_data->handler_id)) { $t_issue['handler'] = $t_issue_data->handler_id; } $t_issue['resolution'] = $t_issue_data->resolution; $t_issue['attachments_count'] = count(mci_issue_get_attachments($t_issue_data->id)); $t_issue['notes_count'] = count(mci_issue_get_notes($t_issue_data->id)); $t_result[] = $t_issue; } return $t_result; }
/** * Get the id of an issue via the issue's summary. * * @param string $p_username The name of the user trying to delete the issue. * @param string $p_password The password of the user. * @param string $p_summary The summary of the issue to retrieve. * @return integer The id of the issue with the given summary, 0 if there is no such issue. */ function mc_issue_get_id_from_summary($p_username, $p_password, $p_summary) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return new soap_fault('Client', '', 'Access Denied'); } $t_bug_table = config_get('mantis_bug_table'); $c_summary = db_prepare_string($p_summary); $query = "SELECT id\n\t\t\t\t FROM {$t_bug_table}\n\t\t\t\t WHERE summary = '{$c_summary}'"; $result = db_query($query, 1); if (db_num_rows($result) == 0) { return 0; } else { while (($row = db_fetch_array($result)) !== false) { $t_issue_id = (int) $row['id']; $t_project_id = bug_get_field($t_issue_id, 'project_id'); if (mci_has_readonly_access($t_user_id, $t_project_id)) { return $t_issue_id; } } // no issue found that belongs to a project that the user has read access to. return 0; } }