public function executeGoto(sfWebRequest $request) { $q = Doctrine_Core::getTable('Tickets')->createQuery('t')->leftJoin('t.TicketsStatus ts')->leftJoin('t.TicketsTypes tt')->leftJoin('t.Departments td')->leftJoin('t.Projects p')->leftJoin('t.Users'); $q->addWhere('projects_id=?', $request->getParameter('projects_id')); if (Users::hasAccess('view_own', 'tickets', $this->getUser(), $request->getParameter('projects_id'))) { $q->addWhere("t.departments_id in (" . implode(',', Departments::getDepartmentIdByUserId($this->getUser()->getAttribute('id'))) . ") or t.users_id='" . $this->getUser()->getAttribute('id') . "'"); } $q = Tickets::addFiltersToQuery($q, $this->getUser()->getAttribute('tickets_filter' . ((int) $request->getParameter('projects_id') > 0 ? $request->getParameter('projects_id') : ''))); $q = app::addListingOrder($q, 'tickets', $this->getUser(), (int) $request->getParameter('projects_id')); $this->menu = array(); $ids = array(); foreach ($q->fetchArray() as $v) { if (strlen($sn = app::getArrayName($v, 'TicketsStatus')) > 0) { $sn = $sn . ': '; } else { $sn = ''; } if ($request->getParameter('tickets_id') == $v['id']) { $v['name'] = '<b>' . $v['name'] . '</b>'; } $this->menu[] = array('title' => $sn . $v['name'], 'url' => 'ticketsComments/index?projects_id=' . $request->getParameter('projects_id') . '&tickets_id=' . $v['id']); $ids[] = $v['id']; } $current_key = array_search($request->getParameter('tickets_id'), $ids); $this->previous_item_id = false; $this->next_item_id = false; if (isset($ids[$current_key - 1])) { $this->previous_item_id = $ids[$current_key - 1]; } if (isset($ids[$current_key + 1])) { $this->next_item_id = $ids[$current_key + 1]; } }
public static function checkViewOwnAccess($c, $sf_user, $tickets, $project = false) { if ($project) { $has_access = Users::hasAccess('view_own', 'tickets', $sf_user, $project->getId()); } else { $has_access = Users::hasAccess('view_own', 'tickets', $sf_user); } if ($has_access) { if (!in_array($tickets->getDepartmentsId(), Departments::getDepartmentIdByUserId($sf_user->getAttribute('id'))) and $tickets->getUsersId() != $sf_user->getAttribute('id')) { $c->redirect('accessForbidden/index'); } } }
public function executeListing(sfWebRequest $request) { if (!isset($this->reports_id)) { $this->reports_id = false; } $q = Doctrine_Core::getTable('Tickets')->createQuery('t')->leftJoin('t.TicketsStatus ts')->leftJoin('t.TicketsTypes tt')->leftJoin('t.Departments td')->leftJoin('t.Projects p')->leftJoin('t.Users'); if ($request->hasParameter('projects_id')) { $q->addWhere('projects_id=?', $request->getParameter('projects_id')); if (Users::hasAccess('view_own', 'tickets', $this->getUser(), $request->getParameter('projects_id'))) { $q->addWhere("t.departments_id in (" . implode(',', Departments::getDepartmentIdByUserId($this->getUser()->getAttribute('id'))) . ") or t.users_id='" . $this->getUser()->getAttribute('id') . "'"); } } else { if (Users::hasAccess('view_own', 'projects', $this->getUser())) { $q->addWhere("find_in_set('" . $this->getUser()->getAttribute('id') . "',team) or p.created_by='" . $this->getUser()->getAttribute('id') . "'"); } if (Users::hasAccess('view_own', 'tickets', $this->getUser())) { $q->addWhere("t.departments_id in (" . implode(',', Departments::getDepartmentIdByUserId($this->getUser()->getAttribute('id'))) . ") or t.users_id='" . $this->getUser()->getAttribute('id') . "'"); } } if ($this->reports_id > 0) { $q = TicketsReports::addFiltersToQuery($q, $this->reports_id, $this->getUser()); } elseif ($request->hasParameter('search')) { $q = app::addSearchQuery($q, $request->getParameter('search'), 'TicketsComments', 't', $request->getParameter('search_by_extrafields')); $q = app::addListingOrder($q, 'tickets', $this->getUser()); } else { $q = Tickets::addFiltersToQuery($q, $this->getUser()->getAttribute('tickets_filter' . ((int) $request->getParameter('projects_id') > 0 ? $request->getParameter('projects_id') : ''))); $q = app::addListingOrder($q, 'tickets', $this->getUser(), (int) $request->getParameter('projects_id')); } if (sfConfig::get('app_rows_limit') > 0) { $this->pager = new sfDoctrinePager('Tickets', sfConfig::get('app_rows_limit')); $this->pager->setQuery($q); $this->pager->setPage($request->getParameter('page', 1)); $this->pager->init(); } $this->tickets_list = $q->fetchArray(); if (isset($this->is_dashboard)) { $this->url_params = 'redirect_to=dashboard'; $this->display_insert_button = true; } elseif ($this->reports_id > 0) { $this->url_params = 'redirect_to=ticketsReports' . $this->reports_id; $this->display_insert_button = true; } else { $this->url_params = 'redirect_to=ticketsList'; if ($request->hasParameter('projects_id')) { $this->url_params = 'projects_id=' . $request->getParameter('projects_id'); } $this->display_insert_button = true; } $this->tlId = rand(1111111, 9999999); }
public function executeExport(sfWebRequest $request) { /*check access*/ if ($request->hasParameter('projects_id')) { $this->forward404Unless($this->projects = Doctrine_Core::getTable('Projects')->createQuery()->addWhere('id=?', $request->getParameter('projects_id'))->fetchOne(), sprintf('Object projects does not exist (%s).', $request->getParameter('projects_id'))); $this->checkProjectsAccess($this->projects); $this->checkTicketsAccess('view', false, $this->projects); } else { $this->checkTicketsAccess('view'); } $this->columns = array('Projects' => t::__('Project Name'), 'id' => t::__('Id'), 'TicketsStatus' => t::__('Status'), 'TicketsTypes' => t::__('Type'), 'name' => t::__('Name'), 'description' => t::__('Description'), 'Departments' => t::__('Department'), 'Users' => t::__('Created By'), 'created_at' => t::__('Created At')); $extra_fields = ExtraFieldsList::getFieldsByType('tickets', $this->getUser(), false, array('all' => true)); foreach ($extra_fields as $v) { $this->columns['extra_field_' . $v['id']] = $v['name']; } if (!$request->hasParameter('projects_id')) { $this->columns['Projects'] = t::__('Project'); } $this->columns['Projects'] = t::__('Project Name'); $this->columns['url'] = t::__('Url'); if ($fields = $request->getParameter('fields')) { $separator = "\t"; $format = $request->getParameter('format', '.csv'); $filename = $request->getParameter('filename', 'tasks'); header("Content-type: Application/octet-stream"); header("Content-disposition: attachment; filename=" . $filename . "." . $format); header("Pragma: no-cache"); header("Expires: 0"); $content = ''; foreach ($fields as $f) { $content .= str_replace(array("\n\r", "\r", "\n", $separator), ' ', $this->columns[$f]) . $separator; } $content .= "\n"; if ($format == 'csv') { echo chr(0xff) . chr(0xfe) . mb_convert_encoding($content, 'UTF-16LE', 'UTF-8'); } else { echo $content; } if (strlen($request->getParameter('selected_items') == 0)) { exit; } $q = Doctrine_Core::getTable('Tickets')->createQuery('t')->leftJoin('t.TicketsStatus ts')->leftJoin('t.TicketsTypes tt')->leftJoin('t.Departments td')->leftJoin('t.Projects p')->leftJoin('t.Users')->whereIn('t.id', explode(',', $request->getParameter('selected_items'))); if ($request->hasParameter('projects_id')) { $q->addWhere('projects_id=?', $request->getParameter('projects_id')); if (Users::hasAccess('view_own', 'tickets', $this->getUser(), $request->getParameter('projects_id'))) { $q->addWhere("t.departments_id in (" . implode(',', Departments::getDepartmentIdByUserId($this->getUser()->getAttribute('id'))) . ") or t.users_id='" . $this->getUser()->getAttribute('id') . "'"); } } else { if (Users::hasAccess('view_own', 'projects', $this->getUser())) { $q->addWhere("find_in_set('" . $this->getUser()->getAttribute('id') . "',team) or p.users_id='" . $this->getUser()->getAttribute('id') . "'"); } if (Users::hasAccess('view_own', 'tickets', $this->getUser())) { $q->addWhere("t.departments_id in (" . implode(',', Departments::getDepartmentIdByUserId($this->getUser()->getAttribute('id'))) . ") or t.users_id='" . $this->getUser()->getAttribute('id') . "'"); } } if ($request->hasParameter('projects_id')) { $q = app::addListingOrder($q, 'tickets', $this->getUser(), (int) $request->getParameter('projects_id')); } else { $q->orderBy('LTRIM(p.name), ts.sort_order, LTRIM(ts.name), LTRIM(t.name)'); } $tickets = $q->fetchArray(); $totals = array(); $projects_totals = array(); $current_project_id = 0; foreach ($tickets as $t) { $ex_values = ExtraFieldsList::getValuesList($extra_fields, $t['id']); $content = ''; // if ($current_project_id == 0) { $current_project_id = $t['projects_id']; } if ($current_project_id != $t['projects_id']) { //adding totals if (isset($projects_totals[$current_project_id])) { foreach ($fields as $f) { $v = ''; if (strstr($f, 'extra_field_')) { if (isset($projects_totals[$current_project_id][str_replace('extra_field_', '', $f)])) { $v = $projects_totals[$current_project_id][str_replace('extra_field_', '', $f)]; } } $content .= str_replace(array("\n\r", "\r", "\n", $separator), ' ', $v) . $separator; } $content .= "\n\n"; } $current_project_id = $t['projects_id']; } foreach ($fields as $f) { $v = ''; if (in_array($f, array('id', 'name', 'description'))) { $v = $t[$f]; } elseif (strstr($f, 'extra_field_')) { if ($ex = Doctrine_Core::getTable('ExtraFields')->find(str_replace('extra_field_', '', $f))) { $v = ExtraFieldsList::renderFieldValueByType($ex, $ex_values, array(), true); if (in_array($ex->getType(), array('number', 'formula'))) { if (!isset($totals[$ex->getId()])) { $totals[$ex->getId()] = 0; } if (!isset($projects_totals[$t['projects_id']][$ex->getId()])) { $projects_totals[$t['projects_id']][$ex->getId()] = 0; } $totals[$ex->getId()] += $v; $projects_totals[$t['projects_id']][$ex->getId()] += $v; } $v = str_replace('<br>', ', ', $v); } } elseif ($f == 'created_at') { if (strlen($t[$f]) > 0) { $v = app::dateTimeFormat($t[$f]); } } elseif ($f == 'url') { $v = app::public_url('ticketsComments/index?projects_id=' . $t['projects_id'] . '&tickets_id=' . $t['id']); } else { $v = app::getArrayName($t, $f); } $content .= str_replace(array("\n\r", "\r", "\n", $separator), ' ', $v) . $separator; } $content .= "\n"; if ($format == 'csv') { echo chr(0xff) . chr(0xfe) . mb_convert_encoding($content, 'UTF-16LE', 'UTF-8'); } else { echo $content; } } $content = ''; //adding totals if (isset($projects_totals[$current_project_id]) and !$request->hasParameter('projects_id')) { foreach ($fields as $f) { $v = ''; if (strstr($f, 'extra_field_')) { if (isset($projects_totals[$current_project_id][str_replace('extra_field_', '', $f)])) { $v = $projects_totals[$current_project_id][str_replace('extra_field_', '', $f)]; } } $content .= str_replace(array("\n\r", "\r", "\n", $separator), ' ', $v) . $separator; } $content .= "\n\n"; } foreach ($fields as $f) { $v = ''; if (strstr($f, 'extra_field_')) { if (isset($totals[str_replace('extra_field_', '', $f)])) { $v = $totals[str_replace('extra_field_', '', $f)]; } } $content .= str_replace(array("\n\r", "\r", "\n", $separator), ' ', $v) . $separator; } $content .= "\n"; if ($format == 'csv') { echo chr(0xff) . chr(0xfe) . mb_convert_encoding($content, 'UTF-16LE', 'UTF-8'); } else { echo $content; } exit; } }