/**
* Performs the fetch of the work request
*
* @param $params
* Associative array of parameters
* - $params->wr: Work Request ID or array of
* - $params->user: User ID making the request
* @return
* - The request object on success
* - Error message if access is denied, or wr was not filled.
*/
function run($params)
{
$access = access::getInstance();
if ($params['GET']['wr'] == null) {
error_logging('WARNING', "No work request number (wr) provided.");
return new error('No work request number (wr) provided.');
}
if (!preg_match('/^(\\d+)(,\\d+)*$/', $params['GET']['wr'])) {
error_logging('WARNING', 'Provided work request (wr) of; "' . $params['GET']['wr'] . '" argument does not match required format.');
return new error('Bad work request (wr) argument. Argument must be in the format of one or more integers seperated by commas.');
}
$response = new response('Success');
$sql = 'SELECT * FROM request WHERE request_id IN (' . $params['GET']['wr'] . ')';
$result = db_query($sql);
while ($row = db_fetch_object($result)) {
if ($access->permitted('wr/view', $row->request_id)) {
$object = new WrmsWorkRequest();
$object->populate($row);
$object->populateChildren();
$response->data[] = $object;
} else {
$response->data[] = new error('You cannot access this work request.', 403);
# EKM TODO add id not allowed option
}
}
return $response;
}
function run($params)
{
/*
* I know this seems backwards, but we check access as one of the last steps
* We really need the full WR so we can check if the person has enough access,
* so we will build the WR first then check permissions, then write it to the DB
*/
// WR number - If present, this is an edit, if not it's a create
$wr = $params['GET']['wr'];
$brief = $params['GET']['brief'];
$org = $params['GET']['org'];
$person = $params['GET']['person'];
$sys = $params['GET']['sys'];
$type = $params['GET']['type'];
$urgency = $params['GET']['urgency'];
$importance = $params['GET']['importance'];
$requested_by = $params['GET']['requested_by'];
$agreed_due = $params['GET']['agreed_due'];
$invoice_to = $params['GET']['invoice_to'];
$details = $params['GET']['details'];
/*
* Other things you can do to a WR that will need implementing
* Add files
* Add Quotes
* Link WRs
* Subscribe people
* Allocate to people
* Assign a tag
* Add a QA action
* Add a Note - (preserve HTML)
* Change the status
* Select Quiet update
*/
if (isset($wr) && is_numeric($wr)) {
// We are editing a WR
} else {
$wr = new WrmsWorkRequest();
//$urgency, $importance, $type, $person, $brief, $details, $sys)
return $wr->create($urgency, $importance, $type, $person, $brief, $details, $sys);
}
$access = access::getInstance();
if ($access->permitted('wr/create', $wr)) {
return new response('Access granted');
} else {
return new error('You cannot add a WR for this system.', '403');
}
}
