function edit_timeslot() { if (!can_add(logged_user(), active_context(), Timeslots::instance()->getObjectTypeId())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } ajx_current("empty"); $timeslot_data = array_var($_POST, 'timeslot'); $timeslot = Timeslots::findById(array_var($timeslot_data, 'id', 0)); if (!$timeslot instanceof Timeslot) { flash_error(lang('timeslot dnx')); return; } try { $hoursToAdd = array_var($timeslot_data, 'hours', 0); $minutes = array_var($timeslot_data, 'minutes', 0); if (strpos($hoursToAdd, ',') && !strpos($hoursToAdd, '.')) { $hoursToAdd = str_replace(',', '.', $hoursToAdd); } if (strpos($hoursToAdd, ':') && !strpos($hoursToAdd, '.')) { $pos = strpos($hoursToAdd, ':') + 1; $len = strlen($hoursToAdd) - $pos; $minutesToAdd = substr($hoursToAdd, $pos, $len); if (!strlen($minutesToAdd) <= 2 || !strlen($minutesToAdd) > 0) { $minutesToAdd = substr($minutesToAdd, 0, 2); } $mins = $minutesToAdd / 60; $hours = substr($hoursToAdd, 0, $pos - 1); $hoursToAdd = $hours + $mins; } if ($minutes) { $min = str_replace('.', '', $minutes / 6); $hoursToAdd = $hoursToAdd + ("0." . $min); } if ($hoursToAdd <= 0) { flash_error(lang('time has to be greater than 0')); return; } $startTime = getDateValue(array_var($timeslot_data, 'date')); $startTime = $startTime->add('h', 8 - logged_user()->getTimezone()); $endTime = getDateValue(array_var($timeslot_data, 'date')); $endTime = $endTime->add('h', 8 - logged_user()->getTimezone() + $hoursToAdd); $timeslot_data['start_time'] = $startTime; $timeslot_data['end_time'] = $endTime; $timeslot_data['name'] = $timeslot_data['description']; //Only admins can change timeslot user if (array_var($timeslot_data, 'contact_id', false) && !logged_user()->isAdministrator()) { $timeslot_data['contact_id'] = $timeslot->getContactId(); } $timeslot->setFromAttributes($timeslot_data); $user = Contacts::findById($timeslot_data['contact_id']); $billing_category_id = $user->getDefaultBillingId(); $bc = BillingCategories::findById($billing_category_id); if ($bc instanceof BillingCategory) { $timeslot->setBillingId($billing_category_id); $hourly_billing = $bc->getDefaultValue(); $timeslot->setHourlyBilling($hourly_billing); $timeslot->setFixedBilling($hourly_billing * $hoursToAdd); $timeslot->setIsFixedBilling(false); } DB::beginWork(); $timeslot->save(); $member_ids = json_decode(array_var($_POST, 'members', '')); if ($member_ids && count($member_ids)) { ajx_add("time-panel", "reload"); } else { foreach (active_context() as $dimension) { $names[] = $dimension->getName(); } flash_error(lang('select member to add timeslots', implode(", ", $names))); //flash_error(lang('must choose at least one member')); DB::rollback(); return; } $object_controller = new ObjectController(); $object_controller->add_to_members($timeslot, $member_ids); DB::commit(); ajx_extra_data(array("timeslot" => $timeslot->getArrayInfo())); } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); } // try }
function canAdd(Contact $user, $context, &$notAllowedMember = '') { $object = $this->getRelObject(); return can_add($user, $context, $object->getObjectTypeId(), $notAllowedMember); }
/** * Check if specific user can add contacts to specific project * * @access public * @param Contact $user * @param Project $project * @return booelean */ function canAdd(Contact $user, $context, &$notAllowedMember = '') { return can_add($user, $context, $this->getObjectTypeId(), $notAllowedMember); } // canAdd
function quick_add($table_name, $ajax = FALSE) { checklogin(); if (!can_add($table_name)) { exit('Sorry. You do not have the permission to add items to ' . humanizer($table_name)); } if (stripos(uri_string(), ':')) { $mess = explode(':', uri_string()); if (count($mess) > 2) { $data['s_message'] = $mess[2]; $data['s_status'] = $mess[1]; } } $table_name = mysql_real_escape_string($table_name); $sql = "SELECT column_name, is_nullable, data_type, character_maximum_length, column_key, column_comment, column_type, column_default FROM information_schema.COLUMNS WHERE TABLE_NAME='{$table_name}' AND TABLE_SCHEMA='" . DATABASE . "'"; $data['fields'] = $this->db->query($sql)->result(); $data['table_name'] = $table_name; /*** SET VALIDATION RULES ***/ $data_types_xss = array('text', 'longtext', 'enum', 'datetime', 'tinyint'); foreach ($data['fields'] as $field) { $rules = ''; if ($field->column_name != 'id' && ($field->is_nullable == 'NO' || ($field->column_name == 'title' || $field->column_name == 'name'))) { $rules = 'required|'; } if ($field->character_maximum_length && $field->column_name != 'id') { $rules .= 'max_length[' . $field->character_maximum_length . ']'; } if (!in_array($field->data_type, $data_types_xss)) { $rules .= 'xss_clean|'; } if ($field->data_type == 'int') { $rules .= 'numeric|'; } if ($field->column_name != "merchant_sub_category") { $this->form_validation->set_message('numeric', '%s is required.'); $this->form_validation->set_rules($field->column_name, humanize(rtrim($field->column_name, '_id')), rtrim($rules, '|')); } } /*** END VALIDATION RULES ***/ /*** WHEN POSTING OCCURS ***/ if ($_POST) { if ($this->form_validation->run() == TRUE) { //it passed. insert into table if (key_exists('_continue', $_POST)) { $_continue = $_POST['_continue']; unset($_POST['_continue']); } if (key_exists('_unlink', $_POST)) { $_unlink = $_POST['_unlink']; unset($_POST['_unlink']); foreach ($_unlink as $roguefiles) { if (strlen($roguefiles) > 0) { if (file_exists($_SERVER['DOCUMENT_ROOT'] . $roguefiles)) { unlink($_SERVER['DOCUMENT_ROOT'] . $roguefiles); } } } } foreach ($_POST as $key => $val) { if ($val == 'NULL') { unset($_POST[$key]); } if ($key == 'password') { $_POST[$key] = md5($val); } } $this->db->insert($table_name, $_POST); //$this->memcached_library->flush(); $dataid = mysql_insert_id(); if (isset($_continue) && $_continue) { $_continue = trim(strtolower($_continue)); } else { $_continue = ''; } //depending on where they want to go afterwards, redir as follows if ($_continue == 'add and return to list') { redirect('content/' . $table_name . '/:success:Item Added Successfully'); } elseif ($_continue == 'add and add another') { redirect('content/' . $table_name . '/add/:success:Item Added Successfully'); } else { redirect('content/edit/' . $table_name . '/' . $dataid . '/:success:Item Added Successfully'); } } } /*** END POST ***/ $this->load->view('includes/light_header'); $this->load->view('includes/quickadd', $data); }
function addEmailToWorkspace($id, $destination, $mantainWs = true) { $email = MailContents::findById($id); if ($email instanceof MailContent && $email->canEdit(logged_user())) { if (!$mantainWs) { $removed = ""; $ws = $email->getWorkspaces(); foreach ($ws as $w) { if (can_add(logged_user(), $w, 'MailContents')) { $email->removeFromWorkspace($w); $removed .= $w->getId() . ","; } } $removed = substr($removed, 0, -1); $log_action = ApplicationLogs::ACTION_MOVE; $log_data = ($removed == "" ? "" : "from:{$removed};") . "to:" . $destination->getId(); } else { $log_action = ApplicationLogs::ACTION_COPY; $log_data = "to:" . $destination->getId(); } $email->addToWorkspace($destination); ApplicationLogs::createLog($email, $email->getWorkspaces(), $log_action, false, null, true, $log_data); return 1; } else { return 0; } }
function canAdd(Contact $user, $context, &$notAllowedMember = '') { return can_manage_contacts($user) || can_add($user, $context, Contacts::instance()->getObjectTypeId(), $notAllowedMember); }
</div> <table style="margin-top:10px;"> <?php if (can_manage_time(logged_user())) { echo '<tr><td style="vertical-align:middle;"><span class="bold">' . lang("person") . ': </span></td>'; if (logged_user()->isMemberOfOwnerCompany()) { $users = Contacts::getAllUsers(); } else { $users = logged_user()->getCompanyId() > 0 ? Contacts::getAllUsers(" AND `company_id` = " . logged_user()->getCompanyId()) : array(logged_user()); } $tmp_users = array(); foreach ($users as $user) { $rel_object = $timeslot->getRelObject(); $is_assigned = $rel_object instanceof ProjectTask && $rel_object->getAssignedToContactId() == $user->getId(); if ($is_assigned || can_add($user, $rel_object->getMembers(), Timeslots::instance()->getObjectTypeId())) { $tmp_users[] = $user; } } $users = $tmp_users; $user_options = array(); foreach ($users as $user) { $user_options[] = option_tag($user->getObjectName(), $user->getId(), array_var($timeslot_data, 'contact_id') == $user->getId() ? array("selected" => "selected") : null); } echo '<td>' . select_box("timeslot[contact_id]", $user_options, array('id' => $genid . 'tsUser', 'tabindex' => '15')) . '</td></tr>'; echo '<tr><td> </td></tr>'; } ?> <tr> <td style="vertical-align:middle;"><span class="bold"><?php echo lang("start date");
static function canAdd() { self::includeBasic(); $workspace_id = self::ogWorkspaceId(); if ($workspace_id == null) { return false; } $workspace = Projects::findById($workspace_id); if (!$workspace instanceof Project) { return false; } return can_add(self::getCompanyWebsite()->getLoggedUser(), $workspace, 'ProjectFiles'); }
if ($file->canEdit(logged_user())) { if ($file->isModifiable() && $file->getType() != ProjectFiles::TYPE_WEBLINK) { add_page_action(lang('edit this file'), $file->getModifyUrl(), 'ico-edit', null, null, true); } add_page_action(lang('update file'), $file->getEditUrl(), 'ico-properties', null, null, true); } } if ($file->canDelete(logged_user())) { if ($file->isTrashed()) { add_page_action(lang('restore from trash'), "javascript:if(confirm(lang('confirm restore objects'))) og.openLink('" . $file->getUntrashUrl() . "');", 'ico-restore', null, null, true); add_page_action(lang('delete permanently'), "javascript:if(confirm(lang('confirm delete permanently'))) og.openLink('" . $file->getDeletePermanentlyUrl() . "');", 'ico-delete', null, null, true); } else { add_page_action(lang('move to trash'), "javascript:if(confirm(lang('confirm move to trash'))) og.openLink('" . $file->getTrashUrl() . "');", 'ico-trash', null, null, true); } } if (can_add(logged_user(), active_or_personal_project(), 'ProjectFiles') && $file->getType() != ProjectFiles::TYPE_WEBLINK) { add_page_action(lang('copy file'), $file->getCopyUrl(), 'ico-copy'); } ?> <div style="padding:7px"> <div class="files"> <?php $description = ''; if ($last_revision instanceof ProjectFileRevision) { $description .= '<div id="fileLastRevision"><span class="propertyName">' . lang('last revision') . ':</span>'; if ($last_revision->getCreatedBy() instanceof User) { $description .= lang('file revision info long', $last_revision->getRevisionNumber(), $last_revision->getCreatedBy()->getCardUrl(), clean($last_revision->getCreatedBy()->getDisplayName()), format_descriptive_date($last_revision->getCreatedOn())); } else {
/** * Empty implementation of static method. * * Add tag permissions are done through ProjectDataObject::canBillingCategory() method. This * will return BillingCategory permissions for specified object * * @param User $user * @param Project $project * @return boolean */ function canAdd(Contact $user, Project $project) { return can_add($user,$project,get_class(BillingCategories::instance())); } // canAdd
function add_to_members($object, $member_ids, $user = null, $check_allowed_members = true) { if (!$user instanceof Contact) { $user = logged_user(); } // clean member_ids $tmp_mids = array(); foreach ($member_ids as $mid) { if (!is_null($mid) && trim($mid) != "") { $tmp_mids[] = $mid; } } $member_ids = $tmp_mids; if ($user->isGuest()) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } if (isset($_POST['trees_not_loaded']) && $_POST['trees_not_loaded'] > 0) { return; } $required_dimension_ids = array(); $dimension_object_types = $object->getDimensionObjectTypes(); foreach ($dimension_object_types as $dot) { if ($dot->getIsRequired()) { $required_dimension_ids[] = $dot->getDimensionId(); } } $required_dimensions = Dimensions::findAll(array("conditions" => "id IN (" . implode(",", $required_dimension_ids) . ") OR is_required=1")); // If not entered members /*if (count($member_ids) <= 0){ $throw_error = true; if (Plugins::instance()->isActivePlugin('core_dimensions')) { $personal_member = Members::findById($user->getPersonalMemberId()); if ($personal_member instanceof Member) { $member_ids[] = $user->getPersonalMemberId(); } } }*/ if (count($member_ids) > 0) { $enteredMembers = Members::findAll(array('conditions' => 'id IN (' . implode(",", $member_ids) . ')')); } else { $enteredMembers = array(); } $manageable_members = array(); foreach ($enteredMembers as $ent_mem) { if ($ent_mem->getDimension()->getIsManageable() && $ent_mem->getDimension()->getDefinesPermissions()) { $manageable_members[] = $ent_mem; } } if (!can_add($user, $check_allowed_members ? $object->getAllowedMembersToAdd($user, $manageable_members) : $manageable_members, $object->getObjectTypeId()) && !($object instanceof TemplateTask || $object instanceof TemplateMilestone || $object instanceof Contact && $object->isUser())) { $dinfos = DB::executeAll("SELECT name, code, options FROM " . TABLE_PREFIX . "dimensions WHERE is_manageable = 1"); $dimension_names = array(); foreach ($dinfos as $dinfo) { $dimension_names[] = json_decode($dinfo['options'])->useLangs ? lang($dinfo['code']) : $dinfo['name']; } throw new Exception(lang('must choose at least one member of', implode(', ', $dimension_names))); ajx_current("empty"); return; } $removedMemebersIds = $object->removeFromMembers($user, $enteredMembers); /* @var $object ContentDataObject */ $validMembers = $check_allowed_members ? $object->getAllowedMembersToAdd($user, $enteredMembers) : $enteredMembers; foreach ($required_dimensions as $rdim) { $exists = false; foreach ($validMembers as $m) { if ($m->getDimensionId() == $rdim->getId()) { $exists = true; break; } } if (!$exists) { throw new Exception(lang('must choose at least one member of', $rdim->getName())); } } $object->addToMembers($validMembers, true); Hook::fire('after_add_to_members', $object, $validMembers); Hook::fire('after_remove_members_from_object', $object, $removedMemebersIds); $object->addToSharingTable(); //add to the object instance the members only if members value of the object is not null //because in that case when we ask for the members of the object we load them from db if (!is_null($object->members)) { $object->members = $validMembers; } return $validMembers; }
<table style="margin-top:10px;"> <?php if (can_manage_time(logged_user())) { echo '<tr><td style="vertical-align:middle;"><span class="bold">' . lang("person") . ': </span></td>'; if (logged_user()->isMemberOfOwnerCompany()) { $users = Contacts::getAllUsers(); } else { $users = logged_user()->getCompanyId() > 0 ? Contacts::getAllUsers(" AND `company_id` = ". logged_user()->getCompanyId()) : array(logged_user()); } $tmp_users = array(); foreach ($users as $user) { $rel_object = $timeslot->getRelObject(); $is_assigned = ($rel_object instanceof ProjectTask && $rel_object->getAssignedToContactId() == $user->getId()); if ($is_assigned || can_add($user, active_context(), Timeslots::instance()->getObjectTypeId())) { $tmp_users[] = $user; } } $users = $tmp_users; $user_options = array(); foreach ($users as $user) { $user_options[] = option_tag($user->getObjectName(), $user->getId(), array_var($timeslot_data, 'contact_id') == $user->getId() ? array("selected" => "selected") : null); } echo '<td>' . select_box("timeslot[contact_id]", $user_options, array('id' => $genid . 'tsUser', 'tabindex' => '15')) . '</td></tr>'; echo '<tr><td> </td></tr>'; } ?> <tr> <td style="vertical-align:middle;"><span class="bold"><?php echo lang("start date") ?>: </span></td>
function list_all() { ajx_current("empty"); $project = active_project(); $isProjectView = $project instanceof Project; $start = (int) array_var($_GET, 'start'); $limit = array_var($_GET, 'limit'); if (!$start) { $start = 0; } if (!$limit) { $limit = config_option('files_per_page'); } $order = array_var($_GET, 'sort'); if ($order == "updatedOn" || $order == "updated" || $order == "date" || $order == "dateUpdated") { $order = "updated_on"; } else { if ($order == "name") { $order = "title"; } } $orderdir = array_var($_GET, 'dir'); $tag = array_var($_GET, 'tag'); $page = (int) ($start / $limit) + 1; $hide_private = !logged_user()->isMemberOfOwnerCompany(); if (array_var($_GET, 'action') == 'delete') { $ids = explode(',', array_var($_GET, 'webpages')); $succ = 0; $err = 0; foreach ($ids as $id) { $web_page = ProjectWebpages::findById($id); if (isset($web_page) && $web_page->canDelete(logged_user())) { try { DB::beginWork(); $web_page->trash(); ApplicationLogs::createLog($web_page, $web_page->getWorkspaces(), ApplicationLogs::ACTION_TRASH); DB::commit(); $succ++; } catch (Exception $e) { DB::rollback(); $err++; } } else { $err++; } } if ($succ > 0) { flash_success(lang("success delete objects", $succ)); } if ($err > 0) { flash_error(lang("error delete objects", $err)); } } else { if (array_var($_GET, 'action') == 'tag') { $ids = explode(',', array_var($_GET, 'webpages')); $tagTag = array_var($_GET, 'tagTag'); $tagged = 0; $not_tagged = 0; foreach ($ids as $id) { $web_page = ProjectWebpages::findById($id); if (isset($web_page) && $web_page->canEdit(logged_user())) { $arr_tags = $web_page->getTags(); $arr = array(); foreach ($arr_tags as $t) { $arr[] = $t->getTag(); } if (!array_search($tagTag, $arr)) { $arr[] = $tagTag; $web_page->setTagsFromCSV(implode(',', $arr)); } $tagged++; } else { $not_tagged++; } } if ($tagged > 0) { flash_success(lang("success tag objects", $tagged)); } else { flash_success(lang("error tag objects", $not_tagged)); } } else { if (array_var($_GET, 'action') == 'untag') { $ids = explode(',', array_var($_GET, 'webpages')); $tagTag = array_var($_GET, 'tagTag'); $untagged = 0; $not_untagged = 0; foreach ($ids as $id) { $web_page = ProjectWebpages::findById($id); if (isset($web_page) && $web_page->canEdit(logged_user())) { if ($tagTag != '') { $web_page->deleteTag($tagTag); } else { $web_page->clearTags(); } $untagged++; } else { $not_untagged++; } } if ($untagged > 0) { flash_success(lang("success untag objects", $untagged)); } else { flash_success(lang("error untag objects", $not_untagged)); } } else { if (array_var($_GET, 'action') == 'markasread') { $ids = explode(',', array_var($_GET, 'ids')); $succ = 0; $err = 0; foreach ($ids as $id) { $webpage = ProjectWebpages::findById($id); try { $webpage->setIsRead(logged_user()->getId(), true); $succ++; } catch (Exception $e) { $err++; } // try } //for if ($succ <= 0) { flash_error(lang("error markasread files", $err)); } } else { if (array_var($_GET, 'action') == 'markasunread') { $ids = explode(',', array_var($_GET, 'ids')); $succ = 0; $err = 0; foreach ($ids as $id) { $webpage = ProjectWebpages::findById($id); try { $webpage->setIsRead(logged_user()->getId(), false); $succ++; } catch (Exception $e) { $err++; } // try } //for if ($succ <= 0) { flash_error(lang("error markasunread files", $err)); } } else { if (array_var($_GET, 'action') == 'move') { $wsid = array_var($_GET, "moveTo"); $destination = Projects::findById($wsid); if (!$destination instanceof Project) { $resultMessage = lang('project dnx'); $resultCode = 1; } else { if (!can_add(logged_user(), $destination, 'ProjectWebpages')) { $resultMessage = lang('no access permissions'); $resultCode = 1; } else { $count = 0; $ids = explode(',', array_var($_GET, 'ids', '')); for ($i = 0; $i < count($ids); $i++) { $id = $ids[$i]; $webpage = ProjectWebpages::findById($id); if ($webpage instanceof ProjectWebpage && $webpage->canEdit(logged_user())) { if (!array_var($_GET, "mantainWs")) { $removed = ""; $ws = $webpage->getWorkspaces(); foreach ($ws as $w) { if (can_add(logged_user(), $w, 'ProjectWebpages')) { $webpage->removeFromWorkspace($w); $removed .= $w->getId() . ","; } } $removed = substr($removed, 0, -1); $log_action = ApplicationLogs::ACTION_MOVE; $log_data = ($removed == "" ? "" : "from:{$removed};") . "to:{$wsid}"; } else { $log_action = ApplicationLogs::ACTION_COPY; $log_data = "to:{$wsid}"; } $webpage->addToWorkspace($destination); ApplicationLogs::createLog($webpage, $webpage->getWorkspaces(), $log_action, false, null, true, $log_data); $count++; } } // for $resultMessage = lang("success move objects", $count); $resultCode = 0; } } } else { if (array_var($_GET, 'action') == 'archive') { $ids = explode(',', array_var($_GET, 'webpages')); $succ = 0; $err = 0; foreach ($ids as $id) { $web_page = ProjectWebpages::findById($id); if (isset($web_page) && $web_page->canEdit(logged_user())) { try { DB::beginWork(); $web_page->archive(); ApplicationLogs::createLog($web_page, $web_page->getWorkspaces(), ApplicationLogs::ACTION_ARCHIVE); DB::commit(); $succ++; } catch (Exception $e) { DB::rollback(); $err++; } } else { $err++; } } if ($succ > 0) { flash_success(lang("success archive objects", $succ)); } if ($err > 0) { flash_error(lang("error archive objects", $err)); } } } } } } } } $result = ProjectWebpages::getWebpages($project, $tag, $page, $limit, $order, $orderdir); if (is_array($result)) { list($webpages, $pagination) = $result; if ($pagination->getTotalItems() < ($page - 1) * $limit) { $start = 0; $page = 1; $result = ProjectWebpages::getWebpages($project, $tag, $page, $limit); if (is_array($result)) { list($webpages, $pagination) = $result; } else { $webpages = null; $pagination = 0; } // if } } else { $webpages = null; $pagination = 0; } // if /*tpl_assign('totalCount', $pagination->getTotalItems()); tpl_assign('webpages', $webpages); tpl_assign('pagination', $pagination); tpl_assign('tags', Tags::getTagNames());*/ $object = array("totalCount" => $pagination->getTotalItems(), "start" => $start, "webpages" => array()); if (isset($webpages)) { $index = 0; foreach ($webpages as $w) { $object["webpages"][] = array("ix" => $index++, "id" => $w->getId(), "title" => $w->getTitle(), "description" => $w->getDescription(), "url" => $w->getUrl(), "tags" => project_object_tags($w), "wsIds" => $w->getWorkspacesIdsCSV(logged_user()->getWorkspacesQuery()), "updatedOn" => $w->getUpdatedOn() instanceof DateTimeValue ? $w->getUpdatedOn()->isToday() ? format_time($w->getUpdatedOn()) : format_datetime($w->getUpdatedOn()) : '', "updatedOn_today" => $w->getUpdatedOn() instanceof DateTimeValue ? $w->getUpdatedOn()->isToday() : 0, "updatedBy" => $w->getUpdatedByDisplayName(), "updatedById" => $w->getUpdatedById(), "isRead" => $w->getIsRead(logged_user()->getId())); } } ajx_extra_data($object); /*tpl_assign("listing", $object);*/ }
function canAdd(Contact $user, $context, &$notAllowedMember = ''){ $object = $this->getRelObject(); if (!$object instanceof ContentDataObject) { return false; } return can_add($user, $context, $object->getObjectTypeId(), $notAllowedMember ); }
function move() { if (logged_user()->isGuest()) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } ajx_current("empty"); $ids = array_var($_GET, 'ids'); if (!$ids) { return; } $wsid = array_var($_GET, 'ws'); $keep = array_var($_GET, 'keep', 1) == 1; $atts = array_var($_GET, 'atts', 0) == 1; $workspace = Projects::findById($wsid); if (!$workspace instanceof Project) { flash_error(lang('project dnx')); return; } $id_list = explode(",", $ids); $err = 0; $succ = 0; foreach ($id_list as $cid) { list($manager, $id) = explode(":", $cid); if (isset($maganer) && $maganer == 'Projects') { continue; } try { $obj = get_object_by_manager_and_id($id, $manager); if ($obj instanceof ProjectDataObject && $obj->canEdit(logged_user())) { if ($obj instanceof MailContent) { $conversation = MailContents::getMailsFromConversation($obj); $count = 0; foreach ($conversation as $conv_email) { $count += MailController::addEmailToWorkspace($conv_email->getId(), $workspace, $keep); if (array_var($_GET, 'atts') && $conv_email->getHasAttachments()) { MailUtilities::parseMail($conv_email->getContent(), $decoded, $parsedEmail, $warnings); $classification_data = array(); for ($j = 0; $j < count(array_var($parsedEmail, "Attachments", array())); $j++) { $classification_data["att_" . $j] = true; } $tags = implode(",", $conv_email->getTagNames()); MailController::classifyFile($classification_data, $conv_email, $parsedEmail, array($workspace), $keep, $tags); } } $succ++; } else { $remain = 0; if (!$keep || $obj instanceof ProjectTask || $obj instanceof ProjectMilestone) { // Tasks and Milestones can have only 1 workspace $removed = ""; $ws = $obj->getWorkspaces(); foreach ($ws as $w) { if (can_add(logged_user(), $w, get_class($obj->manager()))) { $obj->removeFromWorkspace($w); $removed .= $w->getId() . ","; } else { $remain++; } } $removed = substr($removed, 0, -1); $log_action = ApplicationLogs::ACTION_MOVE; $log_data = ($removed == "" ? "" : "from:{$removed};") . "to:{$wsid}"; } else { $log_action = ApplicationLogs::ACTION_COPY; $log_data = "to:{$wsid}"; } if ($remain > 0 && ($obj instanceof ProjectTask || $obj instanceof ProjectMilestone)) { $err++; } else { $obj->addToWorkspace($workspace); ApplicationLogs::createLog($obj, $obj->getWorkspaces(), $log_action, false, null, true, $log_data); $succ++; } } } else { $err++; } } catch (Exception $e) { $err++; } } if ($err > 0) { flash_error(lang("error move objects", $err)); } else { flash_success(lang("success move objects", $succ)); } }
/** * Check if specific user can add contacts to specific project * * @access public * @param User $user * @param Project $project * @return booelean */ function canAdd(User $user, Project $project) { return can_add($user, $project, get_class(MailContents::instance())); }
function edit_timeslot() { ajx_current("empty"); $timeslot_data = array_var($_POST, 'timeslot'); $timeslot = Timeslots::findById(array_var($timeslot_data, 'id', 0)); if (!$timeslot instanceof Timeslot) { flash_error(lang('timeslot dnx')); return; } //context permissions or members $member_ids = json_decode(array_var($_POST, 'members', array())); // clean member_ids $tmp_mids = array(); foreach ($member_ids as $mid) { if (!is_null($mid) && trim($mid) != "") { $tmp_mids[] = $mid; } } $member_ids = $tmp_mids; if (empty($member_ids)) { if (!can_add(logged_user(), active_context(), Timeslots::instance()->getObjectTypeId())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } } else { if (count($member_ids) > 0) { $enteredMembers = Members::findAll(array('conditions' => 'id IN (' . implode(",", $member_ids) . ')')); } else { $enteredMembers = array(); } if (!can_add(logged_user(), $enteredMembers, Timeslots::instance()->getObjectTypeId())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } } try { $hoursToAdd = array_var($timeslot_data, 'hours', 0); $minutes = array_var($timeslot_data, 'minutes', 0); if (strpos($hoursToAdd, ',') && !strpos($hoursToAdd, '.')) { $hoursToAdd = str_replace(',', '.', $hoursToAdd); } if (strpos($hoursToAdd, ':') && !strpos($hoursToAdd, '.')) { $pos = strpos($hoursToAdd, ':') + 1; $len = strlen($hoursToAdd) - $pos; $minutesToAdd = substr($hoursToAdd, $pos, $len); if (!strlen($minutesToAdd) <= 2 || !strlen($minutesToAdd) > 0) { $minutesToAdd = substr($minutesToAdd, 0, 2); } $mins = $minutesToAdd / 60; $hours = substr($hoursToAdd, 0, $pos - 1); $hoursToAdd = $hours + $mins; } if ($minutes) { $min = str_replace('.', '', $minutes / 6); $hoursToAdd = $hoursToAdd + ("0." . $min); } if ($hoursToAdd <= 0) { flash_error(lang('time has to be greater than 0')); return; } $startTime = getDateValue(array_var($timeslot_data, 'date')); $startTime = $startTime->add('h', 8 - logged_user()->getTimezone()); $endTime = getDateValue(array_var($timeslot_data, 'date')); $endTime = $endTime->add('h', 8 - logged_user()->getTimezone() + $hoursToAdd); $timeslot_data['start_time'] = $startTime; $timeslot_data['end_time'] = $endTime; $timeslot_data['name'] = $timeslot_data['description']; //Only admins can change timeslot user if (!array_var($timeslot_data, 'contact_id') && !logged_user()->isAdministrator()) { $timeslot_data['contact_id'] = $timeslot->getContactId(); } $timeslot->setFromAttributes($timeslot_data); $user = Contacts::findById($timeslot_data['contact_id']); $billing_category_id = $user->getDefaultBillingId(); $bc = BillingCategories::findById($billing_category_id); if ($bc instanceof BillingCategory) { $timeslot->setBillingId($billing_category_id); $hourly_billing = $bc->getDefaultValue(); $timeslot->setHourlyBilling($hourly_billing); $timeslot->setFixedBilling($hourly_billing * $hoursToAdd); $timeslot->setIsFixedBilling(false); } DB::beginWork(); $timeslot->save(); $member_ids = json_decode(array_var($_POST, 'members', '')); $object_controller = new ObjectController(); $object_controller->add_to_members($timeslot, $member_ids); DB::commit(); ApplicationLogs::createLog($timeslot, ApplicationLogs::ACTION_EDIT); ajx_extra_data(array("timeslot" => $timeslot->getArrayInfo())); } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); } // try }
/** * Check if specific user can add contacts * * @access public * @param User $user * @param Project $project * @return booelean */ function canAdd(User $user, Project $project) { return can_manage_contacts($user, true) || can_add($user, $project, get_class(Contacts::instance())); }
function canAdd(Contact $user, $context, &$notAllowedMember = '') { return can_add($user, $context, TemplateTasks::instance()->getObjectTypeId(), $notAllowedMember); }
function list_files() { ajx_current("empty"); /* get query parameters */ $start = (int) array_var($_GET, 'start'); $limit = (int) array_var($_GET, 'limit'); if (!$start) { $start = 0; } if (!$limit) { $limit = config_option('files_per_page'); } $order = array_var($_GET, 'sort'); $orderdir = array_var($_GET, 'dir'); $page = (int) ($start / $limit) + 1; $hide_private = !logged_user()->isMemberOfOwnerCompany(); $tag = array_var($_GET, 'tag'); $type = array_var($_GET, 'type'); $user = array_var($_GET, 'user'); /* if there's an action to execute, do so */ if (array_var($_GET, 'action') == 'delete') { $ids = explode(',', array_var($_GET, 'objects')); $succ = 0; $err = 0; foreach ($ids as $id) { $file = ProjectFiles::findById($id); if (isset($file) && $file->canDelete(logged_user())) { try { DB::beginWork(); $file->trash(); ApplicationLogs::createLog($file, $file->getWorkspaces(), ApplicationLogs::ACTION_TRASH); DB::commit(); $succ++; } catch (Exception $e) { DB::rollback(); $err++; } } else { $err++; } } if ($succ > 0) { flash_success(lang("success delete files", $succ)); } else { flash_error(lang("error delete files", $err)); } } else { if (array_var($_GET, 'action') == 'tag') { $ids = explode(',', array_var($_GET, 'objects')); $tagTag = array_var($_GET, 'tagTag'); $tagged = 0; $not_tagged = 0; foreach ($ids as $id) { $file = ProjectFiles::findById($id); if (isset($file) && $file->canEdit(logged_user())) { $arr_tags = $file->getTags(); if (!array_search($tagTag, $arr_tags)) { $arr_tags[] = $tagTag; $file->setTagsFromCSV(implode(',', $arr_tags)); $tagged++; } } else { $not_tagged++; } } if ($tagged > 0) { flash_success(lang("success tag objects", $tagged)); } else { flash_error(lang("error tag objects", $not_tagged)); } } else { if (array_var($_GET, 'action') == 'untag') { $ids = explode(',', array_var($_GET, 'objects')); $tagTag = array_var($_GET, 'tagTag'); $untagged = 0; $not_untagged = 0; foreach ($ids as $id) { $file = ProjectFiles::findById($id); if (isset($file) && $file->canEdit(logged_user())) { if ($tagTag != '') { $file->deleteTag($tagTag); } else { $file->clearTags(); } $untagged++; } else { flash_error(lang('no access permissions')); $not_untagged++; } } if ($untagged > 0) { flash_success(lang("success untag objects", $untagged)); } else { flash_error(lang("error untag objects", $not_untagged)); } } else { if (array_var($_GET, 'action') == 'markasread') { $ids = explode(',', array_var($_GET, 'objects')); $succ = 0; $err = 0; foreach ($ids as $id) { $file = ProjectFiles::findById($id); try { $file->setIsRead(logged_user()->getId(), true); $succ++; } catch (Exception $e) { $err++; } // try } //for if ($succ <= 0) { flash_error(lang("error markasread files", $err)); } } else { if (array_var($_GET, 'action') == 'markasunread') { $ids = explode(',', array_var($_GET, 'objects')); $succ = 0; $err = 0; foreach ($ids as $id) { $file = ProjectFiles::findById($id); try { $file->setIsRead(logged_user()->getId(), false); $succ++; } catch (Exception $e) { $err++; } // try } //for if ($succ <= 0) { flash_error(lang("error markasunread files", $err)); } } else { if (array_var($_GET, 'action') == 'zip_add') { $this->zip_add(); } else { if (array_var($_GET, 'action') == 'move') { $wsid = array_var($_GET, "moveTo"); $destination = Projects::findById($wsid); if (!$destination instanceof Project) { $resultMessage = lang('project dnx'); $resultCode = 1; } else { if (!can_add(logged_user(), $destination, 'ProjectFiles')) { $resultMessage = lang('no access permissions'); $resultCode = 1; } else { $count = 0; $ids = explode(',', array_var($_GET, 'ids', '')); for ($i = 0; $i < count($ids); $i++) { $id = $ids[$i]; $file = ProjectFiles::findById($id); if ($file instanceof ProjectFile && $file->canEdit(logged_user())) { if (!array_var($_GET, "mantainWs")) { $removed = ""; $ws = $file->getWorkspaces(null); foreach ($ws as $w) { if (can_add(logged_user(), $w, 'ProjectFiles')) { $file->removeFromWorkspace($w); $removed .= $w->getId() . ","; } } $removed = substr($removed, 0, -1); $log_action = ApplicationLogs::ACTION_MOVE; $log_data = ($removed == "" ? "" : "from:{$removed};") . "to:{$wsid}"; } else { $log_action = ApplicationLogs::ACTION_COPY; $log_data = "to:{$wsid}"; } $file->addToWorkspace($destination); ApplicationLogs::createLog($file, $file->getWorkspaces(), $log_action, false, null, true, $log_data); $count++; } } // for $resultMessage = lang("success move objects", $count); $resultCode = 0; } } } else { if (array_var($_GET, 'action') == 'archive') { $ids = explode(',', array_var($_GET, 'ids')); $succ = 0; $err = 0; foreach ($ids as $id) { $file = ProjectFiles::findById($id); if (isset($file) && $file->canEdit(logged_user())) { try { DB::beginWork(); $file->archive(); ApplicationLogs::createLog($file, $file->getWorkspaces(), ApplicationLogs::ACTION_ARCHIVE); DB::commit(); $succ++; } catch (Exception $e) { DB::rollback(); //Logger::log($e->getMessage()); $err++; } } else { $err++; } } if ($succ > 0) { flash_success(lang("success archive objects", $succ)); } else { flash_error(lang("error archive objects", $err)); } } } } } } } } } Hook::fire('classify_action', null, $ret); $project = active_project(); /* perform query */ $result = ProjectFiles::getProjectFiles($project, null, $hide_private, $order, $orderdir, $page, $limit, false, $tag, $type, $user); ProjectFiles::populateData($result[0]); $objects = null; $pagination = null; if (is_array($result)) { list($objects, $pagination) = $result; if ($pagination->getTotalItems() < ($page - 1) * $limit) { // if we are past the last page show the first page $start = 0; $page = 1; $result = ProjectFiles::getProjectFiles($project, null, $hide_private, $order, $orderdir, $page, $limit, false, $tag, $type, $user); if (is_array($result)) { list($objects, $pagination) = $result; } } } /* prepare response object */ $listing = array("totalCount" => $pagination ? $pagination->getTotalItems() : 0, "start" => $start, "files" => array()); if ($objects) { $index = 0; foreach ($objects as $o) { $coName = ""; $coId = $o->getCheckedOutById(); if ($coId != 0) { if ($coId == logged_user()->getId()) { $coName = "self"; } else { $coUser = Users::findById($coId); if ($coUser instanceof User) { $coName = $coUser->getUsername(); } else { $coName = ""; } } } if ($o->isMP3()) { $songname = $o->getProperty("songname"); $artist = $o->getProperty("songartist"); $album = $o->getProperty("songalbum"); $track = $o->getProperty("songtrack"); $year = $o->getProperty("songyear"); $duration = $o->getProperty("songduration"); $songInfo = json_encode(array($songname, $artist, $album, $track, $year, $duration, $o->getDownloadUrl(), $o->getFilename(), $o->getId())); } else { $songInfo = array(); } $values = array("id" => $o->getId(), "ix" => $index++, "object_id" => $o->getId(), "name" => $o->getFilename(), "type" => $o->getTypeString(), "mimeType" => $o->getTypeString(), "tags" => project_object_tags($o), "createdBy" => $o->getCreatedByDisplayName(), "createdById" => $o->getCreatedById(), "dateCreated" => $o->getCreatedOn() instanceof DateTimeValue ? $o->getCreatedOn()->isToday() ? format_time($o->getCreatedOn()) : format_datetime($o->getCreatedOn()) : '', "dateCreated_today" => $o->getCreatedOn() instanceof DateTimeValue ? $o->getCreatedOn()->isToday() : 0, "updatedBy" => $o->getUpdatedByDisplayName(), "updatedById" => $o->getUpdatedById(), "dateUpdated" => $o->getUpdatedOn() instanceof DateTimeValue ? $o->getUpdatedOn()->isToday() ? format_time($o->getUpdatedOn()) : format_datetime($o->getUpdatedOn()) : '', "dateUpdated_today" => $o->getUpdatedOn() instanceof DateTimeValue ? $o->getUpdatedOn()->isToday() : 0, "icon" => $o->getTypeIconUrl(), "size" => $o->getFileSize(), "wsIds" => $o->getUserWorkspacesIdsCSV(logged_user(), ProjectUsers::instance()->getTableName(true) . ".`can_read_files` = 1"), "url" => $o->getOpenUrl(), "manager" => get_class($o->manager()), "checkedOutByName" => $coName, "checkedOutById" => $coId, "isModifiable" => $o->isModifiable() && $o->canEdit(logged_user()), "modifyUrl" => $o->getModifyUrl(), "songInfo" => $songInfo, "ftype" => $o->getType(), "url" => $o->getUrl(), "isRead" => $o->getIsRead(logged_user()->getId())); if ($o->isMP3()) { $values['isMP3'] = true; } Hook::fire('add_classification_value', $o, $values); $listing["files"][] = $values; } } ajx_extra_data($listing); tpl_assign("listing", $listing); }
/** * Check if specific user can edit this report * * @access public * @param Contact $user * @return boolean */ function canEdit(Contact $user) { return can_add($user, $this->getMembers(), $this->manager()->getObjectTypeId()); }
function canAdd(Contact $user, $context, &$notAllowedMember = '') { return can_add($user, $context, ProjectMessages::instance()->getObjectTypeId(), $notAllowedMember); }
/** * Resolve action to perform * * @param string $action * @param array $attributes * @return string $message */ private function resolveAction($action, $attributes) { $resultMessage = ""; $resultCode = 0; switch ($action) { case "delete": $succ = 0; $err = 0; for ($i = 0; $i < count($attributes["ids"]); $i++) { $id = $attributes["ids"][$i]; $type = $attributes["types"][$i]; switch ($type) { case "message": $message = ProjectMessages::findById($id); if (isset($message) && $message->canDelete(logged_user())) { try { DB::beginWork(); $message->trash(); ApplicationLogs::createLog($message, $message->getWorkspaces(), ApplicationLogs::ACTION_TRASH); DB::commit(); $succ++; } catch (Exception $e) { DB::rollback(); $err++; } } else { $err++; } break; default: $err++; break; } // switch } // for if ($err > 0) { $resultCode = 2; $resultMessage = lang("error delete objects", $err) . "<br />" . ($succ > 0 ? lang("success delete objects", $succ) : ""); } else { $resultMessage = lang("success delete objects", $succ); } break; case "markasread": $succ = 0; $err = 0; for ($i = 0; $i < count($attributes["ids"]); $i++) { $id = $attributes["ids"][$i]; $type = $attributes["types"][$i]; switch ($type) { case "message": $message = ProjectMessages::findById($id); try { $message->setIsRead(logged_user()->getId(), true); $succ++; } catch (Exception $e) { $err++; } // try break; default: $err++; break; } // switch } // for if ($err > 0) { $resultCode = 2; $resultMessage = lang("error markasread objects", $err) . "<br />" . ($succ > 0 ? lang("success markasread objects", $succ) : ""); } break; case "markasunread": $succ = 0; $err = 0; for ($i = 0; $i < count($attributes["ids"]); $i++) { $id = $attributes["ids"][$i]; $type = $attributes["types"][$i]; switch ($type) { case "message": $message = ProjectMessages::findById($id); try { $message->setIsRead(logged_user()->getId(), false); $succ++; } catch (Exception $e) { $err++; } // try break; default: $err++; break; } // switch } // for if ($err > 0) { $resultCode = 2; $resultMessage = lang("error markasunread objects", $err) . "<br />" . ($succ > 0 ? lang("success markasunread objects", $succ) : ""); } break; case "tag": $tag = $attributes["tag"]; for ($i = 0; $i < count($attributes["ids"]); $i++) { $id = $attributes["ids"][$i]; $type = $attributes["types"][$i]; switch ($type) { case "message": $message = ProjectMessages::findById($id); if (isset($message) && $message->canEdit(logged_user())) { Tags::addObjectTag($tag, $message); ApplicationLogs::createLog($message, $message->getWorkspaces(), ApplicationLogs::ACTION_TAG, false, null, true, $tag); $resultMessage = lang("success tag objects", ''); } break; default: $resultMessage = lang("Unimplemented type: '" . $type . "'"); // if $resultCode = 2; break; } // switch } // for break; case "untag": $tag = $attributes["tag"]; for ($i = 0; $i < count($attributes["ids"]); $i++) { $id = $attributes["ids"][$i]; $type = $attributes["types"][$i]; switch ($type) { case "message": $message = ProjectMessages::findById($id); if (isset($message) && $message->canEdit(logged_user())) { if ($tag != '') { $message->deleteTag($tag); } else { $message->clearTags(); } $resultMessage = lang("success untag objects", ''); } break; default: $resultMessage = lang("Unimplemented type: '" . $type . "'"); // if $resultCode = 2; break; } // switch } // for break; case "move": $wsid = $attributes["moveTo"]; $destination = Projects::findById($wsid); if (!$destination instanceof Project) { $resultMessage = lang('project dnx'); $resultCode = 1; } else { if (!can_add(logged_user(), $destination, 'ProjectMessages')) { $resultMessage = lang('no access permissions'); $resultCode = 1; } else { $count = 0; for ($i = 0; $i < count($attributes["ids"]); $i++) { $id = $attributes["ids"][$i]; $type = $attributes["types"][$i]; switch ($type) { case "message": $message = ProjectMessages::findById($id); if ($message instanceof ProjectMessage && $message->canEdit(logged_user())) { if (!$attributes["mantainWs"]) { $removed = ""; $ws = $message->getWorkspaces(); foreach ($ws as $w) { if (can_add(logged_user(), $w, 'ProjectMessages')) { $message->removeFromWorkspace($w); $removed .= $w->getId() . ","; } } $removed = substr($removed, 0, -1); $log_action = ApplicationLogs::ACTION_MOVE; $log_data = ($removed == "" ? "" : "from:{$removed};") . "to:{$wsid}"; } else { $log_action = ApplicationLogs::ACTION_COPY; $log_data = "to:{$wsid}"; } $message->addToWorkspace($destination); ApplicationLogs::createLog($message, $message->getWorkspaces(), $log_action, false, null, true, $log_data); $count++; } break; default: $resultMessage = lang("Unimplemented type: '" . $type . "'"); // if $resultCode = 2; break; } // switch } // for $resultMessage = lang("success move objects", $count); $resultCode = 0; } } break; case "archive": $succ = 0; $err = 0; for ($i = 0; $i < count($attributes["ids"]); $i++) { $id = $attributes["ids"][$i]; $type = $attributes["types"][$i]; switch ($type) { case "message": $message = ProjectMessages::findById($id); if (isset($message) && $message->canEdit(logged_user())) { try { DB::beginWork(); $message->archive(); ApplicationLogs::createLog($message, $ws, ApplicationLogs::ACTION_ARCHIVE); DB::commit(); $succ++; } catch (Exception $e) { DB::rollback(); $err++; } } else { $err++; } break; default: $err++; break; } // switch } // for if ($err > 0) { $resultCode = 2; $resultMessage = lang("error archive objects", $err) . "<br />" . ($succ > 0 ? lang("success archive objects", $succ) : ""); } else { $resultMessage = lang("success archive objects", $succ); } break; default: $resultMessage = lang("Unimplemented action: '" . $action . "'"); // if $resultCode = 2; break; } // switch return array("errorMessage" => $resultMessage, "errorCode" => $resultCode); }
/** * Empty implementation of abstract methods. Messages determine does user have * permissions to add comment * * @param void * @return null */ function canAdd(User $user, Project $project) { return can_add($user, $project, get_class(ProjectFiles::instance())); }
/** * Returns true if specific user can add client company * * @access public * @param User $user * @return boolean */ function canAdd(User $user, Project $project) { return can_manage_contacts(logged_user()) || can_add($user, $project, get_class(Companies::instance())); }