コード例 #1
0
 function header($params)
 {
     global $DOCUMENT_ROOT, $HTML, $group_id;
     use_javascript('/js/sortable.js');
     html_use_jquery();
     $params['toptab'] = 'taskboard';
     $params['group'] = $group_id;
     $labels[] = _("View Taskboard");
     $links[] = '/plugins/taskboard/index.php?group_id=' . $group_id;
     if (session_loggedin()) {
         if (forge_check_perm('tracker', $this->getID(), 'manager')) {
             $labels[] = _('Administration');
             $links[] = '/plugins/taskboard/admin/index.php?group_id=' . $group_id;
             $action = getStringFromRequest('action');
             if ($action == 'edit_column') {
                 $labels[] = _('Configure Columns');
                 $links[] = '/plugins/taskboard/admin/index.php?group_id=' . $group_id . '&action=columns';
                 $column_id = getStringFromRequest('column_id', '');
                 if ($column_id) {
                     $labels[] = _('Delete Column');
                     $links[] = '/plugins/taskboard/admin/index.php?group_id=' . $group_id . '&action=delete_column&column_id=' . $column_id;
                 }
             }
         }
     }
     $params['submenu'] = $HTML->subMenu($labels, $links);
     site_project_header($params);
 }
コード例 #2
0
/**
 * get_public_active_projects_asc() - Get a list of rows for public active projects (initially in trove/full_list)
 *
 * @param  int Opional Maximum number of rows to limit query length·
 */
function get_public_active_projects_asc($max_query_limit = -1)
{
    $private_access = db_es(Project::ACCESS_PRIVATE);
    $res_grp = db_query("\n        SELECT group_id, group_name, unix_group_name, short_description, register_time\n        FROM groups\n        WHERE status = 'A' AND access != '{$private_access}' AND group_id > 4 AND register_time > 0\n        ORDER BY group_name ASC\n\t\t\t");
    $projects = array();
    while ($row_grp = db_fetch_array($res_grp)) {
        if (!forge_check_perm('project_read', $row_grp['group_id'])) {
            continue;
        }
        $projects[] = $row_grp;
    }
    return $projects;
}
コード例 #3
0
ファイル: RBAC.php プロジェクト: nterray/tuleap
  /**
   *	update - update a role in the database.
   *
   *	@param	string	The name of the role.
   *	@param	array	A multi-dimensional array of data in this format: $data['section_name']['ref_id']=$val
   *      @param  boolean Perform permission checking
   *	@return	boolean	True on success or false on failure.
   */
  function update($role_name, $data, $check_perms = true)
  {
      global $SYS;
      if (USE_PFO_RBAC) {
          if ($check_perms) {
              if ($this->getHomeProject() == NULL) {
                  if (!forge_check_global_perm('forge_admin')) {
                      $this->setPermissionDeniedError();
                      return false;
                  }
              } elseif (!forge_check_perm('project_admin', $this->getHomeProject()->getID())) {
                  $this->setPermissionDeniedError();
                  return false;
              }
          }
      } else {
          $perm =& $this->Group->getPermission();
          if (!$perm || !is_object($perm) || $perm->isError() || !$perm->isAdmin()) {
              $this->setPermissionDeniedError();
              return false;
          }
          //
          //	Cannot update role_id=1
          //
          if ($this->getID() == 1) {
              $this->setError('Cannot Update Default Role');
              return false;
          }
      }
      db_begin();
      if (USE_PFO_RBAC) {
          if ($role_name != $this->getName()) {
              $this->setName($role_name);
          }
          foreach ($data as $sect => $refs) {
              foreach ($refs as $refid => $value) {
                  $this->setSetting($sect, $refid, $value);
              }
              if ($sect == 'scm') {
                  foreach ($this->getUsers() as $u) {
                      if (!$SYS->sysGroupCheckUser($refid, $u->getID())) {
                          $this->setError($SYS->getErrorMessage());
                          db_rollback();
                          return false;
                      }
                  }
              }
          }
      } else {
          if (!$this->setName($role_name)) {
              db_rollback();
              return false;
          }
          // Delete extra settings
          db_query_params('DELETE FROM role_setting WHERE role_id=$1 AND section_name <> ALL ($2)', array($this->getID(), db_string_array_to_any_clause(array_keys($this->role_values))));
          db_query_params('DELETE FROM role_setting WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)', array($this->getID(), 'tracker', db_int_array_to_any_clause(array_keys($data['tracker']))));
          db_query_params('DELETE FROM role_setting WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)', array($this->getID(), 'forum', db_int_array_to_any_clause(array_keys($data['forum']))));
          db_query_params('DELETE FROM role_setting WHERE role_id=$1 AND section_name = $2 AND ref_id <> ALL ($3)', array($this->getID(), 'pm', db_int_array_to_any_clause(array_keys($data['pm']))));
          ////$data['section_name']['ref_id']=$val
          $arr1 = array_keys($data);
          for ($i = 0; $i < count($arr1); $i++) {
              //	array_values($Report->adjust_days)
              $arr2 = array_keys($data[$arr1[$i]]);
              for ($j = 0; $j < count($arr2); $j++) {
                  $usection_name = $arr1[$i];
                  $uref_id = $arr2[$j];
                  $uvalue = $data[$usection_name][$uref_id];
                  if (!$uref_id) {
                      $uref_id = 0;
                  }
                  if (!$uvalue) {
                      $uvalue = 0;
                  }
                  //
                  //	See if this setting changed. If so, then update it
                  //
                  //				if ($this->getVal($usection_name,$uref_id) != $uvalue) {
                  $res = db_query_params('UPDATE role_setting SET value=$1 WHERE role_id=$2 AND section_name=$3 AND ref_id=$4', array($uvalue, $this->getID(), $usection_name, $uref_id));
                  if (!$res || db_affected_rows($res) < 1) {
                      $res = db_query_params('INSERT INTO role_setting (role_id, section_name, ref_id, value) VALUES ($1, $2, $3, $4)', array($this->getID(), $usection_name, $uref_id, $uvalue));
                      if (!$res) {
                          $this->setError('update::rolesettinginsert::' . db_error());
                          db_rollback();
                          return false;
                      }
                  }
                  if ($usection_name == 'frs') {
                      $update_usergroup = true;
                  } elseif ($usection_name == 'scm') {
                      //$update_usergroup=true;
                      //iterate all users with this role
                      $res = db_query_params('SELECT user_id	FROM user_group WHERE role_id=$1', array($this->getID()));
                      for ($z = 0; $z < db_numrows($res); $z++) {
                          //TODO - Shell should be separate flag
                          //  If user acquired admin access to CVS,
                          //  one to be given normal shell on CVS machine,
                          //  else - restricted.
                          //
                          $cvs_flags = $data['scm'][0];
                          $res2 = db_query_params('UPDATE user_group SET cvs_flags=$1 WHERE user_id=$2', array($cvs_flags, db_result($res, $z, 'user_id')));
                          if (!$res2) {
                              $this->setError('update::scm::' . db_error());
                              db_rollback();
                              return false;
                          }
                          // I have doubt the following is usefull
                          // This is probably buggy if used
                          if ($cvs_flags > 1) {
                              if (!$SYS->sysUserSetAttribute(db_result($res, $z, 'user_id'), "debGforgeCvsShell", "/bin/bash")) {
                                  $this->setError($SYS->getErrorMessage());
                                  db_rollback();
                                  return false;
                              }
                          } else {
                              if (!$SYS->sysUserSetAttribute(db_result($res, $z, 'user_id'), "debGforgeCvsShell", "/bin/cvssh")) {
                                  $this->setError($SYS->getErrorMessage());
                                  db_rollback();
                                  return false;
                              }
                          }
                          //
                          //  If user acquired at least commit access to CVS,
                          //  one to be promoted to CVS group, else, demoted.
                          //
                          if ($uvalue > 0) {
                              if (!$SYS->sysGroupAddUser($this->Group->getID(), db_result($res, $z, 'user_id'), 1)) {
                                  $this->setError($SYS->getErrorMessage());
                                  db_rollback();
                                  return false;
                              }
                          } else {
                              if (!$SYS->sysGroupRemoveUser($this->Group->getID(), db_result($res, $z, 'user_id'), 1)) {
                                  $this->setError($SYS->getErrorMessage());
                                  db_rollback();
                                  return false;
                              }
                          }
                      }
                  } elseif ($usection_name == 'docman') {
                      $update_usergroup = true;
                  } elseif ($usection_name == 'forumadmin') {
                      $update_usergroup = true;
                  } elseif ($usection_name == 'trackeradmin') {
                      $update_usergroup = true;
                  } elseif ($usection_name == 'projectadmin') {
                      $update_usergroup = true;
                  } elseif ($usection_name == 'pmadmin') {
                      $update_usergroup = true;
                  }
                  //			}
              }
          }
          //		if ($update_usergroup) {
          $keys = array('forumadmin', 'pmadmin', 'trackeradmin', 'docman', 'scm', 'frs', 'projectadmin');
          foreach ($keys as $k) {
              if (!array_key_exists($k, $data)) {
                  $data[$k] = array(0);
              }
          }
          $res = db_query_params('UPDATE user_group
                             SET admin_flags=$1,
 				   forum_flags=$2,
 				   project_flags=$3,
 				   doc_flags=$4,
 				   cvs_flags=$5,
 				   release_flags=$6,
 				   artifact_flags=$7
 				WHERE role_id=$8', array($data['projectadmin'][0], $data['forumadmin'][0], $data['pmadmin'][0], $data['docman'][0], $data['scm'][0], $data['frs'][0], $data['trackeradmin'][0], $this->getID()));
          if (!$res) {
              $this->setError('::update::usergroup::' . db_error());
              db_rollback();
              return false;
          }
          //		}
      }
      // USE_PFO_RBAC
      $hook_params = array();
      $hook_params['role'] =& $this;
      $hook_params['role_id'] = $this->getID();
      $hook_params['data'] = $data;
      plugin_hook("role_update", $hook_params);
      db_commit();
      $this->fetchData($this->getID());
      return true;
  }
コード例 #4
0
 /**
  * Returns true if current user can modify artifacts
  *
  * @return    boolean
  */
 function isTechnician()
 {
     $ret = true;
     $tasks_trackers = $this->TaskBoard->getUsedTrackersData();
     foreach ($tasks_trackers as $tasks_tracker_data) {
         error_log($tasks_tracker_data['group_artifact_id']);
         if (!forge_check_perm('tracker', $tasks_tracker_data['group_artifact_id'], 'tech')) {
             $ret = false;
         }
     }
     return $ret;
 }