예제 #1
0
function frs_admin_header($params)
{
    global $group_id;
    /*
    	Are they logged in?
    */
    if (!session_loggedin()) {
        exit_not_logged_in();
    }
    $project =& group_get_object($group_id);
    if (!$project || !is_object($project)) {
        return;
    }
    $perm =& $project->getPermission(session_get_user());
    if (!$perm || !is_object($perm)) {
        return;
    }
    /*
    	Are they a release technician?
    */
    if (!$perm->isReleaseTechnician()) {
        exit_permission_denied();
    }
    frs_header($params);
}
예제 #2
0
/**
 * exit_permission_denied() - Exit with permission denied error
 *
 * @param		string	$reason_descr
 */
function exit_permission_denied($reason_descr = '')
{
    if (!session_loggedin()) {
        exit_not_logged_in();
    } else {
        if (!$reason_descr) {
            $reason_descr = _('This project\'s administrator will have to grant you permission to view this page.');
        }
        exit_error(_('Permission denied.'), $reason_descr);
    }
}
예제 #3
0
파일: exit.php 프로젝트: pombredanne/tuleap
function exit_permission_denied()
{
    global $feedback, $Language;
    if (UserManager::instance()->getCurrentUser()->isAnonymous()) {
        $GLOBALS['Response']->addFeedback('error', $Language->getText('include_exit', 'perm_denied'));
        $GLOBALS['Response']->addFeedback('error', $Language->getText('include_exit', 'no_perm'));
        if ($feedback) {
            $GLOBALS['Response']->addFeedback('error', $feedback);
        }
        exit_not_logged_in();
    } else {
        exit_error($Language->getText('include_exit', 'perm_denied'), $Language->getText('include_exit', 'no_perm') . '<p>' . $feedback);
    }
}
예제 #4
0
 */
/*

	Project/Task Manager
	By Tim Perdue, Sourceforge, 11/99
	Heavy rewrite by Tim Perdue April 2000

	Total rewrite in OO and GForge coding guidelines 12/2002 by Tim Perdue
*/
require_once '../../env.inc.php';
require_once $gfwww . 'include/pre.php';
require_once $gfwww . 'pm/include/ProjectGroupHTML.class.php';
require_once $gfcommon . 'pm/ProjectGroupFactory.class.php';
require_once $gfcommon . 'pm/ProjectCategory.class.php';
if (!session_loggedin()) {
    exit_not_logged_in();
}
$group_id = getIntFromRequest('group_id');
$group_project_id = getIntFromRequest('group_project_id');
if (!$group_id) {
    exit_no_group();
}
$g =& group_get_object($group_id);
if (!$g || !is_object($g)) {
    exit_no_group();
} elseif ($g->isError()) {
    exit_error('Error', $g->getErrorMessage());
}
$perm =& $g->getPermission(session_get_user());
$update_cat = getStringFromRequest('update_cat');
$add_cat = getStringFromRequest('add_cat');
예제 #5
0
/**
 *	session_require() - Convenience function to easily enforce permissions
 *
 *	Calling page will terminate with error message if current user
 *	fails checks.
 *
 *	@param		array	Associative array specifying criteria
 *	@return does not return if check is failed
 *
 */
function session_require($req)
{
    if (!user_isloggedin()) {
        exit_not_logged_in();
        //exit_permission_denied();
    }
    if ($req['group']) {
        $group =& group_get_object($req['group']);
        if (!$group || !is_object($group)) {
            exit_error(_('Error'), _('Error creating group object'));
        } else {
            if ($group->isError()) {
                exit_error(_('Error'), $group->getErrorMessage());
            }
        }
        $perm =& $group->getPermission(session_get_user());
        if (!$perm || !is_object($perm)) {
            exit_error(_('Error'), _('Error creating permission object'));
        } else {
            if ($perm->isError()) {
                exit_error(_('Error'), $perm->getErrorMessage());
            }
        }
        if ($req['admin_flags']) {
            //$query .= " AND admin_flags = '$req[admin_flags]'";
            if (!$perm->isAdmin()) {
                exit_permission_denied();
            }
        } else {
            if (!$perm->isMember()) {
                exit_permission_denied();
            }
        }
    } else {
        if ($req['isloggedin']) {
            //no need to check as long as the check is present at top of function
        } else {
            exit_permission_denied();
        }
    }
}
예제 #6
0
 /**
  *  Hook to admin graphic reports
  *  Used in www/tracker/admin/index.php
  * 
  * @param params:hook parameters
  */
 function tracker_graphic_report_admin($params)
 {
     $request = HTTPRequest::instance();
     if ($request->valid(new Valid_WhiteList('func', array('reportgraphic'))) && $request->valid(new Valid_UInt('atid'))) {
         $func = $request->get('func');
         $atid = $request->get('atid');
         if ($func == 'reportgraphic') {
             require_once 'html-generators/GraphicEngineHtml.class.php';
             require_once 'data-access/GraphOnTrackers_Report.class.php';
             if (!user_isloggedin()) {
                 exit_not_logged_in();
                 return;
             }
             $user_id = UserManager::instance()->getCurrentUser()->getId();
             $geh = new graphicEngineHtml($atid, $user_id, $this->getThemePath());
             if ($request->exist('create_report_graphic') && $request->get('rep_name')) {
                 if ($GLOBALS['ath']->userIsAdmin() && $request->valid(new Valid_WhiteList('rep_scope', array('P', 'I')))) {
                     $rep_scope = $request->get('rep_scope');
                 } else {
                     $rep_scope = 'I';
                 }
                 if ($report = GraphOnTrackers_Report::create($atid, $user_id, $request->get('rep_name'), $request->get('rep_desc'), $rep_scope)) {
                     $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'new_created_report'));
                     $GLOBALS['Response']->redirect('/tracker/admin/?func=reportgraphic&group_id=' . $report->getGroupId() . '&atid=' . $report->getAtid() . '&report_graphic_id=' . $report->getId());
                 }
             } else {
                 $report_graphic_id = $request->getValidated('report_graphic_id', 'uint', 0);
                 $gr = new GraphOnTrackers_Report($report_graphic_id);
                 if ($gr->getScope() != 'P' || $GLOBALS['ath']->userIsAdmin()) {
                     if ($request->exist('update_report')) {
                         if ($request->valid(new Valid_String('rep_name')) && $request->valid(new Valid_String('rep_desc')) && $request->valid(new Valid_WhiteList('rep_scope', array('I', 'P')))) {
                             $rep_name = $request->get('rep_name');
                             $rep_desc = $request->get('rep_desc');
                             $rep_scope = $request->get('rep_scope');
                             if ($rep_name != $gr->getName() || $rep_desc != $gr->getDescription() || $rep_scope != $gr->getScope()) {
                                 $gr->setName($rep_name);
                                 $gr->setDescription($rep_desc);
                                 $gr->setScope($rep_scope);
                                 $gr->setUserId(UserManager::instance()->getCurrentUser()->getId());
                                 if ($gr->update()) {
                                     $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'updated_report'));
                                 } else {
                                     $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'not_updated_report') . ': ' . $gr->getErrorMessage());
                                 }
                             }
                         }
                     } else {
                         if (is_array($request->get('delete_chart'))) {
                             $chart_id_to_delete = (int) key($request->get('delete_chart'));
                             $gr->deleteChart($chart_id_to_delete);
                             $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'updated_report'));
                             $GLOBALS['Response']->redirect('/tracker/admin/?func=reportgraphic&group_id=' . $gr->getGroupId() . '&atid=' . $gr->getAtid() . '&report_graphic_id=' . $gr->getId());
                         } else {
                             if ($request->exist('update_chart') && is_array($request->get('chart'))) {
                                 $row = $request->get('chart');
                                 if (isset($row['id'])) {
                                     $chart_to_edit = $gr->getChart($row['id']);
                                     if ($chart_to_edit->update($row)) {
                                         $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'updated_report'));
                                     }
                                 }
                             } else {
                                 if ($request->exist('edit_chart')) {
                                     $chart_to_edit = $gr->getChart((int) $request->get('edit_chart'));
                                 } else {
                                     if ($request->exist('add_chart')) {
                                         if ($chart = $gr->createChart($request->get('add_chart'))) {
                                             $GLOBALS['Response']->redirect('/tracker/admin/?func=reportgraphic&group_id=' . $gr->getGroupId() . '&atid=' . $gr->getAtid() . '&report_graphic_id=' . $gr->getId() . '&edit_chart=' . (int) $chart->getId());
                                         }
                                     } else {
                                         if ($request->exist('delete_report_graphic')) {
                                             $gr->delete();
                                             $report_graphic_id = null;
                                             $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'report_deleted'));
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
             $GLOBALS['ath']->adminHeader(array('title' => $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'report_mgmt'), 'help' => 'TrackerAdministration.html#GraphTrackerReportSetting'));
             if ($request->exist('new_report_graphic')) {
                 $geh->createReportForm();
             } else {
                 if ($report_graphic_id) {
                     if (isset($chart_to_edit)) {
                         $geh->showChartForm($chart_to_edit);
                     } else {
                         $geh->showReportForm($report_graphic_id);
                     }
                 } else {
                     // Front page
                     $reports = $geh->grf->getReportsAvailable($atid, user_getid());
                     $geh->showAvailableReports($reports);
                 }
             }
             $GLOBALS['ath']->footer(null);
             exit;
         }
     }
 }
예제 #7
0
/**
 *	session_require() - Convenience function to easily enforce permissions
 *
 *	Calling page will terminate with error message if current user
 *	fails checks.
 *
 *	@param		array	Associative array specifying criteria
 *	@return does not return if check is failed
 *
 */
function session_require($req)
{
    if (!session_loggedin()) {
        exit_not_logged_in();
    }
    if ($req['group']) {
        $group =& group_get_object($req['group']);
        if (!$group || !is_object($group)) {
            exit_error('Error', 'Could Not Get Group');
        } elseif ($group->isError()) {
            exit_error('Error', $group->getErrorMessage());
        }
        $perm =& $group->getPermission(session_get_user());
        if (!$perm || !is_object($perm) || $perm->isError()) {
            exit_permission_denied();
        }
        //don't really like this, but as admin_flags is not mandatory
        //I add @ to remove the warning
        if (@$req['admin_flags']) {
            if (!$perm->isAdmin()) {
                exit_permission_denied();
            }
        } else {
            if (!$perm->isMember()) {
                exit_permission_denied();
            }
        }
    } else {
        if ($req['isloggedin']) {
            //no need to check as long as the check is present at top of function
        } else {
            exit_permission_denied();
        }
    }
}
예제 #8
0
 function updateArtifact($row, $data, $aid, &$errors, $notify = false)
 {
     global $Language;
     $ah = new Tracker_Html($this->ath, $aid);
     if (!$ah || !is_object($ah)) {
         exit_error($Language->getText('global', 'error'), $Language->getText('plugin_tracker_index', 'not_create_art'));
     } else {
         if ($ah->isError()) {
             exit_error($Language->getText('global', 'error'), $ah->getErrorMessage());
         } else {
             // Check if users can update anonymously
             if (!user_isloggedin() && !$this->ath->allowsAnon()) {
                 exit_not_logged_in();
             }
             if (!$ah->Tracker->userIsAdmin()) {
                 exit_permission_denied();
                 return;
             }
             $vfl = $this->prepareVfl($data, $artifact_depend_id, $add_cc, $cc_comment, $comments);
             //data control layer
             if (!$ah->handleUpdate($artifact_depend_id, 100, $changes, false, $vfl, true)) {
                 exit_error($Language->getText('global', 'error'), '');
             }
             if ($add_cc) {
                 if (!$ah->updateCC($add_cc, $cc_comment)) {
                     $errors .= $Language->getText('plugin_tracker_import_utils', 'problem_add_cc', $ah->getID()) . " ";
                 }
             }
             $comments_ok = false;
             if ($comments) {
                 if ($this->parseFollowUpComments($comments, $parsed_comments, $aid) && $parsed_comments && !empty($parsed_comments)) {
                     $comments_ok = true;
                     if (!$ah->addFollowUpComments($parsed_comments)) {
                         $errors .= $Language->getText('plugin_tracker_import_utils', 'problem_insert_followup', $ah->getID()) . " ";
                         $comments_ok = false;
                         return false;
                     }
                 } else {
                     return false;
                 }
             }
             if ($notify && (count($changes) > 0 || $add_cc || $comments_ok)) {
                 $agnf = new Tracker_NotificationsManager($this->ath);
                 $ah->mailFollowupWithPermissions($agnf->getAllAddresses($this->ath->getID(), $update = true), $changes);
             }
             if (count($changes) > 0 || $add_cc || $comments_ok) {
                 // Update the 'last_update_date' artifact field
                 $res_last_up = $ah->update_last_update_date();
             }
         }
     }
     return true;
 }
 /**
  * Hook: Tracker admin "controller"
  * 
  * @param $params
  * 
  * @return void
  */
 function tracker_graphic_report_admin($params)
 {
     $request = HTTPRequest::instance();
     if ($request->getValidated('func', 'string') != 'date_field_notification') {
         return;
     }
     if (!user_isloggedin()) {
         exit_not_logged_in();
         return;
     }
     if (!$params['ath']->userIsAdmin()) {
         exit_permission_denied();
         return;
     }
     $field_id = $request->getValidated('field_id', 'uint');
     $field = $params['art_field_fact']->getFieldFromId($field_id);
     if ($field && $field->isDateField() && !$field->isSpecial()) {
         if ($request->isPost()) {
             if ($request->existAndNonEmpty('delete_reminder')) {
                 $tdrArtifactField = new TrackerDateReminder_ArtifactField();
                 $tdrArtifactField->deleteFieldReminderSettings($field->getID(), $params['ath']->getID());
             } elseif (array_key_exists('submit_notif_settings', $_REQUEST) && $_REQUEST['submit_notif_settings']) {
                 if ((!isset($_REQUEST['notified_users']) || isset($_REQUEST['notified_users']) && $_REQUEST['notified_users'] == NULL) && _(!isset($_REQUEST['notified_groups']) || isset($_REQUEST['notified_groups']) && $_REQUEST['notified_groups'] == NULL)) {
                     $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'specify_notified_users'));
                 } else {
                     if (count($_REQUEST['notified_users']) == 1 && $_REQUEST['notified_users'][0] == 100 && count($_REQUEST['notified_groups']) == 1 && $_REQUEST['notified_groups'][0] == 100) {
                         $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'specify_notified_users'));
                     } else {
                         if (!isset($_REQUEST['start']) || isset($_REQUEST['start']) && $_REQUEST['start'] == NULL) {
                             $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'specify_notification_start'));
                         } else {
                             if (!ereg("^[0-9]+\$", $_REQUEST['start']) || $_REQUEST['start'] < 0) {
                                 $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'positive_value'));
                             } else {
                                 if (!isset($_REQUEST['frequency']) || isset($_REQUEST['frequency']) && ($_REQUEST['frequency'] == NULL || $_REQUEST['frequency'] == 0)) {
                                     $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'specify_notification_frequency'));
                                 } else {
                                     if (!ereg("^[0-9]+\$", $_REQUEST['frequency']) || $_REQUEST['frequency'] < 0) {
                                         $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'positive_value'));
                                     } else {
                                         if (!isset($_REQUEST['recurse']) || isset($_REQUEST['recurse']) && ($_REQUEST['recurse'] == NULL || $_REQUEST['recurse'] == 0)) {
                                             $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'specify_notification_recurse'));
                                         } else {
                                             if (!ereg("^[0-9]+\$", $_REQUEST['recurse']) || $_REQUEST['recurse'] < 0) {
                                                 $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'positive_value'));
                                             } else {
                                                 //merge notified_users and notified_groups into one array
                                                 $notified = array();
                                                 if (isset($_REQUEST['notified_users'])) {
                                                     foreach ($_REQUEST['notified_users'] as $u) {
                                                         if ($u != 100) {
                                                             $notified[] = $u;
                                                         }
                                                     }
                                                 }
                                                 if (isset($_REQUEST['notified_groups'])) {
                                                     foreach ($_REQUEST['notified_groups'] as $gr) {
                                                         if ($gr != 100) {
                                                             $notified[] = $gr;
                                                         }
                                                     }
                                                 }
                                                 // now update the reminder settings
                                                 $tdrArtifactField = new TrackerDateReminder_ArtifactField();
                                                 $res = $tdrArtifactField->updateDateFieldReminderSettings($params['ath'], $field, $params['ath']->getID(), $_REQUEST['start'], $_REQUEST['notif_type'], $_REQUEST['frequency'], $_REQUEST['recurse'], $notified);
                                                 if ($res) {
                                                     $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'notif_update_success', array($field->getLabel())));
                                                 } else {
                                                     $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'notif_update_fail', array($field->getLabel())));
                                                 }
                                             }
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
         $params['ath']->adminHeader(array('title' => $GLOBALS['Language']->getText('plugin_tracker_date_reminder', 'admin_date_field_notif'), 'help' => 'tracker.html#email-notification-settings'));
         echo '<H2>' . $GLOBALS['Language']->getText('tracker_import_admin', 'tracker') . ' \'<a href="/tracker/admin/?group_id=' . $params['ath']->Group->getID() . '&atid=' . $params['ath']->getID() . '">' . $params['ath']->getName() . '</a>\' - ' . $GLOBALS['Language']->getText('tracker_include_type', 'mail_notif') . '</h2>';
         $tdrArtifactFieldHtml = new TrackerDateReminder_ArtifactFieldHtml();
         $tdrArtifactFieldHtml->displayDateFieldNotificationSettings($params['ath'], $field);
         $params['ath']->footer(array());
         exit;
     }
 }