if (!$username) {
CAppUI::setMsg("Auth-failed-nousername", UI_MSG_ERROR);
} else {
if ($user->user_type == 1 && (!$ldap_connection || $allow_login_as_ldap)) {
// If admin: no need to give a password
$_REQUEST['loginas'] = $username;
CAppUI::login();
} else {
if (!$password) {
CAppUI::setMsg("Auth-failed-nopassword", UI_MSG_ERROR);
} else {
$_REQUEST['loginas'] = $username;
if (CAppUI::conf("admin LDAP ldap_connection")) {
$_REQUEST['passwordas'] = $password;
CAppUI::login(true);
} else {
if (!CUser::checkPassword($username, $password)) {
CAppUI::setMsg("Auth-failed-combination", UI_MSG_ERROR);
} else {
CAppUI::login(true);
}
}
}
}
}
if ($msg = CAppUI::getMsg()) {
echo $msg;
return;
} else {
CAppUI::callbackAjax('UserSwitch.reload');
}
/**
* Put Request Handler
*
* This method is called when a request is a PUT
*
* @return array
*/
public function executePut()
{
$valid = $this->hasRequiredParameters($this->requiredParams);
if ($valid instanceof Frapi_Error) {
return $valid;
}
$username = $this->getParam('username');
$password = $this->getParam('password');
// Attempt to login as user, a little bit of a hack as we currently
// require the $_POST['login'] var to be set as well as a global AppUI
$AppUI = new CAppUI();
$GLOBALS['AppUI'] = $AppUI;
$_POST['login'] = '******';
if (!$AppUI->login($username, $password)) {
throw new Frapi_Error('INVALID_LOGIN');
}
$post_data = array('project_id' => 0, 'project_creator' => $AppUI->user_id, 'project_contacts' => $this->getParam('project_contacts'), 'project_name' => $this->getParam('project_name'), 'project_parent' => $this->getParam('project_parent'), 'project_owner' => $this->getParam('project_owner'), 'project_company' => $this->getParam('project_company'), 'project_location' => $this->getParam('project_location'), 'project_start_date' => $this->getParam('project_start_date'), 'project_end_date' => $this->getParam('project_end_date'), 'project_target_budget' => $this->getParam('project_target_budget'), 'project_actual_budget' => $this->getParam('project_actual_budget'), 'project_url' => $this->getParam('project_url'), 'project_demo_url' => $this->getParam('project_demo_url'), 'project_priority' => $this->getParam('project_priority'), 'project_short_name' => $this->getParam('project_short_name'), 'project_color_identifier' => $this->getParam('project_color_identifier'), 'project_type' => $this->getParam('project_type'), 'project_status' => $this->getParam('project_status'), 'project_description' => $this->getParam('project_description'), 'project_departments' => $this->getParam('project_departments', self::TYPE_ARRAY), 'project_active' => $this->getParam('project_active'));
$project = new CProject();
$project->bind($post_data);
$error_array = $project->store($AppUI);
// Return all the validation messages
if ($error_array !== true) {
$error_message = '';
foreach ($error_array as $error) {
$error_message .= $error . '. ';
}
throw new Frapi_Error('SAVE_ERROR', $error_message);
}
$project = (array) $project;
$pd = CProject::getDepartments($AppUI, $project['project_id']);
$project_departments = array();
foreach ($pd as $key => $value) {
$project_departments[] = $value['dept_id'];
}
$project['project_departments'] = $project_departments;
// Remove the data that is not for display
unset($project['_tbl_prefix'], $project['_tbl'], $project['_tbl_key'], $project['_error'], $project['_query'], $project['_tbl_module']);
$this->data['project'] = $project;
$this->data['success'] = true;
return new Frapi_Response(array('code' => 201, 'data' => $this->data));
}
global $ADODB_FETCH_MODE;
global $w2p_performance_dbtime;
global $w2p_performance_old_dbqueries;
global $AppUI;
global $w2Pconfig;
require_once '../base.php';
require_once W2P_BASE_DIR . '/includes/config.php';
require_once W2P_BASE_DIR . '/includes/main_functions.php';
require_once W2P_BASE_DIR . '/includes/db_adodb.php';
/*
* Need this to test actions that require permissions.
*/
$AppUI = new CAppUI();
$_POST['login'] = '******';
$_REQUEST['login'] = '******';
$AppUI->login('admin', 'passwd');
/*
* Need this to not get the annoying timezone warnings in tests.
*/
$defaultTZ = w2PgetConfig('system_timezone', 'Europe/London');
$defaultTZ = '' == $defaultTZ ? 'Europe/London' : $defaultTZ;
date_default_timezone_set($defaultTZ);
require_once W2P_BASE_DIR . '/includes/session.php';
require_once 'PHPUnit/Framework.php';
require_once 'PHPUnit/Extensions/Database/TestCase.php';
/**
* This class tests functionality for Tasks
*
* @author Trevor Morse <*****@*****.**>
* @category Tasks
* @package web2project
/**
* Delete Request Handler
*
* This method is called when a request is a DELETE
*
* @return array
*/
public function executeDelete()
{
$valid = $this->hasRequiredParameters($this->requiredParams);
if ($valid instanceof Frapi_Error) {
return $valid;
}
$username = $this->getParam('username');
$password = $this->getParam('password');
$task_id = $this->getParam('task_id', self::TYPE_INT);
// Attempt to login as user, a little bit of a hack as we currently
// require the $_POST['login'] var to be set as well as a global AppUI
$AppUI = new CAppUI();
$GLOBALS['AppUI'] = $AppUI;
$_POST['login'] = '******';
if (!$AppUI->login($username, $password)) {
throw new Frapi_Error('INVALID_LOGIN');
}
$task = new CTask();
$task->load($task_id);
if (!$task->delete($AppUI)) {
throw new Frapi_Error('PERMISSION_ERROR');
}
$this->data['success'] = true;
return $this->toArray();
}
/**
* Put Request Handler
*
* This method is called when a request is a PUT
*
* @return array
*/
public function executePut()
{
/**
* @todo Remove this once we figure out how to reference vars in file
* that is autoloaded
*/
global $tracking_dynamics;
$valid = $this->hasRequiredParameters($this->requiredParams);
if ($valid instanceof Frapi_Error) {
return $valid;
}
$username = $this->getParam('username');
$password = $this->getParam('password');
$hassign = $this->getParam('hassign');
$hdependencies = $this->getParam('hdependencies');
$notify = $this->getParam('task_notify');
$comment = $this->getParam('email_comment');
$task_id = $this->getParam('task_id');
$adjustStartDate = $this->getParam('set_task_start_date');
// Attempt to login as user, a little bit of a hack as we currently
// require the $_POST['login'] var to be set as well as a global AppUI
$AppUI = new CAppUI();
$GLOBALS['AppUI'] = $AppUI;
$_POST['login'] = '******';
if (!$AppUI->login($username, $password)) {
throw new Frapi_Error('INVALID_LOGIN');
}
$post_data = array('task_id' => 0, 'task_name' => $this->getParam('task_name'), 'task_status' => $this->getParam('task_status'), 'task_percent_complete' => $this->getParam('task_percent_complete'), 'task_milestone' => $this->getParam('task_milestone'), 'task_owner' => $this->getParam('task_owner'), 'task_access' => $this->getParam('task_access'), 'task_related_url' => $this->getParam('task_related_url'), 'task_parent' => $this->getParam('task_parent'), 'task_type' => $this->getParam('task_type'), 'task_target_budget' => $this->getParam('task_target_budget'), 'task_description' => $this->getParam('task_description'), 'task_start_date' => $this->getParam('task_start_date'), 'task_end_date' => $this->getParam('task_end_date'), 'task_duration' => $this->getParam('task_duration'), 'task_duration_type' => $this->getParam('task_duration_type'), 'task_dynamic' => $this->getParam('task_dynamic'), 'task_allow_other_user_tasklogs' => $this->getParam('task_allow_other_user_tasklogs'), 'task_project' => $this->getParam('task_project'), 'task_priority' => $this->getParam('task_priority'));
// Include any files for handling module-specific requirements
foreach (findTabModules('tasks', 'addedit') as $mod) {
$fname = W2P_BASE_DIR . '/modules/' . $mod . '/tasks_dosql.addedit.php';
if (file_exists($fname)) {
require_once $fname;
}
}
// Find the task if we are set
$task_end_date = null;
if ($task_id) {
$task->load($task_id);
$task_end_date = new w2p_Utilities_Date($task->task_end_date);
}
$task = new CTask();
if (!$task->bind($post_data)) {
throw new Frapi_Error('SAVE_ERROR', $task->getError());
}
if ($task->task_dynamic != 1) {
$task_dynamic_delay = $this->getParam('task_dynamic_nodelay') ? $this->getParam('task_dynamic_nodelay') : '0';
if (in_array($task->task_dynamic, $tracking_dynamics)) {
$task->task_dynamic = $task_dynamic_delay ? 21 : 31;
} else {
$task->task_dynamic = $task_dynamic_delay ? 11 : 0;
}
}
// Let's check if task_dynamic is unchecked
if (!$this->getParam('task_dynamic')) {
$task->task_dynamic = false;
}
// Make sure task milestone is set or reset as appropriate
if ($this->getParam('task_milestone')) {
$task->task_milestone = false;
}
//format hperc_assign user_id=percentage_assignment;user_id=percentage_assignment;user_id=percentage_assignment;
$tmp_ar = explode(';', $this->getParam('hperc_assign'));
$i_cmp = sizeof($tmp_ar);
$hperc_assign_ar = array();
for ($i = 0; $i < $i_cmp; $i++) {
$tmp = explode('=', $tmp_ar[$i]);
if (count($tmp) > 1) {
$hperc_assign_ar[$tmp[0]] = $tmp[1];
} elseif ($tmp[0] != '') {
$hperc_assign_ar[$tmp[0]] = 100;
}
}
// let's check if there are some assigned departments to task
$task->task_departments = implode(',', $this->getParam('dept_ids', self::TYPE_ARRAY));
// convert dates to SQL format first
if ($task->task_start_date) {
$date = new w2p_Utilities_Date($task->task_start_date);
$task->task_start_date = $date->format(FMT_DATETIME_MYSQL);
}
$end_date = null;
if ($task->task_end_date) {
if (strpos($task->task_end_date, '2400') !== false) {
$task->task_end_date = str_replace('2400', '2359', $task->task_end_date);
}
$end_date = new w2p_Utilities_Date($task->task_end_date);
$task->task_end_date = $end_date->format(FMT_DATETIME_MYSQL);
}
$error_array = $task->store($AppUI);
// Return all the validation messages
if ($error_array !== true) {
$error_message = '';
foreach ($error_array as $error) {
$error_message .= $error . '. ';
}
throw new Frapi_Error('SAVE_ERROR', $error_message);
}
$task_parent = $this->getParam('task_parent') ? $this->getParam('task_parent', SELF::TYPE_INT) : 0;
$old_task_parent = $this->getParam('old_task_parent') ? $this->getParam('old_task_parent', SELF::TYPE_INT) : 0;
if ($task_parent != $old_task_parent) {
$oldTask = new CTask();
$oldTask->load($old_task_parent);
$oldTask->updateDynamics(false);
}
// How to handle custom fields? Do we support it in api?
// Now add any task reminders
// If there wasn't a task, but there is one now, and
// that task date is set, we need to set a reminder.
if (empty($task_end_date) || !empty($end_date) && $task_end_date->dateDiff($end_date)) {
$task->addReminder();
}
if (isset($hassign)) {
$task->updateAssigned($hassign, $hperc_assign_ar);
}
if (isset($hdependencies)) {
// && !empty($hdependencies)) {
// there are dependencies set!
// backup initial start and end dates
$tsd = new w2p_Utilities_Date($task->task_start_date);
$ted = new w2p_Utilities_Date($task->task_end_date);
// updating the table recording the
// dependency relations with this task
$task->updateDependencies($hdependencies, $task_parent);
// we will reset the task's start date based upon dependencies
// and shift the end date appropriately
if ($adjustStartDate && !is_null($hdependencies)) {
// load already stored task data for this task
$tempTask = new CTask();
$tempTask->load($task->task_id);
// shift new start date to the last dependency end date
$nsd = new w2p_Utilities_Date($tempTask->get_deps_max_end_date($tempTask));
// prefer Wed 8:00 over Tue 16:00 as start date
$nsd = $nsd->next_working_day();
// prepare the creation of the end date
$ned = new w2p_Utilities_Date();
$ned->copy($nsd);
if (empty($task->task_start_date)) {
// appropriately calculated end date via start+duration
$ned->addDuration($task->task_duration, $task->task_duration_type);
} else {
// calc task time span start - end
$d = $tsd->calcDuration($ted);
// Re-add (keep) task time span for end date.
// This is independent from $obj->task_duration.
// The value returned by Date::Duration() is always in hours ('1')
$ned->addDuration($d, '1');
}
// prefer tue 16:00 over wed 8:00 as an end date
$ned = $ned->prev_working_day();
$task->task_start_date = $nsd->format(FMT_DATETIME_MYSQL);
$task->task_end_date = $ned->format(FMT_DATETIME_MYSQL);
$q = new w2p_Database_Query();
$q->addTable('tasks', 't');
$q->addUpdate('task_start_date', $task->task_start_date);
$q->addUpdate('task_end_date', $task->task_end_date);
$q->addWhere('task_id = ' . (int) $task->task_id);
$q->addWhere('task_dynamic <> 1');
$q->exec();
$q->clear();
}
$task->pushDependencies($task->task_id, $task->task_end_date);
}
unset($task->_query, $task->_error, $task->_tbl_prefix, $task->_tbl, $task->_tbl_key, $task->_tbl_module);
$task = (array) $task;
$this->data['task'] = $task;
$this->data['success'] = true;
return new Frapi_Response(array('code' => 201, 'data' => $this->data));
}
if (CAppUI::$token_expiration || $do_login) {
$dialog = 1;
}
// Check ldap_guid or sining token
if (CValue::get("ldap_guid") || $do_login) {
$_REQUEST["login"] = 1;
}
// check if the user is trying to log in
if (isset($_REQUEST["login"])) {
$login_action = $_REQUEST["login"];
// login with "login=user:password"
if (strpos($login_action, ":") !== false) {
list($_REQUEST["username"], $_REQUEST["password"]) = explode(":", $login_action, 2);
}
include __DIR__ . "/locales/core.php";
if (null == ($ok = CAppUI::login())) {
CAppUI::$instance->user_id = null;
// we delete the session in case the user was deactivated
CAppUI::setMsg("Auth-failed", UI_MSG_ERROR);
}
if (isset($_SESSION['browser']['deprecated']) && $_SESSION['browser']['deprecated'] && !CValue::get("password")) {
// If we are not connecting directly
$tpl = new CSmartyDP("style/mediboard");
$tpl->display("old_browser.tpl");
CApp::rip();
}
// Login OK redirection for popup authentication
$redirect = CValue::request("redirect");
$dialog = CValue::request("dialog");
parse_str($redirect, $parsed_redirect);
if ($ok && $dialog && isset($parsed_redirect["login_info"])) {
/**
* Log the user into the application
*
* @param UserAuth array $user_auth -- Set user_name and password (password needs to be
* in the right encoding for the type of authentication the user is setup for.
* @param String $application -- The name of the application you are logging in from. (Currently unused).
* @return Array(session_id, error) -- session_id is the id of the session that was
* created. Error is set if there was any error during creation.
*/
function login($user_auth, $application = 'test')
{
$error = new SoapError();
$success = false;
$user_auth["user_name"] = addslashes($user_auth["user_name"]);
$user_auth["password"] = addslashes($user_auth["password"]);
$_POST['login'] = '******';
$_REQUEST['login'] = '******';
if (isset($user_auth["user_name"]) || isset($user_auth["password"])) {
dPsessionStart(array('AppUI'));
$AppUI = new CAppUI();
$ok = $AppUI->login($user_auth["user_name"], $user_auth["password"]);
if (!$ok) {
$error->set_error('invalid_login');
return array('id' => -1, 'error' => $error->get_soap_array());
$AppUI->setMsg('Login Failed');
} else {
//Register login in user_acces_log
$AppUI->registerLogin();
addHistory('login', $AppUI->user_id, 'login', $AppUI->user_first_name . ' ' . $AppUI->user_last_name);
$_SESSION['AppUI'] = $AppUI;
$success = true;
}
}
if ($success) {
$_SESSION['is_valid_session'] = true;
$_SESSION['type'] = 'user';
return array('id' => session_id(), 'error' => $error);
}
$error->set_error('invalid_login');
return array('id' => -1, 'error' => $error);
}
/**
* Put Request Handler
*
* This method is called when a request is a PUT
*
* @return array
*/
public function executePut()
{
$valid = $this->hasRequiredParameters($this->requiredParams);
if ($valid instanceof Frapi_Error) {
return $valid;
}
$username = $this->getParam('username');
$password = $this->getParam('password');
// Attempt to login as user, a little bit of a hack as we currently
// require the $_POST['login'] var to be set as well as a global AppUI
$AppUI = new CAppUI();
$GLOBALS['AppUI'] = $AppUI;
$_POST['login'] = '******';
if (!$AppUI->login($username, $password)) {
throw new Frapi_Error('INVALID_LOGIN');
}
$post_data = array('contact_id' => 0, 'contact_first_name' => $this->getParam('contact_first_name'), 'contact_last_name' => $this->getParam('contact_last_name'), 'contact_order_by' => $this->getParam('contact_order_by'), 'contact_private' => $this->getParam('contact_private'), 'contact_job' => $this->getParam('contact_job'), 'contact_company_name' => $this->getParam('contact_company_name'), 'contact_company' => $this->getParam('contact_company'), 'contact_department_name' => $this->getParam('contact_department_name'), 'contact_department' => $this->getParam('contact_department'), 'contact_title' => $this->getParam('contact_title'), 'contact_type' => $this->getParam('contact_type'), 'contact_address1' => $this->getParam('contact_address1'), 'contact_address2' => $this->getParam('contact_address2'), 'contact_city' => $this->getParam('contact_city'), 'contact_state' => $this->getParam('contact_state'), 'contact_zip' => $this->getParam('contact_zip'), 'contact_country' => $this->getParam('contact_country'), 'contact_birthday' => $this->getParam('contact_birthday'), 'contact_notes' => $this->getParam('contact_notes'));
// Ugh, the store method uses $_POST directly for contact methods :(
$_POST['contact_methods'] = $this->getParam('contact_methods');
$contact = new CContact();
$contact->bind($post_data);
$error_array = $contact->store($AppUI);
if ($error_array !== true) {
$error_message = '';
foreach ($error_array as $error) {
$error_message .= $error . '. ';
}
throw new Frapi_Error('SAVE_ERROR', $error_message);
}
/*
* TODO: How do we handle extra fields?
*/
$contact = (array) $contact;
// Remove the data that is not for display
unset($contact['tbl_prefix'], $contact['_tbl'], $contact['_tbl_key'], $contact['_error'], $contact['_query']);
$this->data['contact'] = $contact;
$this->data['success'] = true;
return new Frapi_Response(array('code' => 201, 'data' => $this->data));
}
