/** * Requests of $targetUser to be included in the access groups given by $groupids. ($sourceUser must be $targetUser). * * @param Default_Model_Researcher|integer $sourceUser User profile object or id. * @param Default_Model_Researcher|integer $targetUser User profile object or id. * @param integer[] $groupIds The ids of the access groups. * @param {id, name, canAdd, canRemove, canRequest, canAcceptReject, hasRequest}[] $accesspermissions Optional array of $sourceUser's access groups permissions. * @return boolean|string True on success, text message on error, False on unknown error. */ private static function requestForGroups($sourceUser, $targetUser, $groupids, $accesspermissions) { if ($sourceUser->id !== $targetUser->id) { return "Cannot make a user request on behalf of another user"; } if (is_array($groupids) === false) { if (is_numeric($groupids) === false) { return false; } else { $groupids = array($groupids); } } $res = array(); foreach ($groupids as $gid) { $g = array($gid => self::canPerformAction($targetUser, $targetUser, "request", $gid, $accesspermissions)); $res[] = $g; if ($g[$gid] !== true) { continue; } //if request exists for this group then return true. $ur = self::getAccessGroupRequests($targetUser, $gid); if (count($ur) > 0) { return true; } //If group id does not exist ignore $group = self::getGroupById($gid); if ($group === null) { continue; } $userrequest = new Default_Model_UserRequest(); $userrequest->typeid = 3; $userrequest->userguid = $targetUser->guid; $userrequest->targetguid = $group->guid; $userrequest->stateid = 1; $userrequest->save(); //Dispatch mail to user and managers, appdb administrators and associated NILs UserRequests::sendEmailAccessGroupRequestNotifications($targetUser, $group); } return true; }
public function requestreleasemanagerAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(); header('Content-type: text/xml'); $appid = -1; $app = null; //Validate user input data $err = ""; $uid = $this->session->userid; //Get current user GUID $ps = new Default_Model_Researchers(); $ps->filter->id->equals($uid); $user = $ps->items[0]; $uguid = $user->guid; //Various validations if (is_null($uid)) { $err = 'Must be logged in'; } else { if (isset($_GET["id"]) == false) { $err = 'Software id is required'; } else { if (is_numeric($_GET["id"]) == false) { $err = 'Software id is not valid'; } else { $appid = $_GET["id"]; $apps = new Default_Model_Applications(); $apps->filter->appid->equals($appid); if (count($apps->items) === 0) { $err = "Software not found"; } } } } if ($err === "") { $app = $apps->items[0]; $appguid = $app->guid; $perms = new Default_Model_Permissions(); $perms->filter->researcherid->equals($uid)->and($perms->filter->actionid->equals(30)->and($perms->filter->uuid->equals($appguid))); if (count($perms->items) > 0) { $err = "Already have permissions to manage releases"; } } //Check if requestor is associated with the application if ($err === "") { $app = $apps->items[0]; $rs = $app->getResearchers(); $found = false; if (count($rs) > 0) { foreach ($rs as $r) { if ($r->id == $uid) { $found = true; break; } } } if ($found == false) { $err = "User must be associated to the software item as a contact."; } } //Check if any error occured during validations if ($err !== "") { echo "<response error='" . $err . "'></response>"; return; } //User only checks the state of request if (isset($_GET["state"])) { $urs = new Default_Model_UserRequests(); $s1 = new Default_Model_UserRequestTypesFilter(); $s1->name->equals("releasemanager"); $s2 = new Default_Model_UserRequestsFilter(); $s2->targetguid->equals($app->guid)->and($s2->userguid->equals($uguid)); $s4 = new Default_Model_UserRequestStatesFilter(); $s4->id->equals(1); $urs->filter->chain($s1->chain($s2->chain($s4, "AND"), "AND"), "AND"); if ($urs->count() > 0) { echo "<response>pending</response>"; } else { echo "<response>false</response>"; } return; } //Validation is OK, continue to user request submition db()->beginTransaction(); try { $msg = isset($_GET["m"]) ? $_GET["m"] : ""; //If not in base64 format it will crash if ($msg !== "") { //do nothing } //Check inclusion list. This receiver will get the notification even if he is not allowed. if (isset($_GET["r"])) { //TODO } //Check exclution list. This receivers won't get the mail notification. if (isset($_GET["e"])) { //TODO } //save request $ur = new Default_Model_UserRequest(); $ur->typeid = 2; //releasemanager $ur->userguid = $uguid; $ur->userdata = $msg; $ur->targetguid = $app->guid; $ur->stateid = 1; //submitted; $ur->save(); db()->commit(); } catch (Exception $e) { db()->rollBack(); echo "<response error='Could not save request' >" . $e->getMessage() . "</response>"; return; } // Send E-Mail notifications to receivers try { UserRequests::sendEmailRequestNotifications($user, $app, $msg, "releasemanager"); } catch (Exception $e) { error_log("EMAIL ERROR:Could not send email notification about user request to join software.Details:" . $e->getMessage()); } //respond OK echo "<response>ok</response>"; }