protected function display() { if (Tools::isConnectedUser()) { // TODO SECURITY check array_key_exists($this->teamid, $this->teamList) // only teamMembers & observers can access this page if (0 == $this->teamid || $this->session_user->isTeamCustomer($this->teamid)) { $this->smartyHelper->assign('accessDenied', TRUE); } else { $year = Tools::getSecurePOSTIntValue('year', date('Y')); $weekid = Tools::getSecurePOSTIntValue('weekid', date('W')); $this->smartyHelper->assign('weeks', SmartyTools::getWeeks($weekid, $year)); $this->smartyHelper->assign('years', SmartyTools::getYears($year, 1)); $isDetailed = isset($_POST['cb_detailed']) ? TRUE : FALSE; $this->smartyHelper->assign('isChecked', $isDetailed); $weekDates = Tools::week_dates($weekid, $year); $startTimestamp = $weekDates[1]; $endTimestamp = mktime(23, 59, 59, date("m", $weekDates[7]), date("d", $weekDates[7]), date("Y", $weekDates[7])); $timeTracking = new TimeTracking($startTimestamp, $endTimestamp, $this->teamid); $this->smartyHelper->assign('weekDetails', $this->getWeekDetails($timeTracking, $isDetailed, $weekDates, $this->session_user->getId())); // ConsistencyCheck $consistencyErrors = $this->getConsistencyErrors($timeTracking); if (count($consistencyErrors) > 0) { $this->smartyHelper->assign('ccheckErrList', $consistencyErrors); $this->smartyHelper->assign('ccheckButtonTitle', count($consistencyErrors) . ' ' . T_("Errors")); $this->smartyHelper->assign('ccheckBoxTitle', count($consistencyErrors) . ' ' . T_("days are incomplete or undefined")); } // IssueNotes $timeTracks = $timeTracking->getTimeTracks(); $issueNotes = array(); foreach ($timeTracks as $tt) { $bug_id = $tt->getIssueId(); if (!array_key_exists($bug_id, $issueNotes)) { $issueNote = IssueNote::getTimesheetNote($bug_id); if (!is_null($issueNote)) { $issue = IssueCache::getInstance()->getIssue($bug_id); $user = UserCache::getInstance()->getUser($issueNote->getReporterId()); $issueNoteText = trim(IssueNote::removeAllReadByTags($issueNote->getText())); $isManager = $this->session_user->isTeamManager($this->teamid); // only Managers can markAsRead $isRead = TRUE; if ($isManager) { $isRead = 0 != $issueNote->isReadBy($this->session_userid); } // Delete allowed by owner & managers if ($this->session_userid == $issueNote->getReporterId() || $isManager) { $isDeleteGranted = TRUE; } else { $isDeleteGranted = FALSE; } $issueNoteInfo = array('taskDesc' => SmartyTools::getIssueDescription($bug_id, $issue->getTcId(), htmlspecialchars($issue->getSummary())), 'note' => nl2br(htmlspecialchars($issueNoteText)), 'reporter' => $user->getRealname(), 'date' => date('Y-m-d H:i', $issueNote->getLastModified()), 'readBy' => implode(',<br>', array_keys($issueNote->getReadByList(TRUE))), 'issueNoteId' => $issueNote->getId(), 'isRead' => $isRead, 'isDeleteGranted' => $isDeleteGranted); $issueNotes[$bug_id] = $issueNoteInfo; } } } if (count($issueNotes) > 0) { $this->smartyHelper->assign('issueNotes', $issueNotes); } } } }
protected function display() { if (Tools::isConnectedUser()) { // only teamMembers & observers can access this page if (0 == $this->teamid || $this->session_user->isTeamCustomer($this->teamid)) { $this->smartyHelper->assign('accessDenied', TRUE); } else { $weekid = isset($_POST['weekid']) ? $_POST['weekid'] : date('W'); $year = isset($_POST['year']) ? $_POST['year'] : date('Y'); $this->smartyHelper->assign('weeks', SmartyTools::getWeeks($weekid, $year)); $this->smartyHelper->assign('years', SmartyTools::getYears($year, 2)); if ('computeCsvWeekly' == $_POST['action']) { $formatedteamName = TeamCache::getInstance()->getTeam($this->teamid)->getName(); $weekDates = Tools::week_dates($weekid, $year); $startTimestamp = $weekDates[1]; $endTimestamp = mktime(23, 59, 59, date("m", $weekDates[5]), date("d", $weekDates[5]), date("Y", $weekDates[5])); $reports = ""; $managedIssuesfile = Constants::$codevOutputDir . DIRECTORY_SEPARATOR . 'reports' . DIRECTORY_SEPARATOR . $formatedteamName . "_Mantis_" . Tools::formatDate("%Y%m%d", time()) . ".csv"; $managedIssuesfile = ExportCsvTools::exportManagedIssuesToCSV($this->teamid, $startTimestamp, $endTimestamp, $managedIssuesfile); $reports[] = array('file' => basename($managedIssuesfile), 'title' => T_('Export Managed Issues'), 'subtitle' => T_('Issues form Team projects, including issues assigned to other teams')); $timeTracking = new TimeTracking($startTimestamp, $endTimestamp, $this->teamid); $weekActivityReportfile = Constants::$codevOutputDir . DIRECTORY_SEPARATOR . 'reports' . DIRECTORY_SEPARATOR . $formatedteamName . "_CRA_" . Tools::formatDate("%Y_W%W", $startTimestamp) . ".csv"; $weekActivityReportfile = $this->exportWeekActivityReportToCSV($this->teamid, $weekDates, $timeTracking, $weekActivityReportfile); $reports[] = array('file' => basename($weekActivityReportfile), 'title' => T_('Export Week') . ' ' . $weekid . ' ' . T_('Member Activity')); $projectActivityFile = Constants::$codevOutputDir . DIRECTORY_SEPARATOR . 'reports' . DIRECTORY_SEPARATOR . $formatedteamName . "_projects_" . Tools::formatDate("%Y_W%W", $startTimestamp) . ".csv"; $projectActivityFile = $this->exportProjectActivityToCSV($timeTracking, $projectActivityFile); $reports[] = array('file' => basename($projectActivityFile), 'title' => T_('Export Week') . ' ' . $weekid . ' ' . T_('Projects Activity')); $this->smartyHelper->assign('reports', $reports); $monthsReport = ""; // reduce scope to enhance speed $monthsLineReport = ""; $startMonth = 1; for ($i = $startMonth; $i <= 12; $i++) { $myFile = ExportCsvTools::exportHolidaystoCSV($i, $year, $this->teamid, $formatedteamName, Constants::$codevOutputDir . DIRECTORY_SEPARATOR . 'reports'); $monthsLineReport[] = array('file' => basename($myFile)); } $monthsReport['title'] = T_('Export Holidays') . ' ' . $year; $monthsReport['line'] = $monthsLineReport; $this->smartyHelper->assign('monthsReport', $monthsReport); $this->smartyHelper->assign('reportsDir', Constants::$codevOutputDir . DIRECTORY_SEPARATOR . 'reports'); } } } }
protected function display() { if (Tools::isConnectedUser()) { // only teamMembers can access this page if (0 == $this->teamid || $this->session_user->isTeamCustomer($this->teamid) || $this->session_user->isTeamObserver($this->teamid) || !$this->session_user->isTeamMember($this->teamid)) { $this->smartyHelper->assign('accessDenied', TRUE); } else { $team = TeamCache::getInstance()->getTeam($this->teamid); $teamMembers = $team->getActiveMembers(NULL, NULL, TRUE); $managed_userid = Tools::getSecurePOSTIntValue('userid', $this->session_userid); if ($this->session_user->isTeamManager($this->teamid)) { // session_user is Manager, let him choose the teamMember he wants to manage $this->smartyHelper->assign('users', $teamMembers); $this->smartyHelper->assign('selectedUser', $managed_userid); $this->smartyHelper->assign("isManager", true); } // display AddTrack Page $year = Tools::getSecurePOSTIntValue('year', date('Y')); $managed_user = UserCache::getInstance()->getUser($managed_userid); // Need to be Manager to handle other users if ($managed_userid != $this->session_userid) { if (!$this->session_user->isTeamManager($this->teamid) || !array_key_exists($managed_userid, $teamMembers)) { self::$logger->error(' SECURITY ALERT changeManagedUser: session_user ' . $this->session_userid . " is not allowed to manage user {$managed_userid}"); Tools::sendForbiddenAccess(); } } // developper & manager can add timeTracks $mTeamList = $managed_user->getDevTeamList(); $managedTeamList = $managed_user->getManagedTeamList(); $teamList = $mTeamList + $managedTeamList; $action = Tools::getSecurePOSTStringValue('action', ''); $weekid = Tools::getSecurePOSTIntValue('weekid', date('W')); $defaultDate = Tools::getSecurePOSTStringValue('date', date("Y-m-d", time())); $defaultBugid = Tools::getSecurePOSTIntValue('bugid', 0); $defaultProjectid = Tools::getSecurePOSTIntValue('projectid', 0); $job = Tools::getSecurePOSTIntValue('job', 0); $duration = Tools::getSecurePOSTNumberValue('duree', 0); if ("addTrack" == $action) { self::$logger->debug("addTrack: called from form1"); // TODO merge addTrack & addTimetrack actions ! // called by form1 when no backlog has to be set. // updateBacklogDialogBox must not raise up, // track must be added, backlog & status must NOT be updated $timestamp = Tools::date2timestamp($defaultDate); $defaultBugid = Tools::getSecurePOSTIntValue('bugid'); $job = Tools::getSecurePOSTStringValue('job'); $duration = Tools::getSecurePOSTNumberValue('duree'); // dialogBox is not called, then track must be saved to DB $trackid = TimeTrack::create($managed_userid, $defaultBugid, $job, $timestamp, $duration, $this->session_userid); if (self::$logger->isDebugEnabled()) { self::$logger->debug("Track {$trackid} added : userid={$managed_userid} bugid={$defaultBugid} job={$job} duration={$duration} timestamp={$timestamp}"); } // Don't show job and duration after add track $job = 0; $duration = 0; $defaultProjectid = Tools::getSecurePOSTIntValue('projectid'); } elseif ("addTimetrack" == $action) { // updateBacklogDialogbox with 'addTimetrack' action // add track AND update backlog & status & handlerId // TODO merge addTrack & addTimetrack actions ! self::$logger->debug("addTimetrack: called from the updateBacklogDialogBox"); // add timetrack (all values mandatory) $defaultDate = Tools::getSecurePOSTStringValue('trackDate'); $defaultBugid = Tools::getSecurePOSTIntValue('bugid'); $job = Tools::getSecurePOSTIntValue('trackJobid'); $duration = Tools::getSecurePOSTNumberValue('timeToAdd'); $handlerId = Tools::getSecurePOSTNumberValue('handlerid'); // check jobid (bug happens sometime... if (0 == $job) { $this->smartyHelper->assign('error', T_("Timetrack not added: Job has not specified.")); self::$logger->error("Add track : FAILED. issue={$defaultBugid}, jobid={$job}, duration={$duration} date={$defaultDate}"); } // check bug_id (this happens when user uses the 'back' button of the browser ?) if (0 == $defaultBugid) { self::$logger->error("Add track : FAILED. issue=0, jobid={$job}, duration={$duration} date={$defaultDate}"); } else { $timestamp = 0 !== $defaultDate ? Tools::date2timestamp($defaultDate) : 0; $trackid = TimeTrack::create($managed_userid, $defaultBugid, $job, $timestamp, $duration, $this->session_userid); if (self::$logger->isDebugEnabled()) { self::$logger->debug("Track {$trackid} added : userid={$managed_userid} bugid={$defaultBugid} job={$job} duration={$duration} timestamp={$timestamp}"); } $issue = IssueCache::getInstance()->getIssue($defaultBugid); // setBacklog $formattedBacklog = Tools::getSecurePOSTNumberValue('backlog'); $issue->setBacklog($formattedBacklog); // setStatus $newStatus = Tools::getSecurePOSTIntValue('statusid'); $issue->setStatus($newStatus); // set handlerId if ($handlerId != $issue->getHandlerId()) { // TODO security check (userid exists/valid ?) $issue->setHandler($handlerId); } $defaultProjectid = $issue->getProjectId(); } // Don't show job and duration after add track $job = 0; $duration = 0; } elseif ("deleteTrack" == $action) { $trackid = Tools::getSecurePOSTIntValue('trackid'); $timeTrack = TimeTrackCache::getInstance()->getTimeTrack($trackid); $defaultBugid = $timeTrack->getIssueId(); $duration = $timeTrack->getDuration(); $job = $timeTrack->getJobId(); $defaultDate = date("Y-m-d", $timeTrack->getDate()); // delete track if (!$timeTrack->remove()) { $this->smartyHelper->assign('error', T_("Failed to delete the timetrack !")); self::$logger->error("Delete track {$trackid} : FAILED."); } if (0 == $defaultBugid) { self::$logger->error("Delete track : bug_id=0"); $defaultProjectid = 0; } else { try { // pre-set form fields $issue = IssueCache::getInstance()->getIssue($defaultBugid); $defaultProjectid = $issue->getProjectId(); // if project not defined for current team, do not pre-set form fields. if (!in_array($defaultProjectid, array_keys($team->getProjects()))) { $defaultProjectid = 0; $defaultBugid = 0; } } catch (Exception $e) { $defaultProjectid = 0; $defaultBugid = 0; } } } elseif ("setBugId" == $action) { // pre-set form fields // find ProjectId to update categories $defaultBugid = Tools::getSecurePOSTIntValue('bugid'); $issue = IssueCache::getInstance()->getIssue($defaultBugid); $defaultProjectid = $issue->getProjectId(); } elseif ("setFiltersAction" == $action) { $isFilter_onlyAssignedTo = isset($_POST["cb_onlyAssignedTo"]) ? '1' : '0'; $isFilter_hideResolved = isset($_POST["cb_hideResolved"]) ? '1' : '0'; $managed_user->setTimetrackingFilter('onlyAssignedTo', $isFilter_onlyAssignedTo); $managed_user->setTimetrackingFilter('hideResolved', $isFilter_hideResolved); if ($defaultBugid != 0) { $issue = IssueCache::getInstance()->getIssue($defaultBugid); $defaultProjectid = $issue->getProjectId(); } } // Display user name $this->smartyHelper->assign('managedUser_realname', $managed_user->getRealname()); $this->smartyHelper->assign('userid', $managed_userid); // display Track Form $this->smartyHelper->assign('date', $defaultDate); // All projects except disabled $projList = $team->getProjects(true, false); $this->smartyHelper->assign('projects', SmartyTools::getSmartyArray($projList, $defaultProjectid)); $this->smartyHelper->assign('defaultProjectid', $defaultProjectid); $this->smartyHelper->assign('defaultBugid', $defaultBugid); $this->smartyHelper->assign('weekid', $weekid); $this->smartyHelper->assign('year', $year); $isOnlyAssignedTo = '0' == $managed_user->getTimetrackingFilter('onlyAssignedTo') ? false : true; $this->smartyHelper->assign('isOnlyAssignedTo', $isOnlyAssignedTo); $isHideResolved = '0' == $managed_user->getTimetrackingFilter('hideResolved') ? false : true; $this->smartyHelper->assign('isHideResolved', $isHideResolved); $availableIssues = TimeTrackingTools::getIssues($this->teamid, $defaultProjectid, $isOnlyAssignedTo, $managed_user->getId(), $projList, $isHideResolved, $defaultBugid); $this->smartyHelper->assign('issues', $availableIssues); $this->smartyHelper->assign('jobs', SmartyTools::getSmartyArray(TimeTrackingTools::getJobs($defaultProjectid, $this->teamid), $job)); $this->smartyHelper->assign('duration', SmartyTools::getSmartyArray(TimeTrackingTools::getDurationList($this->teamid), $duration)); $this->smartyHelper->assign('weeks', SmartyTools::getWeeks($weekid, $year)); $this->smartyHelper->assign('years', SmartyTools::getYears($year, 1)); $weekDates = Tools::week_dates($weekid, $year); $startTimestamp = $weekDates[1]; $endTimestamp = mktime(23, 59, 59, date("m", $weekDates[7]), date("d", $weekDates[7]), date("Y", $weekDates[7])); $timeTracking = new TimeTracking($startTimestamp, $endTimestamp, $this->teamid); $incompleteDays = array_keys($timeTracking->checkCompleteDays($managed_userid, TRUE)); $missingDays = $timeTracking->checkMissingDays($managed_userid); $errorDays = array_merge($incompleteDays, $missingDays); $smartyWeekDates = TimeTrackingTools::getSmartyWeekDates($weekDates, $errorDays); // UTF8 problems in smarty, date encoding needs to be done in PHP $this->smartyHelper->assign('weekDates', array($smartyWeekDates[1], $smartyWeekDates[2], $smartyWeekDates[3], $smartyWeekDates[4], $smartyWeekDates[5])); $this->smartyHelper->assign('weekEndDates', array($smartyWeekDates[6], $smartyWeekDates[7])); $weekTasks = TimeTrackingTools::getWeekTask($weekDates, $this->teamid, $managed_userid, $timeTracking, $errorDays); $this->smartyHelper->assign('weekTasks', $weekTasks["weekTasks"]); $this->smartyHelper->assign('dayTotalElapsed', $weekTasks["totalElapsed"]); $timeTrackingTuples = $this->getTimetrackingTuples($managed_userid, $timeTracking); $this->smartyHelper->assign('weekTimetrackingTuples', $timeTrackingTuples['current']); $this->smartyHelper->assign('timetrackingTuples', $timeTrackingTuples['future']); // ConsistencyCheck $consistencyErrors = $this->getConsistencyErrors($managed_userid, $this->teamid); if (count($consistencyErrors) > 0) { $this->smartyHelper->assign('ccheckErrList', $consistencyErrors); $this->smartyHelper->assign('ccheckButtonTitle', count($consistencyErrors) . ' ' . T_("Errors")); $this->smartyHelper->assign('ccheckBoxTitle', count($consistencyErrors) . ' ' . T_("days are incomplete or undefined")); } $this->smartyHelper->assign('isForbidAddTimetracksOnClosed', 1 == $team->getGeneralPreference('forbidAddTimetracksOnClosed') ? true : false); } } }