function wiki_replace_link_callback($matches) { if (count($matches) < 2) { return null; } if ($matches[1] == 'wiki') { $rev = Revisions::instance()->getTableName(true); $page = Wiki::instance()->getTableName(true); $where1 = 'WHERE page_id = ' . $matches[2] . ' AND project_id = ' . active_project()->getId(); $where2 = 'WHERE id = ' . $matches[2] . ' AND project_id = ' . active_project()->getId(); $sql = "SELECT page_id, name FROM {$rev} {$where1} "; $sql .= "AND revision = ( select revision from {$page} {$where2} )"; //echo $sql; $row = DB::executeOne($sql); if (!count($row)) { return null; } $url = get_url($matches[1], 'view', array('id' => $matches[2])); $url = str_replace('&', '&', $url); return '"' . $row['name'] . '(' . $row['page_id'] . ')":' . $url; } $user = Users::instance()->getTableName(true); $where1 = 'WHERE id = ' . $matches[2]; $sql = "SELECT id, display_name FROM {$user} {$where1} "; echo $sql; $row = DB::executeOne($sql); if (!count($row)) { return null; } $url = get_url($matches[1], 'card', array('id' => $matches[2])); $url = str_replace('&', '&', $url); return '"' . $row['display_name'] . '(' . $row['id'] . ')":' . $url; }
/** * Return all companies that have system users * * @param void * @return array */ static function getCompaniesWithUsers() { $user_table = Users::instance()->getTableName(); $companies_table = Companies::instance()->getTableName(); return Companies::findAll(array('conditions' => array("EXISTS (SELECT `id` FROM {$user_table} WHERE {$user_table}.`company_id` = {$companies_table}.`id` )"), 'order' => '`client_of_id`')); // findAll }
/** * Return all users that are involved in specific project * * @access public * @param Project $project * @param string $additional_conditions * @return array */ function getUsersByProject(Project $project, $additional_conditions = null) { $contacts_table = Contacts::instance()->getTableName(true); $users_table = Users::instance()->getTableName(true); $project_users_table = ProjectUsers::instance()->getTableName(true); $users = array(); $sql = "SELECT {$users_table}.* FROM {$users_table}, {$project_users_table}, {$contacts_table} WHERE ({$users_table}.`id` = {$project_users_table}.`user_id` AND {$contacts_table}.`user_id` = {$users_table}.`id` AND {$project_users_table}.`project_id` = " . DB::escape($project->getId()) . ')'; if (trim($additional_conditions) != '') { $sql .= " AND ({$additional_conditions})"; } $sql .= " ORDER BY ({$contacts_table}.`display_name`)"; $rows = DB::executeAll($sql); if (is_array($rows)) { foreach ($rows as $row) { $users[] = Users::instance()->loadFromRow($row); } // foreach } // if return count($users) ? $users : null; }
/** * This function will return paginated result. Result is an array where first element is * array of returned object and second populated pagination object that can be used for * obtaining and rendering pagination data using various helpers. * * Items and pagination array vars are indexed with 0 for items and 1 for pagination * because you can't use associative indexing with list() construct * * @access public * @param array $arguments Query argumens (@see find()) Limit and offset are ignored! * @param integer $items_per_page Number of items per page * @param integer $current_page Current page number * @return array */ function paginate($arguments = null, $items_per_page = 10, $current_page = 1) { if (isset($this) && instance_of($this, 'Users')) { return parent::paginate($arguments, $items_per_page, $current_page); } else { return Users::instance()->paginate($arguments, $items_per_page, $current_page); //$instance =& Users::instance(); //return $instance->paginate($arguments, $items_per_page, $current_page); } // if }
/** * Return manager instance * * @access protected * @param void * @return Users */ function manager() { if (!$this->manager instanceof Users) { $this->manager = Users::instance(); } return $this->manager; }
/** * Return users that have auto assign value set to true * * @access public * @param void * @return array */ function getAutoAssignUsers() { $users_table = Users::instance()->getTableName(true); $contacts_table = Contacts::instance()->getTableName(true); $users = array(); $sql = "SELECT {$users_table}.* FROM {$users_table}, {$contacts_table} WHERE ({$users_table}.`id` = {$contacts_table}.`user_id` AND {$contacts_table}.`company_id` = " . DB::escape($this->getId()) . " AND {$users_table}.`auto_assign` > " . DB::escape(0) . " )"; $rows = DB::executeAll($sql); if (is_array($rows)) { foreach ($rows as $row) { $users[] = Users::instance()->loadFromRow($row); } // foreach } // if return count($users) ? $users : null; }
/** * Return users of specific company involeved in specific project * * @access public * @param Company $company * @param Project $project * @return array */ function getCompanyUsersByProject(Company $company, Project $project) { $users_table = Users::instance()->getTableName(true); return self::getUsersByProject($project, "{$users_table}.`company_id` = " . DB::escape($company->getId())); }
/** * Enter description here... * assumes manager has one field as PK * * @param DataManager $manager * @param $access_level ACCESS_LEVEL_XX objects that defines which permission is being checked * @param string $project_id string that will be compared to the project id while searching project_user table * @param int $user_id user whose permissions are being checked * @return unknown */ function permissions_sql_for_listings(DataManager $manager, $access_level, User $user, $project_id = '`project_id`', $table_alias = null) { if (!$manager instanceof DataManager) { throw new Exception("Invalid manager '{$manager}' in permissions helper", -1); return ''; } $user_id = $user->getId(); $oup_tablename = ObjectUserPermissions::instance()->getTableName(true); $wo_tablename = WorkspaceObjects::instance()->getTableName(true); $users_table_name = Users::instance()->getTableName(true); $pu_table_name = ProjectUsers::instance()->getTableName(true); if ($user->isGuest() && $access_level == ACCESS_LEVEL_WRITE) { return 'false'; } if (isset($table_alias) && $table_alias && $table_alias != '') { $object_table_name = $table_alias; } else { $object_table_name = $manager->getTableName(); } if (!is_numeric($project_id)) { $project_id = "{$object_table_name}.{$project_id}"; } $object_id_field = $manager->getPkColumns(); $object_id = $object_table_name . '.' . $object_id_field; $object_manager = get_class($manager); $access_level_text = access_level_field_name($access_level); $item_class = $manager->getItemClass(); $is_project_data_object = new $item_class() instanceof ProjectDataObject; // permissions for contacts if ($manager instanceof Contacts && can_manage_contacts($user)) { return 'true'; } if ($manager instanceof Companies && can_manage_contacts($user)) { return 'true'; } // permissions for file revisions if ($manager instanceof ProjectFileRevisions) { $pfTableName = "`" . TABLE_PREFIX . "project_files`"; return "{$object_table_name}.`file_id` IN (SELECT `id` FROM {$pfTableName} WHERE " . permissions_sql_for_listings(ProjectFiles::instance(), $access_level, $user) . ")"; } // permissions for projects if ($manager instanceof Projects) { $pcTableName = "`" . TABLE_PREFIX . 'project_users`'; return "{$object_table_name}.`id` IN (SELECT `project_id` FROM {$pcTableName} `pc` WHERE `user_id` = {$user_id})"; } // permissions for users if ($manager instanceof Users) { if (logged_user()->isMemberOfOwnerCompany()) { return "true"; } else { return "{$object_table_name}.`company_id` = " . owner_company()->getId() . " OR {$object_table_name}.`company_id` = " . logged_user()->getCompanyId(); } } $can_manage_object = manager_class_field_name($object_manager, $access_level); // user is creator $str = " ( `created_by_id` = {$user_id}) "; // element belongs to personal project /*if($is_project_data_object) // TODO: type of element belongs to a project if (!in_array('project_id', $manager->getColumns())) { $str .= "\n OR ( EXISTS(SELECT * FROM $users_table_name `xx_u`, $wo_tablename `xx_wo` WHERE `xx_u`.`id` = $user_id AND `xx_u`.`personal_project_id` = `xx_wo`.`workspace_id` AND `xx_wo`.`object_id` = $object_id AND `xx_wo`.`object_manager` = '$object_manager' )) "; } else { $str .= "\n OR ( $project_id = (SELECT `personal_project_id` FROM $users_table_name `xx_u` WHERE `xx_u`.`id` = $user_id)) "; } */ // user or group has specific permissions over object $group_ids = $user->getGroupsCSV(); $all_ids = '(' . $user_id . ($group_ids != '' ? ',' . $group_ids : '') . ')'; $str .= "\n OR ( EXISTS ( SELECT * FROM {$oup_tablename} `xx_oup` \n\t\t\t\tWHERE `xx_oup`.`rel_object_id` = {$object_id} \n\t\t\t\t\tAND `xx_oup`.`rel_object_manager` = '{$object_manager}' \n\t\t\t\t\tAND `xx_oup`.`user_id` IN {$all_ids} \n\t\t\t\t\tAND `xx_oup`.{$access_level_text} = true) )"; if ($is_project_data_object) { // TODO: type of element belongs to a project if (!in_array('project_id', $manager->getColumns())) { $str .= "\n OR ( EXISTS ( SELECT * FROM {$pu_table_name} `xx_pu`, {$wo_tablename} `xx_wo` \n\t\t\t\tWHERE `xx_pu`.`user_id` IN {$all_ids} \n\t\t\t\t\tAND `xx_pu`.`project_id` = `xx_wo`.`workspace_id`\n\t\t\t\t\tAND `xx_wo`.`object_id` = {$object_id} \n\t\t\t\t\tAND `xx_wo`.`object_manager` = '{$object_manager}'\n\t\t\t\t\tAND `xx_pu`.{$can_manage_object} = true ) ) "; } else { $str .= "\n OR ( EXISTS ( SELECT * FROM {$pu_table_name} `xx_pu` \n\t\t\t\tWHERE `xx_pu`.`user_id` IN {$all_ids} \n\t\t\t\t\tAND `xx_pu`.`project_id` = {$project_id} \n\t\t\t\t\tAND `xx_pu`.{$can_manage_object} = true ) ) "; } } // check account permissions in case of emails if ($manager instanceof MailContents) { $maccTableName = MailAccountUsers::instance()->getTableName(true); $str .= "\n OR EXISTS(SELECT `id` FROM {$maccTableName} WHERE `account_id` = {$object_table_name}.`account_id` AND `user_id` = {$user_id})"; if (user_config_option('view deleted accounts emails', null, $user_id)) { $str .= "\n OR ((SELECT count(*) FROM `" . TABLE_PREFIX . "mail_accounts` WHERE `id` = {$object_table_name}.`account_id`) = 0) AND `created_by_id` = {$user_id}"; } } $hookargs = array('manager' => $manager, 'access_level' => $access_level, 'user' => $user, 'project_id' => $project_id, 'table_alias' => $table_alias); Hook::fire('permissions_sql', $hookargs, $str); return ' (' . $str . ') '; }
function getCompanyUsersByWorkspaces(Company $company, $ws) { $users_table = Users::instance()->getTableName(true); return self::getUsersByWorkspaces($ws, "{$users_table}.`company_id` = " . DB::escape($company->getId())); }
public function getUsers($limit, $type = '', $fromId = 0) { $users = Users::instance(); return $users->getUsers($this, $limit, $type, $fromId); }
/** * Do a SELECT query over database with specified arguments * * @access public * @param array $arguments Array of query arguments. Fields: * * - one - select first row * - conditions - additional conditions * - order - order by string * - offset - limit offset, valid only if limit is present * - limit * * @return one or Users objects * @throws DBQueryError */ function find($arguments = null) { if (isset($this) && instance_of($this, 'UserPasswords')) { return parent::find($arguments); } else { return Users::instance()->find($arguments); } // if }