/**
* Save the settings for the timecard
*
* @param array $params $_POST values
*
* @return void
*/
public function setSettings($params)
{
$namespace = new Zend_Session_Namespace(Phprojekt_Setting::IDENTIFIER . Phprojekt_Auth::getUserId());
$fields = $this->getFieldDefinition(Phprojekt_ModelInformation_Default::ORDERING_FORM);
foreach ($fields as $data) {
foreach ($params as $key => $value) {
if ($key == $data['key']) {
$setting = new Phprojekt_Setting();
$setting->setModule('Timecard');
if ($key == 'favorites') {
if (count($value) === 1 && $value[0] === "") {
$value = array();
}
$value = serialize($value);
}
$where = sprintf('user_id = %d AND key_value = %s AND module_id = %d', (int) Phprojekt_Auth::getUserId(), $setting->_db->quote($key), (int) Phprojekt_Module::getId('Timecard'));
$record = $setting->fetchAll($where);
if (isset($record[0])) {
$record[0]->keyValue = $key;
$record[0]->value = $value;
$record[0]->save();
} else {
$setting->userId = Phprojekt_Auth::getUserId();
$setting->moduleId = Phprojekt_Module::getId('Timecard');
$setting->keyValue = $key;
$setting->value = $value;
$setting->identifier = 'Timecard';
$setting->save();
}
$namespace->{$key} = $value;
break;
}
}
}
}
/**
* Returns the recipients for this Helpdesk item.
*
* @return array Array with user IDs.
*/
public function getTo()
{
$userId = Phprojekt_Auth::getUserId();
// Gets only the recipients with at least a 'read' right.
$recipients = parent::getTo();
// Assigned user
if ($this->_model->assigned != $userId) {
$recipients[] = $this->_model->assigned;
}
// Author user
if ($this->_model->author != $userId) {
$recipients[] = $this->_model->author;
}
// Owner user
if ($this->_model->ownerId != $userId) {
$recipients[] = $this->_model->ownerId;
}
// If the item has been reassigned, add the previous assigned user to the recipients
$history = new Phprojekt_History();
$olUser = $history->getLastAssignedUser($this->_model, 'assigned');
if ($olUser > 0) {
$recipients[] = $olUser;
}
// Return without duplicates
return array_unique($recipients);
}
/**
* Collect all the values of the settings and return it in one row.
*
* @param integer $moduleId The current moduleId.
* @param array $metadata Array with all the fields.
* @param integer $userId The user ID, if is not setted, the current user is used.
*
* @return array Array with all the settings and values.
*/
public function getList($moduleId, $metadata, $userId = null)
{
$setting = new Phprojekt_Setting();
$setting->setModule('Notification');
$settings = array();
if ($userId === null) {
$userId = (int) Phprojekt_Auth::getUserId();
}
$where = sprintf('module_id = %d AND user_id = %d', (int) $moduleId, (int) $userId);
$record = $setting->fetchAll($where);
$data = array();
$data['id'] = 0;
foreach ($metadata as $meta) {
$data[$meta['key']] = $meta['default'];
// This is to use the default value defined in getFieldDefinition()
foreach ($record as $oneSetting) {
if ($oneSetting->keyValue == $meta['key']) {
$getter = 'get' . ucfirst($oneSetting->keyValue);
if (method_exists($this, $getter)) {
$data[$meta['key']] = call_user_func(array($this, $getter), $oneSetting->value);
} else {
$data[$meta['key']] = $oneSetting->value;
}
break;
}
}
}
$settings[] = $data;
return $settings;
}
public function indexAction()
{
// Set the root directory
$webdavPath = Phprojekt::getInstance()->getConfig()->webdavPath;
if (Phprojekt_Auth::isLoggedIn()) {
$project = new Project_Models_Project();
$project = $project->find(1);
$rootDirectory = new WebDAV_Models_ProjectDirectory($project);
} else {
// Some clients seem to send some queries without http auth. We need the dummy to serve those.
$rootDirectory = new WebDAV_Models_EmptyDir();
}
// The server object is responsible for making sense out of the WebDAV protocol
$server = new Sabre_DAV_Server($rootDirectory);
$server->setBaseUri($this->view->baseUrl('index.php/WebDAV/index/index/'));
// The lock manager is reponsible for making sure users don't overwrite each others changes.
// Change 'data' to a different directory, if you're storing your data somewhere else.
$lockBackend = new Sabre_DAV_Locks_Backend_File($webdavPath . 'data/locks');
$lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend);
$server->addPlugin($lockPlugin);
// Authentication
$authBackend = new WebDAV_Helper_Auth();
$authPlugin = new Sabre_DAV_Auth_Plugin($authBackend, 'WebDAV');
$server->addPlugin($authPlugin);
// All we need to do now, is to fire up the server
$server->exec();
}
/**
* Returns the current effective user.
*
* @return Phprojekt_User_User The current effective user
*/
public static function getEffectiveUser()
{
if (!is_null(self::$_effectiveUser)) {
return self::$_effectiveUser;
} else {
$user = new Phprojekt_User_User();
return $user->findUserById(Phprojekt_Auth::getUserId());
}
}
/**
* PreDispatch function.
*
* Only admin users can access to these actions,
* if the user is not an admin, is redirected to the login form or throws an exception.
*
* @throws Zend_Controller_Action_Exception If the user is not an admin.
*
* @return void
*/
public function preDispatch()
{
parent::preDispatch();
if (!Phprojekt_Auth::isAdminUser()) {
$this->getResponse()->setRawHeader('HTTP/1.1 401 Authorization Required');
$this->getResponse()->sendHeaders();
exit;
}
}
/**
* Creates a subdirectory below this one.
*/
public function createDirectory($name)
{
$filemanager = new Filemanager_Models_Filemanager();
$filemanager->title = $name;
$filemanager->projectId = $this->_project->id;
$filemanager->files = '';
$filemanager->ownerId = Phprojekt_Auth::getUserId();
$filemanager->save();
$rights = $this->_getDefaultRightsForProject($this->_project->id);
$filemanager->saveRights($rights);
}
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
/* Redirect to the upgrade controller if an upgrade is neccessary */
if (Phprojekt_Auth::isLoggedIn() && ($request->getModuleName() != 'Core' || $request->getControllerName() != 'Upgrade') && ($request->getControllerName() != 'Login' || $request->getActionName() != 'logout')) {
$migration = new Phprojekt_Migration($this->_extensions);
if ($migration->needsUpgrade()) {
$this->_request->setModuleName('Core');
$this->_request->setControllerName('Upgrade');
$this->_request->setActionName('index');
}
}
}
/**
* Overwrite checkAuthentication.
* We don't use the normal authentication. Instead, we have to authenticate the user based on httpauth data.
*/
public function checkAuthentication()
{
try {
if (array_key_exists('PHP_AUTH_USER', $_SERVER)) {
Phprojekt_Auth::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
} catch (Phprojekt_Auth_Exception $e) {
// We have to delete the stack trace here because we need to avoid logging the user's password.
// This would be done because of Phprojekt_Auth::login($user, $password)
throw new Phprojekt_Auth_Exception($e->getMessage(), $e->getCode());
}
}
/**
* Return an array of field information.
*
* @param integer $ordering An ordering constant.
*
* @return array Array with fields definitions.
*/
public function getFieldDefinition($ordering = Phprojekt_ModelInformation_Default::ORDERING_DEFAULT)
{
$meta = parent::getFieldDefinition($ordering);
// If ownerId != currentUser then set readOnly for all fields except status
if ($this->_model->ownerId && Phprojekt_Auth::getUserId() != $this->_model->ownerId) {
foreach (array_keys($meta) as $key) {
if ('status' != $meta[$key]['key']) {
$meta[$key]['readOnly'] = 1;
}
}
}
return $meta;
}
/**
* Returns a list of all the active users.
*
* Returns a list of all the users with:
* <pre>
* - id => id of user.
* - display => Display for the user.
* - current => True or false if is the current user.
* </pre>
*
* The return is in JSON format.
*
* @return void
*/
public function jsonGetUsersAction()
{
IndexController::setCurrentProjectId();
$db = Phprojekt::getInstance()->getDb();
$user = Phprojekt_Loader::getLibraryClass('Phprojekt_User_User');
$records = $user->getAllowedUsers();
$current = Phprojekt_Auth::getUserId();
$data = array();
foreach ($records as $record) {
$data['data'][] = array('id' => (int) $record['id'], 'display' => $record['name'], 'current' => $current == $record['id']);
}
Phprojekt_Converter_Json::echoConvert($data, Phprojekt_ModelInformation_Default::ORDERING_LIST);
}
/**
* Returns all global modules.
*
* Returns a list of all the global modules with:
* <pre>
* - id => id of the module.
* - name => Name of the module.
* - label => Display for the module.
* </pre>
* Also return in the metadata, if the user is an admin or not.
*
* The return is in JSON format.
*
* @return array
*/
function jsonGetGlobalModulesAction()
{
$modules = array();
$model = new Phprojekt_Module_Module();
foreach ($model->fetchAll('active = 1 AND (save_type = 1 OR save_type = 2)', 'name ASC') as $module) {
$modules['data'][$module->id] = array();
$modules['data'][$module->id]['id'] = $module->id;
$modules['data'][$module->id]['name'] = $module->name;
$modules['data'][$module->id]['label'] = $module->label;
}
$modules['metadata'] = Phprojekt_Auth::isAdminUser();
Phprojekt_Converter_Json::echoConvert($modules);
}
/**
* Init function.
*
* Only admin users can access to these actions,
* if the user is not an admin, is redirected to the login form or throws an exception.
*
* @throws Phprojekt_PublishedException If the user is not an admin.
*
* @return void
*/
public function init()
{
parent::init();
if (!Phprojekt_Auth::isAdminUser()) {
// If is a GET, show the login page
// If is a POST, send message in json format
if (!$this->getFrontController()->getRequest()->isGet()) {
throw new Phprojekt_PublishedException('Admin section is only for admin users', 500);
} else {
$this->_redirect(Phprojekt::getInstance()->getConfig()->webpath . 'index.php/Login/logout');
}
exit;
}
}
/**
* Save each field that is with other value that before.
*
* For add actions, the oldValue is empty and all the fields are saved.
* For delete actions, the newValue is empty and all the fields are saved.
* For edit action, only the fields with other value that before are saved.
*
* @param Phprojekt_Item_Abstract $object The item object.
* @param string $action Action (edit/add/delete).
*
* @throws Zend_Exception If the object do not exist.
*
* @return void
*/
public function saveFields(Phprojekt_Item_Abstract $object, $action)
{
$differences = $this->_getDifferences($object, $action);
foreach ($differences as $fieldName => $difference) {
$history = clone $this;
$history->userId = Phprojekt_Auth::getUserId();
$history->moduleId = Phprojekt_Module::getId($object->getModelName());
$history->itemId = $object->id;
$history->field = $fieldName;
$history->oldValue = $difference['oldValue'];
$history->newValue = $difference['newValue'];
$history->action = $action;
$history->datetime = gmdate("Y-m-d H:i:s");
$history->save();
}
}
/**
* Init function.
*
* There are only a few actions that a normal user can do requesting the Core controller.
* The function check them, and allow the acction or not,
* if not, the user is redirected to the login form or throws an exception.
*
* @throws Zend_Controller_Action_Exception If the user is not an admin.
*
* @return void
*/
public function preDispatch()
{
parent::preDispatch();
if (!Phprojekt_Auth::isAdminUser()) {
$valid = false;
// Add exceptions for public calls into the Core
$controller = strtolower($this->getRequest()->getControllerName());
$action = $this->getRequest()->getActionName();
if ($controller == 'history' && $action == 'jsonList') {
$valid = true;
} else {
if ($controller == 'module' && $action == 'jsonGetGlobalModules') {
$valid = true;
} else {
if ($controller == 'role' && $action == 'jsonGetModulesAccess') {
$valid = true;
} else {
if ($controller == 'user' && $action == 'jsonGetUsers') {
$valid = true;
} else {
if ($controller == 'user' && $action == 'jsonGetProxyableUsers') {
$valid = true;
} else {
if ($controller == 'tab' && $action == 'jsonList') {
$valid = true;
} else {
if ($controller == 'setting') {
$valid = true;
} else {
if ($controller == 'upgrade') {
$valid = true;
}
}
}
}
}
}
}
}
if (!$valid) {
$this->getResponse()->setRawHeader('HTTP/1.1 401 Authorization Require');
$this->getResponse()->sendHeaders();
exit;
}
}
}
/**
* Save each field that is with other value that before.
*
* For add actions, the oldValue is empty and all the fields are saved.
* For delete actions, the newValue is empty and all the fields are saved.
* For edit action, only the fields with other value that before are saved.
*
* @param Phprojekt_Item_Abstract $object The item object.
* @param string $action Action (edit/add/delete).
*
* @throws Zend_Exception If the object do not exist.
*
* @return void
*/
public function saveFields($object, $action)
{
if (is_object($object) === true) {
$differences = $this->_getDifferences($object, $action);
foreach ($differences as $fieldName => $difference) {
$history = clone $this;
$history->userId = Phprojekt_Auth::getUserId();
$history->moduleId = Phprojekt_Module::getId($object->getModelName());
$history->itemId = $object->id;
$history->field = $fieldName;
$history->oldValue = $difference['oldValue'];
$history->newValue = $difference['newValue'];
$history->action = $action;
$history->datetime = gmdate("Y-m-d H:i:s");
$history->save();
}
} else {
throw new Zend_Exception('The object do not exist');
}
}
/**
* Init function.
*
* There are only a few actions that a normal user can do requesting the Core controller.
* The function check them, and allow the acction or not,
* if not, the user is redirected to the login form or throws an exception.
*
* @throws Phprojekt_PublishedException If the user is not an admin.
*
* @return void
*/
public function init()
{
parent::init();
if (!Phprojekt_Auth::isAdminUser()) {
$valid = false;
// Add exceptions for public calls into the Core
if ($this->getRequest()->getControllerName() == 'history' && $this->getRequest()->getActionName() == 'jsonList') {
$valid = true;
} else {
if ($this->getRequest()->getControllerName() == 'module' && $this->getRequest()->getActionName() == 'jsonGetGlobalModules') {
$valid = true;
} else {
if ($this->getRequest()->getControllerName() == 'role' && $this->getRequest()->getActionName() == 'jsonGetModulesAccess') {
$valid = true;
} else {
if ($this->getRequest()->getControllerName() == 'user' && $this->getRequest()->getActionName() == 'jsonGetUsers') {
$valid = true;
} else {
if ($this->getRequest()->getControllerName() == 'tab' && $this->getRequest()->getActionName() == 'jsonList') {
$valid = true;
} else {
if ($this->getRequest()->getControllerName() == 'setting') {
$valid = true;
}
}
}
}
}
}
if (!$valid) {
// If is a GET, show the login page
// If is a POST, send message in json format
if (!$this->getFrontController()->getRequest()->isGet()) {
throw new Phprojekt_PublishedException('Admin section is only for admin users', 500);
} else {
$this->_redirect(Phprojekt::getInstance()->getConfig()->webpath . 'index.php/Login/logout');
}
exit;
}
}
}
/**
* Perform the upgrade for a single module.
*
* The module is taken from the 'upgradeModule' parameter of the request.
*
* @return void
*/
public function jsonUpgradeAction()
{
if (!Phprojekt_Auth::isAdminUser()) {
throw new Zend_Controller_Action_Exception('Insufficient rights.', 403);
}
$extensions = new Phprojekt_Extensions(PHPR_CORE_PATH);
$migration = new Phprojekt_Migration($extensions);
$failed = true;
try {
$migration->performUpgrade($this->getRequest()->getParam('upgradeModule'));
$failed = false;
} catch (Phprojekt_Migration_IKilledTheDatabaseException $e) {
Phprojekt::getInstance()->getLog()->debug("IKilledTheDatabaseException occurred while migrating: " . $e->getFile() . ':' . $e->getLine() . "\n" . $e->getMessage() . "\n" . $e->getTraceAsString() . "\n");
Phprojekt_Converter_Json::echoConvert(array('type' => 'fatalFailure', 'message' => 'A fatal error has occured.'));
} catch (Exception $e) {
Phprojekt::getInstance()->getLog()->debug("Exception occurred while migrating: " . $e->getFile() . ':' . $e->getLine() . "\n" . $e->getMessage() . "\n" . $e->getTraceAsString() . "\n");
Phprojekt_Converter_Json::echoConvert(array('type' => 'failure', 'message' => 'An error has occured.'));
}
if (!$failed) {
Phprojekt_Converter_Json::echoConvert(array('type' => 'success', 'message' => 'The module was upgraded correctly'));
}
}
public function hasRight($userId, $right, $projectId = null)
{
if (Phprojekt_Auth::isAdminUser() || $this->isNew()) {
return true;
}
$projectId = is_null($projectId) ? $this->projectId : $projectId;
$moduleId = Phprojekt_Module::getId($this->getModelName());
$rights = Phprojekt_Right::getRightsForItems($moduleId, $projectId, $userId, array($this->id));
if (!isset($rights[$this->id])) {
return Phprojekt_Acl::NONE;
}
return ($rights[$this->id] & $right) == $right;
}
/**
* Log the error adding the user id and some extra values.
*
* @param string $message The message to log.
* @param array $values Array with values to show.
*
* @return void
*/
private static function _logError($message, $values)
{
// Log error
Phprojekt::getInstance()->getLog()->err($message . " User Id: " . Phprojekt_Auth::getUserId() . " - Values: " . implode(",", $values));
}
/**
* Save the settings into the table.
*
* @param array $params $_POST fields.
* @param integer $userId The user ID, if is not setted, the current user is used.
*
* @return void
*/
public function setSettings($params, $userId = 0)
{
if (!$userId) {
$userId = Phprojekt_Auth::getUserId();
}
if (method_exists($this->getModel(), 'setSettings')) {
call_user_func(array($this->getModel(), 'setSettings'), $params, $userId);
} else {
$namespace = new Zend_Session_Namespace(self::IDENTIFIER . $userId);
$fields = $this->getModel()->getFieldDefinition(Phprojekt_ModelInformation_Default::ORDERING_FORM);
foreach ($fields as $data) {
foreach ($params as $key => $value) {
if ($key == $data['key']) {
$where = sprintf('user_id = %d AND key_value = %s AND module_id = %d', (int) $userId, $this->_db->quote($key), (int) $this->_moduleId);
$record = $this->fetchAll($where);
if (isset($record[0])) {
$record[0]->keyValue = $key;
$record[0]->value = $value;
$record[0]->save();
} else {
$clone = clone $this;
$clone->userId = $userId;
$clone->moduleId = (int) $this->_moduleId;
$clone->keyValue = $key;
$clone->value = $value;
$clone->identifier = $this->_module;
$clone->save();
}
$namespace->{$key} = $value;
break;
}
}
}
}
}
/**
* Set some values deppend on the params.
*
* Set the author, solvedBy, solvedDate.
* Also set the rights for each user (owner, assigned and the normal access tab).
*
* @return array POST values with some changes.
*/
public function setParams()
{
$args = func_get_args();
$params = $args[0];
$model = $args[1];
$newItem = isset($args[2]) ? $args[2] : false;
if ($newItem) {
$params['author'] = (int) Phprojekt_Auth::getUserId();
$params['date'] = date("Y-m-d");
if ($params['status'] == Helpdesk_Models_Helpdesk::STATUS_SOLVED) {
$params['solvedBy'] = (int) Phprojekt_Auth::getUserId();
$params['solvedDate'] = date("Y-m-d");
}
} else {
// The author comes as a STRING but must be saved as an INT (and it doesn't change since the item creation)
$params['author'] = (int) $model->author;
}
if (!$newItem && isset($params['status'])) {
if ($params['status'] != Helpdesk_Models_Helpdesk::STATUS_SOLVED) {
// Status != 'Solved' - The solver should be null (the solved date can't be deleted, but should be)
$params['solvedBy'] = 0;
} else {
// Status 'Solved' - If it has just been changed to this state, save user and date
if ($model->status != Helpdesk_Models_Helpdesk::STATUS_SOLVED) {
$params['solvedBy'] = (int) Phprojekt_Auth::getUserId();
$params['solvedDate'] = date("Y-m-d");
} else {
// The solver comes as a STRING but must be saved as an INT (and the Id doesn't change)
$params['solvedBy'] = (int) $model->solvedBy;
}
}
}
return Default_Helpers_Right::addRightsToAssignedUser('assigned', $params, $model, $newItem);
}
/**
* Checks that the user has permission for modifying the item, in this case for uploading or deleting files.
* If not, prints an error, terminating script execution.
*
* @param Phprojekt_Model_Interface $model Current module.
* @param integer $itemId Current item id.
*
* @return void
*/
private function _fileCheckWritePermission($model, $itemId)
{
$model->find($itemId);
$rights = $model->getRights();
if (!$rights['currentUser']['write']) {
$error = Phprojekt::getInstance()->translate('You don\'t have permission for modifying this item.');
// Log error
Phprojekt::getInstance()->getLog()->err("Error: trying to Delete or Upload a file without write access. " . "User Id: " . Phprojekt_Auth::getUserId() . " - Module: " . $this->getRequest()->getModuleName());
// Show error to user and stop script execution
die($error);
}
}
/**
* Saves the new values of the projects dates.
*
* OPTIONAL request parameters:
* <pre>
* - array <b>projects</b> Array with projectId,startDate and endDate by comma separated
* </pre>
*
* If there is an error, the save will return a Phprojekt_PublishedException,
* if not, it returns a string in JSON format with:
* <pre>
* - type => 'success'.
* - message => Success message.
* - code => 0.
* - id => 0.
* </pre>
*
* @throws Phprojekt_PublishedException On error in the action save or wrong parameters.
*
* @return void
*/
public function jsonSaveAction()
{
$projects = (array) $this->getRequest()->getParam('projects', array());
$activeRecord = Phprojekt_Loader::getModel('Project', 'Project');
$rights = Phprojekt_Loader::getLibraryClass('Phprojekt_Item_Rights');
$userId = Phprojekt_Auth::getUserId();
$this->setCurrentProjectId();
// Error check: no project received
if (empty($projects)) {
$label = Phprojekt::getInstance()->translate('Projects');
$message = Phprojekt::getInstance()->translate('No project info was received');
throw new Phprojekt_PublishedException($label . ': ' . $message);
}
foreach ($projects as $project) {
list($id, $startDate, $endDate) = explode(",", $project);
// Check: are the three values available?
if (empty($id) || empty($startDate) || empty($endDate)) {
$label = Phprojekt::getInstance()->translate('Projects');
$message = Phprojekt::getInstance()->translate('Incomplete data received');
throw new Phprojekt_PublishedException($label . ': ' . $message);
}
$id = (int) $id;
$activeRecord->find($id);
// Check: project id exists?
if (empty($activeRecord->id)) {
$label = Phprojekt::getInstance()->translate('Project');
$message = Phprojekt::getInstance()->translate('Id not found #') . $id;
throw new Phprojekt_PublishedException($label . ': ' . $message);
}
// Check: dates are valid?
$validStart = Cleaner::validate('date', $startDate, false);
$validEnd = Cleaner::validate('date', $endDate, false);
if (!$validStart || !$validEnd) {
$label = Phprojekt::getInstance()->translate('Project id #') . $id;
if (!$validStart) {
$message = Phprojekt::getInstance()->translate('Start date invalid');
} else {
$message = Phprojekt::getInstance()->translate('End date invalid');
}
throw new Phprojekt_PublishedException($label . ': ' . $message);
}
// Check: start date after end date?
$startDateTemp = strtotime($startDate);
$endDateTemp = strtotime($endDate);
if ($startDateTemp > $endDateTemp) {
$label = Phprojekt::getInstance()->translate('Project id #') . $id;
$message = Phprojekt::getInstance()->translate('Start date can not be after End date');
throw new Phprojekt_PublishedException($label . ': ' . $message);
}
$activeRecord->startDate = $startDate;
$activeRecord->endDate = $endDate;
if ($rights->getItemRight(1, $id, $userId) >= Phprojekt_Acl::WRITE) {
$activeRecord->parentSave();
}
}
$message = Phprojekt::getInstance()->translate(self::EDIT_MULTIPLE_TRUE_TEXT);
$return = array('type' => 'success', 'message' => $message, 'code' => 0, 'id' => 0);
Phprojekt_Converter_Json::echoConvert($return);
}
/**
* Trying a login with a valid user and its password
* This try has to log in the user
*/
public function testLogin()
{
try {
$tmp = Phprojekt_Auth::login('david', 'test');
} catch (Phprojekt_Auth_Exception $error) {
$this->fail($error->getMessage() . " " . $error->getCode());
}
$this->assertTrue($tmp);
/* logged in needs to be true */
$this->assertTrue(Phprojekt_Auth::isLoggedIn());
}
/**
* Get all the modules-item with the wordId.
*
* @param array $words Array with words IDs.
* @param string $operator Query operator.
* @param integer $count Limit query.
*
* @return array Array of results.
*/
public function searchModuleByWordId($words, $operator = 'AND', $count = 0)
{
$ids = array();
$result = array();
$rights = Phprojekt_Loader::getLibraryClass('Phprojekt_Item_Rights');
$userId = Phprojekt_Auth::getUserId();
$db = Phprojekt::getInstance()->getDb();
foreach ($words as $content) {
$ids[] = (int) $content['id'];
}
if (!empty($ids)) {
// Search by AND
if ($operator == 'AND') {
$sqlString = '';
$selects = array();
$first = true;
while (!empty($ids)) {
$id = array_pop($ids);
if ($first) {
$first = false;
if (!empty($ids)) {
$selects[] = $db->select()->from('search_word_module', array('item_id'))->where('word_id = ' . (int) $id);
} else {
$selects[] = $db->select()->from('search_word_module')->where('word_id = ' . (int) $id);
}
} else {
if (!empty($ids)) {
$selects[] = $db->select()->from('search_word_module', array('item_id'))->where('word_id = ' . (int) $id . ' AND item_id IN (%s)');
} else {
$selects[] = $db->select()->from('search_word_module')->where('word_id = ' . (int) $id . ' AND item_id IN (%s)');
}
}
}
$first = true;
while (!empty($selects)) {
$select = array_shift($selects)->__toString();
if ($first) {
$sqlString = $select;
$first = false;
} else {
$sqlString = sprintf($select, $sqlString);
}
}
$stmt = $db->query($sqlString);
$tmpResult = $stmt->fetchAll(Zend_Db::FETCH_ASSOC);
} else {
// Search By OR
$where = 'word_id IN (' . implode(', ', $ids) . ')';
$order = array('module_id ASC', 'item_id DESC');
$tmpResult = $this->fetchAll($where, $order)->toArray();
}
foreach ($tmpResult as $data) {
// Limit to $count results
if ((int) $count > 0 && count($result) >= $count) {
break;
}
// Only fetch records with read access
if ($rights->getItemRight($data['module_id'], $data['item_id'], $userId) > 0) {
$result[$data['module_id'] . '-' . $data['item_id']] = $data;
}
}
}
return $result;
}
/**
* Saves a frontend message to the database using the abstract record pattern.
*
* Since the actor id is allways the user who calls this method, the actor_id will be set here.
*
* @return boolean True on a sucessful save.
*/
public function saveFrontendMessage()
{
$return = '';
$this->actorId = (int) Phprojekt_Auth::getUserId();
if (false === is_array($this->recipientId)) {
$return = parent::save();
} else {
$recipient = $this->recipientId;
foreach ($recipient as $id) {
$model = clone $this;
$model->actorId = $this->actorId;
$model->projectId = $this->projectId;
$model->itemId = $this->itemId;
$model->process = $this->process;
$model->validUntil = $this->validUntil;
$model->validFrom = $this->validFrom;
$model->moduleId = $this->moduleId;
$model->description = $this->description;
$model->details = $this->details;
$model->recipientId = $id;
$model->itemName = $this->itemName;
$return = $model->save();
}
}
return $return;
}
/**
* Trying a login with a valid user and its password
* This try has to log in the user
*/
public function testLogin()
{
$tmp = Phprojekt_Auth::login('Test', 'test');
$this->assertTrue($tmp);
/* logged in needs to be true */
$this->assertTrue(Phprojekt_Auth::isLoggedIn());
}
/**
* Check if the user has write access to the item if is not a global module.
*
* @param Phprojekt_Model_Interface $model The model to save.
* @param string $moduleName The current module.
*
* @return boolean False if not.
*/
private static function _checkItemRights($model, $moduleName)
{
$canWrite = false;
if ($moduleName == 'Core') {
return Phprojekt_Auth::isAdminUser();
} else {
if (Phprojekt_Module::saveTypeIsNormal(Phprojekt_Module::getId($moduleName))) {
$itemRights = $model->getRights();
if (isset($itemRights['currentUser'])) {
if (!$itemRights['currentUser']['write'] && !$itemRights['currentUser']['create'] && !$itemRights['currentUser']['copy'] && !$itemRights['currentUser']['admin']) {
$canWrite = false;
} else {
$canWrite = true;
}
}
} else {
$canWrite = true;
}
}
return $canWrite;
}
/**
* Returns all the events connected with the current one by the parentId,
* for the logged user as participant.
* Doesn't return the current event among them.
*
* @return array Array of Calendar IDs.
*/
public function getRelatedEvents()
{
$return = array();
$rootEventId = $this->getRootEventId($this);
if ($rootEventId > 0) {
$userId = Phprojekt_Auth::getUserId();
$where = sprintf('(parent_id = %d OR id = %d) AND id != %d AND participant_id = %d', (int) $rootEventId, (int) $rootEventId, (int) $this->id, (int) $userId);
$records = $this->fetchAll($where);
$return = array();
foreach ($records as $record) {
if ($record->id != $this->id) {
$return[] = $record->id;
}
}
}
return $return;
}
