function get_status_option_list_plugin($p_user_auth = 0, $p_current_value = 0, $p_show_current = true, $p_add_close = false, $p_project_id = ALL_PROJECTS)
{
$t_config_var_value = config_get('status_enum_string', null, null, $p_project_id);
$t_enum_workflow = config_get('status_enum_workflow', null, null, $p_project_id);
$t_enum_values = MantisEnum::getValues($t_config_var_value);
$t_enum_list = array();
foreach ($t_enum_values as $t_enum_value) {
if (($p_show_current || $p_current_value != $t_enum_value) && access_compare_level($p_user_auth, access_get_status_threshold($t_enum_value, $p_project_id))) {
$t_enum_list[$t_enum_value] = get_enum_element('status', $t_enum_value);
}
}
if ($p_show_current) {
$t_enum_list[$p_current_value] = get_enum_element('status', $p_current_value);
}
if ($p_add_close && access_compare_level($p_current_value, config_get('bug_resolved_status_threshold', null, null, $p_project_id))) {
$t_closed = config_get('bug_closed_status_threshold', null, null, $p_project_id);
if ($p_show_current || $p_current_value != $t_closed) {
$t_enum_list[$t_closed] = get_enum_element('status', $t_closed);
}
}
return $t_enum_list;
}
$t_cat = $t_row['old_value'];
if ($t_cat == '') {
$t_cat = 'none';
}
if (in_array($t_cat, $t_category)) {
$t_data[$t_ptr][$t_cat]++;
} else {
$t_data[$t_ptr][$t_cat] = 1;
$t_category[] = $t_cat;
}
# change the category associated with the bug to match in case the bug was
# created during the scan
$t_bug_cat[$t_row['bug_id']] = $t_cat;
} else {
# change of status access_compare_level( $t_row['status'], $t_resolved )
if (access_compare_level($t_row['new_value'], $t_resolved) && !access_compare_level($t_row['old_value'], $t_resolved)) {
# transition from open to closed
$t_cat = $t_bug_cat[$t_row['bug_id']];
if ($t_cat == '') {
$t_cat = 'none';
}
if (in_array($t_cat, $t_category)) {
$t_data[$t_ptr][$t_cat]++;
} else {
$t_data[$t_ptr][$t_cat] = 1;
$t_category[] = $t_cat;
}
}
}
break;
case 1:
/**
* Build the bugnotes array for the given bug_id filtered by specified $p_user_access_level.
* Bugnotes are sorted by date_submitted according to 'bugnote_order' configuration setting.
* Return BugnoteData class object with raw values from the tables except the field
* last_modified - it is UNIX_TIMESTAMP.
* @param int $p_bug_id bug id
* @param int $p_user_bugnote_order sort order
* @param int $p_user_bugnote_limit number of bugnotes to display to user
* @param int $p_user_id user id
* @return array array of bugnotes
* @access public
*/
function bugnote_get_all_visible_bugnotes($p_bug_id, $p_user_bugnote_order, $p_user_bugnote_limit, $p_user_id = null)
{
if ($p_user_id === null) {
$t_user_id = auth_get_current_user_id();
} else {
$t_user_id = $p_user_id;
}
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_user_access_level = user_get_access_level($t_user_id, $t_project_id);
$t_all_bugnotes = bugnote_get_all_bugnotes($p_bug_id);
$t_private_bugnote_threshold = config_get('private_bugnote_threshold');
$t_private_bugnote_visible = access_compare_level($t_user_access_level, config_get('private_bugnote_threshold'));
$t_time_tracking_visible = access_compare_level($t_user_access_level, config_get('time_tracking_view_threshold'));
$t_bugnotes = array();
$t_bugnote_count = count($t_all_bugnotes);
$t_bugnote_limit = $p_user_bugnote_limit > 0 ? $p_user_bugnote_limit : $t_bugnote_count;
$t_bugnotes_found = 0;
# build a list of the latest bugnotes that the user can see
for ($i = 0; $i < $t_bugnote_count && $t_bugnotes_found < $t_bugnote_limit; $i++) {
$t_bugnote = array_pop($t_all_bugnotes);
if ($t_private_bugnote_visible || $t_bugnote->reporter_id == $t_user_id || VS_PUBLIC == $t_bugnote->view_state) {
# If the access level specified is not enough to see time tracking information
# then reset it to 0.
if (!$t_time_tracking_visible) {
$t_bugnote->time_tracking = 0;
}
$t_bugnotes[$t_bugnotes_found++] = $t_bugnote;
}
}
# reverse the list for users with ascending view preferences
if ('ASC' == $p_user_bugnote_order) {
$t_bugnotes = array_reverse($t_bugnotes);
}
return $t_bugnotes;
}
/**
* Get history details about an issue.
*
* @param string $p_username The name of the user trying to access the issue.
* @param string $p_password The password of the user.
* @param integer $p_issue_id The id of the issue to retrieve.
* @return array that represents a HistoryDataArray structure
*/
function mc_issue_get_history($p_username, $p_password, $p_issue_id)
{
global $g_project_override;
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!bug_exists($p_issue_id)) {
return SoapObjectsFactory::newSoapFault('Client', 'Issue does not exist');
}
$t_project_id = bug_get_field($p_issue_id, 'project_id');
if (!mci_has_readonly_access($t_user_id, $t_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$g_project_override = $t_project_id;
if (!access_has_bug_level(config_get('view_bug_threshold', null, null, $t_project_id), $p_issue_id, $t_user_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_user_access_level = user_get_access_level($t_user_id, $t_project_id);
if (!access_compare_level($t_user_access_level, config_get('view_history_threshold'))) {
return mci_soap_fault_access_denied($t_user_id);
}
log_event(LOG_WEBSERVICE, 'retrieving history for issue \'' . $p_issue_id . '\'');
$t_bug_history = history_get_raw_events_array($p_issue_id, $t_user_id);
return $t_bug_history;
}
?>
</td>
</tr>
<?php
}
test_bug_download_threshold();
test_bug_attachments_allow_flags();
print_test_row('check mail configuration: send_reset_password = ON requires allow_blank_email = OFF', OFF == config_get_global('send_reset_password') || OFF == config_get_global('allow_blank_email'));
print_test_row('check mail configuration: send_reset_password = ON requires enable_email_notification = ON', OFF == config_get_global('send_reset_password') || ON == config_get_global('enable_email_notification'));
print_test_row('check mail configuration: allow_signup = ON requires enable_email_notification = ON', OFF == config_get_global('allow_signup') || ON == config_get_global('enable_email_notification'));
print_test_row('check mail configuration: allow_signup = ON requires send_reset_password = ON', OFF == config_get_global('allow_signup') || ON == config_get_global('send_reset_password'));
print_test_row('check language configuration: fallback_language is not \'auto\'', 'auto' != config_get_global('fallback_language'));
print_test_row('check configuration: allow_anonymous_login = ON requires anonymous_account to be set', OFF == config_get_global('allow_anonymous_login') || strlen(config_get_global('anonymous_account')) > 0);
$t_anon_user = false;
print_test_row('check configuration: anonymous_account is a valid username if set', strlen(config_get_global('anonymous_account')) > 0 ? ($t_anon_user = user_get_id_by_name(config_get_global('anonymous_account'))) !== false : TRUE);
print_test_row('check configuration: anonymous_account should not be an administrator', $t_anon_user ? !access_compare_level(user_get_field($t_anon_user, 'access_level'), ADMINISTRATOR) : TRUE);
print_test_row('$g_bug_link_tag is not empty ("' . config_get_global('bug_link_tag') . '")', '' != config_get_global('bug_link_tag'));
print_test_row('$g_bugnote_link_tag is not empty ("' . config_get_global('bugnote_link_tag') . '")', '' != config_get_global('bugnote_link_tag'));
print_test_row('filters: dhtml_filters = ON requires use_javascript = ON', OFF == config_get_global('dhtml_filters') || ON == config_get_global('use_javascript'));
?>
</table>
<!-- register_globals check -->
<?php
if (ini_get_bool('register_globals')) {
?>
<br />
<table width="100%" bgcolor="#222222" border="0" cellpadding="20" cellspacing="1">
<tr>
<td bgcolor="#ffcc22">
/**
* Build the bug raw data visible for specified user to be translated and sent by email to the user
* (Filter the bug data according to user access level)
* return array with bug data. See usage in email_format_bug_message(...)
* @param int $p_user_id
* @param int $p_bug_id
* @param string $p_message_id
* @return array
*/
function email_build_visible_bug_data($p_user_id, $p_bug_id, $p_message_id)
{
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_user_access_level = user_get_access_level($p_user_id, $t_project_id);
$t_user_bugnote_order = user_pref_get_pref($p_user_id, 'bugnote_order');
$t_user_bugnote_limit = user_pref_get_pref($p_user_id, 'email_bugnote_limit');
$row = bug_get_extended_row($p_bug_id);
$t_bug_data = array();
$t_bug_data['email_bug'] = $p_bug_id;
if ($p_message_id !== 'email_notification_title_for_action_bug_deleted') {
$t_bug_data['email_bug_view_url'] = string_get_bug_view_url_with_fqdn($p_bug_id);
}
if (access_compare_level($t_user_access_level, config_get('view_handler_threshold'))) {
if (0 != $row['handler_id']) {
$t_bug_data['email_handler'] = user_get_name($row['handler_id']);
} else {
$t_bug_data['email_handler'] = '';
}
}
$t_bug_data['email_reporter'] = user_get_name($row['reporter_id']);
$t_bug_data['email_project_id'] = $row['project_id'];
$t_bug_data['email_project'] = project_get_field($row['project_id'], 'name');
$t_category_name = category_full_name($row['category_id'], false);
$t_bug_data['email_category'] = $t_category_name;
$t_bug_data['email_date_submitted'] = $row['date_submitted'];
$t_bug_data['email_last_modified'] = $row['last_updated'];
$t_bug_data['email_status'] = $row['status'];
$t_bug_data['email_severity'] = $row['severity'];
$t_bug_data['email_priority'] = $row['priority'];
$t_bug_data['email_reproducibility'] = $row['reproducibility'];
$t_bug_data['email_resolution'] = $row['resolution'];
$t_bug_data['email_fixed_in_version'] = $row['fixed_in_version'];
if (!is_blank($row['target_version']) && access_compare_level($t_user_access_level, config_get('roadmap_view_threshold'))) {
$t_bug_data['email_target_version'] = $row['target_version'];
}
$t_bug_data['email_summary'] = $row['summary'];
$t_bug_data['email_description'] = $row['description'];
$t_bug_data['email_additional_information'] = $row['additional_information'];
$t_bug_data['email_steps_to_reproduce'] = $row['steps_to_reproduce'];
$t_bug_data['set_category'] = '[' . $t_bug_data['email_project'] . '] ' . $t_category_name;
$t_bug_data['custom_fields'] = custom_field_get_linked_fields($p_bug_id, $t_user_access_level);
$t_bug_data['bugnotes'] = bugnote_get_all_visible_bugnotes($p_bug_id, $t_user_bugnote_order, $t_user_bugnote_limit, $p_user_id);
# put history data
if (ON == config_get('history_default_visible') && access_compare_level($t_user_access_level, config_get('view_history_threshold'))) {
$t_bug_data['history'] = history_get_raw_events_array($p_bug_id, $p_user_id);
}
# Sponsorship Information
if (config_get('enable_sponsorship') == ON && access_has_bug_level(config_get('view_sponsorship_total_threshold'), $p_bug_id, $p_user_id)) {
$t_sponsorship_ids = sponsorship_get_all_ids($p_bug_id);
$t_bug_data['sponsorship_total'] = sponsorship_get_amount($t_sponsorship_ids);
if (access_has_bug_level(config_get('view_sponsorship_details_threshold'), $p_bug_id, $p_user_id)) {
$t_bug_data['sponsorships'] = array();
foreach ($t_sponsorship_ids as $id) {
$t_bug_data['sponsorships'][] = sponsorship_get($id);
}
}
}
$t_bug_data['relations'] = relationship_get_summary_text($p_bug_id);
return $t_bug_data;
}
/**
* Process $p_string, looking for bugnote ID references and creating bug view
* links for them.
*
* Returns the processed string.
*
* If $p_include_anchor is true, include the href tag, otherwise just insert
* the URL
*
* The bugnote tag ('~' by default) must be at the beginning of the string or
* preceeded by a character that is not a letter, a number or an underscore
*
* if $p_include_anchor = false, $p_fqdn is ignored and assumed to true.
* @param string $p_string String to be processed.
* @param boolean $p_include_anchor Whether to include the href tag or just the URL.
* @param boolean $p_detail_info Whether to include more detailed information (e.g. title attribute / project) in the returned string.
* @param boolean $p_fqdn Whether to return an absolute or relative link.
* @return string
*/
function string_process_bugnote_link($p_string, $p_include_anchor = true, $p_detail_info = true, $p_fqdn = false)
{
static $s_bugnote_link_callback = array();
$t_tag = config_get('bugnote_link_tag');
# bail if the link tag is blank
if ('' == $t_tag || $p_string == '') {
return $p_string;
}
if (!isset($s_bugnote_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn])) {
if ($p_include_anchor) {
$s_bugnote_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn] = function ($p_array) use($p_detail_info, $p_fqdn) {
global $g_project_override;
if (bugnote_exists((int) $p_array[2])) {
$t_bug_id = bugnote_get_field((int) $p_array[2], 'bug_id');
if (bug_exists($t_bug_id)) {
$g_project_override = bug_get_field($t_bug_id, 'project_id');
if (access_compare_level(user_get_access_level(auth_get_current_user_id(), bug_get_field($t_bug_id, 'project_id')), config_get('private_bugnote_threshold')) || bugnote_get_field((int) $p_array[2], 'reporter_id') == auth_get_current_user_id() || bugnote_get_field((int) $p_array[2], 'view_state') == VS_PUBLIC) {
$g_project_override = null;
return $p_array[1] . string_get_bugnote_view_link($t_bug_id, (int) $p_array[2], (bool) $p_detail_info, (bool) $p_fqdn);
}
$g_project_override = null;
}
}
return $p_array[0];
};
# end of bugnote link callback closure
} else {
$s_bugnote_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn] = function ($p_array) {
$t_bug_id = bugnote_get_field((int) $p_array[2], 'bug_id');
if ($t_bug_id && bug_exists($t_bug_id)) {
return $p_array[1] . string_get_bugnote_view_url_with_fqdn($t_bug_id, (int) $p_array[2]);
} else {
return $p_array[0];
}
};
# end of bugnote link callback closure
}
}
$p_string = preg_replace_callback('/(^|[^\\w])' . preg_quote($t_tag, '/') . '(\\d+)\\b/', $s_bugnote_link_callback[$p_include_anchor][$p_detail_info][$p_fqdn], $p_string);
return $p_string;
}
function get_status_option_list($p_user_auth = 0, $p_current_value = 0, $p_show_current = true, $p_add_close = false)
{
$t_config_var_value = config_get('status_enum_string');
$t_enum_workflow = config_get('status_enum_workflow');
if (count($t_enum_workflow) < 1) {
# workflow not defined, use default enum
$t_arr = explode_enum_string($t_config_var_value);
} else {
# workflow defined - find allowed states
if (isset($t_enum_workflow[$p_current_value])) {
$t_arr = explode_enum_string($t_enum_workflow[$p_current_value]);
} else {
# workflow was not set for this status, this shouldn't happen
$t_arr = explode_enum_string($t_config_var_value);
}
}
$t_enum_count = count($t_arr);
$t_enum_list = array();
for ($i = 0; $i < $t_enum_count; $i++) {
$t_elem = explode_enum_arr($t_arr[$i]);
if (access_compare_level($p_user_auth, access_get_status_threshold($t_elem[0])) && !(false == $p_show_current && $p_current_value == $t_elem[0])) {
$t_enum_list[$t_elem[0]] = get_enum_element('status', $t_elem[0]);
}
}
# end for
if (true == $p_show_current) {
$t_enum_list[$p_current_value] = get_enum_element('status', $p_current_value);
}
if (true == $p_add_close && access_compare_level($p_current_value, config_get('bug_resolved_status_threshold'))) {
$t_enum_list[CLOSED] = get_enum_element('status', CLOSED);
}
return $t_enum_list;
}
function custom_function_override_print_bug_view_page_custom_buttons($p_bug_id)
{
# Zuerst die lokalierten Buttontexte auslesen
if (lang_get_current() === 'german') {
$t_bfe_clone_issue_button = 'Klon in anderes Projekt...';
$t_bfe_edit_failure_class_button = 'Fehlerklasse bearbeiten...';
} else {
$t_bfe_clone_issue_button = 'Clone To Other Project...';
$t_bfe_edit_failure_class_button = 'Edit Failure Class...';
}
# Wenn Zugriff mindestens onsite developer, dann darf er Issues klonen
if (access_has_project_level(50)) {
echo '<td>';
html_button_bug_clone_to_project($p_bug_id, $t_bfe_clone_issue_button);
echo '</td>';
}
# Wenn Zugriff ändern von Fehlerklasse erlaubt, dann darf er sie ändern
# Aber nur bis Status 'bestätigt' (40=confirmed)
# Und nur für QS-Reporter (30) und ab Entwickler vor Ort (50) aufwärts
if (custom_field_has_write_access(1, $p_bug_id)) {
if (bug_get_field($p_bug_id, 'status') < 40) {
if (access_compare_level(access_get_project_level(), array(30, 50, 55, 70, 90))) {
echo '<td>';
$t_bfe_bugs[] = $p_bug_id;
$t_src = relationship_get_all_src($p_bug_id);
$t_src_count = count($t_src);
$t_dest = relationship_get_all_dest($p_bug_id);
$t_dest_count = count($t_dest);
if ($t_src_count || $t_dest_count) {
# Zunächst die Destination Bug IDs
for ($x = 0; $x < $t_src_count; $x++) {
$t_thisbugid = $t_src[$x]->dest_bug_id;
if (access_has_bug_level(50, $t_thisbugid)) {
$t_bfe_bugs[] = $t_thisbugid;
}
}
# und jetzt die Source Bug IDs
for ($y = 0; $y < $t_dest_count; $y++) {
$t_thisbugid = $t_dest[$y]->src_bug_id;
if (access_has_bug_level(50, $t_thisbugid)) {
$t_bfe_bugs[] = $t_thisbugid;
}
}
}
if (count($t_bfe_bugs) > 1) {
bfe_fehlerklasse_button('bug_actiongroup_page.php', $t_bfe_edit_failure_class_button, $t_bfe_bugs);
} else {
html_button('bug_actiongroup_page.php', $t_bfe_edit_failure_class_button, array('bug_arr[]' => $p_bug_id, 'action' => 'custom_field_1'));
}
echo '</td>';
}
}
}
}
}
$t_cat = $row['old_value'];
if ($t_cat == '')
$t_cat = 'none';
if (in_array($t_cat, $t_category)) {
$t_data[$t_ptr][$t_cat] ++;
} else {
$t_data[$t_ptr][$t_cat] = 1;
$t_category[] = $t_cat;
}
// change the category associated with the bug to match in case the bug was
// created during the scan
$t_bug_cat[$row['bug_id']] = $t_cat;
} else { // change of status access_compare_level( $t_row['status'], $t_resolved )
if ( access_compare_level( $row['new_value'], $t_resolved ) &&
!access_compare_level( $row['old_value'], $t_resolved ) ) {
// transition from open to closed
$t_cat = $t_bug_cat[$row['bug_id']];
if ($t_cat == '')
$t_cat = 'none';
if (in_array($t_cat, $t_category)) {
$t_data[$t_ptr][$t_cat] ++;
} else {
$t_data[$t_ptr][$t_cat] = 1;
$t_category[] = $t_cat;
}
}
}
break;
case 1: // new bug
$t_cat = $t_bug_cat[$row['bug_id']];
function bugnote_get_all_visible_bugnotes($p_bug_id, $p_user_access_level, $p_user_bugnote_order, $p_user_bugnote_limit)
{
$t_all_bugnotes = bugnote_get_all_bugnotes($p_bug_id, $p_user_bugnote_order, $p_user_bugnote_limit);
$t_private_bugnote_threshold = config_get('private_bugnote_threshold');
$t_private_bugnote_visible = access_compare_level($p_user_access_level, config_get('private_bugnote_threshold'));
$t_time_tracking_visible = access_compare_level($p_user_access_level, config_get('time_tracking_view_threshold'));
$t_bugnotes = array();
foreach ($t_all_bugnotes as $t_note_index => $t_bugnote) {
if ($t_private_bugnote_visible || VS_PUBLIC == $t_bugnote->view_state) {
# If the access level specified is not enough to see time tracking information
# then reset it to 0.
if (!$t_time_tracking_visible) {
$t_bugnote->time_tracking = 0;
}
$t_bugnotes[$t_note_index] = $t_bugnote;
}
}
return $t_bugnotes;
}
function access_has_project_level($p_access_level, $p_project_id = null, $p_user_id = null)
{
# Short circuit the check in this case
if (NOBODY == $p_access_level) {
return false;
}
if (null === $p_user_id) {
$p_user_id = auth_get_current_user_id();
}
if (null === $p_project_id) {
$p_project_id = helper_get_current_project();
}
$t_access_level = access_get_project_level($p_project_id, $p_user_id);
return access_compare_level($t_access_level, $p_access_level);
}
/**
* For a list of bug ids, returns an array of bugnote stats.
* If a bug has no visible bugnotes, returns "false" as the stats item for that bug id.
* @param array $p_bugs_id Array of Integer representing bug identifiers.
* @param integer|null $p_user_id User for checking access levels. null defaults to current user
* @return array Array of bugnote stats
* @access public
* @uses database_api.php
*/
function bug_get_bugnote_stats_array(array $p_bugs_id, $p_user_id = null)
{
$t_id_array = array();
foreach ($p_bugs_id as $t_id) {
$t_id_array[$t_id] = (int) $t_id;
}
if (empty($t_id_array)) {
return array();
}
if (null === $p_user_id) {
$t_user_id = auth_get_current_user_id();
} else {
$t_user_id = $p_user_id;
}
db_param_push();
$t_params = array();
$t_in_clause_elems = array();
foreach ($t_id_array as $t_id) {
$t_in_clause_elems[] = db_param();
$t_params[] = $t_id;
}
$t_query = 'SELECT n.id, n.bug_id, n.reporter_id, n.view_state, n.last_modified, n.date_submitted, b.project_id' . ' FROM {bugnote} n JOIN {bug} b ON (n.bug_id = b.id)' . ' WHERE n.bug_id IN (' . implode(', ', $t_in_clause_elems) . ')' . ' ORDER BY b.project_id, n.bug_id, n.last_modified';
# perform query
$t_result = db_query($t_query, $t_params);
$t_counter = 0;
$t_stats = array();
# We need to check for each bugnote if it has permissions to view in respective project.
# bugnotes are grouped by project_id and bug_id to save calls to config_get
$t_current_project_id = null;
$t_current_bug_id = null;
while ($t_query_row = db_fetch_array($t_result)) {
$c_bug_id = (int) $t_query_row['bug_id'];
if (0 == $t_counter || $t_current_project_id !== $t_query_row['project_id']) {
# evaluating a new project from the rowset
$t_current_project_id = $t_query_row['project_id'];
$t_user_access_level = access_get_project_level($t_query_row['project_id'], $t_user_id);
$t_private_bugnote_visible = access_compare_level($t_user_access_level, config_get('private_bugnote_threshold', null, $t_user_id, $t_query_row['project_id']));
}
if (0 == $t_counter || $t_current_bug_id !== $c_bug_id) {
# evaluating a new bug from the rowset
$t_current_bug_id = $c_bug_id;
$t_note_count = 0;
$t_last_submit_date = 0;
}
$t_note_visible = $t_private_bugnote_visible || $t_query_row['reporter_id'] == $t_user_id || VS_PUBLIC == $t_query_row['view_state'];
if ($t_note_visible) {
# only count the bugnote if user has access
$t_stats[$c_bug_id]['bug_id'] = $c_bug_id;
$t_stats[$c_bug_id]['last_modified'] = $t_query_row['last_modified'];
$t_stats[$c_bug_id]['count'] = ++$t_note_count;
$t_stats[$c_bug_id]['last_modified_bugnote'] = $t_query_row['id'];
if ($t_query_row['date_submitted'] > $t_last_submit_date) {
$t_last_submit_date = $t_query_row['date_submitted'];
$t_stats[$c_bug_id]['last_submitted_bugnote'] = $t_query_row['id'];
}
if (isset($t_id_array[$c_bug_id])) {
unset($t_id_array[$c_bug_id]);
}
}
$t_counter++;
}
# The remaining bug ids, are those without visible notes. Save false as cached value
foreach ($t_id_array as $t_id) {
$t_stats[$t_id] = false;
}
return $t_stats;
}
/**
* Check the current user's access against the given value and return true
* if the user's access is equal to or higher, false otherwise.
* This function looks up the bug's project and performs an access check
* against that project
* @param int $p_access_level integer representing access level
* @param int $p_bug_id integer representing bug id to check access against
* @param int|null $p_user_id integer representing user id, defaults to null to use current user
* @return bool whether user has access level specified
* @access public
*/
function access_has_bug_level($p_access_level, $p_bug_id, $p_user_id = null)
{
if ($p_user_id === null) {
$p_user_id = auth_get_current_user_id();
}
# Deal with not logged in silently in this case
# @@@ we may be able to remove this and just error
# and once we default to anon login, we can remove it for sure
if (empty($p_user_id) && !auth_is_user_authenticated()) {
return false;
}
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_bug_is_user_reporter = bug_is_user_reporter($p_bug_id, $p_user_id);
$t_access_level = access_get_project_level($t_project_id, $p_user_id);
# check limit_Reporter (Issue #4769)
# reporters can view just issues they reported
$t_limit_reporters = config_get('limit_reporters', null, $p_user_id, $t_project_id);
if ($t_limit_reporters && !$t_bug_is_user_reporter) {
# Here we only need to check that the current user has an access level
# higher than the lowest needed to report issues (report_bug_threshold).
# To improve performance, esp. when processing for several projects, we
# build a static array holding that threshold for each project
static $s_thresholds = array();
if (!isset($s_thresholds[$t_project_id])) {
$t_report_bug_threshold = config_get('report_bug_threshold', null, $p_user_id, $t_project_id);
if (!is_array($t_report_bug_threshold)) {
$s_thresholds[$t_project_id] = $t_report_bug_threshold + 1;
} else {
if (empty($t_report_bug_threshold)) {
$s_thresholds[$t_project_id] = NOBODY;
} else {
sort($t_report_bug_threshold);
$s_thresholds[$t_project_id] = $t_report_bug_threshold[0] + 1;
}
}
}
if (!access_compare_level($t_access_level, $s_thresholds[$t_project_id])) {
return false;
}
}
# If the bug is private and the user is not the reporter, then
# they must also have higher access than private_bug_threshold
if (!$t_bug_is_user_reporter && bug_get_field($p_bug_id, 'view_state') == VS_PRIVATE) {
$t_private_bug_threshold = config_get('private_bug_threshold', null, $p_user_id, $t_project_id);
return access_compare_level($t_access_level, $t_private_bug_threshold) && access_compare_level($t_access_level, $p_access_level);
}
return access_compare_level($t_access_level, $p_access_level);
}
/**
* Check the current user's access against the given value and return true
* if the user's access is equal to or higher, false otherwise.
* This function looks up the bug's project and performs an access check
* against that project
* @param int $p_access_level integer representing access level
* @param int $p_bug_id integer representing bug id to check access against
* @param int|null $p_user_id integer representing user id, defaults to null to use current user
* @return bool whether user has access level specified
* @access public
*/
function access_has_bug_level($p_access_level, $p_bug_id, $p_user_id = null)
{
if ($p_user_id === null) {
$p_user_id = auth_get_current_user_id();
}
# Deal with not logged in silently in this case
# @@@ we may be able to remove this and just error
# and once we default to anon login, we can remove it for sure
if (empty($p_user_id) && !auth_is_user_authenticated()) {
return false;
}
$t_project_id = bug_get_field($p_bug_id, 'project_id');
# check limit_Reporter (Issue #4769)
# reporters can view just issues they reported
$t_limit_reporters = config_get('limit_reporters');
if (ON === $t_limit_reporters && !bug_is_user_reporter($p_bug_id, $p_user_id) && !access_has_project_level(REPORTER + 1, $t_project_id, $p_user_id)) {
return false;
}
# If the bug is private and the user is not the reporter, then
# they must also have higher access than private_bug_threshold
if (VS_PRIVATE == bug_get_field($p_bug_id, 'view_state') && !bug_is_user_reporter($p_bug_id, $p_user_id)) {
$t_access_level = access_get_project_level($t_project_id, $p_user_id);
return access_compare_level($t_access_level, config_get('private_bug_threshold')) && access_compare_level($t_access_level, $p_access_level);
}
return access_has_project_level($p_access_level, $t_project_id, $p_user_id);
}
function get_status_option_list($p_user_auth = 0, $p_current_value = 0, $p_show_current = true, $p_add_close = false, $p_project_id = ALL_PROJECTS)
{
$t_config_var_value = config_get('status_enum_string', null, null, $p_project_id);
$t_enum_workflow = config_get('status_enum_workflow', null, null, $p_project_id);
if (count($t_enum_workflow) < 1) {
# workflow not defined, use default enum
$t_enum_values = MantisEnum::getValues($t_config_var_value);
} else {
# workflow defined - find allowed states
if (isset($t_enum_workflow[$p_current_value])) {
$t_enum_values = MantisEnum::getValues($t_enum_workflow[$p_current_value]);
} else {
# workflow was not set for this status, this shouldn't happen
# caller should be able to handle empty list
$t_enum_values = array();
}
}
$t_enum_list = array();
foreach ($t_enum_values as $t_enum_value) {
if (($p_show_current || $p_current_value != $t_enum_value) && access_compare_level($p_user_auth, access_get_status_threshold($t_enum_value, $p_project_id))) {
$t_enum_list[$t_enum_value] = get_enum_element('status', $t_enum_value);
}
}
if ($p_show_current) {
$t_enum_list[$p_current_value] = get_enum_element('status', $p_current_value);
}
if ($p_add_close && access_compare_level($p_current_value, config_get('bug_resolved_status_threshold', null, null, $p_project_id))) {
$t_closed = config_get('bug_closed_status_threshold', null, null, $p_project_id);
if ($p_show_current || $p_current_value != $t_closed) {
$t_enum_list[$t_closed] = get_enum_element('status', $t_closed);
}
}
return $t_enum_list;
}
function bugnote_get_all_visible_bugnotes($p_bug_id, $p_user_access_level, $p_user_bugnote_order, $p_user_bugnote_limit)
{
$t_all_bugnotes = bugnote_get_all_bugnotes($p_bug_id, $p_user_bugnote_order, $p_user_bugnote_limit);
$t_private_bugnote_threshold = config_get('private_bugnote_threshold');
$t_private_bugnote_visible = access_compare_level($p_user_access_level, config_get('private_bugnote_threshold'));
$t_bugnotes = array();
foreach ($t_all_bugnotes as $t_note_index => $t_bugnote) {
if ($t_private_bugnote_visible || VS_PUBLIC == $t_bugnote->view_state) {
$t_bugnotes[$t_note_index] = $t_bugnote;
}
}
return $t_bugnotes;
}
