</tr>
</thead>
<tbody>
<?php
$pManager =& getPluginManager();
$pManager->loadPlugins('acl');
$k = 0;
$config =& JFactory::getConfig();
$db =& JFactory::getDBO();
$now =& JFactory::getDate();
$nullDate = $db->getNullDate();
for ($i = 0, $n = count($this->items); $i < $n; $i++) {
$row =& $this->items[$i];
//Only allow administrating groups to view item history
$canViewHistory = false;
if (canManageWorkflows()) {
$canViewHistory = true;
} else {
list($adminAclSystem, $adminAclGroup) = explode('.', $row->administratingGroup);
foreach ($this->aclPairs as $system => $gid) {
if ($system == $adminAclSystem && in_array($adminAclGroup, array_keys($gid))) {
$canViewHistory = true;
}
}
}
$link = JRoute::_('index.php?option=com_jwf&controller=item&task=edit&wid=' . $row->wid . '&iid=' . $row->iid);
$historyLink = JRoute::_('index.php?option=com_jwf&controller=item&task=history&wid=' . $row->wid . '&iid=' . $row->iid);
?>
<tr class="<?php
echo "row{$k}";
?>
/**
* searches through items
*
* @access public
* @param int starting records
* @param int number of records to return
* @param array containing all the GIDs of the current logged in user for all supported ACL systems
* @param string keywords used for the LIKE clause
* @param bool whether or not to return the last step for items
* @return array Array('overallTotal' => total number of items<br />'requestTotal' => total number of items returned by the request<br />'items' => list of items)
*/
function search($start = 0, $count = 0, $aclPairs = null, $keyword = '', $onlyCurrent = false)
{
$db =& JFactory::getDBO();
$start = intval($start);
$count = intval($count);
$onlyCurrent = (bool) $onlyCurrent;
$keyword = $db->getEscaped($keyword, true);
$limit = '';
if ($count != 0) {
$limit = "LIMIT {$start}, {$count} ";
}
$whereFragments = array();
if ($keyword != '') {
$whereFragments['keyword'] = "w.name LIKE '%{$keyword}%'";
}
if ($aclPairs != null && !canManageWorkflows()) {
$whereFragments['acl'] = '';
$aclWhereFragments = array();
foreach ($aclPairs as $system => $gid) {
$gids = implode(',', array_keys($gid));
$aclWhereFragments[] = "(w.acl = '{$system}' AND (w.admin_gid IN ({$gids}) OR s.group IN ({$gids}) ))";
}
$whereFragments['acl'] = '(' . implode(' OR ', $aclWhereFragments) . ')';
}
if ($onlyCurrent) {
$whereFragments['current'] = ' h.current=1';
}
$whereConditions = implode(' AND ', $whereFragments);
$where = '';
if ($whereConditions != '') {
$where = 'WHERE ' . $whereConditions;
}
$sql = "SELECT COUNT(*) FROM #__jwf_steps";
$db->setQuery($sql);
$overallCount = $db->loadResult();
$sql = "SELECT COUNT(*)" . "\nFROM `#__jwf_steps` AS h" . "\nINNER JOIN `#__jwf_stations` AS s ON s.id = h.sid" . "\nINNER JOIN `#__jwf_workflows` AS w ON w.id = h.wid" . "\n" . $where;
$db->setQuery($sql);
$requestCount = $db->loadResult();
$sql = "SELECT h.* , CONCAT(w.acl, '.', w.admin_gid) as administratingGroup,s.allocatedTime as taskTime, s.task as currentTask, s.title as currentStation , s.order as position , w.title as workflowTitle, w.component as contentType" . "\nFROM `#__jwf_steps` AS h" . "\nINNER JOIN `#__jwf_stations` AS s ON s.id = h.sid" . "\nINNER JOIN `#__jwf_workflows` AS w ON w.id = h.wid" . "\n" . $where . "\n" . "ORDER BY h.created DESC" . "\n" . $limit;
$db->setQuery($sql);
return array('overallTotal' => $overallCount, 'requestTotal' => $requestCount, 'items' => $db->loadObjectList());
}
function save($workflow, $steps, $storedComments, $incomingComment)
{
$pManager =& getPluginManager();
$pManager->loadPlugins('acl');
$response = $pManager->invokeMethod('acl', 'getMyGroupId', array($workflow->acl), null);
$myGroups = $response[$workflow->acl];
$user =& JFactory::getUser();
$isNew = intval($incomingComment['commentID']) == -1 ? true : false;
$isAuthorized = false;
//The HUGE Authorization routine
/*
Global Administrator -> Allowed to do everything
Old Comment
Workflow manager -> Allowed after making sure the supplied WID matches a workflow they have authority upon
Normal user -> Allowed if s/he's the creator of the comment
New Comment
Workflow manager -> Allow if WID matches a workflow they have authority upon
Normal user -> Allowed only if the item is in their station
*/
if (canManageWorkflows()) {
$isAuthorized = true;
} elseif (in_array($workflow->admin_gid, array_keys($myGroups))) {
$isAuthorized = true;
} else {
if ($isNew) {
//Allow normal users to add comments to the latest step ONLY
$currentStep = searchObjectArray($steps, 'current', 1);
foreach ($myGroups as $gid => $name) {
if ($workflow->stations[$incomingComment['sid']]->group == $gid) {
if ($currentStep->iid == $incomingComment['iid'] && $currentStep->id == $incomingComment['tid']) {
$isAuthorized = true;
}
}
}
} else {
$currentComment = searchObjectArray($storedComments, 'id', $incomingComment['commentID']);
if ($currentComment != null && $user->get('id') == $currentComment->created_by) {
$isAuthorized = true;
}
}
}
if (!$isAuthorized) {
return 0;
}
$datenow =& JFactory::getDate();
$incomingComment['type'] = 'comments';
if (!$isNew) {
$incomingComment['id'] = intval($incomingComment['commentID']);
$incomingComment['modified'] = $datenow->toMySQL();
$incomingComment['modified_by'] = $user->get('id');
} else {
$incomingComment['created'] = $datenow->toMySQL();
$incomingComment['modified'] = $datenow->toMySQL();
$incomingComment['created_by'] = $user->get('id');
$incomingComment['modified_by'] = $user->get('id');
}
$incomingComment['value'] = base64_encode($incomingComment['text']);
require_once JWF_BACKEND_PATH . DS . 'models' . DS . 'history.php';
$historyModel = new JWFModelHistory();
require_once JWF_BACKEND_PATH . DS . 'models' . DS . 'field.php';
$fieldModel = new JWFModelField();
if ($fieldModel->save($incomingComment)) {
$historyObject = new stdClass();
if ($isNew) {
$historyObject->type = 'create';
$historyObject->value = $incomingComment['value'];
$historyModel->add($workflow->id, $workflow->stations[$incomingComment['sid']], $incomingComment['iid'], 'field.comments', JText::_('Comment Added'), $historyObject);
} else {
$historyObject->type = 'modify';
$historyObject->value = $incomingComment['value'];
$historyModel->add($workflow->id, $workflow->stations[$incomingComment['sid']], $incomingComment['iid'], 'field.comments', JText::_('Comment Modified'), $historyObject);
}
return 1;
}
return 0;
}
/**
* Task Handler ( View history of a given item )
*
* @return void
*/
function history()
{
$app =& JFactory::getApplication('site');
$document =& JFactory::getDocument();
$pManager =& getPluginManager();
$wid = JRequest::getInt('wid', 0);
$iid = JRequest::getInt('iid', 0);
$workflowModel =& $this->getModel('workflow');
$workflow = $workflowModel->get($wid);
if (!$workflow) {
JError::raiseError(404, JText::_("Workflow not found"));
}
/* Authorization */
$pManager->loadPlugins('acl');
$response = $pManager->invokeMethod('acl', 'getMyGroupId', array($workflow->acl), null);
$userGroups = $response[$workflow->acl];
$user =& JFactory::getUser();
if ($user->guest) {
JError::raiseError(403, JText::_("Access Forbidden"));
}
if (!canManageWorkflows() && !in_array($workflow->admin_gid, array_keys($userGroups))) {
JError::raiseError(403, JText::_("Access Forbidden"));
}
/* User is autorized */
$historyModel =& $this->getModel('history');
$itemHistory = $historyModel->get($wid, $iid);
if (!$itemHistory) {
JError::raiseError(404, JText::_("Item not found or No history stored for this item"));
}
/* Prepare and display the view */
$viewType = $document->getType();
$viewName = 'history';
$viewLayout = 'default';
$view =& $this->getView($viewName, $viewType, '', array('base_path' => $this->_basePath));
// Set the layout
$view->setLayout($viewLayout);
//Display the view
$view->display($itemHistory, $workflow);
}
