Пример #1
0
function session_require($req)
{
    global $Language;
    /*
    	Codendi admins always return true
    */
    if (user_is_super_user()) {
        return true;
    }
    if (isset($req['group']) && $req['group']) {
        $query = "SELECT user_id FROM user_group WHERE user_id=" . user_getid() . " AND group_id=" . db_ei($req['group']);
        if (isset($req['admin_flags']) && $req['admin_flags']) {
            $query .= " AND admin_flags = '" . db_escape_string($req['admin_flags']) . "'";
        }
        if (db_numrows(db_query($query)) < 1 || !$req['group']) {
            exit_error($Language->getText('include_session', 'insufficient_g_access'), $Language->getText('include_session', 'no_perm_to_view'));
        }
    } elseif (isset($req['user']) && $req['user']) {
        if (user_getid() != $req['user']) {
            exit_error($Language->getText('include_session', 'insufficient_u_access'), $Language->getText('include_session', 'no_perm_to_view'));
        }
    } elseif (isset($req['isloggedin']) && $req['isloggedin']) {
        if (!user_isloggedin()) {
            exit_error($Language->getText('include_session', 'required_login'), $Language->getText('include_session', 'login'));
        }
    } else {
        exit_error($Language->getText('include_session', 'insufficient_access'), $Language->getText('include_session', 'no_access'));
    }
}
Пример #2
0
 /**
  *	return a resultset of Group
  *
  *	@return	resultset
  */
 function getAllGroups()
 {
     global $Language;
     if (user_isloggedin()) {
         // For  surperuser), we can see all the trackers (both public and non public)
         if (user_is_super_user()) {
             $access_condition = '';
         } else {
             $access_condition = " AND access != '" . db_es(Project::ACCESS_PRIVATE) . "' ";
         }
     } else {
         if (isset($GLOBALS['Language'])) {
             $this->setError($Language->getText('include_exit', 'perm_denied'));
         }
         return false;
     }
     $sql = "SELECT group_id,group_name,unix_group_name FROM groups\n\t\t\tWHERE group_id <> 100 AND status = 'A'\n\t\t\t{$access_condition}\n\t\t\tORDER BY group_name ASC";
     //echo $sql;
     $result = db_query($sql);
     $rows = db_numrows($result);
     if (!$result || $rows < 1) {
         if (isset($GLOBALS['Language'])) {
             $this->setError($Language->getText('include_common_groupfactory', 'none_found', db_error()));
         }
         return false;
     }
     return $result;
 }
Пример #3
0
 function do_edit()
 {
     global $feedback;
     $request =& HTTPRequest::instance();
     // Sanity check
     if (!$request->get('group_id') || !$request->get('reference_id')) {
         exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('project_reference', 'missing_parameter'));
     }
     $reference_manager =& ReferenceManager::instance();
     $force = $request->get('force');
     $su = false;
     if (user_is_super_user()) {
         $su = true;
     } else {
         $force = false;
     }
     // Load existing reference from DB
     $ref =& $reference_manager->loadReference($request->get('reference_id'), $request->get('group_id'));
     if ($ref->isSystemReference() && $ref->getGroupId() != 100) {
         // Only update is_active field
         if ($ref->isActive() != $request->get('is_used')) {
             $reference_manager->updateIsActive($ref, $request->get('is_used'));
         }
     } else {
         if (!$su) {
             // Only a server admin may define a service_id
             $service_short_name = "";
         } else {
             if ($request->get('service_short_name') == 100) {
                 // none
                 $service_short_name = "";
             } else {
                 $service_short_name = $request->get('service_short_name');
             }
         }
         $old_keyword = $ref->getKeyword();
         //Update table 'reference'
         $new_ref = new Reference($request->get('reference_id'), $request->get('keyword'), $request->get('description'), $request->get('link'), $ref->getScope(), $service_short_name, $request->get('nature'), $request->get('is_used'), $request->get('group_id'));
         $result = $reference_manager->updateReference($new_ref, $force);
         if (!$result) {
             exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('project_reference', 'edit_fail', db_error()));
         } else {
             if ($old_keyword != $request->get('keyword')) {
                 //Update table 'cross_reference'
                 $reference_dao = $this->getCrossReferenceDao();
                 $result = $reference_dao->updateTargetKeyword($old_keyword, $request->get('keyword'), $request->get('group_id'));
                 $result2 = $reference_dao->updateSourceKeyword($old_keyword, $request->get('keyword'), $request->get('group_id'));
                 //Update table 'artifact_group_list'
                 $reference_dao = $this->getArtifactGroupListDao();
                 $result = $reference_dao->updateItemName($request->get('group_id'), $old_keyword, $request->get('keyword'));
             }
         }
     }
 }
Пример #4
0
function snippet_data_can_modify_snippet_package($snippet_package_id)
{
    if (user_is_super_user()) {
        return true;
    } else {
        $sql = "SELECT submitted_by FROM snippet_package_version WHERE snippet_package_id='{$snippet_package_id}'";
        $result = db_query($sql);
        while ($resrow = db_fetch_array($result)) {
            if ($resrow['submitted_by'] == user_getid()) {
                return true;
                break;
            }
        }
    }
    return false;
}
Пример #5
0
    function edit()
    {
        global $sys_default_domain, $Language;
        $request =& HTTPRequest::instance();
        $group_id = $request->get('group_id');
        $purifier = Codendi_HTMLPurifier::instance();
        $pm = ProjectManager::instance();
        $project = $pm->getProject($group_id);
        $refid = $request->get('reference_id');
        if (!$refid) {
            exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('project_reference', 'missing_parameter'));
        }
        $referenceManager =& ReferenceManager::instance();
        $ref =& $referenceManager->loadReference($refid, $group_id);
        $su = false;
        if (user_is_super_user()) {
            $su = true;
        }
        $star = '&nbsp;<font color="red">*</font>';
        // "Read-only" -> can only edit reference availability (system reference)
        $ro = false;
        if ($ref->isSystemReference() && $ref->getGroupId() != 100) {
            $ro = true;
            $star = "";
        }
        echo '
<h3>' . $Language->getText('project_reference', 'edit_r') . '</h3>
<form name="form_create" method="post" action="/project/admin/reference.php?group_id=' . $group_id . '">
<input type="hidden" name="action" VALUE="do_edit">
<input type="hidden" name="view" VALUE="browse">
<input type="hidden" name="group_id" VALUE="' . $group_id . '">
<input type="hidden" name="reference_id" VALUE="' . $refid . '">

<table width="100%" cellspacing=0 cellpadding=3 border=0>
<tr><td width="10%"><a href="#" title="' . $Language->getText('project_reference', 'r_keyword_desc') . '">' . $Language->getText('project_reference', 'r_keyword') . ':</a>' . $star . '</td>
<td>';
        if ($ro) {
            echo $purifier->purify($ref->getKeyWord());
        } else {
            echo '<input type="text" name="keyword" size="25" maxlength="25" value="' . $purifier->purify($ref->getKeyWord()) . '">';
        }
        echo '</td></tr>';
        echo '
<tr><td><a href="#" title="' . $Language->getText('project_reference', 'r_desc_in_tooltip') . '">' . $Language->getText('project_reference', 'r_desc') . '</a>:&nbsp;</td>
<td>';
        if ($ro) {
            if ($ref->getDescription() == "reference_" . $ref->getKeyWord() . "_desc_key") {
                echo $purifier->purify($Language->getText('project_reference', $ref->getDescription()));
            } else {
                echo $purifier->purify($ref->getDescription());
            }
        } else {
            echo '<input type="text" name="description" size="70" maxlength="255" value="' . $purifier->purify($ref->getDescription()) . '">';
        }
        echo '</td></tr>';
        echo '
<tr><td><a href="#" title="' . $Language->getText('project_reference', 'r_nature_desc') . '">' . $Language->getText('project_reference', 'r_nature') . '</a>:&nbsp;</td>
<td>';
        if ($ro) {
            echo $purifier->purify($ref->getNature());
        } else {
            echo '<select name="nature" >';
            foreach ($this->natures as $nature_key => $nature_desc) {
                if ($ref->getNature() == $nature_key) {
                    $selected = 'selected="selected"';
                } else {
                    $selected = '';
                }
                echo '<option value="' . $purifier->purify($nature_key) . '" ' . $selected . '>' . $purifier->purify($nature_desc['label']) . '</option>';
            }
            echo '</select>';
        }
        echo '</td></tr>';
        echo '
<tr><td><a href="#" title="' . $Language->getText('project_reference', 'url') . '">' . $Language->getText('project_reference', 'r_link') . '</a>:' . $star . '</td>
<td>';
        if ($ro) {
            echo $purifier->purify($ref->getLink());
        } else {
            echo '<input type="text" name="link" size="70" maxlength="255" value="' . $purifier->purify($ref->getLink()) . '"> ';
            echo help_button('project-admin.html#creating-or-updating-a-reference-pattern');
        }
        echo '</td></tr>';
        if ($group_id == 100) {
            echo '
<tr><td><a href="#" title="' . $Language->getText('project_reference', 'r_service_desc') . '">' . $Language->getText('project_reference', 'r_service') . '</a>:</td>
<td>';
            // Get list of services
            $result = db_query("SELECT * FROM service WHERE group_id=100 ORDER BY rank");
            $serv_label = array();
            $serv_short_name = array();
            while ($serv = db_fetch_array($result)) {
                $label = $serv['label'];
                if ($label == "service_" . $serv['short_name'] . "_lbl_key") {
                    $label = $Language->getText('project_admin_editservice', $label);
                }
                $serv_short_name[] = $serv['short_name'];
                $serv_label[] = $label;
            }
            echo html_build_select_box_from_arrays($serv_short_name, $serv_label, "service_short_name", $ref->getServiceShortName());
            echo '</td></tr>';
            echo '
<tr><td><a href="#" title="' . $Language->getText('project_reference', 'r_scope') . '">' . $Language->getText('project_reference', 'scope') . ':</a></td>
<td><FONT size="-1">' . ($ref->getScope() == 'S' ? $Language->getText('project_reference', 'system') : $Language->getText('project_reference', 'project')) . '</FONT></td></tr>';
        }
        echo '
<tr><td><a href="#" title="' . $Language->getText('project_reference', 'enabled_desc') . '">' . $Language->getText('project_reference', 'enabled') . ':</a> </td>
<td><input type="CHECKBOX" NAME="is_used" VALUE="1"' . ($ref->isActive() ? " CHECKED" : '') . '></td></tr>';
        if ($su) {
            echo '<tr><td><a href="#" title="' . $Language->getText('project_reference', 'force_desc') . '">' . $Language->getText('project_reference', 'force') . '</a> </td>
                       <td><input type="CHECKBOX" NAME="force"></td></tr>';
        }
        echo '
</table>

<P><INPUT type="submit" name="Create" value="' . $Language->getText('global', 'btn_update') . '">
</form>';
        if (!$ro) {
            echo '<p>' . $star . ': ' . $Language->getText('project_reference', 'fields_required') . '</p>';
        }
    }
Пример #6
0
    }
    display_service_creation_form($group_id, $is_superuser);
} else {
    $service_id = $request->getValidated('service_id', 'uint', 0);
    if (!$service_id) {
        exit_error('ERROR', 'Service Id was not specified ');
    }
    $sql = "SELECT * FROM service WHERE group_id={$group_id} AND service_id={$service_id}";
    $result = db_query($sql);
    if (db_numrows($result) < 1) {
        exit_error($Language->getText('global', 'error'), $Language->getText('project_admin_editservice', 's_not_exist', $service_id));
    }
    $service = db_fetch_array($result);
    $readonly = false;
    $is_superuser = true;
    if (!user_is_super_user()) {
        $is_superuser = false;
        if (!$service['is_active']) {
            exit_error($Language->getText('project_admin_editservice', 'forbidden'), $Language->getText('project_admin_editservice', 'no_access_inactive_s'));
        }
        if ($service['scope'] == "system") {
            // Display service as read-only
            $readonly = true;
        }
    }
    if (!ServiceManager::instance()->isServiceAllowedForProject($project, $service_id)) {
        exit_error('ERROR', $GLOBALS['Language']->getText('project_admin_servicebar', 'not_allowed'));
    }
    display_service_configuration_form($group_id, $service_id, $service, $readonly, $is_superuser);
}
project_admin_footer(array());
Пример #7
0
 /**
  * special install function
  *
  */
 function install()
 {
     if ($this->gid == 1) {
         if (!user_is_super_user()) {
             exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('plugin_phpwiki_lib_wikipagewrap', 'right_error'));
         }
     }
     $we = new PHPWikiEntry();
     $we->setGid($this->gid);
     $we->setLanguage_id($_REQUEST['language_id']);
     $name_fr = "Page d'accueil";
     $page_fr = "PageAccueil";
     $desc_fr = "Document initial du Wiki";
     $name_en = "Home Page";
     $page_en = "HomePage";
     $desc_en = "Initial wiki document";
     switch ($we->getLanguage_id()) {
         // English
         case 'en_US':
             define('WIKI_PGSRC', 'codendipgsrc');
             define('DEFAULT_WIKI_PGSRC', PHPWIKI_SRC_PATH . '/codendipgsrc');
             $we->setName($name_en);
             $we->setPage($page_en);
             $we->setDesc($desc_en);
             break;
             // French
         // French
         case 'fr_FR':
             define('WIKI_PGSRC', 'pgsrc');
             define('DEFAULT_WIKI_PGSRC', PHPWIKI_SRC_PATH . '/locale/fr/pgsrc');
             $we->setName($name_fr);
             $we->setPage($page_fr);
             $we->setDesc($desc_fr);
             break;
         default:
             define('WIKI_PGSRC', 'codendipgsrc');
             define('DEFAULT_WIKI_PGSRC', PHPWIKI_SRC_PATH . '/codendipgsrc');
             $we->setName($name_en);
             $we->setPage($page_en);
             $we->setDesc($desc_en);
     }
     $we->add();
     $this->render();
 }
Пример #8
0
/**
 * Function svn_utils_check_access : check if the user $username can access the path $svnpath of the project $gname 
 * regarding the global arrays $SVNACCESS and $SVNGROUPS.
 * 
 * @param string $username the login name of the user we want to check the perms
 * @param string $project_svnroot the unix name of the group (project)
 * @param string $svnpath the subversion path to check
 * @global array $SVNACCESS the array populated with the rights for each user for this project $gname
 * @global array $SVNGROUPS the array populated with the members of each ugroup of this project
 *
 * Warning:
 *    The code source of this function is writing in Python too.
 *    If you modify part of this code, thanks to check if
 *    the corresponding Python code needs to be updated too.
 *    (see src/utils/svn/svnaccess.py)
 */
function svn_utils_check_access($username, $project_svnroot, $svnpath)
{
    global $SVNACCESS;
    if (user_getname() == $username && user_is_super_user()) {
        return true;
    }
    $em =& EventManager::instance();
    $em->processEvent('svn_check_access_username', array('username' => &$username, 'project_svnroot' => $project_svnroot));
    $username = strtolower($username);
    if ($SVNACCESS == "None") {
        svn_utils_parse_access_file($project_svnroot);
    }
    $perm = '';
    $path = '/' . $svnpath;
    while (true) {
        if (array_key_exists($username, $SVNACCESS) && array_key_exists($path, $SVNACCESS[$username])) {
            $perm = $SVNACCESS[$username][$path];
            //echo "match: SVNACCESS[$username][$path] $perm";
            break;
        } else {
            if (array_key_exists('*', $SVNACCESS) && array_key_exists($path, $SVNACCESS['*'])) {
                $perm = $SVNACCESS['*'][$path];
                //echo "match: SVNACCESS[*][$path] $perm";
                break;
            } else {
                // see if it maches higher in the path
                if ($path == '/') {
                    break;
                }
                $idx = strrpos($path, '/');
                if ($idx == 0) {
                    $path = '/';
                } else {
                    $path = substr($path, 0, $idx);
                }
            }
        }
    }
    if (strpos($perm, 'r') === false) {
        return false;
    } else {
        return true;
    }
}
Пример #9
0
 /**
  * @return Widget
  */
 public static function getInstance($widget_name)
 {
     $o = null;
     switch ($widget_name) {
         case 'mysurveys':
             $o = new Widget_MySurveys();
             break;
         case 'myprojects':
             $o = new Widget_MyProjects();
             break;
         case 'mybookmarks':
             $o = new Widget_MyBookmarks();
             break;
         case 'mymonitoredforums':
             $o = new Widget_MyMonitoredForums();
             break;
         case 'mymonitoredfp':
             $o = new Widget_MyMonitoredFp();
             break;
         case 'mylatestsvncommits':
             $o = new Widget_MyLatestSvnCommits();
             break;
         case 'myartifacts':
             $o = new Widget_MyArtifacts();
             break;
         case 'myrss':
             $o = new Widget_MyRss();
             break;
         case 'mytwitterfollow':
             $o = new Widget_MyTwitterFollow();
             break;
             //case 'mywikipage':                   //not yet
             //    $o = new Widget_MyWikiPage();
             //    break;
         //case 'mywikipage':                   //not yet
         //    $o = new Widget_MyWikiPage();
         //    break;
         case 'myimageviewer':
             $o = new Widget_MyImageViewer();
             break;
         case 'myadmin':
             if (user_is_super_user()) {
                 //This widget is only for super admin
                 $o = new Widget_MyAdmin();
             }
             break;
         case 'mysystemevent':
             if (user_is_super_user()) {
                 //This widget is only for super admin
                 $o = new Widget_MySystemEvent();
             }
             break;
         case 'projectdescription':
             $o = new Widget_ProjectDescription();
             break;
         case 'projectclassification':
             $o = new Widget_ProjectClassification();
             break;
         case 'projectmembers':
             $o = new Widget_ProjectMembers();
             break;
         case 'projectlatestfilereleases':
             $o = new Widget_ProjectLatestFileReleases();
             break;
         case 'projectlatestnews':
             $o = new Widget_ProjectLatestNews();
             break;
         case 'projectpublicareas':
             $o = new Widget_ProjectPublicAreas();
             break;
         case 'projectrss':
             $o = new Widget_ProjectRss();
             break;
         case 'projecttwitterfollow':
             $o = new Widget_ProjectTwitterFollow();
             break;
         case 'projectsvnstats':
             $o = new Widget_ProjectSvnStats();
             break;
             //case 'projectwikipage':                    //not yet
             //    $o = new Widget_ProjectWikiPage();
             //    break;
         //case 'projectwikipage':                    //not yet
         //    $o = new Widget_ProjectWikiPage();
         //    break;
         case 'projectlatestsvncommits':
             $o = new Widget_ProjectLatestSvnCommits();
             break;
         case 'projectlatestcvscommits':
             $o = new Widget_ProjectLatestCvsCommits();
             break;
         case 'projectimageviewer':
             $o = new Widget_ProjectImageViewer();
             break;
         default:
             $em = EventManager::instance();
             $em->processEvent('widget_instance', array('widget' => $widget_name, 'instance' => &$o));
             break;
     }
     if (!$o || !is_a($o, 'Widget')) {
         $o = null;
     }
     return $o;
 }
Пример #10
0
                 $arh->fetchData($update_default);
                 if ($arh->scope == 'P' && $ath->userIsAdmin()) {
                     $arh->updateDefaultReport();
                     $GLOBALS['Response']->addFeedback('info', $Language->getText('tracker_admin_index', 'update_success'));
                 }
             }
         }
     }
     if ($request->getValidated('new_report')) {
         $arh->createReportForm();
     } else {
         if ($request->getValidated('show_report')) {
             if ($arh->scope == 'P' && !$ath->userIsAdmin()) {
                 exit_permission_denied();
             }
             if ($arh->scope == 'S' && !user_is_super_user()) {
                 exit_permission_denied();
             }
             $arh->showReportForm();
         } else {
             // Front page
             $reports = $arh->getReports($atid, user_getid());
             $arh->showAvailableReports($reports);
         }
     }
     $ath->footer(array());
     break;
 case 'canned':
     if (!user_isloggedin()) {
         exit_not_logged_in();
         return;
Пример #11
0
/**
 *
 *   Method of easily enforcing permissions
 *   Page will terminate with error message if you fail checks
 *
 */
function session_require($req)
{
    if (!user_isloggedin()) {
        exit_permission_denied();
    }
    /*
    	SF Admins always have permission
    */
    if (user_is_super_user()) {
        return true;
    }
    if ($req['group']) {
        $group =& group_get_object($req['group']);
        if (!$group) {
            exit_no_group();
        }
        if ($req['admin_flags']) {
            //$query .= " AND admin_flags = '$req[admin_flags]'";
            if (!$group->userIsAdmin()) {
                exit_permission_denied();
            }
        } else {
            if (!$group->userIsMember()) {
                exit_permission_denied();
            }
        }
    } else {
        if ($req['isloggedin']) {
            //no need to check as long as the check is present at top of function
        } else {
            exit_permission_denied();
        }
    }
}
Пример #12
0
function menu_print_sidebar($params)
{
    if (!user_isloggedin()) {
        echo menu_notloggedin();
        if (!$GLOBALS['sys_allow_anon']) {
            return;
        }
    } else {
        echo menu_loggedin($params['title']);
    }
    // LJ Site Admin menu added here
    if (user_is_super_user()) {
        echo menu_site_admin();
    }
    echo menu_software();
    echo menu_site();
    //search menu
    echo menu_search();
    ?>
	<div align="center">
	     <?php 
    echo $GLOBALS['HTML']->getOsdnNavDropdown();
    ?>
	     </div>
		   <?php 
}
Пример #13
0
 /**
  *	  userCanSubmit - determine if the user can submit an artifact (if he can submit a field).
  *        Note that if there is no group explicitely auhtorized, access is denied (don't check default values)
  *
  *	  @param $my_user_id	if not specified, use the current user id..
  *	  @return boolean	user_can_submit.
  */
 function userCanSubmit($my_user_id = 0)
 {
     if (!$my_user_id) {
         // Super-user has all rights...
         if (user_is_super_user()) {
             return true;
         }
         $my_user_id = user_getid();
     } else {
         $u = UserManager::instance()->getUserById($my_user_id);
         if ($u->isSuperUser()) {
             return true;
         }
     }
     // Select submit permissions for all fields
     $sql = "SELECT ugroup_id \n                  FROM permissions \n                  WHERE permission_type='TRACKER_FIELD_SUBMIT' \n                    AND object_id LIKE '" . db_ei($this->getID()) . "#%' \n                  GROUP BY ugroup_id";
     $res = db_query($sql);
     if (db_numrows($res) > 0) {
         while ($row = db_fetch_array($res)) {
             // should work even for anonymous users
             if (ugroup_user_is_member($my_user_id, $row['ugroup_id'], $this->Group->getID(), $this->getID())) {
                 return true;
             }
         }
     }
     return false;
 }
Пример #14
0
 /**
  * _currentUserCanUpdateLayout
  * 
  * @return boolean true if the user dan uppdate the layout (add/remove widget, collapse, set preferences, ...)
  * @param  owner_id  
  * @param  owner_type  
  */
 function _currentUserCanUpdateLayout($owner_id, $owner_type)
 {
     $readonly = true;
     $request = HTTPRequest::instance();
     switch ($owner_type) {
         case self::OWNER_TYPE_USER:
             if (user_getid() == $owner_id) {
                 //Current user can only update its own /my/ page
                 $readonly = false;
             }
             break;
         case self::OWNER_TYPE_GROUP:
             if (user_is_super_user() || user_ismember($request->get('group_id'), 'A')) {
                 //Only project admin
                 $readonly = false;
             }
             break;
         case self::OWNER_TYPE_HOME:
             //Only site admin
             break;
         default:
             break;
     }
     return !$readonly;
 }
Пример #15
0
 function _getProjectTabs($toptab, &$project)
 {
     global $sys_default_domain;
     $pm = ProjectManager::instance();
     $tabs = array();
     $group_id = $project->getGroupId();
     reset($project->service_data_array);
     while (list($short_name, $service_data) = each($project->service_data_array)) {
         if ((string) $short_name == "admin") {
             // for the admin service, we will check if the user is allowed to use the service
             // it means : 1) to be a super user, or
             //            2) to be project admin
             if (!user_is_super_user()) {
                 if (!user_isloggedin()) {
                     continue;
                     // we don't include the service in the $tabs
                 } else {
                     if (!user_ismember($group_id, 'A')) {
                         continue;
                         // we don't include the service in the $tabs
                     }
                 }
             }
         }
         if (!$service_data['is_used']) {
             continue;
         }
         if (!$service_data['is_active']) {
             continue;
         }
         // Get URL, and eval variables
         //$project->services[$short_name]->getUrl(); <- to use when service will be fully served by satellite
         if ($service_data['is_in_iframe']) {
             $link = '/service/?group_id=' . $group_id . '&amp;id=' . $service_data['service_id'];
         } else {
             $link = $service_data['link'];
         }
         if ($group_id == 100) {
             if (strstr($link, '$projectname')) {
                 // NOTE: if you change link variables here, change them also in src/common/project/RegisterProjectStep_Confirmation.class.php and src/www/project/admin/servicebar.php
                 // Don't check project name if not needed.
                 // When it is done here, the service bar will not appear updated on the current page
                 $link = str_replace('$projectname', $pm->getProject($group_id)->getUnixName(), $link);
             }
             $link = str_replace('$sys_default_domain', $GLOBALS['sys_default_domain'], $link);
             if ($GLOBALS['sys_force_ssl']) {
                 $sys_default_protocol = 'https';
             } else {
                 $sys_default_protocol = 'http';
             }
             $link = str_replace('$sys_default_protocol', $sys_default_protocol, $link);
             $link = str_replace('$group_id', $group_id, $link);
         }
         $enabled = is_numeric($toptab) && $toptab == $service_data['service_id'] || $short_name && $toptab == $short_name;
         $hp =& Codendi_HTMLPurifier::instance();
         if ($short_name == 'summary') {
             // Add a default tab to explain project privacy
             if ($project->isPublic()) {
                 $privacy = 'public';
             } else {
                 $privacy = 'private';
             }
             $label = '<span class="project_privacy_' . $privacy . '">[';
             $label .= $GLOBALS['Language']->getText('project_privacy', $privacy);
             $label .= ']</span>';
             // Javascript for project privacy tooltip
             $js = "\ndocument.observe('dom:loaded', function() {\n    \$\$('span[class=project_privacy_private], span[class=project_privacy_public]').each(function (span) {\n        var type = span.className.substring('project_privacy_'.length, span.className.length);\n        codendi.Tooltips.push(new codendi.Tooltip(span, '/project/privacy.php?project_type='+type));\n    });\n});\n";
             $this->includeFooterJavascriptSnippet($js);
             $label .= '&nbsp;' . $hp->purify(util_unconvert_htmlspecialchars($project->getPublicName()), CODENDI_PURIFIER_CONVERT_HTML) . '&nbsp;&raquo;';
         } else {
             $label = $hp->purify($service_data['label']);
         }
         $tabs[] = array('link' => $link, 'icon' => null, 'label' => $label, 'enabled' => $enabled, 'description' => $hp->purify($service_data['description']));
     }
     return $tabs;
 }
Пример #16
0
 }
 if ($good) {
     if ($request->exist('name')) {
         $param = $request->get('name');
         $name = array_pop(array_keys($param));
         $instance_id = (int) $param[$name];
         if ($widget =& Widget::getInstance($name)) {
             if ($widget->isAvailable()) {
                 switch ($request->get('action')) {
                     case 'rss':
                         $widget->displayRss();
                         exit;
                         break;
                     case 'update':
                         if ($layout_id = (int) $request->get('layout_id')) {
                             if ($owner_type == WidgetLayoutManager::OWNER_TYPE_USER || user_ismember($group_id, 'A') || user_is_super_user()) {
                                 if ($request->get('cancel') || $widget->updatePreferences($request)) {
                                     $lm->hideWidgetPreferences($owner_id, $owner_type, $layout_id, $name, $instance_id);
                                 }
                             }
                         }
                         break;
                     case 'ajax':
                         if ($widget->isAjax()) {
                             $widget->loadContent($instance_id);
                             echo $widget->getContent();
                             //Layout::showDebugInfo();
                             exit;
                         }
                         break;
                     case 'iframe':
Пример #17
0
/**
 * Check if the current user is allowed to change permissions, depending on the permission_type
 *
 * @param Integer $group_id        Id of the project
 * @param String  $permission_type Type of the permission
 * @param Boolean $object_id       Object on which permission is applied
 *
 * @return Boolean
 */
function permission_user_allowed_to_change($group_id, $permission_type, $object_id = 0)
{
    // Super-user and project admin has all rights...
    $user = UserManager::instance()->getCurrentUser();
    if (user_is_super_user() || $user->isMember($group_id, 'A')) {
        return true;
    }
    if ($permission_type == 'NEWS_READ') {
        //special case : if user has write (or admin) perms on News, he can submit news ==> he can submit private news ==> he can define news perms
        return user_ismember($group_id, 'N1') || user_ismember($group_id, 'N2');
    } else {
        if ($permission_type == 'PACKAGE_READ') {
            return user_ismember($group_id, 'R2');
        } else {
            if ($permission_type == 'RELEASE_READ') {
                return user_ismember($group_id, 'R2');
            } else {
                if ($permission_type == 'DOCGROUP_READ') {
                    return user_ismember($group_id, 'D2');
                } else {
                    if ($permission_type == 'DOCUMENT_READ') {
                        return user_ismember($group_id, 'D2');
                    } else {
                        if ($permission_type == 'WIKI_READ') {
                            return user_ismember($group_id, 'W2');
                        } else {
                            if ($permission_type == 'WIKIPAGE_READ') {
                                return user_ismember($group_id, 'W2');
                            } else {
                                if ($permission_type == 'WIKIATTACHMENT_READ') {
                                    return user_ismember($group_id, 'W2');
                                } else {
                                    if (strpos($permission_type, 'TRACKER') === 0) {
                                        // Starts with 'TRACKER'
                                        $pm = ProjectManager::instance();
                                        $group = $pm->getProject($group_id);
                                        //The object_id stored in the permission table when permission_type ='TRACKER_ARTIFACT_ACCESS'
                                        //corresponds to the artifact_id
                                        if ($permission_type == 'TRACKER_ARTIFACT_ACCESS') {
                                            $sql = 'SELECT group_artifact_id from artifact WHERE artifact_id = ' . db_ei($object_id);
                                            $res = db_query($sql);
                                            if ($res && db_numrows($res) == 1) {
                                                $row = db_fetch_array($res);
                                                $object_id = $row['group_artifact_id'];
                                            } else {
                                                return false;
                                            }
                                        }
                                        $at = new ArtifactType($group, (int) $object_id);
                                        return $at->userIsAdmin();
                                    } else {
                                        $em =& EventManager::instance();
                                        $allowed = false;
                                        $em->processEvent('permission_user_allowed_to_change', array('group_id' => $group_id, 'permission_type' => $permission_type, 'object_id' => $object_id, 'allowed' => &$allowed));
                                        return $allowed;
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
}
Пример #18
0
    while ($row_trovecat = db_fetch_array($res_trovecat)) {
        print '<LI>' . $row_trovecat['fullpath'] . ' ' . help_button('trove_cat', $row_trovecat['trove_cat_id']) . "\n";
    }
    print '
</UL>
<P align="center">
<A href="/project/admin/group_trove.php?group_id=' . $group_id . '">' . '<B>' . $Language->getText('project_admin_index', 'edit_trove_cat') . '</B></A>
';
}
// list all possible project types
// get current information
$template =& TemplateSingleton::instance();
print '
<HR NoShade SIZE="1">
<P>';
if (user_is_super_user()) {
    print '<TABLE WIDTH="100%" BORDER="0">
 <TR>
  <TD><B>' . $Language->getText('project_admin_index', 'group_type') . ' ' . help_button('project-admin.html#project-type') . ' : </B>
      <FORM action="?" method="post">
      <INPUT TYPE="HIDDEN" NAME="func" VALUE="change_group_type">
      <INPUT TYPE="HIDDEN" NAME="group_id" VALUE="' . $group_id . '"></TD>
  <TD valign="top">' . $template->showTypeBox('form_project_type', $group->getType()) . '
      <INPUT type="submit" name="Update" value="' . $Language->getText('global', 'btn_update') . '">
      </FORM></TD>
 </TR>
</TABLE>
';
} else {
    print '<B>' . $Language->getText('project_admin_index', 'group_type') . ' ' . help_button('project-admin.html#project-type') . ' : ' . $template->getLabel($group->getType()) . '</B>';
}
Пример #19
0
 function _getProjectTabs($toptab, &$project)
 {
     global $sys_default_domain;
     $pm = ProjectManager::instance();
     $tabs = array();
     $group_id = $project->getGroupId();
     $user = UserManager::instance()->getCurrentUser();
     if ($this->restrictedMemberIsNotProjectMember($user, $group_id)) {
         $allowed_services = array('summary');
         $this->getEventManager()->processEvent(Event::GET_SERVICES_ALLOWED_FOR_RESTRICTED, array('allowed_services' => &$allowed_services));
     }
     foreach ($project->getServicesData() as $short_name => $service_data) {
         if ((string) $short_name == "admin") {
             // for the admin service, we will check if the user is allowed to use the service
             // it means : 1) to be a super user, or
             //            2) to be project admin
             if (!user_is_super_user()) {
                 if (!user_isloggedin()) {
                     continue;
                     // we don't include the service in the $tabs
                 } else {
                     if (!user_ismember($group_id, 'A')) {
                         continue;
                         // we don't include the service in the $tabs
                     }
                 }
             }
         }
         $permissions_overrider = PermissionsOverrider_PermissionsOverriderManager::instance();
         if (!$this->isProjectSuperPublic($group_id) && $this->restrictedMemberIsNotProjectMember($user, $group_id) && !$permissions_overrider->doesOverriderAllowUserToAccessProject($user, $project)) {
             if (!in_array($short_name, $allowed_services)) {
                 continue;
             }
         }
         if (!$service_data['is_used']) {
             continue;
         }
         if (!$service_data['is_active']) {
             continue;
         }
         $hp = Codendi_HTMLPurifier::instance();
         // Get URL, and eval variables
         //$project->services[$short_name]->getUrl(); <- to use when service will be fully served by satellite
         if ($service_data['is_in_iframe']) {
             $link = '/service/?group_id=' . $group_id . '&amp;id=' . $service_data['service_id'];
         } else {
             $link = $hp->purify($service_data['link']);
         }
         if ($group_id == 100) {
             if (strstr($link, '$projectname')) {
                 // NOTE: if you change link variables here, change them also in src/common/project/RegisterProjectStep_Confirmation.class.php and src/www/project/admin/servicebar.php
                 // Don't check project name if not needed.
                 // When it is done here, the service bar will not appear updated on the current page
                 $link = str_replace('$projectname', $pm->getProject($group_id)->getUnixName(), $link);
             }
             $link = str_replace('$sys_default_domain', $GLOBALS['sys_default_domain'], $link);
             if ($GLOBALS['sys_force_ssl']) {
                 $sys_default_protocol = 'https';
             } else {
                 $sys_default_protocol = 'http';
             }
             $link = str_replace('$sys_default_protocol', $sys_default_protocol, $link);
             $link = str_replace('$group_id', $group_id, $link);
         }
         $enabled = is_numeric($toptab) && $toptab == $service_data['service_id'] || $short_name && $toptab == $short_name;
         if ($short_name == 'summary') {
             $label = '<span>';
             if (ForgeConfig::get('sys_display_project_privacy_in_service_bar')) {
                 // Add a default tab to explain project privacy
                 if ($project->isPublic()) {
                     $privacy = 'public';
                 } else {
                     $privacy = 'private';
                 }
                 $privacy_text = $GLOBALS['Language']->getText('project_privacy', 'tooltip_' . $this->getProjectPrivacy($project));
                 $label .= '<span class="project-title-container project_privacy_' . $privacy . '" data-content="' . $privacy_text . '" data-placement="bottom">[';
                 $label .= $GLOBALS['Language']->getText('project_privacy', $privacy);
                 $label .= ']</span>';
                 $label .= '&nbsp;';
             }
             $label .= $hp->purify(util_unconvert_htmlspecialchars($project->getPublicName()), CODENDI_PURIFIER_CONVERT_HTML) . '&nbsp;&raquo;</span>';
         } else {
             $label = '<span title="' . $hp->purify($service_data['description']) . '">';
             $label .= $hp->purify($service_data['label']) . '</span>';
         }
         $name = $hp->purify($service_data['label']);
         $icon = $this->getServiceIcon($short_name);
         if (isset($service_data['icon'])) {
             $icon = $service_data['icon'];
         }
         $tabs[] = array('link' => $link, 'icon' => $icon, 'name' => $name, 'label' => $label, 'enabled' => $enabled, 'description' => $hp->purify($service_data['description']), 'id' => $hp->purify('sidebar-' . $short_name));
     }
     return $tabs;
 }
Пример #20
0
 /**
  * @return Widget
  */
 public static function getInstance($widget_name)
 {
     $o = null;
     switch ($widget_name) {
         case 'mysurveys':
             $o = new Widget_MySurveys();
             break;
         case 'myprojects':
             $o = new Widget_MyProjects();
             break;
         case 'mybookmarks':
             $o = new Widget_MyBookmarks();
             break;
         case 'mymonitoredforums':
             $o = new Widget_MyMonitoredForums();
             break;
         case 'mymonitoredfp':
             $o = new Widget_MyMonitoredFp();
             break;
         case 'mylatestsvncommits':
             $o = new Widget_MyLatestSvnCommits();
             break;
         case 'myartifacts':
             $o = new Widget_MyArtifacts();
             break;
         case 'myrss':
             $o = new Widget_MyRss();
             break;
             //case 'mywikipage':                   //not yet
             //    $o = new Widget_MyWikiPage();
             //    break;
         //case 'mywikipage':                   //not yet
         //    $o = new Widget_MyWikiPage();
         //    break;
         case 'myimageviewer':
             $o = new Widget_MyImageViewer();
             break;
         case 'myadmin':
             $user_is_super_user = user_is_super_user();
             if (!$user_is_super_user) {
                 $user = UserManager::instance()->getCurrentUser();
                 $forge_ugroup_permissions_manager = new User_ForgeUserGroupPermissionsManager(new User_ForgeUserGroupPermissionsDao());
                 $can_access = $forge_ugroup_permissions_manager->doesUserHavePermission($user, new User_ForgeUserGroupPermission_ProjectApproval());
             }
             if ($user_is_super_user || $can_access) {
                 //This widget is mainly for super admin
                 $o = new Widget_MyAdmin($user_is_super_user);
             }
             break;
         case 'mysystemevent':
             if (user_is_super_user()) {
                 //This widget is only for super admin
                 $o = new Widget_MySystemEvent();
             }
             break;
         case 'projectdescription':
             $o = new Widget_ProjectDescription();
             break;
         case 'projectclassification':
             $o = new Widget_ProjectClassification();
             break;
         case 'projectmembers':
             $o = new Widget_ProjectMembers();
             break;
         case 'projectlatestfilereleases':
             $o = new Widget_ProjectLatestFileReleases();
             break;
         case 'projectlatestnews':
             $o = new Widget_ProjectLatestNews();
             break;
         case 'projectpublicareas':
             $o = new Widget_ProjectPublicAreas();
             break;
         case 'projectrss':
             $o = new Widget_ProjectRss();
             break;
         case 'projectsvnstats':
             $o = new Widget_ProjectSvnStats();
             break;
             //case 'projectwikipage':                    //not yet
             //    $o = new Widget_ProjectWikiPage();
             //    break;
         //case 'projectwikipage':                    //not yet
         //    $o = new Widget_ProjectWikiPage();
         //    break;
         case 'projectlatestsvncommits':
             $o = new Widget_ProjectLatestSvnCommits();
             break;
         case 'projectlatestcvscommits':
             $o = new Widget_ProjectLatestCvsCommits();
             break;
         case 'projectimageviewer':
             $o = new Widget_ProjectImageViewer();
             break;
         case 'projectcontacts':
             $o = new Widget_Contacts();
             break;
         default:
             $em = EventManager::instance();
             $em->processEvent('widget_instance', array('widget' => $widget_name, 'instance' => &$o));
             break;
     }
     if (!$o || !is_a($o, 'Widget')) {
         $o = null;
     }
     return $o;
 }
Пример #21
0
//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
//
require_once 'pre.php';
require_once 'my_utils.php';
require_once 'common/event/EventManager.class.php';
require_once 'common/widget/WidgetLayoutManager.class.php';
$hp = Codendi_HTMLPurifier::instance();
if (user_isloggedin()) {
    // If it's super user and license terms have not yet been agreed then redirect
    // to license agreement page
    if (user_is_super_user() && !license_already_displayed()) {
        session_redirect("/admin/approve_license.php");
    }
    // Make sure this page is not cached because
    // it uses the exact same URL for all user's
    // personal page
    header("Cache-Control: no-cache, no-store, must-revalidate");
    // for HTTP 1.1
    header("Pragma: no-cache");
    // for HTTP 1.0
    if (browser_is_netscape4()) {
        $feedback .= $Language->getText('my_index', 'err_badbrowser');
    }
    $title = $Language->getText('my_index', 'title', array($hp->purify(user_getrealname(user_getid()), CODENDI_PURIFIER_CONVERT_HTML) . ' (' . user_getname() . ')'));
    $GLOBALS['HTML']->includeJavascriptFile('/scripts/scriptaculous/scriptaculous.js');
    my_header(array('title' => $title, 'body_class' => array('widgetable')));
Пример #22
0
/**
 * Remove user from all ugroups
 *
 * @return false if access rights are insufficient (need to be site admin)
 */
function ugroup_delete_user_from_all_ugroups($user_id)
{
    if (!user_is_super_user()) {
        return false;
    }
    db_query("DELETE FROM ugroup_user WHERE user_id={$user_id}");
    return true;
}
Пример #23
0
 switch ($owner_type) {
     case WidgetLayoutManager::OWNER_TYPE_USER:
         $owner_id = user_getid();
         $layout_id = (int) $request->get('layout_id');
         $redirect = '/my/';
         $good = true;
         break;
     case WidgetLayoutManager::OWNER_TYPE_GROUP:
         $pm = ProjectManager::instance();
         if ($project = $pm->getProject($owner_id)) {
             $group_id = $owner_id;
             $_REQUEST['group_id'] = $_GET['group_id'] = $group_id;
             $request->params['group_id'] = $group_id;
             //bad!
             $redirect = '/projects/' . $project->getUnixName() . '/';
             if (!user_ismember($group_id, 'A') && !user_is_super_user()) {
                 $GLOBALS['Response']->redirect($redirect);
             }
             $good = true;
         }
         break;
     default:
         break;
 }
 if ($good) {
     if (!$request->exist('layout_id')) {
         //Search the default one
         $layout_id = $lm->getDefaultLayoutId($owner_id, $owner_type);
     } else {
         $layout_id = (int) $request->get('layout_id');
     }
Пример #24
0
<?php

//
// Codendi
// Copyright (c) Xerox Corporation, Codendi Team, 2001-2009. All rights reserved
// http://www.codendi.com
//
//
//
// Originally written by Laurent Julliard 2004, Codendi Team, Xerox
//
require_once 'pre.php';
if (!(user_isloggedin() && user_is_super_user())) {
    exit_error('ERROR', $Language->getText('admin_approve_license', 'error'));
}
$legal_acceptance = $request->get('legal_acceptance');
$HTML->header(array('title' => $Language->getText('admin_approve_license', 'title', array($GLOBALS['sys_name']))));
if ($legal_acceptance == 'ACCEPT') {
    license_accepted();
    echo license_msg_accepted();
} else {
    if ($legal_acceptance == 'DECLINE') {
        license_declined();
        echo '<p><span class="highlight">' . license_msg_declined() . '</span></p>';
    } else {
        echo '<FORM ACTION="' . $_SERVER['PHP_SELF'] . '" METHOD="POST" name="license_form">' . "\n<table><tr><td>\n";
        // Preamble
        echo '<p>' . $Language->getText('admin_approve_license', 'msg_accept');
        // display the license and the agree/disagree buttons
        include $Language->getContent('admin/license_terms');
        echo '</td></tr>
Пример #25
0
 /**
  * return a field for the given user.
  * 
  * @protected
  **/
 function _getFieldLabelAndValueForUser($group_id, $group_artifact_id, &$field, $user_id, $force_read_only = false)
 {
     $html = false;
     if ($field->userCanRead($group_id, $group_artifact_id, $user_id)) {
         $read_only = $force_read_only || !$field->userCanUpdate($group_id, $group_artifact_id, $user_id);
         // For multi select box, we need to retrieve all the values
         if ($field->isMultiSelectBox()) {
             $field_value = $field->getValues($this->getID());
         } else {
             $field_value = $this->getValue($field->getName());
         }
         $field_html = new ArtifactFieldHtml($field);
         $label = $field_html->labelDisplay(false, false, !$read_only);
         $label .= $field->isEmptyOk() ? '' : '<span class="highlight"><big>*</big></b></span>';
         // original submission field must be displayed read-only,
         // except for site admin, tracker admin and for the artifact submitter
         if ($field->getName() == 'details') {
             if (user_is_super_user() || $this->ArtifactType->userIsAdmin() || $this->getSubmittedBy() == $user_id) {
                 // original submission is editable
                 $value = $field_html->display($this->ArtifactType->getID(), $field_value, false, false, $read_only);
             } else {
                 $value = util_make_links($field_html->display($this->ArtifactType->getID(), $field_value, false, false, true), $group_id, $group_artifact_id);
             }
         } else {
             if ($field->getName() == 'submitted_by') {
                 $value = util_user_link(user_getname($field_value));
             } else {
                 if ($field->getName() == 'open_date') {
                     $value = format_date($GLOBALS['Language']->getText('system', 'datefmt'), $field_value);
                 } else {
                     if ($field->getName() == 'last_update_date') {
                         $value = format_date($GLOBALS['Language']->getText('system', 'datefmt'), $field_value);
                     } else {
                         $value = $field_html->display($this->ArtifactType->getID(), $field_value, false, false, $read_only);
                         if ($read_only) {
                             $value = util_make_links($value, $group_id, $group_artifact_id);
                         }
                     }
                 }
             }
         }
         $html = array('label' => $label, 'value' => $value);
     }
     return $html;
 }
Пример #26
0
            switch ($owner_type) {
                case WidgetLayoutManager::OWNER_TYPE_USER:
                    $owner_id = user_getid();
                    $title = $Language->getText('my_index', 'title', array($hp->purify(user_getrealname(user_getid()), CODENDI_PURIFIER_CONVERT_HTML) . ' (' . user_getname() . ')'));
                    my_header(array('title' => $title, 'selected_top_tab' => '/my/'));
                    $lm->displayAvailableWidgets(user_getid(), WidgetLayoutManager::OWNER_TYPE_USER, $layout_id);
                    site_footer(array());
                    break;
                case WidgetLayoutManager::OWNER_TYPE_GROUP:
                    $pm = ProjectManager::instance();
                    if ($project = $pm->getProject($owner_id)) {
                        $group_id = $owner_id;
                        $_REQUEST['group_id'] = $_GET['group_id'] = $group_id;
                        $request->params['group_id'] = $group_id;
                        //bad!
                        if (user_ismember($group_id, 'A') || user_is_super_user()) {
                            $title = $Language->getText('include_project_home', 'proj_info') . ' - ' . $project->getPublicName();
                            site_project_header(array('title' => $title, 'group' => $group_id, 'toptab' => 'summary'));
                            $lm->displayAvailableWidgets($group_id, WidgetLayoutManager::OWNER_TYPE_GROUP, $layout_id);
                            site_footer(array());
                        } else {
                            $GLOBALS['Response']->redirect('/projects/' . $project->getUnixName() . '/');
                        }
                    }
                    break;
                default:
                    break;
            }
        }
    }
} else {
Пример #27
0
 /**
  *  Display the field values list for a field
  *
  *  @param field_id: the field id
  *
  *  @return void
  */
 function displayFieldValuesList($field_id)
 {
     global $ath, $art_field_fact, $Language;
     $hp = Codendi_HTMLPurifier::instance();
     $field = $art_field_fact->getFieldFromId($field_id);
     if (!$field) {
         return;
     }
     $values = $field->getFieldValues($this->getID(), array('A', 'P'));
     $rows = db_numrows($values);
     if (!$values || $rows == 0) {
         echo "\n<H3>" . $Language->getText('tracker_include_type', 'no_values') . "</H3>";
         return;
     } else {
         echo '<h3>' . $Language->getText('tracker_include_type', 'exist_values') . '</h3>';
         echo '<p>' . $Language->getText('tracker_include_report', 'mod');
     }
     // Show all the fields currently available in the system
     $i = 0;
     $title_arr = array();
     if ($field->getName() == "severity") {
         $title_arr[] = $Language->getText('tracker_include_report', 'id');
     }
     $title_arr[] = $Language->getText('tracker_include_type', 'value_label');
     $title_arr[] = $Language->getText('tracker_include_artifact', 'desc');
     $title_arr[] = $Language->getText('tracker_include_type', 'rank');
     $title_arr[] = $Language->getText('global', 'status');
     $title_arr[] = $Language->getText('tracker_include_canned', 'delete');
     echo html_build_list_table_top($title_arr);
     // Build HTML ouput for  Used fields
     $iu = 0;
     $html = "";
     while ($row = db_fetch_array($values)) {
         $rank = $row['order_id'] ? $row['order_id'] : "-";
         $status = $this->getLabelValueStatus($row['status']);
         $html .= '<TR class="' . util_get_alt_row_color($iu) . '">';
         if ($field->getName() == "severity") {
             $html .= '<TD align="center">' . $hp->purify($row['value_id'], CODENDI_PURIFIER_CONVERT_HTML) . '</TD>';
         }
         $html .= '<TD>';
         if ($row['value_id'] != 100) {
             # Can't edit 'None'
             $html .= '<A HREF="?group_id=' . (int) $this->Group->getID() . "&atid=" . (int) $this->getID() . '&func=display_field_value&field_id=' . (int) $field->getID() . '&value_id=' . (int) $row['value_id'] . '">';
         }
         $html .= $hp->purify(SimpleSanitizer::unsanitize($row['value']), CODENDI_PURIFIER_CONVERT_HTML);
         if ($row['value_id'] != 100) {
             # Can't edit 'None'
             $html .= '</A>';
         }
         $html .= "</td>\n<td>" . $hp->purify(SimpleSanitizer::unsanitize($row['description']), CODENDI_PURIFIER_BASIC, $this->getGroupId()) . '</td>' . "\n<td align =\"center\">" . $hp->purify($rank, CODENDI_PURIFIER_CONVERT_HTML) . '</td>' . "\n<td align =\"center\">" . $hp->purify($status, CODENDI_PURIFIER_CONVERT_HTML) . '</td>';
         if (($row['status'] == "P" || $field->getName() == "severity") && !user_is_super_user()) {
             // Unable to delete Permanent values, except for values in the tracker templates (for Codendi admins)
             $html .= "\n<td align =\"center\">-</td>";
         } else {
             $html .= "\n<td align =\"center\"><a href=\"/tracker/admin/?func=value_delete&group_id=" . (int) $this->Group->getID() . "&atid=" . (int) $this->getID() . "&field_id=" . (int) $field->getID() . "&value_id=" . (int) $row['value_id'] . "\"><img src=\"" . util_get_image_theme("ic/trash.png") . "\" border=\"0\" onClick=\"return confirm('" . $Language->getText('tracker_include_type', 'del_value') . "')\"></a></td>";
         }
         $html .= "<TR>";
         $iu++;
     }
     // Now print the HTML table
     if ($iu == 0) {
         echo '<tr><td colspan="4"><center><b>' . $Language->getText('tracker_include_type', 'no_active_val') . '</b></center></tr>' . $html;
     } else {
         echo '<tr><td colspan="4"><center><b>' . $Language->getText('tracker_include_type', 'active_val') . '</b></center></tr>' . $html;
     }
     // Build HTML ouput for Unused fields
     $iu = 0;
     $values = $field->getFieldValues($this->getID(), array('H'));
     $html = "";
     while ($row = db_fetch_array($values)) {
         $rank = $row['order_id'] ? $row['order_id'] : "-";
         $status = $this->getLabelValueStatus($row['status']);
         $html .= '<TR class="' . util_get_alt_row_color($iu) . '">';
         if ($field->getName() == "severity") {
             $html .= '<TD align="center">' . (int) $row['value_id'] . '</TD>';
         }
         $html .= '<TD><A HREF="?group_id=' . (int) $this->Group->getID() . "&atid=" . (int) $this->getID() . '&func=display_field_value&field_id=' . (int) $field->getID() . '&value_id=' . (int) $row['value_id'] . '">' . $row['value'] . '</A></td>' . "\n<td>" . $hp->purify($row['description'], CODENDI_PURIFIER_BASIC, $this->getGroupId()) . '</td>' . "\n<td align =\"center\">" . $hp->purify($rank, CODENDI_PURIFIER_CONVERT_HTML) . '</td>' . "\n<td align =\"center\">" . $hp->purify($status, CODENDI_PURIFIER_CONVERT_HTML) . '</td>';
         if ($row['status'] == "P" || $field->getName() == "severity") {
             // Unable to delete Permanent values
             $html .= "\n<td align =\"center\">-</td>";
         } else {
             $html .= "\n<td align =\"center\"><a href=\"/tracker/admin/?func=value_delete&group_id=" . (int) $this->Group->getID() . "&atid=" . (int) $this->getID() . "&field_id=" . (int) $field->getID() . "&value_id=" . (int) $row['value_id'] . "\"><img src=\"" . util_get_image_theme("ic/trash.png") . "\" border=\"0\" onClick=\"return confirm('" . $Language->getText('tracker_include_type', 'del_value') . "')\"></a>";
         }
         $html .= "<TR>";
         $iu++;
     }
     // Now print the HTML table
     if ($iu == 0) {
         echo '<tr><td colspan="4"><center><b>' . $Language->getText('tracker_include_type', 'no_hidden_val') . '</b></center></tr>' . $html;
     } else {
         echo '<tr><td colspan="4"><center><b>' . $Language->getText('tracker_include_type', 'hidden_val') . '</b></center></tr>' . $html;
     }
     echo '</TABLE>';
     echo '<hr>';
 }
Пример #28
0
}
if (!$ath->userIsAdmin()) {
    exit_permission_denied();
    return;
}
// Check if this tracker is valid (not deleted)
if (!$ath->isValid()) {
    exit_error($Language->getText('global', 'error'), $Language->getText('tracker_add', 'invalid'));
}
$ath->adminHeader(array('title' => $Language->getText('tracker_admin_field_usage', 'tracker_admin') . $Language->getText('tracker_admin_field_values_details', 'values_admin'), 'help' => 'tracker-v3.html#browsing-tracker-field-values'));
$hp = Codendi_HTMLPurifier::instance();
echo "<H2>" . $Language->getText('tracker_import_admin', 'tracker') . ' \'<a href="/tracker/admin/?group_id=' . (int) $group_id . "&atid=" . (int) $atid . '">' . $hp->purify(SimpleSanitizer::unsanitize($ath->getName()), CODENDI_PURIFIER_CONVERT_HTML) . "</a>'" . $Language->getText('tracker_admin_field_values_details', 'manage_for', $hp->purify(SimpleSanitizer::unsanitize($field->getLabel()), CODENDI_PURIFIER_CONVERT_HTML)) . "</H2>";
if (!$field->isSelectBox() && !$field->isMultiSelectBox()) {
    $ath->displayDefaultValueForm($field_id, $field->getDefaultValue());
} else {
    $val_func = $field->getValueFunction();
    if (isset($val_func[0]) && $val_func[0]) {
        $ath->displayValueFunctionForm($field_id, $val_func);
        $ath->displayDefaultValueFunctionForm($field_id, $field->getDefaultValue(), $val_func);
    } else {
        $ath->displayFieldValuesList($field_id);
        $ath->displayDefaultValueForm($field_id, $field->getDefaultValue());
        // For severity field, we don't display the Bind form or the Create Form
        if ($field->getName() != "severity" && $field->getName() != "status_id" || user_is_super_user()) {
            echo '<hr>';
            $ath->displayFieldValueForm("value_create", $field_id);
            $ath->displayValueFunctionForm($field_id, NULL, $Language->getText('global', 'or'));
        }
    }
}
$ath->footer(array());