2 // +----------------------------------------------------------------------+
3 // | Anuko Time Tracker
4 // +----------------------------------------------------------------------+
5 // | Copyright (c) Anuko International Ltd. (https://www.anuko.com)
6 // +----------------------------------------------------------------------+
7 // | LIBERAL FREEWARE LICENSE: This source code document may be used
8 // | by anyone for any purpose, and freely redistributed alone or in
9 // | combination with other software, provided that the license is obeyed.
11 // | There are only two ways to violate the license:
13 // | 1. To redistribute this code in source form, with the copyright
14 // | notice or license removed or altered. (Distributing in compiled
15 // | forms without embedded copyright notices is permitted).
17 // | 2. To redistribute modified versions of this code in *any* form
18 // | that bears insufficient indications that the modifications are
19 // | not the work of the original author(s).
21 // | This license applies to this document only, not any other software
22 // | that it may be combined with.
24 // +----------------------------------------------------------------------+
26 // | https://www.anuko.com/time_tracker/credits.htm
27 // +----------------------------------------------------------------------+
29 import('ttRoleHelper');
31 // Class ttGroupHelper - contains helper functions that operate with groups.
32 // This is a planned replacement for ttTeamHelper as we move forward with subgroups.
35 // The getGroupName function returns group name.
36 static function getGroupName($group_id) {
37 $mdb2 = getConnection();
39 $sql = "select name from tt_groups where id = $group_id and (status = 1 or status = 0)";
40 $res = $mdb2->query($sql);
42 if (!is_a($res, 'PEAR_Error')) {
43 $val = $res->fetchRow();
49 // The getParentGroup determines a parent group for a given group.
50 static function getParentGroup($group_id) {
53 $mdb2 = getConnection();
55 $sql = "select parent_id from tt_groups where id = $group_id and org_id = $user->org_id and status = 1";
56 $res = $mdb2->query($sql);
58 if (!is_a($res, 'PEAR_Error')) {
59 $val = $res->fetchRow();
60 return $val['parent_id'];
65 // The getSubgroupByName obtain an immediate subgroup by name if one exists.
66 static function getSubgroupByName($name) {
69 $mdb2 = getConnection();
70 $parent_id = $user->getGroup();
71 $org_id = $user->org_id;
73 $sql = "select id from tt_groups where parent_id = $parent_id and org_id = $org_id".
74 " and name = ".$mdb2->quote($name)." and status is not null";
75 $res = $mdb2->query($sql);
76 if (!is_a($res, 'PEAR_Error')) {
77 $val = $res->fetchRow();
78 if ($val && $val['id'])
84 // The insertSubgroup inserts a new subgroup in database.
85 static function insertSubgroup($fields) {
88 $mdb2 = getConnection();
89 $parent_id = $user->getGroup();
90 $org_id = $user->org_id;
91 $name = $fields['name'];
92 $description = $fields['description'];
94 // We need to inherit attributes from the parent group.
95 $attrs = ttGroupHelper::getGroupAttrs($parent_id);
97 $columns = '(parent_id, org_id, name, description, currency, decimal_mark, lang, date_format, time_format'.
98 ', week_start, tracking_mode, project_required, task_required, record_type, bcc_email'.
99 ', allow_ip, password_complexity, plugins, lock_spec'.
100 ', workday_minutes, config, created, created_ip, created_by)';
102 $values = " values ($parent_id, $org_id";
103 $values .= ', '.$mdb2->quote($name);
104 $values .= ', '.$mdb2->quote($description);
105 $values .= ', '.$mdb2->quote($attrs['currency']);
106 $values .= ', '.$mdb2->quote($attrs['decimal_mark']);
107 $values .= ', '.$mdb2->quote($attrs['lang']);
108 $values .= ', '.$mdb2->quote($attrs['date_format']);
109 $values .= ', '.$mdb2->quote($attrs['time_format']);
110 $values .= ', '.(int)$attrs['week_start'];
111 $values .= ', '.(int)$attrs['tracking_mode'];
112 $values .= ', '.(int)$attrs['project_required'];
113 $values .= ', '.(int)$attrs['task_required'];
114 $values .= ', '.(int)$attrs['record_type'];
115 $values .= ', '.$mdb2->quote($attrs['bcc_email']);
116 $values .= ', '.$mdb2->quote($attrs['allow_ip']);
117 $values .= ', '.$mdb2->quote($attrs['password_complexity']);
118 $values .= ', '.$mdb2->quote($attrs['plugins']);
119 $values .= ', '.$mdb2->quote($attrs['lock_spec']);
120 $values .= ', '.(int)$attrs['workday_minutes'];
121 $values .= ', '.$mdb2->quote($attrs['config']);
122 $values .= ', now(), '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', '.$user->id;
125 $sql = 'insert into tt_groups '.$columns.$values;
126 $affected = $mdb2->exec($sql);
127 if (is_a($affected, 'PEAR_Error')) return false;
129 $subgroup_id = $mdb2->lastInsertID('tt_groups', 'id');
131 // Copy roles from the parent group to child group.
132 if (!ttRoleHelper::copyRolesToGroup($subgroup_id))
138 // markGroupDeleted marks a group and everything in it as deleted.
139 // This function is called in context of a logged on user (global $user object).
140 // It uses current user attributes for access checks and in sql queries.
141 // Compare this with admin:
142 // admin can delete any group.
143 // user can delete only relevant groups and only if allowed.
144 static function markGroupDeleted($group_id) {
147 $mdb2 = getConnection();
148 $org_id = $user->org_id;
151 if (!$user->isGroupValid($group_id))
154 // Keep the logic simple by returning false on first error.
156 // Obtain subgroups and call self recursively on them.
157 $subgroups = $user->getSubgroups($group_id);
158 foreach($subgroups as $subgroup) {
159 if (!ttGroupHelper::markGroupDeleted($subgroup['id']))
163 // Now do actual work with all entities.
165 // Some things cannot be marked deleted as we don't have the status field for them.
166 // Just delete such things (until we have a better way to deal with them).
167 $tables_to_delete_from = array(
169 'tt_predefined_expenses',
170 'tt_client_project_binds',
171 'tt_project_task_binds'
173 foreach($tables_to_delete_from as $table) {
174 if (!ttGroupHelper::deleteGroupEntriesFromTable($group_id, $table))
178 // Now mark status deleted where we can.
179 // Note: we don't mark tt_log, tt_custom_field_lod, or tt_expense_items deleted here.
182 // 1) Users may mark some of them deleted during their work.
183 // If we mark all of them deleted here, we can't recover nicely
184 // as we'll lose track of what was accidentally deleted by user.
186 // 2) DB maintenance script (Clean up DB from inactive groups) should
187 // get rid of these items permanently eventually.
188 $tables_to_mark_deleted_in = array(
191 // 'tt_expense_items',
192 // 'tt_custom_field_log',
193 'tt_custom_field_options',
197 'tt_user_project_binds',
204 foreach($tables_to_mark_deleted_in as $table) {
205 if (!ttGroupHelper::markGroupDeletedInTable($group_id, $table))
209 // Mark group deleted.
210 $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id;
211 $sql = "update tt_groups set status = null $modified_part where id = $group_id and org_id = $org_id";
212 $affected = $mdb2->exec($sql);
213 if (is_a($affected, 'PEAR_Error')) return false;
218 // markGroupDeletedInTable is a generic helper function for markGroupDeleted.
219 // It updates ONE table by setting status to NULL for all records belonging to a group.
220 static function markGroupDeletedInTable($group_id, $table_name) {
222 $mdb2 = getConnection();
224 // Add modified info to sql for some tables, depending on table name.
225 if ($table_name == 'tt_users') {
226 $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id;
229 $org_id = $user->org_id; // The only security measure we use here for match.
230 $sql = "update $table_name set status = null $modified_part where group_id = $group_id and org_id = $org_id";
231 $affected = $mdb2->exec($sql);
232 return (!is_a($affected, 'PEAR_Error'));
235 // deleteGroupEntriesFromTable is a generic helper function for markGroupDeleted.
236 // It deletes entries in ONE table belonging to a given group.
237 static function deleteGroupEntriesFromTable($group_id, $table_name) {
239 $mdb2 = getConnection();
241 $org_id = $user->org_id; // The only security measure we use here for match.
242 $sql = "delete from $table_name where group_id = $group_id and org_id = $org_id";
243 $affected = $mdb2->exec($sql);
244 return (!is_a($affected, 'PEAR_Error'));
247 // getGroupAttrs obtains all group attributes.
248 static function getGroupAttrs($group_id) {
250 $mdb2 = getConnection();
252 $sql = "select * from tt_groups".
253 " where status = 1 and id = $group_id and org_id = $user->org_id";
254 $res = $mdb2->query($sql);
255 if (!is_a($res, 'PEAR_Error')) {
256 $val = $res->fetchRow();
261 // getRoles obtains all active and inactive roles in current group.
262 static function getRoles() {
264 $mdb2 = getConnection();
266 $group_id = $user->getGroup();
267 $org_id = $user->org_id;
268 $sql = "select * from tt_roles".
269 " where group_id = $group_id and org_id = $org_id and status is not null";
270 $res = $mdb2->query($sql);
271 if (is_a($res, 'PEAR_Error')) return false;
272 while ($val = $res->fetchRow()) {
278 // The getActiveClients returns an array of active clients for a group.
279 static function getActiveClients($all_fields = false)
282 $mdb2 = getConnection();
284 $group_id = $user->getGroup();
285 $org_id = $user->org_id;
287 $sql = "select * from tt_clients where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)";
289 $sql = "select id, name from tt_clients where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)";
291 $res = $mdb2->query($sql);
293 if (!is_a($res, 'PEAR_Error')) {
294 while ($val = $res->fetchRow()) {
301 // The getInactiveClients returns an array of inactive clients for a group.
302 static function getInactiveClients($all_fields = false)
305 $mdb2 = getConnection();
307 $group_id = $user->getGroup();
308 $org_id = $user->org_id;
310 $sql = "select * from tt_clients where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)";
312 $sql = "select id, name from tt_clients where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)";
314 $res = $mdb2->query($sql);
316 if (!is_a($res, 'PEAR_Error')) {
317 while ($val = $res->fetchRow()) {
324 // getActiveProjects - returns an array of active projects for a group.
325 static function getActiveProjects()
328 $mdb2 = getConnection();
330 $group_id = $user->getGroup();
331 $org_id = $user->org_id;
333 $sql = "select id, name, description, tasks from tt_projects".
334 " where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)";
335 $res = $mdb2->query($sql);
337 if (!is_a($res, 'PEAR_Error')) {
338 while ($val = $res->fetchRow()) {
345 // getInactiveProjects - returns an array of inactive projects for a group.
346 static function getInactiveProjects()
349 $mdb2 = getConnection();
351 $group_id = $user->getGroup();
352 $org_id = $user->org_id;
354 $sql = "select id, name, description, tasks from tt_projects".
355 " where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)";
356 $res = $mdb2->query($sql);
358 if (!is_a($res, 'PEAR_Error')) {
359 while ($val = $res->fetchRow()) {
366 // getPredefinedExpenses - obtains predefined expenses for a group.
367 static function getPredefinedExpenses() {
369 $mdb2 = getConnection();
371 $group_id = $user->getGroup();
372 $org_id = $user->org_id;
375 $sql = "select id, name, cost from tt_predefined_expenses".
376 " where group_id = $group_id and org_id = $org_id";
377 $res = $mdb2->query($sql);
379 if (!is_a($res, 'PEAR_Error')) {
380 $decimal_mark = $user->getDecimalMark();
381 $replaceDecimalMark = ('.' != $decimal_mark);
383 while ($val = $res->fetchRow()) {
384 if ($replaceDecimalMark)
385 $val['cost'] = str_replace('.', $decimal_mark, $val['cost']);
393 // The getActiveInvoices returns an array of active invoices for a group.
394 static function getActiveInvoices()
397 $mdb2 = getConnection();
399 $group_id = $user->getGroup();
400 $org_id = $user->org_id;
402 $addPaidStatus = $user->isPluginEnabled('ps');
405 if ($user->isClient())
406 $client_part = "and i.client_id = $user->client_id";
408 $sql = "select i.id, i.name, i.date, i.client_id, i.status, c.name as client_name from tt_invoices i".
409 " left join tt_clients c on (c.id = i.client_id)".
410 " where i.status = 1 and i.group_id = $group_id and i.org_id = $org_id $client_part order by i.name";
411 $res = $mdb2->query($sql);
413 if (!is_a($res, 'PEAR_Error')) {
414 $dt = new DateAndTime(DB_DATEFORMAT);
415 while ($val = $res->fetchRow()) {
417 $dt->parseVal($val['date']);
418 $val['date'] = $dt->toString($user->getDateFormat());
420 $val['paid'] = ttInvoiceHelper::isPaid($val['id']);
427 // getNotifications - obtains notification descriptions for a group.
428 static function getNotifications() {
430 $mdb2 = getConnection();
432 $group_id = $user->getGroup();
433 $org_id = $user->org_id;
436 $sql = "select c.id, c.cron_spec, c.email, c.report_condition, fr.name from tt_cron c".
437 " left join tt_fav_reports fr on (fr.id = c.report_id)".
438 " where c.group_id = $group_id and c.org_id = $org_id and c.status = 1 and fr.status = 1";
439 $res = $mdb2->query($sql);
441 if (!is_a($res, 'PEAR_Error')) {
442 while ($val = $res->fetchRow()) {
450 // The getActiveUsers obtains all active users in a given group.
451 static function getActiveUsers($options = null) {
454 $mdb2 = getConnection();
456 $group_id = $user->getGroup();
457 $org_id = $user->org_id;
459 if (isset($options['getAllFields']))
460 $sql = "select u.*, r.name as role_name, r.rank from tt_users u left join tt_roles r on (u.role_id = r.id) where u.group_id = $group_id and u.org_id = $org_id and u.status = 1 order by upper(u.name)";
462 $sql = "select id, name from tt_users where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)";
463 $res = $mdb2->query($sql);
464 $user_list = array();
465 if (is_a($res, 'PEAR_Error'))
467 while ($val = $res->fetchRow()) {
468 // Localize top manager role name, as it is not localized in db.
469 if ($val['rank'] == 512)
470 $val['role_name'] = $i18n->get('role.top_manager.label');
474 if (isset($options['putSelfFirst'])) {
475 // Put own entry at the front.
476 $cnt = count($user_list);
477 for($i = 0; $i < $cnt; $i++) {
478 if ($user_list[$i]['id'] == $user->id) {
479 $self = $user_list[$i]; // Found self.
480 array_unshift($user_list, $self); // Put own entry at the front.
481 array_splice($user_list, $i+1, 1); // Remove duplicate.