2 // +----------------------------------------------------------------------+
3 // | Anuko Time Tracker
4 // +----------------------------------------------------------------------+
5 // | Copyright (c) Anuko International Ltd. (https://www.anuko.com)
6 // +----------------------------------------------------------------------+
7 // | LIBERAL FREEWARE LICENSE: This source code document may be used
8 // | by anyone for any purpose, and freely redistributed alone or in
9 // | combination with other software, provided that the license is obeyed.
11 // | There are only two ways to violate the license:
13 // | 1. To redistribute this code in source form, with the copyright
14 // | notice or license removed or altered. (Distributing in compiled
15 // | forms without embedded copyright notices is permitted).
17 // | 2. To redistribute modified versions of this code in *any* form
18 // | that bears insufficient indications that the modifications are
19 // | not the work of the original author(s).
21 // | This license applies to this document only, not any other software
22 // | that it may be combined with.
24 // +----------------------------------------------------------------------+
26 // | https://www.anuko.com/time_tracker/credits.htm
27 // +----------------------------------------------------------------------+
29 // The ttRoleHelper is a class to help with custom group roles.
32 // get - gets details of a role identified by its id.
33 static function get($id)
37 $mdb2 = getConnection();
39 $sql = "select id, name, description, rank, rights, status from tt_roles
40 where id = $id and group_id = ".$user->getGroup()." and (status = 0 or status = 1)";
41 $res = $mdb2->query($sql);
43 if (!is_a($res, 'PEAR_Error')) {
44 $val = $res->fetchRow();
45 if ($val['id'] != '') {
53 // The getRoleByName looks up a role by name.
54 static function getRoleByName($role_name) {
56 $mdb2 = getConnection();
59 $sql = "select id from tt_roles where group_id = ".$user->getGroup().
60 " and name = ".$mdb2->quote($role_name)." and (status = 1 or status = 0)";
61 $res = $mdb2->query($sql);
63 if (!is_a($res, 'PEAR_Error')) {
64 $val = $res->fetchRow();
71 // The getTopManagerRoleID obtains an ID for top manager role.
72 static function getTopManagerRoleID() {
73 $mdb2 = getConnection();
75 $sql = "select id from tt_roles where group_id = 0 and rank = 512";
76 $res = $mdb2->query($sql);
78 if (!is_a($res, 'PEAR_Error')) {
79 $val = $res->fetchRow();
86 // isClientRole determines if the role is a "client" role.
87 // This simply means the role has no "track_own_time" right.
88 static function isClientRole($role_id) {
90 $mdb2 = getConnection();
92 $sql = "select rights from tt_roles where group_id = ".$user->getGroup()." and id = $role_id";
93 $res = $mdb2->query($sql);
95 if (!is_a($res, 'PEAR_Error')) {
96 $val = $res->fetchRow();
98 return !in_array('track_own_time', explode(',', $val['rights']));
104 // getRoleByRank looks up a role by its rank.
105 static function getRoleByRank($rank) {
107 $mdb2 = getConnection();
109 $group_id = $user->getGroup();
110 $org_id = $user->org_id;
111 $rank = (int) $rank; // Cast to int just in case.
113 $sql = "select id from tt_roles where group_id = $group_id and org_id = $org_id and rank = $rank and (status = 1 or status = 0)";
114 $res = $mdb2->query($sql);
116 if (!is_a($res, 'PEAR_Error')) {
117 $val = $res->fetchRow();
124 // update function updates a role in the database.
125 static function update($fields) {
127 $mdb2 = getConnection();
129 $group_id = $user->getGroup();
130 $org_id = $user->org_id;
132 $id = (int)$fields['id'];
133 if (isset($fields['name'])) $name_part = 'name = '.$mdb2->quote($fields['name']);
134 if (isset($fields['rank'])) $rank_part = ', rank = '.(int)$fields['rank'];
135 if (isset($fields['description'])) $descr_part = ', description = '.$mdb2->quote($fields['description']);
136 if (isset($fields['status'])) $status_part = ', status = '.(int)$fields['status'];
137 if (isset($fields['rights'])) $rights_part = ', rights = '.$mdb2->quote($fields['rights']);
138 $parts = trim($name_part.$rank_part.$descr_part.$status_part.$rights_part, ',');
139 $sql = "update tt_roles set $parts where id = $id and group_id = $group_id and org_id = $org_id";
140 $affected = $mdb2->exec($sql);
141 return (!is_a($affected, 'PEAR_Error'));
144 // delete - marks the role as deleted.
145 static function delete($role_id) {
148 $mdb2 = getConnection();
149 $group_id = $user->getGroup();
150 $org_id = $user->org_id;
152 // Mark the task as deleted.
153 $sql = "update tt_roles set status = NULL where id = $role_id and group_id = $group_id and org_id = $org_id";
154 $affected = $mdb2->exec($sql);
155 return (!is_a($affected, 'PEAR_Error'));
158 // insert - inserts an entry into tt_roles table.
159 static function insert($fields)
162 $mdb2 = getConnection();
164 $group_id = $user->getGroup();
165 $org_id = $user->org_id;
166 $name = $fields['name'];
167 $rank = (int) $fields['rank'];
168 $description = $fields['description'];
169 $rights = $fields['rights'];
170 $status = $fields['status'];
172 $sql = "insert into tt_roles (group_id, org_id, name, rank, description, rights, status)
173 values ($group_id, $org_id, ".$mdb2->quote($name).", $rank, ".$mdb2->quote($description).", ".$mdb2->quote($rights).", ".$mdb2->quote($status).")";
174 $affected = $mdb2->exec($sql);
175 if (is_a($affected, 'PEAR_Error'))
178 $last_id = $mdb2->lastInsertID('tt_roles', 'id');
182 // createPredefinedRoles - creates a set of predefined roles for a group to use.
183 static function createPredefinedRoles($group_id, $lang)
185 // We need localized role names and a new I18n object to obtain them.
190 $mdb2 = getConnection();
192 $rights_client = 'view_client_reports,view_client_invoices,manage_own_settings';
193 $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users';
194 $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,approve_reports,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles';
195 $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports';
196 $rights_manager = $rights_comanager.',manage_features,manage_advanced_settings,manage_roles,export_data,approve_own_timesheets,manage_subgroups';
199 $name = $mdb2->quote($i18n->get('role.user.label'));
200 $description = $mdb2->quote($i18n->get('role.user.description'));
201 $rights = $mdb2->quote($rights_user);
202 $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 4, $rights, 1)";
203 $affected = $mdb2->exec($sql);
204 if (is_a($affected, 'PEAR_Error'))
207 $name = $mdb2->quote($i18n->get('role.client.label'));
208 $description = $mdb2->quote($i18n->get('role.client.description'));
209 $rights = $mdb2->quote($rights_client);
210 $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 16, $rights, 1)";
211 $affected = $mdb2->exec($sql);
212 if (is_a($affected, 'PEAR_Error'))
215 $name = $mdb2->quote($i18n->get('role.comanager.label'));
216 $description = $mdb2->quote($i18n->get('role.comanager.description'));
217 $rights = $mdb2->quote($rights_comanager);
218 $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 68, $rights, 1)";
219 $affected = $mdb2->exec($sql);
220 if (is_a($affected, 'PEAR_Error'))
223 $name = $mdb2->quote($i18n->get('role.manager.label'));
224 $description = $mdb2->quote($i18n->get('role.manager.description'));
225 $rights = $mdb2->quote($rights_manager);
226 $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 324, $rights, 1)";
227 $affected = $mdb2->exec($sql);
228 if (is_a($affected, 'PEAR_Error'))
232 $name = $mdb2->quote($i18n->get('role.supervisor.label'));
233 $description = $mdb2->quote($i18n->get('role.supervisor.description'));
234 $rights = $mdb2->quote($rights_supervisor);
235 $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 12, $rights, 0)";
236 $affected = $mdb2->exec($sql);
237 if (is_a($affected, 'PEAR_Error'))
243 // createPredefinedRoles_1_17_44 - used in dbinstall.php during database schema update.
244 static function createPredefinedRoles_1_17_44($group_id, $lang)
246 // We need localized role names and a new I18n object to obtain them.
251 $mdb2 = getConnection();
253 $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
254 $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users';
255 $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets';
256 $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports';
257 $rights_manager = $rights_comanager.',manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_reports,manage_subgroups';
260 $name = $mdb2->quote($i18n->get('role.user.label'));
261 $description = $mdb2->quote($i18n->get('role.user.description'));
262 $rights = $mdb2->quote($rights_user);
263 $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 4, $rights, 1)";
264 $affected = $mdb2->exec($sql);
265 if (is_a($affected, 'PEAR_Error'))
268 $name = $mdb2->quote($i18n->get('role.client.label'));
269 $description = $mdb2->quote($i18n->get('role.client.description'));
270 $rights = $mdb2->quote($rights_client);
271 $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 16, $rights, 1)";
272 $affected = $mdb2->exec($sql);
273 if (is_a($affected, 'PEAR_Error'))
276 $name = $mdb2->quote($i18n->get('role.comanager.label'));
277 $description = $mdb2->quote($i18n->get('role.comanager.description'));
278 $rights = $mdb2->quote($rights_comanager);
279 $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 68, $rights, 1)";
280 $affected = $mdb2->exec($sql);
281 if (is_a($affected, 'PEAR_Error'))
284 $name = $mdb2->quote($i18n->get('role.manager.label'));
285 $description = $mdb2->quote($i18n->get('role.manager.description'));
286 $rights = $mdb2->quote($rights_manager);
287 $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 324, $rights, 1)";
288 $affected = $mdb2->exec($sql);
289 if (is_a($affected, 'PEAR_Error'))
293 $name = $mdb2->quote($i18n->get('role.supervisor.label'));
294 $description = $mdb2->quote($i18n->get('role.supervisor.description'));
295 $rights = $mdb2->quote($rights_supervisor);
296 $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 12, $rights, 0)";
297 $affected = $mdb2->exec($sql);
298 if (is_a($affected, 'PEAR_Error'))
304 // getRoleByRank_1_17_44 is used in dbinstall.php and looks up a role by its rank.
305 static function getRoleByRank_1_17_44($rank, $group_id) {
307 $mdb2 = getConnection();
309 $rank = (int) $rank; // Cast to int just in case for better security.
311 $sql = "select id from tt_roles where team_id = $group_id and rank = $rank and (status = 1 or status = 0)";
312 $res = $mdb2->query($sql);
314 if (!is_a($res, 'PEAR_Error')) {
315 $val = $res->fetchRow();
322 // copyRolesToGroup copies roles from current on behalf group to another.
323 static function copyRolesToGroup($group_id) {
325 $mdb2 = getConnection();
327 $org_id = $user->org_id;
328 $columns = '(group_id, org_id, name, description, rank, rights, status)';
329 $roles = ttGroupHelper::getRoles(); // Roles in current on behalf group.
331 foreach ($roles as $role) {
332 $values = "values($group_id, $org_id".
333 ', '.$mdb2->quote($role['name']).
334 ', '.$mdb2->quote($role['description']).
335 ', '.(int)$role['rank'].
336 ', '.$mdb2->quote($role['rights']).
337 ', '.$mdb2->quote($role['status']).
339 $sql = "insert into tt_roles $columns $values";
340 $affected = $mdb2->exec($sql);
341 if (is_a($affected, 'PEAR_Error'))