A bit more progress on refactoring access checks.
[timetracker.git] / report.php
1 <?php
2 // +----------------------------------------------------------------------+
3 // | Anuko Time Tracker
4 // +----------------------------------------------------------------------+
5 // | Copyright (c) Anuko International Ltd. (https://www.anuko.com)
6 // +----------------------------------------------------------------------+
7 // | LIBERAL FREEWARE LICENSE: This source code document may be used
8 // | by anyone for any purpose, and freely redistributed alone or in
9 // | combination with other software, provided that the license is obeyed.
10 // |
11 // | There are only two ways to violate the license:
12 // |
13 // | 1. To redistribute this code in source form, with the copyright
14 // |    notice or license removed or altered. (Distributing in compiled
15 // |    forms without embedded copyright notices is permitted).
16 // |
17 // | 2. To redistribute modified versions of this code in *any* form
18 // |    that bears insufficient indications that the modifications are
19 // |    not the work of the original author(s).
20 // |
21 // | This license applies to this document only, not any other software
22 // | that it may be combined with.
23 // |
24 // +----------------------------------------------------------------------+
25 // | Contributors:
26 // | https://www.anuko.com/time_tracker/credits.htm
27 // +----------------------------------------------------------------------+
28
29 require_once('initialize.php');
30 import('form.Form');
31 import('form.ActionForm');
32 import('ttReportHelper');
33 import('ttTeamHelper');
34
35 // Access check.
36 if (!(ttAccessAllowed('view_own_reports') || ttAccessAllowed('view_reports'))) {
37   header('Location: access_denied.php');
38   exit();
39 }
40
41 if ($user->isPluginEnabled('ps')) {
42   $cl_mark_paid_select_option = $request->getParameter('mark_paid_select_options', ($request->isPost() ? null : @$_SESSION['mark_paid_select_option']));
43   $_SESSION['mark_paid_select_option'] = $cl_mark_paid_select_option;
44   $cl_mark_paid_action_option = $request->getParameter('mark_paid_action_options', ($request->isPost() ? null : @$_SESSION['mark_paid_action_option']));
45   $_SESSION['mark_paid_action_option'] = $cl_mark_paid_action_option;
46 }
47 if ($user->isPluginEnabled('iv')) {
48   $cl_assign_invoice_select_option = $request->getParameter('assign_invoice_select_options', ($request->isPost() ? null : @$_SESSION['assign_invoice_select_option']));
49   $_SESSION['assign_invoice_select_option'] = $cl_assign_invoice_select_option;
50   $cl_recent_invoice_option = $request->getParameter('recent_invoice', ($request->isPost() ? null : @$_SESSION['recent_invoice_option']));
51   $_SESSION['recent_invoice_option'] = $cl_recent_invoice_option;
52 }
53
54 // Use custom fields plugin if it is enabled.
55 if ($user->isPluginEnabled('cf')) {
56   require_once('plugins/CustomFields.class.php');
57   $custom_fields = new CustomFields($user->team_id);
58   $smarty->assign('custom_fields', $custom_fields);
59 }
60
61 $form = new Form('reportForm');
62
63 // Report settings are stored in session bean before we get here from reports.php.
64 $bean = new ActionForm('reportBean', $form, $request);
65 // If we are in post, load the bean from session, as the constructor does it only in get.
66 if ($request->isPost()) $bean->loadBean();
67
68 $client_id = $bean->getAttribute('client');
69
70 // Do we need to show checkboxes?
71 if ($bean->getAttribute('chpaid') ||
72    ($client_id && $bean->getAttribute('chinvoice') && ('no_grouping' == $bean->getAttribute('group_by')) && !$user->isClient())) {
73   $smarty->assign('use_checkboxes', true);
74 }
75
76 // Controls for "Mark paid" block.
77 if ($bean->getAttribute('chpaid')) {
78   $mark_paid_select_options = array('1'=>$i18n->get('dropdown.all'),'2'=>$i18n->get('dropdown.select'));
79   $form->addInput(array('type'=>'combobox',
80     'name'=>'mark_paid_select_options',
81     'data'=>$mark_paid_select_options,
82     'value'=>$cl_mark_paid_select_option));
83   $mark_paid_action_options = array('1'=>$i18n->get('dropdown.paid'),'2'=>$i18n->get('dropdown.not_paid'));
84   $form->addInput(array('type'=>'combobox',
85     'name'=>'mark_paid_action_options',
86     'data'=>$mark_paid_action_options,
87     'value'=>$cl_mark_paid_action_option));
88   $form->addInput(array('type'=>'submit','name'=>'btn_mark_paid','value'=>$i18n->get('button.submit')));
89   $smarty->assign('use_mark_paid', true);
90 }
91
92 // Controls for "Assign to invoice" block.
93 if ($client_id && $bean->getAttribute('chinvoice') && ('no_grouping' == $bean->getAttribute('group_by')) && !$user->isClient()) {
94   // Client is selected and we are displaying the invoice column.
95   $recent_invoices = ttTeamHelper::getRecentInvoices($user->team_id, $client_id);
96   if ($recent_invoices) {
97     $assign_invoice_select_options = array('1'=>$i18n->get('dropdown.all'),'2'=>$i18n->get('dropdown.select'));
98     $form->addInput(array('type'=>'combobox',
99       'name'=>'assign_invoice_select_options',
100       'data'=>$assign_invoice_select_options,
101       'value'=>$cl_assign_invoice_select_option));
102     $form->addInput(array('type'=>'combobox',
103       'name'=>'recent_invoice',
104       'data'=>$recent_invoices,
105       'datakeys'=>array('id','name'),
106       'value'=>$cl_recent_invoice_option,
107       'empty'=>array(''=>$i18n->get('dropdown.select_invoice'))));
108     $form->addInput(array('type'=>'submit','name'=>'btn_assign','value'=>$i18n->get('button.submit')));
109     $smarty->assign('use_assign_to_invoice', true);
110   }
111 }
112
113 if ($request->isPost()) {
114
115   // Validate parameters and at the same time build arrays of record ids.
116   if (($request->getParameter('btn_mark_paid') && 2 == $request->getParameter('mark_paid_select_options'))
117        || ($request->getParameter('btn_assign') && 2 == $request->getParameter('assign_invoice_select_options'))) {
118     // We act on selected records. Are there any?
119     foreach($_POST as $key => $val) {
120       if ('log_id_' == substr($key, 0, 7))
121         $time_log_ids[] = substr($key, 7);
122       if ('item_id_' == substr($key, 0, 8))
123         $expense_item_ids[] = substr($key, 8);
124     }
125     if (!$time_log_ids && !$expense_item_ids) $err->Add($i18n->get('error.record')); // There are no selected records.
126     // Validation of parameteres ended here.
127   } else {
128     // We are assigning all report items. Get the arrays from session.
129     // Note: getting from session assures we act only on previously displayed records.
130     // Rebuilding from $bean may get us a different set.
131     $item_ids = ttReportHelper::getFromSession();
132     $time_log_ids = $item_ids['report_item_ids'];
133     $expense_item_ids = $item_ids['report_item_expense_ids'];
134     // The above code is here beacues the arrays are used in both "Mark paid" and "Assign to invoice" handlers below.
135   }
136
137   if ($err->no()) {
138     if ($request->getParameter('btn_mark_paid')) {
139       // User clicked the "Mark paid" button to mark some or all items either paid or not paid.
140
141       // Determine user action.
142       $mark_paid = $request->getParameter('mark_paid_action_options') == 1 ? true : false;
143
144       // Mark as requested.
145       if ($time_log_ids || $expense_item_ids) {
146         ttReportHelper::markPaid($time_log_ids, $expense_item_ids, $mark_paid);
147       }
148
149       // Re-display this form.
150       header('Location: report.php');
151       exit();
152     }
153
154     if ($request->getParameter('btn_assign')) {
155       // User clicked the Submit button to assign all or some items to a recent invoice.
156
157       // Determine invoice id.
158       $invoice_id = $request->getParameter('recent_invoice');
159
160       // Assign as requested.
161       if ($time_log_ids || $expense_item_ids) {
162         ttReportHelper::assignToInvoice($invoice_id, $time_log_ids, $expense_item_ids);
163       }
164       // Re-display this form.
165       header('Location: report.php');
166       exit();
167     }
168   }
169 } // isPost
170
171 $group_by = $bean->getAttribute('group_by');
172
173 $report_items = ttReportHelper::getItems($bean);
174 // Store record ids in session in case user wants to act on records such as marking them all paid.
175 if ($request->isGet() && $user->isPluginEnabled('ps'))
176   ttReportHelper::putInSession($report_items);
177
178 if ('no_grouping' != $group_by)
179   $subtotals = ttReportHelper::getSubtotals($bean);
180 $totals = ttReportHelper::getTotals($bean);
181
182 // Assign variables that are used to print subtotals.
183 if ($report_items && 'no_grouping' != $group_by) {
184   $smarty->assign('print_subtotals', true);
185   $smarty->assign('first_pass', true);
186   $smarty->assign('group_by', $group_by);
187   $smarty->assign('prev_grouped_by', '');
188   $smarty->assign('cur_grouped_by', '');
189 }
190 // Determine group by header.
191 if ('no_grouping' != $group_by) {
192   if ('cf_1' == $group_by)
193     $smarty->assign('group_by_header', $custom_fields->fields[0]['label']);
194   else {
195     $key = 'label.'.$group_by;
196     $smarty->assign('group_by_header', $i18n->get($key));
197   }
198 }
199 // Assign variables that are used to alternate color of rows for different dates.
200 $smarty->assign('prev_date', '');
201 $smarty->assign('cur_date', '');
202 $smarty->assign('report_row_class', 'rowReportItem');
203
204 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
205
206 $smarty->assign('report_items', $report_items);
207 $smarty->assign('subtotals', $subtotals);
208 $smarty->assign('totals', $totals);
209 $smarty->assign('bean', $bean);
210 $smarty->assign('title', $i18n->get('title.report').": ".$totals['start_date']." - ".$totals['end_date']);
211 $smarty->assign('content_page_name', 'report.tpl');
212 $smarty->display('index.tpl');