2 // +----------------------------------------------------------------------+
3 // | Anuko Time Tracker
4 // +----------------------------------------------------------------------+
5 // | Copyright (c) Anuko International Ltd. (https://www.anuko.com)
6 // +----------------------------------------------------------------------+
7 // | LIBERAL FREEWARE LICENSE: This source code document may be used
8 // | by anyone for any purpose, and freely redistributed alone or in
9 // | combination with other software, provided that the license is obeyed.
11 // | There are only two ways to violate the license:
13 // | 1. To redistribute this code in source form, with the copyright
14 // | notice or license removed or altered. (Distributing in compiled
15 // | forms without embedded copyright notices is permitted).
17 // | 2. To redistribute modified versions of this code in *any* form
18 // | that bears insufficient indications that the modifications are
19 // | not the work of the original author(s).
21 // | This license applies to this document only, not any other software
22 // | that it may be combined with.
24 // +----------------------------------------------------------------------+
26 // | https://www.anuko.com/time_tracker/credits.htm
27 // +----------------------------------------------------------------------+
29 require_once('initialize.php');
31 import('ttProjectHelper');
32 import('ttTeamHelper');
33 import('ttUserHelper');
35 import('form.TableColumn');
38 if (!ttAccessCheck(right_manage_team)) {
39 header('Location: access_denied.php');
43 // Get user id we are editing from the request.
44 $user_id = (int) $request->getParameter('id');
47 $user_details = ttUserHelper::getUserDetails($user_id);
50 $ok_to_go = $user->canManageTeam(); // Are we authorized for user management?
51 if ($ok_to_go) $ok_to_go = $ok_to_go && $user_details; // Are we editing a real user?
52 if ($ok_to_go) $ok_to_go = $ok_to_go && ($user->team_id == $user_details['team_id']); // User belongs to our team?
53 if ($ok_to_go && $user->isCoManager() && (ROLE_COMANAGER == $user_details['role']))
54 $ok_to_go = ($user->id == $user_details['id']); // Comanager is not allowed to edit other comanagers.
55 if ($ok_to_go && $user->isCoManager() && (ROLE_MANAGER == $user_details['role']))
56 $ok_to_go = false; // Comanager is not allowed to edit a manager.
58 die ($i18n->getKey('error.sys'));
61 if (in_array('cl', explode(',', $user->plugins)))
62 $clients = ttTeamHelper::getActiveClients($user->team_id);
64 $projects = ttTeamHelper::getActiveProjects($user->team_id);
65 $assigned_projects = array();
67 if ($request->getMethod() == 'POST') {
68 $cl_name = trim($request->getParameter('name'));
69 $cl_login = trim($request->getParameter('login'));
70 if (!$auth->isPasswordExternal()) {
71 $cl_password1 = $request->getParameter('pas1');
72 $cl_password2 = $request->getParameter('pas2');
74 $cl_email = trim($request->getParameter('email'));
75 $cl_role = $request->getParameter('role');
76 $cl_client_id = $request->getParameter('client');
77 $cl_status = $request->getParameter('status');
78 $cl_rate = $request->getParameter('rate');
79 $cl_projects = $request->getParameter('projects');
80 if (is_array($cl_projects)) {
81 foreach ($cl_projects as $p) {
82 if (ttValidFloat($request->getParameter('rate_'.$p), true)) {
83 $project_with_rate = array();
84 $project_with_rate['id'] = $p;
85 $project_with_rate['rate'] = $request->getParameter('rate_'.$p);
86 $assigned_projects[] = $project_with_rate;
88 $errors->add($i18n->getKey('error.field'), 'rate_'.$p);
92 $cl_name = $user_details['name'];
93 $cl_login = $user_details['login'];
94 $cl_email = $user_details['email'];
95 $cl_rate = str_replace('.', $user->decimal_mark, $user_details['rate']);
96 $cl_role = $user_details['role'];
97 $cl_client_id = $user_details['client_id'];
98 $cl_status = $user_details['status'];
99 $cl_projects = array();
100 $assigned_projects = ttProjectHelper::getAssignedProjects($user_id);
101 foreach($assigned_projects as $p) {
102 $cl_projects[] = $p['id'];
106 $form = new Form('userForm');
107 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'name','style'=>'width: 300px;','value'=>$cl_name));
108 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'login','style'=>'width: 300px;','value'=>$cl_login));
109 if (!$auth->isPasswordExternal()) {
110 $form->addInput(array('type'=>'text','maxlength'=>'30','name'=>'pas1','aspassword'=>true,'value'=>$cl_password1));
111 $form->addInput(array('type'=>'text','maxlength'=>'30','name'=>'pas2','aspassword'=>true,'value'=>$cl_password2));
113 $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'email','style'=>'width: 300px;','value'=>$cl_email));
115 $roles[ROLE_USER] = $i18n->getKey('label.user');
116 $roles[ROLE_COMANAGER] = $i18n->getKey('form.users.comanager');
117 if (in_array('cl', explode(',', $user->plugins)))
118 $roles[ROLE_CLIENT] = $i18n->getKey('label.client');
119 $form->addInput(array('type'=>'combobox','onchange'=>'handleClientControl()','name'=>'role','value'=>$cl_role,'data'=>$roles));
120 if (in_array('cl', explode(',', $user->plugins)))
121 $form->addInput(array('type'=>'combobox','name'=>'client','value'=>$cl_client_id,'data'=>$clients,'datakeys'=>array('id', 'name'),'empty'=>array(''=>$i18n->getKey('dropdown.select'))));
123 $form->addInput(array('type'=>'combobox','name'=>'status','value'=>$cl_status,
124 'data'=>array(ACTIVE=>$i18n->getKey('dropdown.status_active'),INACTIVE=>$i18n->getKey('dropdown.status_inactive'))));
125 $form->addInput(array('type'=>'floatfield','maxlength'=>'10','name'=>'rate','format'=>'.2','value'=>$cl_rate));
127 // Define classes for the projects table.
128 class NameCellRenderer extends DefaultCellRenderer {
129 function render(&$table, $value, $row, $column, $selected = false) {
130 $this->setOptions(array('width'=>200,'valign'=>'top'));
131 $this->setValue('<label for = "'.$table->getName().'_'.$row.'">'.htmlspecialchars($value).'</label>');
132 return $this->toString();
135 class RateCellRenderer extends DefaultCellRenderer {
136 function render(&$table, $value, $row, $column, $selected = false) {
137 global $assigned_projects;
138 $field = new FloatField('rate_'.$table->getValueAtName($row,'id'), $table->getValueAtName($row, 'p_rate'));
139 $field->setFormName($table->getFormName());
140 $field->setLocalization($GLOBALS['I18N']);
142 $field->setFormat('.2');
143 foreach ($assigned_projects as $p) {
144 if ($p['id'] == $table->getValueAtName($row,'id')) $field->setValue($p['rate']);
146 $this->setValue($field->toStringControl());
147 return $this->toString();
150 // Create projects table.
151 $table = new Table('projects');
152 $table->setIAScript('setRate');
153 $table->setTableOptions(array('width'=>'100%','cellspacing'=>'1','cellpadding'=>'3','border'=>'0'));
154 $table->setRowOptions(array('valign'=>'top','class'=>'tableHeader'));
155 $table->setData($projects);
156 $table->setKeyField('id');
157 $table->setValue($cl_projects);
158 $table->addColumn(new TableColumn('name', $i18n->getKey('label.project'), new NameCellRenderer()));
159 $table->addColumn(new TableColumn('p_rate', $i18n->getKey('form.users.rate'), new RateCellRenderer()));
160 $form->addInputElement($table);
162 $form->addInput(array('type'=>'hidden','name'=>'id','value'=>$user_id));
163 $form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->getKey('button.save')));
165 if ($request->getMethod() == 'POST') {
166 // Validate user input.
167 if (!ttValidString($cl_name)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.person_name'));
168 if (!ttValidString($cl_login)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.login'));
169 if (!$auth->isPasswordExternal() && ($cl_password1 || $cl_password2)) {
170 if (!ttValidString($cl_password1)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.password'));
171 if (!ttValidString($cl_password2)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password'));
172 if ($cl_password1 !== $cl_password2)
173 $errors->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password'));
175 if (!ttValidEmail($cl_email, true)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('label.email'));
176 if (!ttValidFloat($cl_rate, true)) $errors->add($i18n->getKey('error.field'), $i18n->getKey('form.users.default_rate'));
178 if ($errors->isEmpty()) {
179 $existing_user = ttUserHelper::getUserByLogin($cl_login);
180 if (!$existing_user || ($user_id == $existing_user['id'])) {
184 'login' => $cl_login,
185 'password' => $cl_password1,
186 'email' => $cl_email,
187 'status' => $cl_status,
189 'projects' => $assigned_projects);
190 if (right_assign_roles & $user->rights) {
191 $fields['role'] = $cl_role;
192 $fields['client_id'] = $cl_client_id;
195 if (ttUserHelper::update($user_id, $fields)) {
197 // If our own login changed, set new one in cookie to remember it.
198 if (($user_id == $user->id) && ($user->login != $cl_login)) {
199 setcookie('tt_login', $cl_login, time() + COOKIE_EXPIRE, '/');
202 // In case the name of the "on behalf" user has changed - set it in session.
203 if (($user->behalf_id == $user_id) && ($user->behalf_name != $cl_name)) {
204 $_SESSION['behalf_name'] = $cl_name;
207 // If we deactivated our own account, do housekeeping and logout.
208 if ($user->id == $user_id && !is_null($cl_status) && $cl_status == INACTIVE) {
209 // Remove tt_login cookie that stores login name.
210 unset($_COOKIE['tt_login']);
211 setcookie('tt_login', NULL, -1);
214 header('Location: login.php');
218 header('Location: users.php');
222 $errors->add($i18n->getKey('error.db'));
224 $errors->add($i18n->getKey('error.user_exists'));
228 $rates = ttProjectHelper::getRates($user_id);
229 $smarty->assign('rates', $rates);
231 $smarty->assign('auth_external', $auth->isPasswordExternal());
232 $smarty->assign('forms', array($form->getName()=>$form->toArray()));
233 $smarty->assign('onload', 'onLoad="document.userForm.name.focus();handleClientControl();"');
234 $smarty->assign('user_id', $user_id);
235 $smarty->assign('title', $i18n->getKey('title.edit_user'));
236 $smarty->assign('content_page_name', 'user_edit.tpl');
237 $smarty->display('index.tpl');