projects
/
timetracker.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Added override_date_lock right to supervisors.
[timetracker.git]
/
WEB-INF
/
lib
/
ttUserHelper.class.php
diff --git
a/WEB-INF/lib/ttUserHelper.class.php
b/WEB-INF/lib/ttUserHelper.class.php
index
4c68645
..
e70f085
100644
(file)
--- a/
WEB-INF/lib/ttUserHelper.class.php
+++ b/
WEB-INF/lib/ttUserHelper.class.php
@@
-125,9
+125,9
@@
class ttUserHelper {
$status_v = ', '.$mdb2->quote($fields['status']);
}
$status_v = ', '.$mdb2->quote($fields['status']);
}
- $sql = "insert into tt_users (name, login, password, team_id, role, client_id, rate, email $status_f) values (".
+ $sql = "insert into tt_users (name, login, password, team_id, role,
role_id,
client_id, rate, email $status_f) values (".
$mdb2->quote($fields['name']).", ".$mdb2->quote($fields['login']).
$mdb2->quote($fields['name']).", ".$mdb2->quote($fields['login']).
- ", $password, $team_id, $role, ".$mdb2->quote($fields['client_id']).", $rate, ".$mdb2->quote($email)." $status_v)";
+ ", $password, $team_id, $role, ".$mdb2->quote($fields['
role_id']).", ".$mdb2->quote($fields['
client_id']).", $rate, ".$mdb2->quote($email)." $status_v)";
$affected = $mdb2->exec($sql);
// Now deal with project assignment.
$affected = $mdb2->exec($sql);
// Now deal with project assignment.
@@
-167,11
+167,15
@@
class ttUserHelper {
// Prepare query parts.
if (isset($fields['password']))
$pass_part = ', password = md5('.$mdb2->quote($fields['password']).')';
// Prepare query parts.
if (isset($fields['password']))
$pass_part = ', password = md5('.$mdb2->quote($fields['password']).')';
- if (
right_assign_roles & $user->rights
) {
+ if (
in_array('manage_users', $user->rights)
) {
if (isset($fields['role'])) {
$role = (int) $fields['role'];
$role_part = ", role = $role";
}
if (isset($fields['role'])) {
$role = (int) $fields['role'];
$role_part = ", role = $role";
}
+ if (isset($fields['role_id'])) {
+ $role_id = (int) $fields['role_id'];
+ $role_id_part = ", role_id = $role_id";
+ }
if (array_key_exists('client_id', $fields)) // Could be NULL.
$client_part = ", client_id = ".$mdb2->quote($fields['client_id']);
}
if (array_key_exists('client_id', $fields)) // Could be NULL.
$client_part = ", client_id = ".$mdb2->quote($fields['client_id']);
}
@@
-189,7
+193,7
@@
class ttUserHelper {
$sql = "update tt_users set login = ".$mdb2->quote($fields['login']).
"$pass_part, name = ".$mdb2->quote($fields['name']).
$sql = "update tt_users set login = ".$mdb2->quote($fields['login']).
"$pass_part, name = ".$mdb2->quote($fields['name']).
- "$role_part $client_part $rate_part $status_part, email = ".$mdb2->quote($fields['email']).
+ "$role_part $
role_id_part $
client_part $rate_part $status_part, email = ".$mdb2->quote($fields['email']).
" where id = $user_id";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) return false;
" where id = $user_id";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) return false;
@@
-247,8
+251,6
@@
class ttUserHelper {
}
// markDeleted - marks user and its associated things as deleted.
}
// markDeleted - marks user and its associated things as deleted.
- // TODO: address the problem when a deleted user has a scheduled notification configured,
- // in which case all other notifications may stop working because of MySQL syntax error.
static function markDeleted($user_id) {
$mdb2 = getConnection();
global $user;
static function markDeleted($user_id) {
$mdb2 = getConnection();
global $user;