// | https://www.anuko.com/time_tracker/credits.htm
// +----------------------------------------------------------------------+
-import('ttUser');
+import('ttRoleHelper');
// ttAdmin class is used to perform admin tasks.
+// Used as namespace, as it is a collection of static functions that we call
+// from admin pages to administer the site as a whole.
class ttAdmin {
- var $err = null; // Error object, passed to us as reference.
- // We use it to communicate errors to caller.
-
- // Constructor.
- function __construct(&$err = null) {
- $this->err = $err;
- }
-
// getSubgroups rerurns an array of subgroups for a group.
- function getSubgroups($group_id) {
- return array(); // TODO: not yet implemented.
- }
-
- // getUsers obtains user ids in a group.
- function getUsers($group_id) {
+ static function getSubgroups($group_id) {
$mdb2 = getConnection();
- $sql = "select id from tt_users where team_id = $group_id";
+
+ $subgroups = array();
+ $sql = "select id from tt_groups where parent_id = $group_id";
$res = $mdb2->query($sql);
- $users = array();
if (!is_a($res, 'PEAR_Error')) {
while ($val = $res->fetchRow()) {
- $users[] = $val;
+ $subgroups[] = $val;
}
}
- return $users;
- }
-
- // markUserDeleted marks a user and all things associated with user as deleted.
- function markUserDeleted($user_id) {
- $mdb2 = getConnection();
-
- // Mark user binds as deleted.
- $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Mark favorite reports as deleted.
- $sql = "update tt_fav_reports set status = NULL where user_id = $user_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Mark user as deleted.
- global $user;
- $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
- $sql = "update tt_users set status = NULL $modified_part where id = $user_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- return true;
+ return $subgroups;
}
- // The markTasksDeleted deletes task binds and marks the tasks as deleted for a group.
- function markTasksDeleted($group_id) {
+ // markGroupDeleted marks a group and everything in it as deleted.
+ // This function is called in context of a logged on admin who may
+ // operate on any group.
+ static function markGroupDeleted($group_id) {
$mdb2 = getConnection();
- $sql = "select id from tt_tasks where team_id = $group_id";
- $res = $mdb2->query($sql);
- if (is_a($res, 'PEAR_Error')) return false;
-
- while ($val = $res->fetchRow()) {
- // Delete task binds.
- $task_id = $val['id'];
- $sql = "delete from tt_project_task_binds where task_id = $task_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Mark task as deleted.
- $sql = "update tt_tasks set status = NULL where id = $task_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
- }
-
- return true;
- }
-
- // markGroupDeleted marks the group and everything in it as deleted.
- function markGroupDeleted($group_id) {
// Keep the logic simple by returning false on first error.
// Obtain subgroups and call self recursively on them.
- $subgroups = $this->getSubgroups();
+ $subgroups = ttAdmin::getSubgroups($group_id);
foreach($subgroups as $subgroup) {
- if (!$this->markGroupDeleted($subgroup['id']))
+ if (!ttAdmin::markGroupDeleted($subgroup['id']))
return false;
}
- // Now that we are done with subgroups, handle this group.
- $users = $this->getUsers($group_id);
-
- // Iterate through team users and mark them as deleted.
- foreach ($users as $one_user) {
- if (!$this->markUserDeleted($one_user['id']))
- return false;
+ // Now do actual work with all entities.
+
+ // Delete group files.
+ ttAdmin::deleteGroupFiles($group_id);
+
+ // Some things cannot be marked deleted as we don't have the status field for them.
+ // Just delete such things (until we have a better way to deal with them).
+ $tables_to_delete_from = array(
+ 'tt_config',
+ 'tt_predefined_expenses',
+ 'tt_client_project_binds',
+ 'tt_project_task_binds'
+ );
+ foreach($tables_to_delete_from as $table) {
+ if (!ttAdmin::deleteGroupEntriesFromTable($group_id, $table))
+ return false;
}
- // Mark tasks deleted.
- if (!$this->markTasksDeleted($group_id)) return false;
-
- $mdb2 = getConnection();
-
- // Mark roles deleted.
- $sql = "update tt_roles set status = NULL where team_id = $group_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Mark projects deleted.
- $sql = "update tt_projects set status = NULL where team_id = $group_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Mark clients deleted.
- $sql = "update tt_clients set status = NULL where team_id = $group_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Mark invoices deleted.
- $sql = "update tt_invoices set status = NULL where team_id = $group_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Mark custom fields deleted.
- $sql = "update tt_custom_fields set status = NULL where team_id = $group_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Mark notifications deleted.
- $sql = "update tt_cron set status = NULL where team_id = $group_id";
- $affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) return false;
-
- // Note: we don't mark tt_log or tt_expense_items deleted here.
+ // Now mark status deleted where we can.
+ // Note: we don't mark tt_log, tt_custom_field_lod, or tt_expense_items deleted here.
// Reasoning is:
//
// 1) Users may mark some of them deleted during their work.
// If we mark all of them deleted here, we can't recover nicely
- // as we'll lose track of what was deleted by user.
+ // as we'll lose track of what was accidentally deleted by user.
//
- // 2) DB maintenance script (Clean up DB from inactive teams) should
+ // 2) DB maintenance script (Clean up DB from inactive groups) should
// get rid of these items permanently eventually.
+ $tables_to_mark_deleted_in = array(
+ 'tt_cron',
+ 'tt_fav_reports',
+ // 'tt_expense_items',
+ // 'tt_custom_field_log',
+ 'tt_custom_field_options',
+ 'tt_custom_fields',
+ // 'tt_log',
+ 'tt_invoices',
+ 'tt_user_project_binds',
+ 'tt_users',
+ 'tt_clients',
+ 'tt_projects',
+ 'tt_tasks',
+ 'tt_roles'
+ );
+ foreach($tables_to_mark_deleted_in as $table) {
+ if (!ttAdmin::markGroupDeletedInTable($group_id, $table))
+ return false;
+ }
// Mark group deleted.
global $user;
- $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
- $sql = "update tt_teams set status = NULL $modified_part where id = $group_id";
+ $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id;
+ $sql = "update tt_groups set status = null $modified_part where id = $group_id";
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) return false;
return true;
}
- // validateGroupInfo validates group information entered by user.
- function validateGroupInfo($fields) {
- global $i18n;
- global $auth;
-
- $result = true;
-
- if (!ttValidString($fields['group_name'], true)) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.team_name'));
- $result = false;
- }
- if (!ttValidString($fields['user_name'])) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_name'));
- $result = false;
- }
- if (!ttValidString($fields['new_login'])) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_login'));
- $result = false;
- }
-
- // If we change login, it must be unique.
- if ($fields['new_login'] != $fields['old_login']) {
- if (ttUserHelper::getUserByLogin($fields['new_login'])) {
- $this->err->add($i18n->getKey('error.user_exists'));
- $result = false;
- }
- }
-
- if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) {
- if (!ttValidString($fields['password1'])) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.password'));
- $result = false;
- }
- if (!ttValidString($fields['password2'])) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password'));
- $result = false;
- }
- if ($fields['password1'] !== $fields['password2']) {
- $this->err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password'));
- $result = false;
- }
- }
- if (!ttValidEmail($fields['email'], true)) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.email'));
- $result = false;
- }
-
- return $result;
- }
-
- // updateGroup validates user input and updates the group with new information.
- function updateGroup($team_id, $fields) {
- if (!$this->validateGroupInfo($fields)) return false; // Can't continue as user input is invalid.
+ // updateGroup updates a (top) group with new information.
+ static function updateGroup($fields) {
+ $group_id = (int)$fields['group_id'];
+ if (!$group_id) return false; // Nothing to update.
- global $user;
$mdb2 = getConnection();
+ global $user;
+ $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id;
// Update group name if it changed.
if ($fields['old_group_name'] != $fields['new_group_name']) {
$name_part = 'name = '.$mdb2->quote($fields['new_group_name']);
- $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
- $sql = 'update tt_teams set '.$name_part.$modified_part.' where id = '.$team_id;
+ $sql = 'update tt_groups set '.$name_part.$modified_part.' where id = '.$group_id;
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) return false;
}
$password_part = ', password = md5('.$mdb2->quote($fields['password1']).')';
$name_part = ', name = '.$mdb2->quote($fields['user_name']);
$email_part = ', email = '.$mdb2->quote($fields['email']);
- $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
- $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id;
+ $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.' where id = '.$user_id;
$affected = $mdb2->exec($sql);
if (is_a($affected, 'PEAR_Error')) return false;
return true;
}
- // validateUserInfo validates account information entered by user.
- function validateUserInfo($fields) {
- global $i18n;
+ // updateSelf updates admin account with new information.
+ static function updateSelf($fields) {
global $user;
- global $auth;
+ $mdb2 = getConnection();
- $result = true;
+ // Update self.
+ $user_id = $user->id;
+ $login_part = 'login = '.$mdb2->quote($fields['login']);
+ if ($fields['password1'])
+ $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')';
+ $name_part = ', name = '.$mdb2->quote($fields['name']);
+ $email_part = ', email = '.$mdb2->quote($fields['email']);
+ $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id;
+ $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.' where id = '.$user_id;
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
- if (!ttValidString($fields['name'])) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.person_name'));
- $result = false;
- }
- if (!ttValidString($fields['login'])) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.login'));
- $result = false;
+ // getGroupName obtains group name.
+ static function getGroupName($group_id) {
+ $result = array();
+ $mdb2 = getConnection();
+
+ $sql = "select name from tt_groups where id = $group_id";
+
+ $res = $mdb2->query($sql);
+ if (!is_a($res, 'PEAR_Error')) {
+ $val = $res->fetchRow();
+ return $val['name'];
}
- // If we change login, it must be unique.
- if ($fields['login'] != $user->login) {
- if (ttUserHelper::getUserByLogin($fields['login'])) {
- $this->err->add($i18n->getKey('error.user_exists'));
- $result = false;
- }
+
+ return false;
+ }
+
+ // getOrgDetails obtains group name and its top manager details.
+ static function getOrgDetails($group_id) {
+ $mdb2 = getConnection();
+
+ // Note: current code works with properly set top manager (rank 512).
+ // However, we now allow export and import of subgroups, which seems to work well.
+ // In this situation, imported role is no longer "Top manager", and this call fails.
+ // Setting role id manually in database for top user to Top manager resolves the issue.
+ //
+ // TODO: assess whether it is safe / reasonable to promote role during export or import.
+ // The problem is that user having 'export_data' right is not necessarily top user.
+ // And if we do it by rank, what to do for multiple managers situation? First found?
+ // Leaving to manual fixing for now.
+ $sql = "select g.name as group_name, u.id as manager_id, u.name as manager_name, u.login as manager_login, u.email as manager_email".
+ " from tt_groups g".
+ " inner join tt_users u on (u.group_id = g.id)".
+ " inner join tt_roles r on (r.id = u.role_id and r.rank = 512)". // Fails for partially imported org. See comment above.
+ " where g.id = $group_id";
+
+ $res = $mdb2->query($sql);
+ if (!is_a($res, 'PEAR_Error')) {
+ $val = $res->fetchRow();
+ return $val;
}
- if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) {
- if (!ttValidString($fields['password1'])) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.password'));
- $result = false;
- }
- if (!ttValidString($fields['password2'])) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password'));
- $result = false;
- }
- if ($fields['password1'] !== $fields['password2']) {
- $this->err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password'));
- $result = false;
- }
+
+ return false;
+ }
+
+ // getOrg obtains org_id for group.
+ static function getOrg($group_id) {
+ $mdb2 = getConnection();
+
+ $sql = "select org_id from tt_groups where id = $group_id";
+ $res = $mdb2->query($sql);
+ if (!is_a($res, 'PEAR_Error')) {
+ $val = $res->fetchRow();
+ return $val;
}
- if (!ttValidEmail($fields['email'], true)) {
- $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.email'));
- $result = false;
+
+ return false;
+ }
+
+ // deleteGroupEntriesFromTable is a generic helper function for markGroupDeleted.
+ // It deletes entries in ONE table belonging to a given group.
+ static function deleteGroupEntriesFromTable($group_id, $table_name) {
+ $mdb2 = getConnection();
+
+ $sql = "delete from $table_name where group_id = $group_id";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // markGroupDeletedInTable is a generic helper function for markGroupDeleted.
+ // It updates ONE table by setting status to NULL for all records belonging to a group.
+ static function markGroupDeletedInTable($group_id, $table_name) {
+ $mdb2 = getConnection();
+
+ // Add modified info to sql for some tables, depending on table name.
+ if ($table_name == 'tt_users') {
+ global $user;
+ $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$user->id;
}
- return $result;
+ $sql = "update $table_name set status = null $modified_part where group_id = $group_id";
+ $affected = $mdb2->exec($sql);
+ return (!is_a($affected, 'PEAR_Error'));
}
- // updateSelf validates user input and updates admin account with new information.
- function updateSelf($fields) {
- if (!$this->validateUserInfo($fields)) return false; // Can't continue as user input is invalid.
+ // createGroup creates a new top group and returns its id.
+ // It is a helper function for createOrg.
+ static function createGroup($fields) {
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_key = $mdb2->quote(ttRandomString());
+ $name = $mdb2->quote($fields['group_name']);
+ $currency = $mdb2->quote($fields['currency']);
+ $lang = $mdb2->quote($fields['lang']);
+ $created = 'now()';
+ $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
+ $created_by = $user->id;
+ $sql = "insert into tt_groups (group_key, name, currency, lang, created, created_ip, created_by)".
+ " values($group_key, $name, $currency, $lang, $created, $created_ip, $created_by)";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) return false;
+
+ $group_id = $mdb2->lastInsertID('tt_groups', 'id');
+
+ // Update org_id with group_id.
+ $sql = "update tt_groups set org_id = $group_id where org_id is NULL and id = $group_id";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) return false;
+
+ return $group_id;
+ }
+
+ // createOrgManager creates a new user (top manager role) in a group.
+ // It is a helper function for createOrg.
+ static function createOrgManager($fields) {
global $user;
- global $i18n;
$mdb2 = getConnection();
- // Update self.
- $user_id = $user->id;
- $login_part = 'login = '.$mdb2->quote($fields['login']);
- if ($fields['password1'])
- $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')';
- $name_part = ', name = '.$mdb2->quote($fields['name']);
- $email_part = ', email = '.$mdb2->quote($fields['email']);
- $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
- $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id;
+ $role_id = ttRoleHelper::getTopManagerRoleID();
+ $login = $mdb2->quote($fields['login']);
+ $password = 'md5('.$mdb2->quote($fields['password']).')';
+ $name = $mdb2->quote($fields['user_name']);
+ $group_id = (int) $fields['group_id'];
+ $org_id = $group_id;
+ $email = $mdb2->quote($fields['email']);
+ $created = 'now()';
+ $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
+ $created_by = $user->id;
+
+ $columns = '(login, password, name, group_id, org_id, role_id, email, created, created_ip, created_by)';
+ $values = "values($login, $password, $name, $group_id, $org_id, $role_id, $email, $created, $created_ip, $created_by)";
+
+ $sql = "insert into tt_users $columns $values";
$affected = $mdb2->exec($sql);
- if (is_a($affected, 'PEAR_Error')) {
- $this->err->add($i18n->getKey('error.db'));
+ return (!is_a($affected, 'PEAR_Error'));
+ }
+
+ // The createOrg function creates an organization in Time Tracker.
+ static function createOrg($fields) {
+ // There are 3 steps that we need to 2 when creating a new organization.
+ // 1. Create a new group with null parent_id.
+ // 2. Create pre-defined roles in it.
+ // 3. Create a top manager account for new group.
+
+ // Create a new group.
+ $group_id = ttAdmin::createGroup($fields);
+ if (!$group_id) return false;
+
+ // Create predefined roles.
+ if (!ttRoleHelper::createPredefinedRoles($group_id, $fields['lang']))
return false;
- }
+ // Create user.
+ $fields['group_id'] = $group_id;
+ if (!ttAdmin::createOrgManager($fields))
+ return false;
+
+ return true;
+ }
+
+ // deleteGroupFiles deletes files attached to all entities in the entire group.
+ // Note that it is a permanent delete, not "mark deleted" by design.
+ static function deleteGroupFiles($group_id) {
+
+ $org = ttAdmin::getOrg($group_id);
+ $org_id = $org['org_id'];
+
+ // Delete all group files from the database.
+ $mdb2 = getConnection();
+ $sql = "delete from tt_files where org_id = $org_id and group_id = $group_id";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error'))
+ return false;
+
+ if ($affected == 0) return true; // Do not call file storage utility.
+
+ // Try to make a call to file storage facility.
+ if (!defined('FILE_STORAGE_URI')) return true; // Nothing to do.
+
+ $deletegroupfiles_uri = FILE_STORAGE_URI.'deletegroupfiles';
+
+ // Obtain site id.
+ $sql = "select param_value as site_id from tt_site_config where param_name = 'locker_id'";
+ $res = $mdb2->query($sql);
+ $val = $res->fetchRow();
+ $site_id = $val['site_id'];
+ if (!$site_id) return true; // Nothing to do.
+
+ // Obtain site key.
+ $sql = "select param_value as site_key from tt_site_config where param_name = 'locker_key'";
+ $res = $mdb2->query($sql);
+ $val = $res->fetchRow();
+ $site_key = $val['site_key'];
+ if (!$site_key) return true; // Can't continue without site key.
+
+ // Obtain org key.
+ $sql = "select group_key as org_key from tt_groups where id = $org_id";
+ $res = $mdb2->query($sql);
+ $val = $res->fetchRow();
+ $org_key = $val['org_key'];
+ if (!$org_key) return true; // Can't continue without org key.
+
+ // Obtain group key.
+ $sql = "select group_key as group_key from tt_groups where id = $group_id";
+ $res = $mdb2->query($sql);
+ $val = $res->fetchRow();
+ $group_key = $val['group_key'];
+ if (!$group_key) return true; // Can't continue without group key.
+
+ $curl_fields = array('site_id' => $site_id,
+ 'site_key' => $site_key,
+ 'org_id' => $org_id,
+ 'org_key' => $org_key,
+ 'group_id' => $group_id,
+ 'group_key' => $group_key);
+
+ // url-ify the data for the POST.
+ foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
+ $fields_string = rtrim($fields_string, '&');
+
+ // Open connection.
+ $ch = curl_init();
+
+ // Set the url, number of POST vars, POST data.
+ curl_setopt($ch, CURLOPT_URL, $deletegroupfiles_uri);
+ curl_setopt($ch, CURLOPT_POST, true);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+
+ // Execute a post request.
+ $result = curl_exec($ch);
+
+ // Close connection.
+ curl_close($ch);
+
+ // Many things can go wrong with a remote call to file storage facility.
+ // By design, we ignore such errors.
return true;
}
}
projects / timetracker.git / blobdiff