A bit more progress on roles revamp.

[timetracker.git] / WEB-INF / lib / ttUserHelper.class.php

diff --git a/WEB-INF/lib/ttUserHelper.class.php b/WEB-INF/lib/ttUserHelper.class.php
index a8bfe62..e70f085 100644 (file)
--- a/WEB-INF/lib/ttUserHelper.class.php
+++ b/WEB-INF/lib/ttUserHelper.class.php
@@ -125,9 +125,9 @@ class ttUserHelper {
       $status_v = ', '.$mdb2->quote($fields['status']);
     }
 
-    $sql = "insert into tt_users (name, login, password, team_id, role, client_id, rate, email $status_f) values (".
+    $sql = "insert into tt_users (name, login, password, team_id, role, role_id, client_id, rate, email $status_f) values (".
       $mdb2->quote($fields['name']).", ".$mdb2->quote($fields['login']).
-      ", $password, $team_id, $role, ".$mdb2->quote($fields['client_id']).", $rate, ".$mdb2->quote($email)." $status_v)";
+      ", $password, $team_id, $role, ".$mdb2->quote($fields['role_id']).", ".$mdb2->quote($fields['client_id']).", $rate, ".$mdb2->quote($email)." $status_v)";
     $affected = $mdb2->exec($sql);
 
     // Now deal with project assignment.
@@ -167,11 +167,15 @@ class ttUserHelper {
     // Prepare query parts.
     if (isset($fields['password']))
       $pass_part = ', password = md5('.$mdb2->quote($fields['password']).')';
-    if (right_assign_roles & $user->rights) {
+    if (in_array('manage_users', $user->rights)) {
       if (isset($fields['role'])) {
         $role = (int) $fields['role'];
         $role_part = ", role = $role";
       }
+      if (isset($fields['role_id'])) {
+        $role_id = (int) $fields['role_id'];
+        $role_id_part = ", role_id = $role_id";
+      }
       if (array_key_exists('client_id', $fields)) // Could be NULL.
         $client_part = ", client_id = ".$mdb2->quote($fields['client_id']);
     }
@@ -189,7 +193,7 @@ class ttUserHelper {
 
     $sql = "update tt_users set login = ".$mdb2->quote($fields['login']).
       "$pass_part, name = ".$mdb2->quote($fields['name']).
-      "$role_part $client_part $rate_part $status_part, email = ".$mdb2->quote($fields['email']).
+      "$role_part $role_id_part $client_part $rate_part $status_part, email = ".$mdb2->quote($fields['email']).
       " where id = $user_id";
     $affected = $mdb2->exec($sql);
     if (is_a($affected, 'PEAR_Error')) return false;
@@ -247,8 +251,6 @@ class ttUserHelper {
   }
 
   // markDeleted - marks user and its associated things as deleted.
-  // TODO: address the problem when a deleted user has a scheduled notification configured,
-  // in which case all other notifications may stop working because of MySQL syntax error.
   static function markDeleted($user_id) {
     $mdb2 = getConnection();
     global $user;
@@ -269,6 +271,12 @@ class ttUserHelper {
       if (is_a($affected, 'PEAR_Error'))
         return false;
 
+      // Mark favorite reports as deleted.
+      $sql = "update tt_fav_reports set status = NULL where user_id = $user_id";
+      $affected = $mdb2->exec($sql);
+      if (is_a($affected, 'PEAR_Error'))
+        return false;
+
       // Mark user as deleted.
       $sql = "update tt_users set status = NULL where id = $user_id";
       $affected = $mdb2->exec($sql);
@@ -282,6 +290,12 @@ class ttUserHelper {
       if (is_a($affected, 'PEAR_Error'))
         return false;
 
+      // Mark favorite reports as deleted.
+      $sql = "update tt_fav_reports set status = NULL where user_id = $user_id";
+      $affected = $mdb2->exec($sql);
+      if (is_a($affected, 'PEAR_Error'))
+        return false;
+
       // Mark user as deleted.
       $sql = "update tt_users set status = NULL where id = $user_id and team_id = ".$user->team_id;
       $affected = $mdb2->exec($sql);
@@ -331,6 +345,12 @@ class ttUserHelper {
       if (is_a($affected, 'PEAR_Error'))
         return false;
 
+      // Mark favorite reports as deleted.
+      $sql = "update tt_fav_reports set status = NULL where user_id = $user_id";
+      $affected = $mdb2->exec($sql);
+      if (is_a($affected, 'PEAR_Error'))
+        return false;
+
       // Mark user as deleted.
       $sql = "update tt_users set status = NULL where id = $user_id and team_id = ".$user->team_id;
       $affected = $mdb2->exec($sql);