X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttGroupHelper.class.php;h=4bc71648af36e4e5794eb28b383772c5504b7386;hb=237f5fae68a9410971ce1c4895a07fe2fa0fbd52;hp=9f9f4a2f9b04840e0ec571b05ab0d3601f229f6b;hpb=75ff7ff29a038803d3b6e2c31b793049bbb2fbd4;p=timetracker.git diff --git a/WEB-INF/lib/ttGroupHelper.class.php b/WEB-INF/lib/ttGroupHelper.class.php index 9f9f4a2f..4bc71648 100644 --- a/WEB-INF/lib/ttGroupHelper.class.php +++ b/WEB-INF/lib/ttGroupHelper.class.php @@ -88,18 +88,20 @@ class ttGroupHelper { $mdb2 = getConnection(); $parent_id = $user->getGroup(); $org_id = $user->org_id; + $group_key = ttRandomString(); $name = $fields['name']; $description = $fields['description']; - // We need to inherit other attributes from the parent group. + // We need to inherit attributes from the parent group. $attrs = ttGroupHelper::getGroupAttrs($parent_id); - $columns = '(parent_id, org_id, name, description, currency, decimal_mark, lang, date_format, time_format'. - ', week_start, tracking_mode, project_required, task_required, record_type, bcc_email'. - ', allow_ip, password_complexity, plugins, lock_spec'. - ', workday_minutes, config, created, created_ip, created_by)'; + $columns = '(parent_id, org_id, group_key, name, description, currency, decimal_mark, lang, date_format,'. + ' time_format, week_start, tracking_mode, project_required, task_required, record_type, bcc_email,'. + ' allow_ip, password_complexity, plugins, lock_spec,'. + ' workday_minutes, config, created, created_ip, created_by)'; $values = " values ($parent_id, $org_id"; + $values .= ', '.$mdb2->quote($group_key); $values .= ', '.$mdb2->quote($name); $values .= ', '.$mdb2->quote($description); $values .= ', '.$mdb2->quote($attrs['currency']); @@ -162,6 +164,9 @@ class ttGroupHelper { // Now do actual work with all entities. + // Delete group files. + ttGroupHelper::deleteGroupFiles($group_id); + // Some things cannot be marked deleted as we don't have the status field for them. // Just delete such things (until we have a better way to deal with them). $tables_to_delete_from = array( @@ -322,7 +327,7 @@ class ttGroupHelper { } // getActiveProjects - returns an array of active projects for a group. - static function getActiveProjects() + static function getActiveProjects($includeFiles = false) { global $user; $mdb2 = getConnection(); @@ -330,8 +335,15 @@ class ttGroupHelper { $group_id = $user->getGroup(); $org_id = $user->org_id; - $sql = "select id, name, description, tasks from tt_projects". - " where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)"; + if ($includeFiles) { + $filePart = ', if(Sub1.entity_id is null, 0, 1) as has_files'; + $fileJoin = " left join (select distinct entity_id from tt_files". + " where entity_type = 'project' and group_id = $group_id and org_id = $org_id and status = 1) Sub1". + " on (p.id = Sub1.entity_id)"; + } + + $sql = "select p.id, p.name, p.description, p.tasks $filePart from tt_projects p $fileJoin". + " where p.group_id = $group_id and p.org_id = $org_id and p.status = 1 order by upper(p.name)"; $res = $mdb2->query($sql); $result = array(); if (!is_a($res, 'PEAR_Error')) { @@ -343,7 +355,190 @@ class ttGroupHelper { } // getInactiveProjects - returns an array of inactive projects for a group. - static function getInactiveProjects() + static function getInactiveProjects($includeFiles = false) + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + if ($includeFiles) { + $filePart = ', if(Sub1.entity_id is null, 0, 1) as has_files'; + $fileJoin = " left join (select distinct entity_id from tt_files". + " where entity_type = 'project' and group_id = $group_id and org_id = $org_id and status = 1) Sub1". + " on (p.id = Sub1.entity_id)"; + } + + $sql = "select p.id, p.name, p.description, p.tasks $filePart from tt_projects p $fileJoin". + " where p.group_id = $group_id and p.org_id = $org_id and p.status = 0 order by upper(p.name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // getPredefinedExpenses - obtains predefined expenses for a group. + static function getPredefinedExpenses() { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $result = array(); + $sql = "select id, name, cost from tt_predefined_expenses". + " where group_id = $group_id and org_id = $org_id"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + $decimal_mark = $user->getDecimalMark(); + $replaceDecimalMark = ('.' != $decimal_mark); + + while ($val = $res->fetchRow()) { + if ($replaceDecimalMark) + $val['cost'] = str_replace('.', $decimal_mark, $val['cost']); + $result[] = $val; + } + return $result; + } + return false; + } + + // The getActiveInvoices returns an array of active invoices for a group. + static function getActiveInvoices() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $addPaidStatus = $user->isPluginEnabled('ps'); + $result = array(); + + if ($user->isClient()) + $client_part = "and i.client_id = $user->client_id"; + + $sql = "select i.id, i.name, i.date, i.client_id, i.status, c.name as client_name from tt_invoices i". + " left join tt_clients c on (c.id = i.client_id)". + " where i.status = 1 and i.group_id = $group_id and i.org_id = $org_id $client_part order by i.name"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + $dt = new DateAndTime(DB_DATEFORMAT); + while ($val = $res->fetchRow()) { + // Localize date. + $dt->parseVal($val['date']); + $val['date'] = $dt->toString($user->getDateFormat()); + if ($addPaidStatus) + $val['paid'] = ttInvoiceHelper::isPaid($val['id']); + $result[] = $val; + } + } + return $result; + } + + // getNotifications - obtains notification descriptions for a group. + static function getNotifications() { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $result = array(); + $sql = "select c.id, c.cron_spec, c.email, c.report_condition, fr.name from tt_cron c". + " left join tt_fav_reports fr on (fr.id = c.report_id)". + " where c.group_id = $group_id and c.org_id = $org_id and c.status = 1 and fr.status = 1"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + return $result; + } + return false; + } + + // The getActiveUsers obtains all active users excluding clients in a given group. + static function getActiveUsers($options = null) { + global $user; + global $i18n; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $client_part = " and u.client_id is null"; + + if (isset($options['getAllFields'])) + $sql = "select u.*, r.name as role_name, r.rank from tt_users u left join tt_roles r on (u.role_id = r.id) where u.group_id = $group_id and u.org_id = $org_id and u.status = 1 $client_part order by upper(u.name)"; + else + $sql = "select u.id, u.name from tt_users u where u.group_id = $group_id and u.org_id = $org_id and u.status = 1 $client_part order by upper(u.name)"; + $res = $mdb2->query($sql); + $user_list = array(); + if (is_a($res, 'PEAR_Error')) + return false; + while ($val = $res->fetchRow()) { + // Localize top manager role name, as it is not localized in db. + if ($val['rank'] == 512) + $val['role_name'] = $i18n->get('role.top_manager.label'); + $user_list[] = $val; + } + + return $user_list; + } + + // getActiveTasks - returns an array of active tasks for a group. + static function getActiveTasks() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, name, description from tt_tasks". + " where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // getInactiveTasks - returns an array of inactive tasks for a group. + static function getInactiveTasks() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, name, description from tt_tasks". + " where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // getActiveTemplates - returns an array of active templates for a group. + static function getActiveTemplates() { global $user; $mdb2 = getConnection(); @@ -351,15 +546,220 @@ class ttGroupHelper { $group_id = $user->getGroup(); $org_id = $user->org_id; - $sql = "select id, name, description, tasks from tt_projects". - " where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)"; + $sql = "select id, name, description, content from tt_templates". + " where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // getInactiveTemplates - returns an array of active templates for a group. + static function getInactiveTemplates() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, name, description from tt_templates". + " where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // validateCheckboxGroupInput - validates user input in a group of checkboxes + // in context of a specific database table. + // + // We need to make sure that input is a set of unique positive integers, and is + // "relevant" to the current group (entities exists in table). + // + // It is a safeguard against manipulation of data in posts. + static function validateCheckboxGroupInput($input, $table) { + // Empty input is valid. + if (!$input) return true; + + // Input containing duplicates is invalid. + if (count($input) !== count(array_unique($input))) return false; + + // Input containing anything but positive integers is invalid. + foreach ($input as $single_selection) { + if (!is_numeric($single_selection) || $single_selection <= 0) return false; + } + + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + // Now check the table. It must contain all entities associated with current group and org. + $comma_separated = implode(',', $input); + $sql = "select count(*) as item_count from $table". + " where id in ($comma_separated) and group_id = $group_id and org_id = $org_id and status = 1"; + $res = $mdb2->query($sql); + if (is_a($res, 'PEAR_Error')) return false; + $val = $res->fetchRow(); + if (count($input) != $val['item_count']) + return false; // Number of entities in table is different. + + return true; // All is good. + } + + // The getUsers obtains all active and inactive (but not deleted) users in a group. + static function getUsers() { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, name from tt_users where group_id = $group_id and org_id = $org_id and (status = 1 or status = 0) order by upper(name)"; + $res = $mdb2->query($sql); + $user_list = array(); + if (is_a($res, 'PEAR_Error')) + return false; + while ($val = $res->fetchRow()) { + $user_list[] = $val; + } + return $user_list; + } + + // The getUsersForClient obtains all active and inactive users in a group that are relevant to a client. + static function getUsersForClient() { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select u.id, u.name from tt_user_project_binds upb". + " inner join tt_client_project_binds cpb on (upb.project_id = cpb.project_id and cpb.client_id = $user->client_id)". + " inner join tt_users u on (u.id = upb.user_id and u.group_id = $group_id and u.org_id = $org_id)". + " where (u.status = 1 or u.status = 0)". + " group by u.id". + " order by upper(u.name)"; + $res = $mdb2->query($sql); + $user_list = array(); + if (is_a($res, 'PEAR_Error')) + return false; + while ($val = $res->fetchRow()) { + $user_list[] = $val; + } + return $user_list; + } + + // The getRecentInvoices returns an array of recent invoices (max 3) for a client. + static function getRecentInvoices($client_id) { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select i.id, i.name from tt_invoices i". + " left join tt_clients c on (c.id = i.client_id)". + " where i.group_id = $group_id and i.org_id = $org_id and i.status = 1 and c.id = $client_id". + " order by i.id desc limit 3"; $res = $mdb2->query($sql); $result = array(); if (!is_a($res, 'PEAR_Error')) { + $dt = new DateAndTime(DB_DATEFORMAT); while ($val = $res->fetchRow()) { $result[] = $val; } } return $result; } + + // deleteGroupFiles deletes files attached to all entities in the entire group. + // Note that it is a permanent delete, not "mark deleted" by design. + static function deleteGroupFiles($group_id) { + + global $user; + $org_id = $user->org_id; + + // Delete all group files from the database. + $mdb2 = getConnection(); + $sql = "delete from tt_files where org_id = $org_id and group_id = $group_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + if ($affected == 0) return true; // Do not call file storage utility. + + // Try to make a call to file storage facility. + if (!defined('FILE_STORAGE_URI')) return true; // Nothing to do. + + $deletegroupfiles_uri = FILE_STORAGE_URI.'deletegroupfiles'; + + // Obtain site id. + $sql = "select param_value as site_id from tt_site_config where param_name = 'locker_id'"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + $site_id = $val['site_id']; + if (!$site_id) return true; // Nothing to do. + + // Obtain site key. + $sql = "select param_value as site_key from tt_site_config where param_name = 'locker_key'"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + $site_key = $val['site_key']; + if (!$site_key) return true; // Can't continue without site key. + + // Obtain org key. + $sql = "select group_key as org_key from tt_groups where id = $org_id"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + $org_key = $val['org_key']; + if (!$org_key) return true; // Can't continue without org key. + + // Obtain group key. + $sql = "select group_key as group_key from tt_groups where id = $group_id"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + $group_key = $val['group_key']; + if (!$group_key) return true; // Can't continue without group key. + + $curl_fields = array('site_id' => $site_id, + 'site_key' => $site_key, + 'org_id' => $org_id, + 'org_key' => $org_key, + 'group_id' => $group_id, + 'group_key' => $group_key); + + // url-ify the data for the POST. + foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; } + $fields_string = rtrim($fields_string, '&'); + + // Open connection. + $ch = curl_init(); + + // Set the url, number of POST vars, POST data. + curl_setopt($ch, CURLOPT_URL, $deletegroupfiles_uri); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + + // Execute a post request. + $result = curl_exec($ch); + + // Close connection. + curl_close($ch); + + // Many things can go wrong with a remote call to file storage facility. + // By design, we ignore such errors. + return true; + } }