X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttGroupHelper.class.php;h=92d85a6e025970e5e049ced5d71f3bdbaee4468f;hb=96e8b431e4b1dadd919b831e4ae184d29ebf1235;hp=801793ffdde61dd25f90b6f185309783668646b2;hpb=38dd91dcf8a9ecf6b7ceb73a9aabf787b96b6f6e;p=timetracker.git diff --git a/WEB-INF/lib/ttGroupHelper.class.php b/WEB-INF/lib/ttGroupHelper.class.php index 801793ff..92d85a6e 100644 --- a/WEB-INF/lib/ttGroupHelper.class.php +++ b/WEB-INF/lib/ttGroupHelper.class.php @@ -88,18 +88,20 @@ class ttGroupHelper { $mdb2 = getConnection(); $parent_id = $user->getGroup(); $org_id = $user->org_id; + $group_key = ttRandomString(); $name = $fields['name']; $description = $fields['description']; // We need to inherit attributes from the parent group. $attrs = ttGroupHelper::getGroupAttrs($parent_id); - $columns = '(parent_id, org_id, name, description, currency, decimal_mark, lang, date_format, time_format'. - ', week_start, tracking_mode, project_required, task_required, record_type, bcc_email'. - ', allow_ip, password_complexity, plugins, lock_spec'. - ', workday_minutes, config, created, created_ip, created_by)'; + $columns = '(parent_id, org_id, group_key, name, description, currency, decimal_mark, lang, date_format,'. + ' time_format, week_start, tracking_mode, project_required, task_required, record_type, bcc_email,'. + ' allow_ip, password_complexity, plugins, lock_spec,'. + ' workday_minutes, config, created, created_ip, created_by)'; $values = " values ($parent_id, $org_id"; + $values .= ', '.$mdb2->quote($group_key); $values .= ', '.$mdb2->quote($name); $values .= ', '.$mdb2->quote($description); $values .= ', '.$mdb2->quote($attrs['currency']); @@ -162,6 +164,9 @@ class ttGroupHelper { // Now do actual work with all entities. + // Delete group files. + ttGroupHelper::deleteGroupFiles($group_id); + // Some things cannot be marked deleted as we don't have the status field for them. // Just delete such things (until we have a better way to deal with them). $tables_to_delete_from = array( @@ -342,6 +347,32 @@ class ttGroupHelper { return $result; } + // getActiveProjectsWithFiles - returns an array of active projects for a group + // with information whether they have attached files (has_files property). + // A separate fiunction from getActiveProjects because sql here is more complex. + static function getActiveProjectsWithFiles() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select p.id, p.name, if(Sub1.entity_id is null, 0, 1) as has_files from tt_projects p". + " left join (select distinct entity_id from tt_files". + " where entity_type = 'project' and group_id = $group_id and org_id = $org_id and status = 1) Sub1". + " on (p.id = Sub1.entity_id)". + " where p.group_id = $group_id and p.org_id = $org_id and p.status = 1 order by upper(p.name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + // getInactiveProjects - returns an array of inactive projects for a group. static function getInactiveProjects() { @@ -363,6 +394,32 @@ class ttGroupHelper { return $result; } + // getInactiveProjectsWithFiles - returns an array of inactive projects for a group + // with information whether they have attached files (has_files property). + // A separate fiunction from getInactiveProjects because sql here is more complex. + static function getInactiveProjectsWithFiles() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select p.id, p.name, if(Sub1.entity_id is null, 0, 1) as has_files from tt_projects p". + " left join (select distinct entity_id from tt_files". + " where entity_type = 'project' and group_id = $group_id and org_id = $org_id and status = 1) Sub1". + " on (p.id = Sub1.entity_id)". + " where p.group_id = $group_id and p.org_id = $org_id and p.status = 0 order by upper(p.name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + // getPredefinedExpenses - obtains predefined expenses for a group. static function getPredefinedExpenses() { global $user; @@ -447,7 +504,7 @@ class ttGroupHelper { return false; } - // The getActiveUsers obtains all active users in a given group. + // The getActiveUsers obtains all active users excluding clients in a given group. static function getActiveUsers($options = null) { global $user; global $i18n; @@ -456,10 +513,12 @@ class ttGroupHelper { $group_id = $user->getGroup(); $org_id = $user->org_id; + $client_part = " and u.client_id is null"; + if (isset($options['getAllFields'])) - $sql = "select u.*, r.name as role_name, r.rank from tt_users u left join tt_roles r on (u.role_id = r.id) where u.group_id = $group_id and u.org_id = $org_id and u.status = 1 order by upper(u.name)"; + $sql = "select u.*, r.name as role_name, r.rank from tt_users u left join tt_roles r on (u.role_id = r.id) where u.group_id = $group_id and u.org_id = $org_id and u.status = 1 $client_part order by upper(u.name)"; else - $sql = "select id, name from tt_users where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)"; + $sql = "select u.id, u.name from tt_users u where u.group_id = $group_id and u.org_id = $org_id and u.status = 1 $client_part order by upper(u.name)"; $res = $mdb2->query($sql); $user_list = array(); if (is_a($res, 'PEAR_Error')) @@ -471,17 +530,6 @@ class ttGroupHelper { $user_list[] = $val; } - if (isset($options['putSelfFirst'])) { - // Put own entry at the front. - $cnt = count($user_list); - for($i = 0; $i < $cnt; $i++) { - if ($user_list[$i]['id'] == $user->id) { - $self = $user_list[$i]; // Found self. - array_unshift($user_list, $self); // Put own entry at the front. - array_splice($user_list, $i+1, 1); // Remove duplicate. - } - } - } return $user_list; } @@ -505,4 +553,251 @@ class ttGroupHelper { } return $result; } + + // getInactiveTasks - returns an array of inactive tasks for a group. + static function getInactiveTasks() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, name, description from tt_tasks". + " where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // getActiveTemplates - returns an array of active templates for a group. + static function getActiveTemplates() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, name, description, content from tt_templates". + " where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // getInactiveTemplates - returns an array of active templates for a group. + static function getInactiveTemplates() + { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, name, description from tt_templates". + " where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // validateCheckboxGroupInput - validates user input in a group of checkboxes + // in context of a specific database table. + // + // We need to make sure that input is a set of unique positive integers, and is + // "relevant" to the current group (entities exists in table). + // + // It is a safeguard against manipulation of data in posts. + static function validateCheckboxGroupInput($input, $table) { + // Empty input is valid. + if (!$input) return true; + + // Input containing duplicates is invalid. + if (count($input) !== count(array_unique($input))) return false; + + // Input containing anything but positive integers is invalid. + foreach ($input as $single_selection) { + if (!is_numeric($single_selection) || $single_selection <= 0) return false; + } + + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + // Now check the table. It must contain all entities associated with current group and org. + $comma_separated = implode(',', $input); + $sql = "select count(*) as item_count from $table". + " where id in ($comma_separated) and group_id = $group_id and org_id = $org_id and status = 1"; + $res = $mdb2->query($sql); + if (is_a($res, 'PEAR_Error')) return false; + $val = $res->fetchRow(); + if (count($input) != $val['item_count']) + return false; // Number of entities in table is different. + + return true; // All is good. + } + + // The getUsers obtains all active and inactive (but not deleted) users in a group. + static function getUsers() { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select id, name from tt_users where group_id = $group_id and org_id = $org_id and (status = 1 or status = 0) order by upper(name)"; + $res = $mdb2->query($sql); + $user_list = array(); + if (is_a($res, 'PEAR_Error')) + return false; + while ($val = $res->fetchRow()) { + $user_list[] = $val; + } + return $user_list; + } + + // The getUsersForClient obtains all active and inactive users in a group that are relevant to a client. + static function getUsersForClient() { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select u.id, u.name from tt_user_project_binds upb". + " inner join tt_client_project_binds cpb on (upb.project_id = cpb.project_id and cpb.client_id = $user->client_id)". + " inner join tt_users u on (u.id = upb.user_id and u.group_id = $group_id and u.org_id = $org_id)". + " where (u.status = 1 or u.status = 0)". + " group by u.id". + " order by upper(u.name)"; + $res = $mdb2->query($sql); + $user_list = array(); + if (is_a($res, 'PEAR_Error')) + return false; + while ($val = $res->fetchRow()) { + $user_list[] = $val; + } + return $user_list; + } + + // The getRecentInvoices returns an array of recent invoices (max 3) for a client. + static function getRecentInvoices($client_id) { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql = "select i.id, i.name from tt_invoices i". + " left join tt_clients c on (c.id = i.client_id)". + " where i.group_id = $group_id and i.org_id = $org_id and i.status = 1 and c.id = $client_id". + " order by i.id desc limit 3"; + $res = $mdb2->query($sql); + $result = array(); + if (!is_a($res, 'PEAR_Error')) { + $dt = new DateAndTime(DB_DATEFORMAT); + while ($val = $res->fetchRow()) { + $result[] = $val; + } + } + return $result; + } + + // deleteGroupFiles deletes files attached to all entities in the entire group. + // Note that it is a permanent delete, not "mark deleted" by design. + static function deleteGroupFiles($group_id) { + + global $user; + $org_id = $user->org_id; + + // Delete all group files from the database. + $mdb2 = getConnection(); + $sql = "delete from tt_files where org_id = $org_id and group_id = $group_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + if ($affected == 0) return true; // Do not call file storage utility. + + // Try to make a call to file storage facility. + if (!defined('FILE_STORAGE_URI')) return true; // Nothing to do. + + $deletegroupfiles_uri = FILE_STORAGE_URI.'deletegroupfiles'; + + // Obtain site id. + $sql = "select param_value as site_id from tt_site_config where param_name = 'locker_id'"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + $site_id = $val['site_id']; + if (!$site_id) return true; // Nothing to do. + + // Obtain site key. + $sql = "select param_value as site_key from tt_site_config where param_name = 'locker_key'"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + $site_key = $val['site_key']; + if (!$site_key) return true; // Can't continue without site key. + + // Obtain org key. + $sql = "select group_key as org_key from tt_groups where id = $org_id"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + $org_key = $val['org_key']; + if (!$org_key) return true; // Can't continue without org key. + + // Obtain group key. + $sql = "select group_key as group_key from tt_groups where id = $group_id"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + $group_key = $val['group_key']; + if (!$group_key) return true; // Can't continue without group key. + + $curl_fields = array('site_id' => $site_id, + 'site_key' => $site_key, + 'org_id' => $org_id, + 'org_key' => $org_key, + 'group_id' => $group_id, + 'group_key' => $group_key); + + // url-ify the data for the POST. + foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; } + $fields_string = rtrim($fields_string, '&'); + + // Open connection. + $ch = curl_init(); + + // Set the url, number of POST vars, POST data. + curl_setopt($ch, CURLOPT_URL, $deletegroupfiles_uri); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + + // Execute a post request. + $result = curl_exec($ch); + + // Close connection. + curl_close($ch); + + // Many things can go wrong with a remote call to file storage facility. + // By design, we ignore such errors. + return true; + } }