X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttRoleHelper.class.php;h=0cf5f446833b2af7631aa3966b9018e3223a31ab;hb=a46ca9f2c279305fc8a6c7456e23f4ef46fd6fe4;hp=957bcdaf8305025911b9ec78f65ca93a9cc9063a;hpb=9ad84bfb6ed27f1a98820b810c0d5fcf630eba79;p=timetracker.git diff --git a/WEB-INF/lib/ttRoleHelper.class.php b/WEB-INF/lib/ttRoleHelper.class.php index 957bcdaf..0cf5f446 100644 --- a/WEB-INF/lib/ttRoleHelper.class.php +++ b/WEB-INF/lib/ttRoleHelper.class.php @@ -56,7 +56,7 @@ class ttRoleHelper { $mdb2 = getConnection(); global $user; - $sql = "select id from tt_roless where team_id = $user->team_id and name = ". + $sql = "select id from tt_roles where team_id = $user->team_id and name = ". $mdb2->quote($role_name)." and (status = 1 or status = 0)"; $res = $mdb2->query($sql); @@ -68,20 +68,36 @@ class ttRoleHelper { return false; } + // The getRoleByRank looks up a role by its rank. + static function getRoleByRank($rank) { + global $user; + $mdb2 = getConnection(); + + $rank = (int) $rank; // Cast to int just in case for better security. + + $sql = "select id from tt_roles where team_id = $user->team_id and rank = $rank and (status = 1 or status = 0)"; + $res = $mdb2->query($sql); + + if (!is_a($res, 'PEAR_Error')) { + $val = $res->fetchRow(); + if ($val['id']) + return $val; + } + return false; + } + // update function updates a role in the database. - static function update($fields) - { + static function update($fields) { global $user; $mdb2 = getConnection(); $id = (int)$fields['id']; - $name = $fields['name']; - $description = $fields['description']; - $status = (int)$fields['status']; - // TODO: add rights later when we have them. - - $sql = "update tt_roles set name = ".$mdb2->quote($name).", description = ".$mdb2->quote($description). - ", status = $status where id = $id and team_id = $user->team_id"; + if (isset($fields['name'])) $name_part = 'name = '.$mdb2->quote($fields['name']); + if (isset($fields['description'])) $descr_part = ', description = '.$mdb2->quote($fields['description']); + if (isset($fields['status'])) $status_part = ', status = '.(int)$fields['status']; + if (isset($fields['rights'])) $rights_part = ', rights = '.$mdb2->quote($fields['rights']); + $parts = trim($name_part.$descr_part.$status_part.$rights_part, ','); + $sql = "update tt_roles set $parts where id = $id and team_id = $user->team_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } @@ -106,11 +122,12 @@ class ttRoleHelper { $team_id = (int) $fields['team_id']; $name = $fields['name']; $rank = (int) $fields['rank']; + $description = $fields['description']; $rights = $fields['rights']; $status = $fields['status']; - $sql = "insert into tt_roles (team_id, name, rank, rights, status) - values ($team_id, ".$mdb2->quote($name).", $rank, ".$mdb2->quote($rights).", ".$mdb2->quote($status).")"; + $sql = "insert into tt_roles (team_id, name, rank, description, rights, status) + values ($team_id, ".$mdb2->quote($name).", $rank, ".$mdb2->quote($description).", ".$mdb2->quote($rights).", ".$mdb2->quote($status).")"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; @@ -145,7 +162,7 @@ class ttRoleHelper { $rights_user = 'data_entry,view_own_data,manage_own_settings,view_users'; $rights_supervisor = $rights_user.',on_behalf_data_entry,view_data,override_punch_mode,swap_roles,approve_timesheets'; $rights_comanager = $rights_supervisor.',manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices'; - $rights_manager = $rights_comanager.'manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups'; + $rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups'; // Active roles. $name = $mdb2->quote($i18n->getKey('role.user.label'));