X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttRoleHelper.class.php;h=18396704a873dc66f080be54e1634f6b536f7202;hb=074e8daef75c2b729e75f350b52935a6b7ecfba8;hp=14372288d283ab7d33999fff48b56d31339201e4;hpb=1ad0313b11df884c04ca0354abcbc18e4b334537;p=timetracker.git

diff --git a/WEB-INF/lib/ttRoleHelper.class.php b/WEB-INF/lib/ttRoleHelper.class.php
index 14372288..18396704 100644
--- a/WEB-INF/lib/ttRoleHelper.class.php
+++ b/WEB-INF/lib/ttRoleHelper.class.php
@@ -28,6 +28,126 @@
 
 // The ttRoleHelper is a class to help with custom group roles.
 class ttRoleHelper {
+
+  // get - gets details of a role identified by its id.
+  static function get($id)
+  {
+    global $user;
+
+    $mdb2 = getConnection();
+
+    $sql = "select id, name, description, rank, rights, status from tt_roles
+      where id = $id and team_id = $user->team_id and (status = 0 or status = 1)";
+    $res = $mdb2->query($sql);
+
+    if (!is_a($res, 'PEAR_Error')) {
+      $val = $res->fetchRow();
+	  if ($val['id'] != '') {
+        return $val;
+      } else
+        return false;
+    }
+    return false;
+  }
+
+  // The getRoleByName looks up a role by name.
+  static function getRoleByName($role_name) {
+
+    $mdb2 = getConnection();
+    global $user;
+
+    $sql = "select id from tt_roles where team_id = $user->team_id and name = ".
+      $mdb2->quote($role_name)." and (status = 1 or status = 0)";
+    $res = $mdb2->query($sql);
+
+    if (!is_a($res, 'PEAR_Error')) {
+      $val = $res->fetchRow();
+      if ($val['id'])
+        return $val;
+    }
+    return false;
+  }
+
+  // The getTopManagerRoleID obtains an ID for top manager role.
+  static function getTopManagerRoleID() {
+    $mdb2 = getConnection();
+
+    $sql = "select id from tt_roles where team_id = 0 and rank = 512";
+    $res = $mdb2->query($sql);
+
+    if (!is_a($res, 'PEAR_Error')) {
+      $val = $res->fetchRow();
+      if ($val['id'])
+        return $val['id'];
+    }
+    return false;
+  }
+
+  // isClientRole determines if the role is a "client" role.
+  // This simply means the role has no "track_own_time" right.
+  static function isClientRole($role_id) {
+    global $user;
+    $mdb2 = getConnection();
+
+    $sql = "select rights from tt_roles where team_id = $user->team_id and id = $role_id";
+    $res = $mdb2->query($sql);
+
+    if (!is_a($res, 'PEAR_Error')) {
+      $val = $res->fetchRow();
+      if ($val['rights']) {
+        return !in_array('track_own_time', explode(',', $val['rights']));
+      }
+    }
+    return false;
+  }
+
+  // getRoleByRank looks up a role by its rank.
+  static function getRoleByRank($rank, $team_id) {
+    global $user;
+    $mdb2 = getConnection();
+
+    $rank = (int) $rank; // Cast to int just in case for better security.
+
+    $sql = "select id from tt_roles where team_id = $team_id and rank = $rank and (status = 1 or status = 0)";
+    $res = $mdb2->query($sql);
+
+    if (!is_a($res, 'PEAR_Error')) {
+      $val = $res->fetchRow();
+      if ($val['id'])
+        return $val['id'];
+    }
+    return false;
+  }
+
+  // update function updates a role in the database.
+  static function update($fields) {
+    global $user;
+    $mdb2 = getConnection();
+
+    $id = (int)$fields['id'];
+    if (isset($fields['name'])) $name_part = 'name = '.$mdb2->quote($fields['name']);
+    if (isset($fields['rank'])) $rank_part = ', rank = '.(int)$fields['rank'];
+    if (isset($fields['description'])) $descr_part = ', description = '.$mdb2->quote($fields['description']);
+    if (isset($fields['status'])) $status_part = ', status = '.(int)$fields['status'];
+    if (isset($fields['rights'])) $rights_part = ', rights = '.$mdb2->quote($fields['rights']);
+    $parts = trim($name_part.$rank_part.$descr_part.$status_part.$rights_part, ',');
+    $sql = "update tt_roles set $parts where id = $id and team_id = $user->team_id";
+    $affected = $mdb2->exec($sql);
+    return (!is_a($affected, 'PEAR_Error'));
+  }
+
+  // delete - marks the role as deleted.
+  static function delete($role_id) {
+    global $user;
+
+    $mdb2 = getConnection();
+
+    // Mark the task as deleted.
+    $sql = "update tt_roles set status = NULL where id = $role_id and team_id = $user->team_id";
+    $affected = $mdb2->exec($sql);
+    return (!is_a($affected, 'PEAR_Error'));
+  }
+
   // insert - inserts an entry into tt_roles table.
   static function insert($fields)
   {
@@ -36,11 +156,135 @@ class ttRoleHelper {
     $team_id = (int) $fields['team_id'];
     $name = $fields['name'];
     $rank = (int) $fields['rank'];
+    $description = $fields['description'];
     $rights = $fields['rights'];
     $status = $fields['status'];
 
-    $sql = "insert into tt_roles (team_id, name, rank, rights, status)
-      values ($team_id, ".$mdb2->quote($name).", $rank, ".$mdb2->quote($rights).", ".$mdb2->quote($status).")";
+    $sql = "insert into tt_roles (team_id, name, rank, description, rights, status)
+      values ($team_id, ".$mdb2->quote($name).", $rank, ".$mdb2->quote($description).", ".$mdb2->quote($rights).", ".$mdb2->quote($status).")";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    $sql = "SELECT LAST_INSERT_ID() AS last_id";
+    $res = $mdb2->query($sql);
+    $val = $res->fetchRow();
+    $last_id = $val['last_id'];
+    return $last_id;
+  }
+
+  // createPredefinedRoles - creates a set of predefined roles for the team to use.
+  static function createPredefinedRoles($team_id, $lang)
+  {
+    // We need localized role names and a new I18n object to obtain them.
+    import('I18n');
+    $i18n = new I18n();
+    $i18n->load($lang);
+
+    $mdb2 = getConnection();
+
+    $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
+    $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,manage_own_settings,view_users';
+    $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets';
+    $rights_comanager = $rights_supervisor.',manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices';
+    $rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups';
+
+    // Active roles.
+    $name = $mdb2->quote($i18n->getKey('role.user.label'));
+    $description = $mdb2->quote($i18n->getKey('role.user.description'));
+    $rights = $mdb2->quote($rights_user);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 4, $rights, 1)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    $name = $mdb2->quote($i18n->getKey('role.client.label'));
+    $description = $mdb2->quote($i18n->getKey('role.client.description'));
+    $rights = $mdb2->quote($rights_client);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 16, $rights, 1)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    $name = $mdb2->quote($i18n->getKey('role.comanager.label'));
+    $description = $mdb2->quote($i18n->getKey('role.comanager.description'));
+    $rights = $mdb2->quote($rights_comanager);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 68, $rights, 1)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    $name = $mdb2->quote($i18n->getKey('role.manager.label'));
+    $description = $mdb2->quote($i18n->getKey('role.manager.description'));
+    $rights = $mdb2->quote($rights_manager);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 324, $rights, 1)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    // Inactive roles.
+    $name = $mdb2->quote($i18n->getKey('role.supervisor.label'));
+    $description = $mdb2->quote($i18n->getKey('role.supervisor.description'));
+    $rights = $mdb2->quote($rights_supervisor);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($team_id, $name, $description, 12, $rights, 0)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    return true;
+  }
+
+  // createDefaultRoles - creates a set of predefined roles for the team to use.
+  static function createDefaultRoles()
+  {
+    $mdb2 = getConnection();
+    global $i18n;
+    global $user;
+
+    $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
+    $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,manage_own_settings,view_users';
+    $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets';
+    $rights_comanager = $rights_supervisor.',manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices';
+    $rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups';
+
+    // Active roles.
+    $name = $mdb2->quote($i18n->getKey('role.user.label'));
+    $description = $mdb2->quote($i18n->getKey('role.user.description'));
+    $rights = $mdb2->quote($rights_user);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 4, $rights, 1)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    $name = $mdb2->quote($i18n->getKey('role.client.label'));
+    $description = $mdb2->quote($i18n->getKey('role.client.description'));
+    $rights = $mdb2->quote($rights_client);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 16, $rights, 1)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    $name = $mdb2->quote($i18n->getKey('role.comanager.label'));
+    $description = $mdb2->quote($i18n->getKey('role.comanager.description'));
+    $rights = $mdb2->quote($rights_comanager);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 68, $rights, 1)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    $name = $mdb2->quote($i18n->getKey('role.manager.label'));
+    $description = $mdb2->quote($i18n->getKey('role.manager.description'));
+    $rights = $mdb2->quote($rights_manager);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 324, $rights, 1)";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    // Inactive roles.
+    $name = $mdb2->quote($i18n->getKey('role.supervisor.label'));
+    $description = $mdb2->quote($i18n->getKey('role.supervisor.description'));
+    $rights = $mdb2->quote($rights_supervisor);
+    $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 12, $rights, 0)";
     $affected = $mdb2->exec($sql);
     if (is_a($affected, 'PEAR_Error'))
       return false;