X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttRoleHelper.class.php;h=326d0faf566fd29682223f207f392fbb45b6a935;hb=67e827dacf08d8a55dff9118c82dd964f5da12c1;hp=f96d7c477bcf655b1228bdcc6a2f5460f9c19012;hpb=ecbf1ecf19bfeb85794717fc7a6deb7ecc8c5f58;p=timetracker.git diff --git a/WEB-INF/lib/ttRoleHelper.class.php b/WEB-INF/lib/ttRoleHelper.class.php index f96d7c47..326d0faf 100644 --- a/WEB-INF/lib/ttRoleHelper.class.php +++ b/WEB-INF/lib/ttRoleHelper.class.php @@ -37,7 +37,7 @@ class ttRoleHelper { $mdb2 = getConnection(); $sql = "select id, name, description, rank, rights, status from tt_roles - where id = $id and team_id = $user->team_id and (status = 0 or status = 1)"; + where id = $id and group_id = ".$user->getGroup()." and (status = 0 or status = 1)"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { @@ -56,8 +56,8 @@ class ttRoleHelper { $mdb2 = getConnection(); global $user; - $sql = "select id from tt_roles where team_id = $user->team_id and name = ". - $mdb2->quote($role_name)." and (status = 1 or status = 0)"; + $sql = "select id from tt_roles where group_id = ".$user->getGroup(). + " and name = ".$mdb2->quote($role_name)." and (status = 1 or status = 0)"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { @@ -68,20 +68,55 @@ class ttRoleHelper { return false; } - // The getRoleByRank looks up a role by its rank. + // The getTopManagerRoleID obtains an ID for top manager role. + static function getTopManagerRoleID() { + $mdb2 = getConnection(); + + $sql = "select id from tt_roles where group_id = 0 and rank = 512"; + $res = $mdb2->query($sql); + + if (!is_a($res, 'PEAR_Error')) { + $val = $res->fetchRow(); + if ($val['id']) + return $val['id']; + } + return false; + } + + // isClientRole determines if the role is a "client" role. + // This simply means the role has no "track_own_time" right. + static function isClientRole($role_id) { + global $user; + $mdb2 = getConnection(); + + $sql = "select rights from tt_roles where group_id = ".$user->getGroup()." and id = $role_id"; + $res = $mdb2->query($sql); + + if (!is_a($res, 'PEAR_Error')) { + $val = $res->fetchRow(); + if ($val['rights']) { + return !in_array('track_own_time', explode(',', $val['rights'])); + } + } + return false; + } + + // getRoleByRank looks up a role by its rank. static function getRoleByRank($rank) { global $user; $mdb2 = getConnection(); - $rank = (int) $rank; // Cast to int just in case for better security. + $group_id = $user->getGroup(); + $org_id = $user->org_id; + $rank = (int) $rank; // Cast to int just in case. - $sql = "select id from tt_roles where team_id = $user->team_id and rank = $rank and (status = 1 or status = 0)"; + $sql = "select id from tt_roles where group_id = $group_id and org_id = $org_id and rank = $rank and (status = 1 or status = 0)"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { $val = $res->fetchRow(); if ($val['id']) - return $val; + return $val['id']; } return false; } @@ -91,13 +126,17 @@ class ttRoleHelper { global $user; $mdb2 = getConnection(); + $group_id = $user->getGroup(); + $org_id = $user->org_id; + $id = (int)$fields['id']; if (isset($fields['name'])) $name_part = 'name = '.$mdb2->quote($fields['name']); + if (isset($fields['rank'])) $rank_part = ', rank = '.(int)$fields['rank']; if (isset($fields['description'])) $descr_part = ', description = '.$mdb2->quote($fields['description']); if (isset($fields['status'])) $status_part = ', status = '.(int)$fields['status']; if (isset($fields['rights'])) $rights_part = ', rights = '.$mdb2->quote($fields['rights']); - $parts = trim($name_part.$descr_part.$status_part.$rights_part, ','); - $sql = "update tt_roles set $parts where id = $id and team_id = $user->team_id"; + $parts = trim($name_part.$rank_part.$descr_part.$status_part.$rights_part, ','); + $sql = "update tt_roles set $parts where id = $id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } @@ -107,9 +146,11 @@ class ttRoleHelper { global $user; $mdb2 = getConnection(); + $group_id = $user->getGroup(); + $org_id = $user->org_id; // Mark the task as deleted. - $sql = "update tt_roles set status = NULL where id = $role_id and team_id = $user->team_id"; + $sql = "update tt_roles set status = NULL where id = $role_id and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); return (!is_a($affected, 'PEAR_Error')); } @@ -117,95 +158,189 @@ class ttRoleHelper { // insert - inserts an entry into tt_roles table. static function insert($fields) { + global $user; $mdb2 = getConnection(); - $team_id = (int) $fields['team_id']; + $group_id = $user->getGroup(); + $org_id = $user->org_id; $name = $fields['name']; $rank = (int) $fields['rank']; $description = $fields['description']; $rights = $fields['rights']; $status = $fields['status']; - $sql = "insert into tt_roles (team_id, name, rank, description, rights, status) - values ($team_id, ".$mdb2->quote($name).", $rank, ".$mdb2->quote($description).", ".$mdb2->quote($rights).", ".$mdb2->quote($status).")"; + $sql = "insert into tt_roles (group_id, org_id, name, rank, description, rights, status) + values ($group_id, $org_id, ".$mdb2->quote($name).", $rank, ".$mdb2->quote($description).", ".$mdb2->quote($rights).", ".$mdb2->quote($status).")"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; - return true; + $last_id = $mdb2->lastInsertID('tt_roles', 'id'); + return $last_id; } - // rolesExist - checks whether roles for team already exist. - static function rolesExist() + // createPredefinedRoles - creates a set of predefined roles for a group to use. + static function createPredefinedRoles($group_id, $lang) { + // We need localized role names and a new I18n object to obtain them. + import('I18n'); + $i18n = new I18n(); + $i18n->load($lang); + $mdb2 = getConnection(); - global $user; - $sql = "select count(*) as count from tt_roles where team_id = $user->team_id"; - $res = $mdb2->query($sql); - if (!is_a($res, 'PEAR_Error')) { - $val = $res->fetchRow(); - if ($val['count'] > 0) - return true; // Roles for team exist. - } - return false; + $rights_client = 'view_client_reports,view_client_invoices,manage_own_settings'; + $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users'; + $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,approve_reports,approve_timesheets,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,update_work'; + $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports,manage_work,bid_on_work'; + $rights_manager = $rights_comanager.',manage_features,manage_advanced_settings,manage_roles,export_data,approve_all_reports,approve_own_timesheets,manage_subgroups'; + + // Active roles. + $name = $mdb2->quote($i18n->get('role.user.label')); + $description = $mdb2->quote($i18n->get('role.user.description')); + $rights = $mdb2->quote($rights_user); + $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 4, $rights, 1)"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + $name = $mdb2->quote($i18n->get('role.client.label')); + $description = $mdb2->quote($i18n->get('role.client.description')); + $rights = $mdb2->quote($rights_client); + $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 16, $rights, 1)"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + $name = $mdb2->quote($i18n->get('role.comanager.label')); + $description = $mdb2->quote($i18n->get('role.comanager.description')); + $rights = $mdb2->quote($rights_comanager); + $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 68, $rights, 1)"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + $name = $mdb2->quote($i18n->get('role.manager.label')); + $description = $mdb2->quote($i18n->get('role.manager.description')); + $rights = $mdb2->quote($rights_manager); + $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 324, $rights, 1)"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + // Inactive roles. + $name = $mdb2->quote($i18n->get('role.supervisor.label')); + $description = $mdb2->quote($i18n->get('role.supervisor.description')); + $rights = $mdb2->quote($rights_supervisor); + $sql = "insert into tt_roles (group_id, org_id, name, description, rank, rights, status) values($group_id, $group_id, $name, $description, 12, $rights, 0)"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + return true; } - // createDefaultRoles - creates a set of predefined roles for the team to use. - static function createDefaultRoles() + // createPredefinedRoles_1_17_44 - used in dbinstall.php during database schema update. + static function createPredefinedRoles_1_17_44($group_id, $lang) { + // We need localized role names and a new I18n object to obtain them. + import('I18n'); + $i18n = new I18n(); + $i18n->load($lang); + $mdb2 = getConnection(); - global $i18n; - global $user; - $rights_client = 'view_own_data,manage_own_settings'; - $rights_user = 'data_entry,view_own_data,manage_own_settings,view_users'; - $rights_supervisor = $rights_user.',on_behalf_data_entry,view_data,override_punch_mode,swap_roles,approve_timesheets'; - $rights_comanager = $rights_supervisor.',manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices'; - $rights_manager = $rights_comanager.'manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups'; + $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings'; + $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users'; + $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,view_own_clients,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets'; + $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,manage_basic_settings,view_all_reports'; + $rights_manager = $rights_comanager.',manage_features,manage_advanced_settings,manage_roles,export_data,manage_subgroups'; // Active roles. - $name = $mdb2->quote($i18n->getKey('role.user.label')); - $description = $mdb2->quote($i18n->getKey('role.user.description')); + $name = $mdb2->quote($i18n->get('role.user.label')); + $description = $mdb2->quote($i18n->get('role.user.description')); $rights = $mdb2->quote($rights_user); - $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 4, $rights, 1)"; + $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 4, $rights, 1)"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; - $name = $mdb2->quote($i18n->getKey('role.client.label')); - $description = $mdb2->quote($i18n->getKey('role.client.description')); + $name = $mdb2->quote($i18n->get('role.client.label')); + $description = $mdb2->quote($i18n->get('role.client.description')); $rights = $mdb2->quote($rights_client); - $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 16, $rights, 1)"; + $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 16, $rights, 1)"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; - $name = $mdb2->quote($i18n->getKey('role.comanager.label')); - $description = $mdb2->quote($i18n->getKey('role.comanager.description')); + $name = $mdb2->quote($i18n->get('role.comanager.label')); + $description = $mdb2->quote($i18n->get('role.comanager.description')); $rights = $mdb2->quote($rights_comanager); - $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 68, $rights, 1)"; + $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 68, $rights, 1)"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; - $name = $mdb2->quote($i18n->getKey('role.manager.label')); - $description = $mdb2->quote($i18n->getKey('role.manager.description')); + $name = $mdb2->quote($i18n->get('role.manager.label')); + $description = $mdb2->quote($i18n->get('role.manager.description')); $rights = $mdb2->quote($rights_manager); - $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 324, $rights, 1)"; + $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 324, $rights, 1)"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; // Inactive roles. - $name = $mdb2->quote($i18n->getKey('role.supervisor.label')); - $description = $mdb2->quote($i18n->getKey('role.supervisor.description')); + $name = $mdb2->quote($i18n->get('role.supervisor.label')); + $description = $mdb2->quote($i18n->get('role.supervisor.description')); $rights = $mdb2->quote($rights_supervisor); - $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($user->team_id, $name, $description, 12, $rights, 0)"; + $sql = "insert into tt_roles (team_id, name, description, rank, rights, status) values($group_id, $name, $description, 12, $rights, 0)"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; return true; } + + // getRoleByRank_1_17_44 is used in dbinstall.php and looks up a role by its rank. + static function getRoleByRank_1_17_44($rank, $group_id) { + global $user; + $mdb2 = getConnection(); + + $rank = (int) $rank; // Cast to int just in case for better security. + + $sql = "select id from tt_roles where team_id = $group_id and rank = $rank and (status = 1 or status = 0)"; + $res = $mdb2->query($sql); + + if (!is_a($res, 'PEAR_Error')) { + $val = $res->fetchRow(); + if ($val['id']) + return $val['id']; + } + return false; + } + + // copyRolesToGroup copies roles from current on behalf group to another. + static function copyRolesToGroup($group_id) { + global $user; + $mdb2 = getConnection(); + + $org_id = $user->org_id; + $columns = '(group_id, org_id, name, description, rank, rights, status)'; + $roles = ttGroupHelper::getRoles(); // Roles in current on behalf group. + + foreach ($roles as $role) { + $values = "values($group_id, $org_id". + ', '.$mdb2->quote($role['name']). + ', '.$mdb2->quote($role['description']). + ', '.(int)$role['rank']. + ', '.$mdb2->quote($role['rights']). + ', '.$mdb2->quote($role['status']). + ')'; + $sql = "insert into tt_roles $columns $values"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + } + return true; + } }