X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttTimeHelper.class.php;h=c3ae8d6dc9384b3bea43afdc345a73c38e0cec71;hb=70e77a95ac584db9d220b8f6d791baa0de084734;hp=70844eebb38ff0fd8504004f8b456e52d5d6cb22;hpb=8f1159deac6c05f4d864cd140d9c66f007601e7e;p=timetracker.git diff --git a/WEB-INF/lib/ttTimeHelper.class.php b/WEB-INF/lib/ttTimeHelper.class.php index 70844eeb..c3ae8d6d 100644 --- a/WEB-INF/lib/ttTimeHelper.class.php +++ b/WEB-INF/lib/ttTimeHelper.class.php @@ -510,6 +510,15 @@ class ttTimeHelper { global $user; $mdb2 = getConnection(); + // Delete associated files. + if ($user->isPluginEnabled('at')) { + import('ttFileHelper'); + global $err; + $fileHelper = new ttFileHelper($err); + if (!$fileHelper->deleteEntityFiles($id, 'time')) + return false; + } + $user_id = $user->getUser(); $group_id = $user->getGroup(); $org_id = $user->org_id; @@ -571,12 +580,19 @@ class ttTimeHelper { } // getTimeForMonth - gets total time for a user for a given month. - static function getTimeForMonth($user_id, $date){ + static function getTimeForMonth($date) { + global $user; import('Period'); $mdb2 = getConnection(); + $user_id = $user->getUser(); + $group_id = $user->getGroup(); + $org_id = $user->org_id; + $period = new Period(INTERVAL_THIS_MONTH, $date); - $sql = "select sum(time_to_sec(duration)) as sm from tt_log where user_id = $user_id and date >= '".$period->getStartDate(DB_DATEFORMAT)."' and date <= '".$period->getEndDate(DB_DATEFORMAT)."' and status = 1"; + $sql = "select sum(time_to_sec(duration)) as sm from tt_log". + " where user_id = $user_id and group_id = $group_id and org_id = $org_id". + " and date >= '".$period->getStartDate(DB_DATEFORMAT)."' and date <= '".$period->getEndDate(DB_DATEFORMAT)."' and status = 1"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { $val = $res->fetchRow(); @@ -652,28 +668,109 @@ class ttTimeHelper { } // getRecord - retrieves a time record identified by its id. - static function getRecord($id, $user_id) { + static function getRecord($id) { global $user; + + $user_id = $user->getUser(); + $group_id = $user->getGroup(); + $org_id = $user->org_id; + $sql_time_format = "'%k:%i'"; // 24 hour format. if ('%I:%M %p' == $user->time_format) $sql_time_format = "'%h:%i %p'"; // 12 hour format for MySQL TIME_FORMAT function. $mdb2 = getConnection(); - $sql = "select l.id as id, TIME_FORMAT(l.start, $sql_time_format) as start, - TIME_FORMAT(sec_to_time(time_to_sec(l.start) + time_to_sec(l.duration)), $sql_time_format) as finish, - TIME_FORMAT(l.duration, '%k:%i') as duration, - p.name as project_name, t.name as task_name, l.comment, l.client_id, l.project_id, l.task_id, l.invoice_id, l.billable, l.paid, l.date - from tt_log l - left join tt_projects p on (p.id = l.project_id) - left join tt_tasks t on (t.id = l.task_id) - where l.id = $id and l.user_id = $user_id and l.status = 1"; + $sql = "select l.id as id, TIME_FORMAT(l.start, $sql_time_format) as start,". + " TIME_FORMAT(sec_to_time(time_to_sec(l.start) + time_to_sec(l.duration)), $sql_time_format) as finish,". + " TIME_FORMAT(l.duration, '%k:%i') as duration,". + " p.name as project_name, t.name as task_name, l.comment, l.client_id, l.project_id, l.task_id,". + " l.timesheet_id, l.invoice_id, l.billable, l.approved, l.paid, l.date from tt_log l". + " left join tt_projects p on (p.id = l.project_id)". + " left join tt_tasks t on (t.id = l.task_id)". + " where l.id = $id and l.user_id = $user_id and l.group_id = $group_id and l.org_id = $org_id and l.status = 1"; + $res = $mdb2->query($sql); + if (!is_a($res, 'PEAR_Error')) { + if (!$res->numRows()) { + return false; + } + if ($val = $res->fetchRow()) { + return $val; + } + } + return false; + } + + // getRecordForFileView - retrieves a time record identified by its id for + // attachment view operation. + // + // It is different from getRecord, as we want users with appropriate rights + // to be able to see other users files, without changing "on behalf" user. + // For example, viewing reports for all users and their attached files + // from report links. + static function getRecordForFileView($id) { + // There are several possible situations: + // + // Record is ours. Check "view_own_reports" or "view_all_reports". + // Record is for the current on behalf user. Check "view_reports" or "view_all_reports". + // Record is for someone else. Check "view_reports" or "view_all_reports" and rank. + // + // It looks like the best way is to use 2 queries, obtain user_id first, then check rank. + + global $user; + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $mdb2 = getConnection(); + + // Obtain user_id for the time record. + $sql = "select l.id, l.user_id, l.timesheet_id, l.invoice_id, l.approved from tt_log l ". + " where l.id = $id and l.group_id = $group_id and l.org_id = $org_id and l.status = 1"; + $res = $mdb2->query($sql); + if (is_a($res, 'PEAR_Error')) return false; + if (!$res->numRows()) return false; + + $val = $res->fetchRow(); + $user_id = $val['user_id']; + + // If record is ours. + if ($user_id == $user->id) { + if ($user->can('view_own_reports') || $user->can('view_all_reports')) { + $val['can_edit'] = !($val['timesheet_id'] || $val['invoice_id'] || $val['approved']); + return $val; + } + return false; // No rights. + } + + // If record belongs to a user we impersonate. + if ($user->behalfUser && $user_id == $user->behalfUser->id) { + if ($user->can('view_reports') || $user->can('view_all_reports')) { + $val['can_edit'] = !($val['timesheet_id'] || $val['invoice_id'] || $val['approved']); + return $val; + } + return false; // No rights. + } + + // Record belongs to someone else. We need to check user rank. + if (!($user->can('view_reports') || $user->can('view_all_reports'))) return false; + $max_rank = $user->can('view_all_reports') ? MAX_RANK : $user->getMaxRankForGroup($group_id); + + $left_joins = ' left join tt_users u on (l.user_id = u.id)'; + $left_joins .= ' left join tt_roles r on (u.role_id = r.id)'; + + $where_part = " where l.id = $id and l.group_id = $group_id and l.org_id = $org_id and l.status = 1". + $where_part .= " and r.rank <= $max_rank"; + + $sql = "select l.id, l.user_id, l.timesheet_id, l.invoice_id, l.approved". + " from tt_log l $left_joins $where_part"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { if (!$res->numRows()) { return false; } if ($val = $res->fetchRow()) { + $val['can_edit'] = false; return $val; } } @@ -723,13 +820,59 @@ class ttTimeHelper { $left_joins .= " left join tt_clients c on (l.client_id = c.id)"; $result = array(); - $sql = "select l.id as id, TIME_FORMAT(l.start, $sql_time_format) as start, - TIME_FORMAT(sec_to_time(time_to_sec(l.start) + time_to_sec(l.duration)), $sql_time_format) as finish, - TIME_FORMAT(l.duration, '%k:%i') as duration, p.name as project, t.name as task, l.comment, l.billable, l.invoice_id $client_field - from tt_log l - $left_joins - where l.date = '$date' and l.user_id = $user_id and l.group_id = $group_id and l.org_id = $org_id and l.status = 1 - order by l.start, l.id"; + $sql = "select l.id as id, TIME_FORMAT(l.start, $sql_time_format) as start,". + " TIME_FORMAT(sec_to_time(time_to_sec(l.start) + time_to_sec(l.duration)), $sql_time_format) as finish,". + " TIME_FORMAT(l.duration, '%k:%i') as duration, p.name as project, t.name as task, l.comment,". + " l.billable, l.approved, l.timesheet_id, l.invoice_id $client_field from tt_log l $left_joins". + " where l.date = '$date' and l.user_id = $user_id and l.group_id = $group_id and l.org_id = $org_id and l.status = 1". + " order by l.start, l.id"; + $res = $mdb2->query($sql); + if (!is_a($res, 'PEAR_Error')) { + while ($val = $res->fetchRow()) { + if($val['duration']=='0:00') + $val['finish'] = ''; + $result[] = $val; + } + } else return false; + + return $result; + } + + // getRecordsWithFiles - returns time records for a user for a given date + // with information whether they have attached files (has_files property). + // A separate fiunction from getRecords because sql here is more complex. + static function getRecordsWithFiles($user_id, $date) { + global $user; + $mdb2 = getConnection(); + + $group_id = $user->getGroup(); + $org_id = $user->org_id; + + $sql_time_format = "'%k:%i'"; // 24 hour format. + if ('%I:%M %p' == $user->getTimeFormat()) + $sql_time_format = "'%h:%i %p'"; // 12 hour format for MySQL TIME_FORMAT function. + + $client_field = null; + if ($user->isPluginEnabled('cl')) + $client_field = ", c.name as client"; + + $left_joins = " left join tt_projects p on (l.project_id = p.id)". + " left join tt_tasks t on (l.task_id = t.id)"; + if ($user->isPluginEnabled('cl')) + $left_joins .= " left join tt_clients c on (l.client_id = c.id)"; + + $left_joins .= " left join (select distinct entity_id from tt_files". + " where entity_type = 'time' and group_id = $group_id and org_id = $org_id and status = 1) Sub1". + " on (l.id = Sub1.entity_id)"; + + $result = array(); + $sql = "select l.id as id, TIME_FORMAT(l.start, $sql_time_format) as start,". + " TIME_FORMAT(sec_to_time(time_to_sec(l.start) + time_to_sec(l.duration)), $sql_time_format) as finish,". + " TIME_FORMAT(l.duration, '%k:%i') as duration, p.name as project, t.name as task, l.comment,". + " if(Sub1.entity_id is null, 0, 1) as has_files,". + " l.billable, l.approved, l.timesheet_id, l.invoice_id $client_field from tt_log l $left_joins". + " where l.date = '$date' and l.user_id = $user_id and l.group_id = $group_id and l.org_id = $org_id and l.status = 1". + " order by l.start, l.id"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { while ($val = $res->fetchRow()) { @@ -741,4 +884,18 @@ class ttTimeHelper { return $result; } + + // canAdd determines if we can add a record in case there is a limit. + static function canAdd() { + $mdb2 = getConnection(); + $sql = "select param_value from tt_site_config where param_name = 'exp_date'"; + $res = $mdb2->query($sql); + $val = $res->fetchRow(); + if (!$val) return true; // No expiration date. + + if (strtotime($val['param_value']) > time()) + return true; // Expiration date exists but not reached. + + return false; + } }