X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttTimesheetHelper.class.php;h=056fc6859ab3c44c4f2666d879526f850999c3ff;hb=a3d07d9fe0c01738c69c6ea37220f3feb4395912;hp=64c73741c22ab562d6fd6a82e7b3334d7c3e93c6;hpb=fc8a4455218bc71e17697f33c111b9dbc55f8047;p=timetracker.git

diff --git a/WEB-INF/lib/ttTimesheetHelper.class.php b/WEB-INF/lib/ttTimesheetHelper.class.php
index 64c73741..056fc685 100644
--- a/WEB-INF/lib/ttTimesheetHelper.class.php
+++ b/WEB-INF/lib/ttTimesheetHelper.class.php
@@ -28,6 +28,8 @@
 
 import('ttUserHelper');
 import('ttGroupHelper');
+import('form.ActionForm');
+import('ttReportHelper');
 
 // Class ttTimesheetHelper is used to help with project related tasks.
 class ttTimesheetHelper {
@@ -55,6 +57,49 @@ class ttTimesheetHelper {
   // insert function inserts a new timesheet into database.
   static function insert($fields)
   {
+    // First, we obtain report items.
+
+    // Obtain session bean with report attributes.
+    $bean = new ActionForm('reportBean', new Form('reportForm'));
+    $options = ttReportHelper::getReportOptions($bean);
+    $report_items = ttReportHelper::getItems($options);
+
+    // Prepare ids for time and expense items, at the same time checking
+    // if we can proceed with creating a timesheet.
+    $canCreateTimesheet = true;
+    $first_user_id = null;
+
+    foreach ($report_items as $report_item) {
+      // Check user id.
+      if (!$first_user_id)
+        $first_user_id = $report_item['user_id'];
+      else {
+        if ($report_item['user_id'] != $first_user_id) {
+          // We have items for multiple users.
+          $canCreateTimesheet = false;
+          break;
+        }
+      }
+      // Check timesheet id.
+      if ($report_item['timesheet_id']) {
+        // We have an item already assigned to a timesheet.
+        $canCreateTimesheet = false;
+        break;
+      }
+      if ($report_item['type'] == 1)
+        $time_ids[] = $report_item['id'];
+      elseif ($report_item['type'] == 2)
+        $expense_ids[] = $report_item['id'];
+    }
+    if (!$canCreateTimesheet) return false;
+
+    // Make comma-seperated lists of ids for sql.
+    if ($time_ids)
+      $comma_separated_time_ids = implode(',', $time_ids);
+    if ($expense_ids)
+      $comma_separated_expense_ids = implode(',', $expense_ids);
+
+    // Create a new timesheet entry.
     global $user;
     $mdb2 = getConnection();
 
@@ -74,7 +119,23 @@ class ttTimesheetHelper {
 
     $last_id = $mdb2->lastInsertID('tt_timesheets', 'id');
 
-    // TODO: Associate report items with new timesheet.
+    // Associate time items with timesheet.
+    if ($comma_separated_time_ids) {
+      $sql = "update tt_log set timesheet_id = $last_id".
+        " where id in ($comma_separated_time_ids) and group_id = $group_id and org_id = $org_id";
+      $affected = $mdb2->exec($sql);
+      if (is_a($affected, 'PEAR_Error'))
+        return false;
+    }
+
+    // Associate expense items with timesheet.
+    if ($comma_separated_expense_ids) {
+      $sql = "update tt_expense_items set timesheet_id = $last_id".
+        " where id in ($comma_separated_expense_ids) and group_id = $group_id and org_id = $org_id";
+      $affected = $mdb2->exec($sql);
+      if (is_a($affected, 'PEAR_Error'))
+        return false;
+    }
 
     return $last_id;
   }
@@ -154,7 +215,7 @@ class ttTimesheetHelper {
     if ($user->isClient()) $client_part = "and client_id = $user->client_id";
 
     $sql = "select * from tt_timesheets".
-      " where id = $timesheet_id and group_id = $group_id and org_id = $org_id $client_part and status = 1";
+      " where id = $timesheet_id and group_id = $group_id and org_id = $org_id $client_part and status is not null";
     $res = $mdb2->query($sql);
     if (!is_a($res, 'PEAR_Error')) {
       if ($val = $res->fetchRow())
@@ -209,4 +270,28 @@ class ttTimesheetHelper {
     $affected = $mdb2->exec($sql);
     return (!is_a($affected, 'PEAR_Error'));
   }
+
+  // isUserValid function is used during access checks and determines whether user id, passed in post, is valid
+  // in current context.
+  static function isUserValid($user_id) {
+    // We have to cover several situations.
+    //
+    // 1) User is a client.
+    // 2) User with view_all_timesheets rights.
+    // 3) User with view_timesheets rights.
+
+    global $user;
+
+    // Step 1.
+    // A client must have view_client_timesheets and
+    // aser must be assigned to one of client projects.
+    if ($user->isClient()) {
+      if (!$user->can('view_client_timesheets'))
+        return false;
+      $valid_users = ttGroupHelper::getUsersForClient($user->client_id);
+      $v = 2;
+    }
+
+    return true;
+  }
 }