From 8aa0cc3ce9e5382a2b5df0b3b67c07e3d3016278 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Wed, 11 Apr 2018 19:03:46 +0000 Subject: [PATCH] Refactoring. Got rid of isCoManager() calls. --- WEB-INF/lib/ttUser.class.php | 38 ++++++++++-- WEB-INF/lib/ttUserHelper.class.php | 92 ------------------------------ WEB-INF/templates/footer.tpl | 2 +- mobile/user_delete.php | 4 +- user_delete.php | 4 +- 5 files changed, 37 insertions(+), 103 deletions(-) diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php index 2560417f..bce21e03 100644 --- a/WEB-INF/lib/ttUser.class.php +++ b/WEB-INF/lib/ttUser.class.php @@ -158,12 +158,6 @@ class ttUser { // to this function and then remove it. } - // isCoManager - determines whether current user is group comanager. - // This is a legacy function that we are getting rid of by replacing with rights check. - function isCoManager() { - return ($this->can('manage_users') && !$this->can('export_data')); - } - // isClient - determines whether current user is a client. function isClient() { return $this->is_client; @@ -451,6 +445,38 @@ class ttUser { return true; } + // markUserDeleted marks a user in group as deleted. + function markUserDeleted($user_id) { + if (!$this->can('manage_users') || $this->id == $user_id) + return false; + + // Make sure we operate on a legit user. + $user_details = $this->getUser($user_id); + if (!$user_details) return false; + + $mdb2 = getConnection(); + + // Mark user to project binds as deleted. + $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + // Mark user favorite reports as deleted. + $sql = "update tt_fav_reports set status = NULL where user_id = $user_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + // Mark user as deleted. + $sql = "update tt_users set status = NULL where id = $user_id and group_id = ".$this->group_id; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) + return false; + + return true; + } + // enablePlugin either enables or disables a specific plugin for group. function enablePlugin($plugin, $enable = true) { diff --git a/WEB-INF/lib/ttUserHelper.class.php b/WEB-INF/lib/ttUserHelper.class.php index 848c9539..521bc8b7 100644 --- a/WEB-INF/lib/ttUserHelper.class.php +++ b/WEB-INF/lib/ttUserHelper.class.php @@ -235,98 +235,6 @@ class ttUserHelper { return true; } - // markDeleted - marks user and its associated things as deleted. - static function markDeleted($user_id) { - $mdb2 = getConnection(); - global $user; - - // Preliminary checks. Only managers and co-managers can do this. - if (!$user->canManageTeam()) - return false; - - // Tho logic is different depending on who is doing the operation. - // Co-manager - mark user deleted. - // Manager - mark user deleted. If manager is the only account in group, mark group items deleted. - - // Co-manager part. - if ($user->isCoManager()) { - // Mark user binds as deleted. - $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - - // Mark favorite reports as deleted. - $sql = "update tt_fav_reports set status = NULL where user_id = $user_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - - // Mark user as deleted. - $sql = "update tt_users set status = NULL where id = $user_id and group_id = ".$user->group_id; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - - } elseif ($user->isManager()) { - $user_count = ttTeamHelper::getUserCount($user->group_id); - - // Marking deleted a manager with active users is not allowed. - if (($user_id == $user->id) && ($user_count > 1)) - return false; - - if (1 == $user_count) { - // Mark tasks deleted. - if (!ttTeamHelper::markTasksDeleted($user->group_id)) - return false; - - // Mark projects deleted. - $sql = "update tt_projects set status = NULL where group_id = $user->group_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - - // Mark clients deleted. - $sql = "update tt_clients set status = NULL where group_id = $user->group_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - - // Mark custom fields deleted. - $sql = "update tt_custom_fields set status = NULL where group_id = $user->group_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - - // Mark group deleted. - $sql = "update tt_groups set status = NULL where id = $user->group_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - } - - // Mark user binds as deleted. - $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - - // Mark favorite reports as deleted. - $sql = "update tt_fav_reports set status = NULL where user_id = $user_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - - // Mark user as deleted. - $sql = "update tt_users set status = NULL where id = $user_id and group_id = ".$user->group_id; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; - } - - return true; - } - // The delete function permanently deletes a user and all associated data. static function delete($user_id) { $mdb2 = getConnection(); diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 05db3fa5..1a94729b 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.88.4254 | Copyright © Anuko | +  Anuko Time Tracker 1.17.88.4255 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/mobile/user_delete.php b/mobile/user_delete.php index b5c8dae1..ac6c7c88 100644 --- a/mobile/user_delete.php +++ b/mobile/user_delete.php @@ -28,7 +28,7 @@ require_once('../initialize.php'); import('form.Form'); -import('ttUserHelper'); +import('ttUser'); // Access checks. if (!ttAccessAllowed('manage_users')) { @@ -53,7 +53,7 @@ $form->addInput(array('type'=>'submit','name'=>'btn_cancel','value'=>$i18n->get( if ($request->isPost()) { if ($request->getParameter('btn_delete')) { - if (ttUserHelper::markDeleted($user_id)) { + if ($user->markUserDeleted($user_id)) { // If we deleted the "on behalf" user reset its info in session. if ($user_id == $user->behalf_id) { unset($_SESSION['behalf_id']); diff --git a/user_delete.php b/user_delete.php index 647f2172..13b5ed0b 100644 --- a/user_delete.php +++ b/user_delete.php @@ -28,7 +28,7 @@ require_once('initialize.php'); import('form.Form'); -import('ttUserHelper'); +import('ttUser'); // Access checks. if (!ttAccessAllowed('manage_users')) { @@ -53,7 +53,7 @@ $form->addInput(array('type'=>'submit','name'=>'btn_cancel','value'=>$i18n->get( if ($request->isPost()) { if ($request->getParameter('btn_delete')) { - if (ttUserHelper::markDeleted($user_id)) { + if ($user->markUserDeleted($user_id)) { // If we deleted the "on behalf" user reset its info in session. if ($user_id == $user->behalf_id) { unset($_SESSION['behalf_id']); -- 2.20.1