From b134135b685422ddcdc2d6856972c60ea15f661f Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Sat, 3 Nov 2018 15:34:15 +0000 Subject: [PATCH] Work in progress on subgroups. Made user list population more robust. --- WEB-INF/lib/ttGroupHelper.class.php | 16 +++++++++++++ WEB-INF/lib/ttUser.class.php | 35 +++++++++++++++++++++++++++++ WEB-INF/templates/footer.tpl | 2 +- initialize.php | 1 + time.php | 7 +++--- 5 files changed, 56 insertions(+), 5 deletions(-) diff --git a/WEB-INF/lib/ttGroupHelper.class.php b/WEB-INF/lib/ttGroupHelper.class.php index 22362b5b..3fb01c60 100644 --- a/WEB-INF/lib/ttGroupHelper.class.php +++ b/WEB-INF/lib/ttGroupHelper.class.php @@ -62,4 +62,20 @@ class ttGroupHelper { } return false; } + + // The getParentGroup determines a parent group for a given group. + static function getParentGroup($group_id) { + global $user; + + $mdb2 = getConnection(); + + $sql = "select parent_id from tt_groups where id = $group_id and org_id = $user->org_id and status = 1"; + $res = $mdb2->query($sql); + + if (!is_a($res, 'PEAR_Error')) { + $val = $res->fetchRow(); + return $val['parent_id']; + } + return false; + } } diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php index 003cf0fe..b7ea34f0 100644 --- a/WEB-INF/lib/ttUser.class.php +++ b/WEB-INF/lib/ttUser.class.php @@ -559,4 +559,39 @@ class ttUser { return true; } + + // isSubgroupValid determines if a subgroup is valid for user. + // A subgroup is valid if: + // - user can manage_subgroups; + // - subgroup is either a direct child of user group, or "on the path" + // to it (grand-child, etc.). + function isSubgroupValid($subgroup_id) { + if (!$this->can('manage_subgroups')) return false; // User cannot manage subgroups. + + $current_group_id = $subgroup_id; + while ($parent_group_id = ttGroupHelper::getParentGroup($current_group_id)) { + if ($parent_group_id == $this->group_id) { + return true; // Found it. + } + $current_group_id = $parent_group_id; + } + return false; + } + + // getMaxRankForGroup determines effective user rank for a user in a given group. + // For home group it is the existing user rank (as per role) minus 1. + // For subgroups, if user can "manage_subgroups", it is MAX_RANK. + function getMaxRankForGroup($group_id) { + + $max_rank = 0; // Start safely. + if ($this->group_id == $group_id) { + $max_rank = $this->rank - 1; + return $max_rank; + } + + if ($this->isSubgroupValid($group_id)) + $max_rank = MAX_RANK; + + return $max_rank; + } } diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index d9c3e334..fda4c01a 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.18.06.4352 | Copyright © Anuko | +  Anuko Time Tracker 1.18.06.4353 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/initialize.php b/initialize.php index 79540850..241d7233 100644 --- a/initialize.php +++ b/initialize.php @@ -42,6 +42,7 @@ define("LIBRARY_DIR", APP_DIR."/WEB-INF/lib"); define("TEMPLATE_DIR", APP_DIR."/WEB-INF/templates"); // Date format for database and URI parameters. define('DB_DATEFORMAT', '%Y-%m-%d'); +define('MAX_RANK', 512); // Max user rank. require_once(LIBRARY_DIR.'/common.lib.php'); diff --git a/time.php b/time.php index da816362..6d62fb69 100644 --- a/time.php +++ b/time.php @@ -124,12 +124,11 @@ if ($user->can('manage_subgroups')) { } // SUBGROUP_DEBUG if ($user->can('track_time')) { - // Determine max rank. - $max_rank = $on_behalf_group_id == $user->group_id ? $user->rank-1 : 512; // TODO: stop using magic numbers. + $rank = $user->getMaxRankForGroup($on_behalf_group_id); if ($user->can('track_own_time')) - $options = array('group_id'=>$on_behalf_group_id,'status'=>ACTIVE,'max_rank'=>$max_rank,'include_self'=>true,'self_first'=>true); + $options = array('group_id'=>$on_behalf_group_id,'status'=>ACTIVE,'max_rank'=>$rank,'include_self'=>true,'self_first'=>true); else - $options = array('group_id'=>$on_behalf_group_id,'status'=>ACTIVE,'max_rank'=>$max_rank); + $options = array('group_id'=>$on_behalf_group_id,'status'=>ACTIVE,'max_rank'=>$rank); $user_list = $user->getUsers($options); if (count($user_list) >= 1) { $form->addInput(array('type'=>'combobox', -- 2.20.1