From c2b4a52bc12c6ee6204fd03d1d1b2534b7249554 Mon Sep 17 00:00:00 2001
From: Nik Okuntseff <support@anuko.com>
Date: Sat, 31 Mar 2018 13:49:14 +0000
Subject: [PATCH] Introduced view_own_tasks right and its handling.

---
 WEB-INF/lib/common.lib.php          |  4 ++--
 WEB-INF/lib/ttRoleHelper.class.php  |  4 ++--
 WEB-INF/lib/ttUser.class.php        | 31 +++++++++++++++++++++++++++++
 WEB-INF/templates/footer.tpl        |  2 +-
 WEB-INF/templates/header.tpl        |  2 +-
 WEB-INF/templates/mobile/header.tpl |  2 +-
 WEB-INF/templates/mobile/tasks.tpl  |  2 +-
 WEB-INF/templates/tasks.tpl         |  2 +-
 dbinstall.php                       | 10 ++++++----
 mobile/tasks.php                    | 12 ++++++++---
 mysql.sql                           |  4 ++--
 tasks.php                           | 12 ++++++++---
 12 files changed, 66 insertions(+), 21 deletions(-)

diff --git a/WEB-INF/lib/common.lib.php b/WEB-INF/lib/common.lib.php
index 629e7d78..325ae73b 100644
--- a/WEB-INF/lib/common.lib.php
+++ b/WEB-INF/lib/common.lib.php
@@ -332,8 +332,8 @@ function ttValidCondition($val, $emptyValid = true)
 function ttValidIP($val, $emptyValid = false)
 {
   $val = trim($val);
-  if (strlen($val) == 0 && !$emptyValid)
-    return false;
+  if (strlen($val) == 0 && $emptyValid)
+    return true;
 
   $subnets = explode(',', $val);
   foreach ($subnets as $subnet) {
diff --git a/WEB-INF/lib/ttRoleHelper.class.php b/WEB-INF/lib/ttRoleHelper.class.php
index a5f16f9c..6d81c5bb 100644
--- a/WEB-INF/lib/ttRoleHelper.class.php
+++ b/WEB-INF/lib/ttRoleHelper.class.php
@@ -184,7 +184,7 @@ class ttRoleHelper {
     $mdb2 = getConnection();
 
     $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
-    $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,manage_own_settings,view_users';
+    $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users';
     $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets';
     $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,view_all_reports';
     $rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups';
@@ -242,7 +242,7 @@ class ttRoleHelper {
     global $user;
 
     $rights_client = 'view_own_reports,view_own_charts,view_own_invoices,manage_own_settings';
-    $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,manage_own_settings,view_users';
+    $rights_user = 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_projects,view_own_tasks,manage_own_settings,view_users';
     $rights_supervisor = $rights_user.',track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets';
     $rights_comanager = $rights_supervisor.',manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,view_all_reports';
     $rights_manager = $rights_comanager.',manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups';
diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php
index 2781ea6f..2511ecfb 100644
--- a/WEB-INF/lib/ttUser.class.php
+++ b/WEB-INF/lib/ttUser.class.php
@@ -205,6 +205,37 @@ class ttUser {
     return $result;
   }
 
+  // getAssignedTasks - returns an array of assigned tasks.
+  function getAssignedTasks()
+  {
+    // Start with projects;
+    $projects = $this->getAssignedProjects();
+    if (!$projects) return false;
+
+    // Build an array of task ids.
+    $task_ids = array();
+    foreach($projects as $project) {
+      $one_project_tasks = $project['tasks'] ? explode(',', $project['tasks']) : array();
+      $task_ids = array_unique(array_merge($task_ids, $one_project_tasks));
+    }
+    if (!$task_ids) return false;
+
+    // Get task descriptions.
+    $result = array();
+    $mdb2 = getConnection();
+    $tasks = implode(',', $task_ids); // This is a comma-separated list of task ids.
+
+    $sql = "select id, name, description from tt_tasks".
+      " where group_id = $this->group_id and status = 1 and id in ($tasks) order by name";
+    $res = $mdb2->query($sql);
+    if (!is_a($res, 'PEAR_Error')) {
+      while ($val = $res->fetchRow()) {
+        $result[] = $val;
+      }
+    }
+    return $result;
+  }
+
   // isDateLocked checks whether a specifc date is locked for modifications.
   function isDateLocked($date)
   {
diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index 4a5ef36b..3f01c8ee 100644
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.17.83.4205 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.17.84.4206 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/WEB-INF/templates/header.tpl b/WEB-INF/templates/header.tpl
index a5f0d022..a31eaeb7 100644
--- a/WEB-INF/templates/header.tpl
+++ b/WEB-INF/templates/header.tpl
@@ -119,7 +119,7 @@
     {if ($user->can('view_own_projects') || $user->can('manage_projects')) && ($smarty.const.MODE_PROJECTS == $user->tracking_mode || $smarty.const.MODE_PROJECTS_AND_TASKS == $user->tracking_mode)}
             &middot; <a class="mainMenu" href="projects.php">{$i18n.menu.projects}</a>
     {/if}
-    {if ($smarty.const.MODE_PROJECTS_AND_TASKS == $user->tracking_mode) && $user->can('manage_tasks')}
+    {if ($smarty.const.MODE_PROJECTS_AND_TASKS == $user->tracking_mode && ($user->can('view_own_tasks') || $user->can('manage_tasks')))}
             &middot; <a class="mainMenu" href="tasks.php">{$i18n.menu.tasks}</a>
     {/if}
     {if $user->can('view_users') || $user->can('manage_users')}
diff --git a/WEB-INF/templates/mobile/header.tpl b/WEB-INF/templates/mobile/header.tpl
index f61b7119..d8c34b21 100644
--- a/WEB-INF/templates/mobile/header.tpl
+++ b/WEB-INF/templates/mobile/header.tpl
@@ -82,7 +82,7 @@
     {if ($user->can('view_own_projects') || $user->can('manage_projects')) && ($smarty.const.MODE_PROJECTS == $user->tracking_mode || $smarty.const.MODE_PROJECTS_AND_TASKS == $user->tracking_mode)}
             &middot; <a class="mainMenu" href="projects.php">{$i18n.menu.projects}</a>
     {/if}
-    {if $user->can('manage_tasks') && $smarty.const.MODE_PROJECTS_AND_TASKS == $user->tracking_mode}
+    {if ($user->can('view_own_tasks') || $user->can('manage_tasks')) && $smarty.const.MODE_PROJECTS_AND_TASKS == $user->tracking_mode}
             &middot; <a class="mainMenu" href="tasks.php">{$i18n.menu.tasks}</a>
     {/if}
     {if $user->can('view_users') || $user->can('manage_users')}
diff --git a/WEB-INF/templates/mobile/tasks.tpl b/WEB-INF/templates/mobile/tasks.tpl
index 6c51ed26..3fbee1f7 100644
--- a/WEB-INF/templates/mobile/tasks.tpl
+++ b/WEB-INF/templates/mobile/tasks.tpl
@@ -5,7 +5,7 @@
 <table class="mobile-table">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_tasks')}
       <table class="mobile-table-details">
   {if $inactive_tasks}
         <tr><td class="sectionHeaderNoBorder">{$i18n.form.tasks.active_tasks}</td></tr>
diff --git a/WEB-INF/templates/tasks.tpl b/WEB-INF/templates/tasks.tpl
index ec772961..647a6a78 100644
--- a/WEB-INF/templates/tasks.tpl
+++ b/WEB-INF/templates/tasks.tpl
@@ -5,7 +5,7 @@
 <table cellspacing="0" cellpadding="7" border="0" width="720">
   <tr>
     <td valign="top">
-{if $user->canManageTeam()}
+{if $user->can('manage_tasks')}
       <table cellspacing="1" cellpadding="3" border="0" width="100%">
   {if $inactive_tasks}
         <tr><td class="sectionHeaderNoBorder">{$i18n.form.tasks.active_tasks}</td></tr>
diff --git a/dbinstall.php b/dbinstall.php
index f801926e..351ccc0c 100644
--- a/dbinstall.php
+++ b/dbinstall.php
@@ -805,7 +805,7 @@ if ($_POST) {
     print "Updated $users_updated users...<br>\n";
   }
 
-  if ($_POST["convert11744to11783"]) {
+  if ($_POST["convert11744to11784"]) {
     setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.44') set rights = replace(rights, 'override_punch_mode,override_date_lock', 'override_punch_mode,override_own_punch_mode,override_date_lock')");
     setChange("UPDATE `tt_site_config` SET param_value = '1.17.48' where param_name = 'version_db' and param_value = '1.17.44'");
     setChange("update `tt_users` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.48') set role_id = (select id from tt_roles where team_id = 0 and rank = 512) where role = 324");
@@ -888,6 +888,8 @@ if ($_POST) {
     setChange("ALTER TABLE `tt_groups` ADD `allow_ip` varchar(255) default NULL AFTER `bcc_email`");
     setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.82') set rights = replace(rights, 'manage_invoices,view_all_reports', 'manage_invoices,override_allow_ip,view_all_reports')");
     setChange("UPDATE `tt_site_config` SET param_value = '1.17.83', modified = now() where param_name = 'version_db' and param_value = '1.17.82'");
+    setChange("update `tt_roles` inner join `tt_site_config` sc on (sc.param_name = 'version_db' and sc.param_value = '1.17.83') set rights = replace(rights, 'view_own_projects,manage_own_settings', 'view_own_projects,view_own_tasks,manage_own_settings')");
+    setChange("UPDATE `tt_site_config` SET param_value = '1.17.84', modified = now() where param_name = 'version_db' and param_value = '1.17.83'");
   }
 
   if ($_POST["cleanup"]) {
@@ -933,7 +935,7 @@ if ($_POST) {
 <h2>DB Install</h2>
 <table width="80%" border="1" cellpadding="10" cellspacing="0">
   <tr>
-    <td width="80%"><b>Create database structure (v1.17.83)</b>
+    <td width="80%"><b>Create database structure (v1.17.84)</b>
     <br>(applies only to new installations, do not execute when updating)</br></td><td><input type="submit" name="crstructure" value="Create"></td>
   </tr>
 </table>
@@ -973,8 +975,8 @@ if ($_POST) {
     <td><input type="submit" name="convert11400to11744" value="Update"><br><input type="submit" name="update_role_id" value="Update role_id"></td>
   </tr>
     <tr valign="top">
-    <td>Update database structure (v1.17.44 to v1.17.83)</td>
-    <td><input type="submit" name="convert11744to11783" value="Update"></td>
+    <td>Update database structure (v1.17.44 to v1.17.84)</td>
+    <td><input type="submit" name="convert11744to11784" value="Update"></td>
   </tr>
 </table>
 
diff --git a/mobile/tasks.php b/mobile/tasks.php
index 9ad18a17..c45f9bf0 100644
--- a/mobile/tasks.php
+++ b/mobile/tasks.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access checks.
-if (!ttAccessAllowed('manage_tasks')) {
+if (!(ttAccessAllowed('view_own_tasks') || ttAccessAllowed('manage_tasks'))) {
   header('Location: access_denied.php');
   exit();
 }
@@ -41,8 +41,14 @@ if (MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
 }
 // End of access checks.
 
-$smarty->assign('active_tasks', ttTeamHelper::getActiveTasks($user->group_id));
-$smarty->assign('inactive_tasks', ttTeamHelper::getInactiveTasks($user->group_id));
+if($user->can('manage_tasks')) {
+  $active_tasks = ttTeamHelper::getActiveTasks($user->group_id);
+  $inactive_tasks = ttTeamHelper::getInactiveTasks($user->group_id);
+} else
+  $active_tasks = $user->getAssignedTasks();
+
+$smarty->assign('active_tasks', $active_tasks);
+$smarty->assign('inactive_tasks', $inactive_tasks);
 $smarty->assign('title', $i18n->get('title.tasks'));
 $smarty->assign('content_page_name', 'mobile/tasks.tpl');
 $smarty->display('mobile/index.tpl');
diff --git a/mysql.sql b/mysql.sql
index 995b032a..5ac6b856 100644
--- a/mysql.sql
+++ b/mysql.sql
@@ -74,7 +74,7 @@ create unique index role_idx on tt_roles(group_id, rank, status);
 
 # Insert site-wide roles - site administrator and top manager.
 INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Site administrator', 1024, 'administer_site');
-INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_invoices,view_own_projects,manage_own_settings,view_users,track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,view_all_reports,manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups');
+INSERT INTO `tt_roles` (`group_id`, `name`, `rank`, `rights`) VALUES (0, 'Top manager', 512, 'track_own_time,track_own_expenses,view_own_reports,view_own_charts,view_own_invoices,view_own_projects,view_own_tasks,manage_own_settings,view_users,track_time,track_expenses,view_reports,view_charts,override_punch_mode,override_own_punch_mode,override_date_lock,override_own_date_lock,swap_roles,approve_timesheets,manage_own_account,manage_users,manage_projects,manage_tasks,manage_custom_fields,manage_clients,manage_invoices,override_allow_ip,view_all_reports,manage_features,manage_basic_settings,manage_advanced_settings,manage_roles,export_data,manage_subgroups');
 
 
 #
@@ -450,4 +450,4 @@ CREATE TABLE `tt_site_config` (
   PRIMARY KEY  (`param_name`)
 );
 
-INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.17.83', now()); # TODO: change when structure changes.
+INSERT INTO `tt_site_config` (`param_name`, `param_value`, `created`) VALUES ('version_db', '1.17.84', now()); # TODO: change when structure changes.
diff --git a/tasks.php b/tasks.php
index e967e095..c3903f94 100644
--- a/tasks.php
+++ b/tasks.php
@@ -31,7 +31,7 @@ import('form.Form');
 import('ttTeamHelper');
 
 // Access checks.
-if (!ttAccessAllowed('manage_tasks')) {
+if (!(ttAccessAllowed('view_own_tasks') || ttAccessAllowed('manage_tasks'))) {
   header('Location: access_denied.php');
   exit();
 }
@@ -41,8 +41,14 @@ if (MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
 }
 // End of access checks.
 
-$smarty->assign('active_tasks', ttTeamHelper::getActiveTasks($user->group_id));
-$smarty->assign('inactive_tasks', ttTeamHelper::getInactiveTasks($user->group_id));
+if($user->can('manage_tasks')) {
+  $active_tasks = ttTeamHelper::getActiveTasks($user->group_id);
+  $inactive_tasks = ttTeamHelper::getInactiveTasks($user->group_id);
+} else
+  $active_tasks = $user->getAssignedTasks();
+
+$smarty->assign('active_tasks', $active_tasks);
+$smarty->assign('inactive_tasks', $inactive_tasks);
 $smarty->assign('title', $i18n->get('title.tasks'));
 $smarty->assign('content_page_name', 'tasks.tpl');
 $smarty->display('index.tpl');
-- 
2.20.1