From ea0882f0753da7c4426b55e7ec526e455ada03a3 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Thu, 22 Nov 2018 14:58:05 +0000 Subject: [PATCH] Some more progress on group editor. --- WEB-INF/lib/ttUser.class.php | 15 +++++++++++++-- WEB-INF/templates/footer.tpl | 2 +- WEB-INF/templates/groups.tpl | 8 ++++---- groups.php | 24 ++++++++++++++++-------- 4 files changed, 34 insertions(+), 15 deletions(-) diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php index 7a37109e..16b536c2 100644 --- a/WEB-INF/lib/ttUser.class.php +++ b/WEB-INF/lib/ttUser.class.php @@ -27,6 +27,7 @@ // +----------------------------------------------------------------------+ import('ttConfigHelper'); +import('ttGroupHelper'); class ttUser { var $login = null; // User login. @@ -411,10 +412,12 @@ class ttUser { } // getSubgroups obtains a list of immediate subgroups. - function getSubgroups() { + function getSubgroups($group_id = null) { $mdb2 = getConnection(); - $sql = "select id, name, description from tt_groups where org_id = $this->org_id and parent_id = ".$this->getActiveGroup();; + if (!$group_id) $group_id = $this->getActiveGroup(); + + $sql = "select id, name, description from tt_groups where org_id = $this->org_id and parent_id = $group_id"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { while ($val = $res->fetchRow()) { @@ -599,6 +602,14 @@ class ttUser { return true; } + // isGroupValid determines if a group is valid for user. + function isGroupValid($group_id) { + if ($group_id == $this->group_id) + return true; + else + return $this->isSubgroupValid($group_id); + } + // isSubgroupValid determines if a subgroup is valid for user. // A subgroup is valid if: // - user can manage_subgroups; diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 0e481fee..0419e9e9 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.18.27.4493 | Copyright © Anuko | +  Anuko Time Tracker 1.18.27.4494 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/WEB-INF/templates/groups.tpl b/WEB-INF/templates/groups.tpl index 508f1787..d1f174fa 100644 --- a/WEB-INF/templates/groups.tpl +++ b/WEB-INF/templates/groups.tpl @@ -1,12 +1,12 @@ -{$forms.groupsForm.open} +{$forms.subgroupsForm.open} -{if $on_behalf_group_control} +{if $group_dropdown} - + {/if} @@ -27,7 +27,7 @@ {/foreach} {/if}
{$i18n.label.group}:{$forms.groupsForm.onBehalfGroup.control}{$forms.subgroupsForm.group.control}
 
-{$forms.groupsForm.close} +{$forms.subgroupsForm.close} diff --git a/groups.php b/groups.php index 7f4937c9..279e5083 100644 --- a/groups.php +++ b/groups.php @@ -27,32 +27,40 @@ // +----------------------------------------------------------------------+ require_once('initialize.php'); +import('ttUser'); import('form.Form'); -import('ttUserHelper'); -import('ttRoleHelper'); -import('ttConfigHelper'); // Access checks. if (!ttAccessAllowed('manage_subgroups')) { header('Location: access_denied.php'); exit(); } +if ($request->isPost() && !$user->isGroupValid($request->getParameter('group'))) { + header('Location: access_denied.php'); // Wrong group id in post. + exit(); +} // End of access checks. -$form = new Form('groupsForm'); +if ($request->isPost()) { + $group_id = $request->getParameter('group'); +} else { + $group_id = $user->getActiveGroup(); +} + +$form = new Form('subgroupsForm'); $groups = $user->getGroups(); if (count($groups) > 1) { $form->addInput(array('type'=>'combobox', 'onchange'=>'this.form.submit();', - 'name'=>'onBehalfGroup', + 'name'=>'group', 'style'=>'width: 250px;', - 'value'=>$on_behalf_group_id, + 'value'=>$group_id, 'data'=>$groups, 'datakeys'=>array('id','name'))); - $smarty->assign('on_behalf_group_control', 1); + $smarty->assign('group_dropdown', 1); } -$smarty->assign('subgroups', $user->getSubgroups()); +$smarty->assign('subgroups', $user->getSubgroups($group_id)); $smarty->assign('forms', array($form->getName()=>$form->toArray())); $smarty->assign('title', $i18n->get('label.subgroups')); $smarty->assign('content_page_name', 'groups.tpl'); -- 2.20.1