$mdb2 = getConnection();
$now = time();
- $sql = "select c.id, c.cron_spec, c.report_id, c.email, c.cc, c.subject, c.report_condition from tt_cron c
- left join tt_fav_reports fr on (c.report_id = fr.id)
- where $now >= c.next and fr.status = 1
- and c.status = 1 and c.report_id is not null and c.email is not null";
+$sql = "select c.id, c.cron_spec, c.report_id, c.email, c.cc, c.subject, c.report_condition from tt_cron c".
+ " inner join tt_fav_reports fr on".
+ " (c.report_id = fr.id and c.group_id = fr.group_id and c.org_id = fr.org_id)". // Report for a correct group.
+ " inner join tt_users u on (u.id = fr.user_id and u.status = 1)". // Report for an active user.
+ " where $now >= c.next and fr.status = 1". // Due now.
+ " and c.status = 1 and c.report_id is not null and c.email is not null";
$res = $mdb2->query($sql);
if (is_a($res, 'PEAR_Error'))
exit();
$user = new ttUser(null, $options['user_id']);
if (!$user->id) continue; // Skip not found user.
- // TODO: write a new function ttFavReportHelper::adjustReportOptions that will use
- // a $user objected recycled above. Put user handling below into it.
- // Also adjust all other options for potentially changed user access rights and group properties.
+ // Avoid complications with impersonated users, possibly from subgroups.
+ // Note: this may happen when cron.php is called by a browser who already impersonates.
+ // This is not supposed to happen in automatic cron job.
+ if ($user->behalf_id)
+ continue; // Skip processing on behalf situations entirely.
+
+ // TODO: write a new function ttFavReportHelper::adjustOptions that will use
+ // a $user object recycled above. Put user handling below into it.
+ // Also adjust remaining options for potentially changed user access rights and group properties.
// For example, tracking mode may have changed, but fav report options are still old...
// This needs to be fixed.
-
- // Special handling of the NULL $options['users'] field (this used to mean "all users").
- if (!$options['users']) {
- if ($user->can('view_reports') || $user->can('view_all_reports') || $user->isClient()) {
- if ($user->can('view_reports') || $user->can('view_all_reports')) {
- $max_rank = $user->rank-1;
- if ($user->can('view_all_reports')) $max_rank = 512;
- if ($user->can('view_own_reports'))
- $user_options = array('max_rank'=>$max_rank,'include_self'=>true);
- else
- $user_options = array('max_rank'=>$max_rank);
- $users = $user->getUsers($user_options); // Active and inactive users.
- } elseif ($user->isClient()) {
- $users = ttTeamHelper::getUsersForClient(); // Active and inactive users for clients.
- }
- foreach ($users as $single_user) {
- $user_ids[] = $single_user['id'];
- }
- $options['users'] = implode(',', $user_ids);
- }
- } else {
- // TODO: add checking the existing user list for potentially changed access rights for user.
- }
+ $options = ttFavReportHelper::adjustOptions($options);
// Skip users with disabled Notifications plugin.
if (!$user->isPluginEnabled('no')) continue;
// Calculate next execution time.
$next = tdCron::getNextOccurrence($val['cron_spec'], $now + 60); // +60 sec is here to get us correct $next when $now is close to existing "next".
// This is because the accuracy of tdcron class appears to be 1 minute.
-
// Update last and next values in tt_cron.
$sql = "update tt_cron set last = $now, next = $next where id = ".$val['id'];
$affected = $mdb2->exec($sql);
projects / timetracker.git / blobdiff