}
return false;
}
+
+ // The getParentGroup determines a parent group for a given group.
+ static function getParentGroup($group_id) {
+ global $user;
+
+ $mdb2 = getConnection();
+
+ $sql = "select parent_id from tt_groups where id = $group_id and org_id = $user->org_id and status = 1";
+ $res = $mdb2->query($sql);
+
+ if (!is_a($res, 'PEAR_Error')) {
+ $val = $res->fetchRow();
+ return $val['parent_id'];
+ }
+ return false;
+ }
}
return true;
}
+
+ // isSubgroupValid determines if a subgroup is valid for user.
+ // A subgroup is valid if:
+ // - user can manage_subgroups;
+ // - subgroup is either a direct child of user group, or "on the path"
+ // to it (grand-child, etc.).
+ function isSubgroupValid($subgroup_id) {
+ if (!$this->can('manage_subgroups')) return false; // User cannot manage subgroups.
+
+ $current_group_id = $subgroup_id;
+ while ($parent_group_id = ttGroupHelper::getParentGroup($current_group_id)) {
+ if ($parent_group_id == $this->group_id) {
+ return true; // Found it.
+ }
+ $current_group_id = $parent_group_id;
+ }
+ return false;
+ }
+
+ // getMaxRankForGroup determines effective user rank for a user in a given group.
+ // For home group it is the existing user rank (as per role) minus 1.
+ // For subgroups, if user can "manage_subgroups", it is MAX_RANK.
+ function getMaxRankForGroup($group_id) {
+
+ $max_rank = 0; // Start safely.
+ if ($this->group_id == $group_id) {
+ $max_rank = $this->rank - 1;
+ return $max_rank;
+ }
+
+ if ($this->isSubgroupValid($group_id))
+ $max_rank = MAX_RANK;
+
+ return $max_rank;
+ }
}
<br>
<table cellspacing="0" cellpadding="4" width="100%" border="0">
<tr>
- <td align="center"> Anuko Time Tracker 1.18.06.4352 | Copyright © <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+ <td align="center"> Anuko Time Tracker 1.18.06.4353 | Copyright © <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
<a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
<a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
<a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
define("TEMPLATE_DIR", APP_DIR."/WEB-INF/templates");
// Date format for database and URI parameters.
define('DB_DATEFORMAT', '%Y-%m-%d');
+define('MAX_RANK', 512); // Max user rank.
require_once(LIBRARY_DIR.'/common.lib.php');
} // SUBGROUP_DEBUG
if ($user->can('track_time')) {
- // Determine max rank.
- $max_rank = $on_behalf_group_id == $user->group_id ? $user->rank-1 : 512; // TODO: stop using magic numbers.
+ $rank = $user->getMaxRankForGroup($on_behalf_group_id);
if ($user->can('track_own_time'))
- $options = array('group_id'=>$on_behalf_group_id,'status'=>ACTIVE,'max_rank'=>$max_rank,'include_self'=>true,'self_first'=>true);
+ $options = array('group_id'=>$on_behalf_group_id,'status'=>ACTIVE,'max_rank'=>$rank,'include_self'=>true,'self_first'=>true);
else
- $options = array('group_id'=>$on_behalf_group_id,'status'=>ACTIVE,'max_rank'=>$max_rank);
+ $options = array('group_id'=>$on_behalf_group_id,'status'=>ACTIVE,'max_rank'=>$rank);
$user_list = $user->getUsers($options);
if (count($user_list) >= 1) {
$form->addInput(array('type'=>'combobox',