From bbea8c35f79ef9699e4b6deab0be3c1108628ef0 Mon Sep 17 00:00:00 2001
From: Nik Okuntseff <support@anuko.com>
Date: Mon, 15 Apr 2019 20:53:12 +0000
Subject: [PATCH] Introduced DEFAULT_PLUGINS config constant.

---
 WEB-INF/config.php.dist             |  4 ++
 WEB-INF/lib/ttAdmin.class.php       | 98 ++++++++++++++++++++++++++++-
 WEB-INF/lib/ttRegistrator.class.php |  5 +-
 WEB-INF/templates/footer.tpl        |  2 +-
 4 files changed, 105 insertions(+), 4 deletions(-)

diff --git a/WEB-INF/config.php.dist b/WEB-INF/config.php.dist
index 66527ec8..577baeaf 100644
--- a/WEB-INF/config.php.dist
+++ b/WEB-INF/config.php.dist
@@ -202,3 +202,7 @@ define('AUTH_MODULE', 'db');
 // This feature requires a subscription or a locally installed appliance.
 // define('FILE_STORAGE_URI', 'localhost');
 define('FILE_STORAGE_URI', 'https://www.anuko.com/files/');
+
+// A comma-separated list of default plugins for new group registrations.
+// Example below enables charts and attachments.
+// define('DEFAULT_PLUGINS', 'ch,at');
diff --git a/WEB-INF/lib/ttAdmin.class.php b/WEB-INF/lib/ttAdmin.class.php
index f5323322..16ff3b59 100644
--- a/WEB-INF/lib/ttAdmin.class.php
+++ b/WEB-INF/lib/ttAdmin.class.php
@@ -65,6 +65,9 @@ class ttAdmin {
 
     // Now do actual work with all entities.
 
+    // Delete group files.
+    ttAdmin::deleteGroupFiles($group_id);
+
     // Some things cannot be marked deleted as we don't have the status field for them.
     // Just delete such things (until we have a better way to deal with them).
     $tables_to_delete_from = array(
@@ -186,7 +189,6 @@ class ttAdmin {
 
   // getOrgDetails obtains group name and its top manager details.
   static function getOrgDetails($group_id) {
-    $result = array();
     $mdb2 = getConnection();
 
     // Note: current code works with properly set top manager (rank 512).
@@ -213,6 +215,20 @@ class ttAdmin {
     return false;
   }
 
+ // getOrg obtains org_id for group.
+  static function getOrg($group_id) {
+    $mdb2 = getConnection();
+
+    $sql = "select org_id from tt_groups where id = $group_id";
+    $res = $mdb2->query($sql);
+    if (!is_a($res, 'PEAR_Error')) {
+      $val = $res->fetchRow();
+      return $val;
+    }
+
+    return false;
+  }
+
   // deleteGroupEntriesFromTable is a generic helper function for markGroupDeleted.
   // It deletes entries in ONE table belonging to a given group.
   static function deleteGroupEntriesFromTable($group_id, $table_name) {
@@ -315,4 +331,84 @@ class ttAdmin {
 
     return true;
   }
+
+  // deleteGroupFiles deletes files attached to all entities in the entire group.
+  // Note that it is a permanent delete, not "mark deleted" by design.
+  static function deleteGroupFiles($group_id) {
+
+    $org = ttAdmin::getOrg($group_id);
+    $org_id = $org['org_id'];
+
+    // Delete all group files from the database.
+    $mdb2 = getConnection();
+    $sql = "delete from tt_files where org_id = $org_id and group_id = $group_id";
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error'))
+      return false;
+
+    if ($affected == 0) return true; // Do not call file storage utility.
+
+    // Try to make a call to file storage facility.
+    if (!defined('FILE_STORAGE_URI')) return true; // Nothing to do.
+
+    $deletegroupfiles_uri = FILE_STORAGE_URI.'deletegroupfiles';
+
+    // Obtain site id.
+    $sql = "select param_value as site_id from tt_site_config where param_name = 'locker_id'";
+    $res = $mdb2->query($sql);
+    $val = $res->fetchRow();
+    $site_id = $val['site_id'];
+    if (!$site_id) return true; // Nothing to do.
+
+    // Obtain site key.
+    $sql = "select param_value as site_key from tt_site_config where param_name = 'locker_key'";
+    $res = $mdb2->query($sql);
+    $val = $res->fetchRow();
+    $site_key = $val['site_key'];
+    if (!$site_key) return true; // Can't continue without site key.
+
+    // Obtain org key.
+    $sql = "select group_key as org_key from tt_groups where id = $org_id";
+    $res = $mdb2->query($sql);
+    $val = $res->fetchRow();
+    $org_key = $val['org_key'];
+    if (!$org_key) return true; // Can't continue without org key.
+
+    // Obtain group key.
+    $sql = "select group_key as group_key from tt_groups where id = $group_id";
+    $res = $mdb2->query($sql);
+    $val = $res->fetchRow();
+    $group_key = $val['group_key'];
+    if (!$group_key) return true; // Can't continue without group key.
+
+    $curl_fields = array('site_id' => $site_id,
+      'site_key' => $site_key,
+      'org_id' => $org_id,
+      'org_key' => $org_key,
+      'group_id' => $group_id,
+      'group_key' => $group_key);
+
+    // url-ify the data for the POST.
+    foreach($curl_fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
+    $fields_string = rtrim($fields_string, '&');
+
+    // Open connection.
+    $ch = curl_init();
+
+    // Set the url, number of POST vars, POST data.
+    curl_setopt($ch, CURLOPT_URL, $deletegroupfiles_uri);
+    curl_setopt($ch, CURLOPT_POST, true);
+    curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+
+    // Execute a post request.
+    $result = curl_exec($ch);
+
+    // Close connection.
+    curl_close($ch);
+
+    // Many things can go wrong with a remote call to file storage facility.
+    // By design, we ignore such errors.
+    return true;
+  }
 }
diff --git a/WEB-INF/lib/ttRegistrator.class.php b/WEB-INF/lib/ttRegistrator.class.php
index b122d015..33d32597 100644
--- a/WEB-INF/lib/ttRegistrator.class.php
+++ b/WEB-INF/lib/ttRegistrator.class.php
@@ -149,11 +149,12 @@ class ttRegistrator {
     $name = $mdb2->quote($this->group_name);
     $currency = $mdb2->quote($this->currency);
     $lang = $mdb2->quote($this->lang);
+    $plugins = $mdb2->quote(defined('DEFAULT_PLUGINS') ? DEFAULT_PLUGINS : null);
     $created = 'now()';
     $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
 
-    $sql = "insert into tt_groups (group_key, name, currency, lang, created, created_ip)".
-      " values($group_key, $name, $currency, $lang, $created, $created_ip)";
+    $sql = "insert into tt_groups (group_key, name, currency, lang, plugins, created, created_ip)".
+      " values($group_key, $name, $currency, $lang, $plugins, $created, $created_ip)";
     $affected = $mdb2->exec($sql);
     if (is_a($affected, 'PEAR_Error')) return false;
 
diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index 5cc75507..03bf9330 100644
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.18.65.4943 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.18.65.4944 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
-- 
2.20.1