X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/1a1ae10cf832a697192fc5e1e84debe930ce3c9f..ca6d2f927b985f4d80b31e5e2c6deb98e4fae6f6:/WEB-INF/lib/ttUser.class.php diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php index 859d0881..ccd1f961 100644 --- a/WEB-INF/lib/ttUser.class.php +++ b/WEB-INF/lib/ttUser.class.php @@ -28,6 +28,7 @@ import('ttConfigHelper'); import('ttGroupHelper'); +import('ttGroup'); class ttUser { var $login = null; // User login. @@ -74,6 +75,8 @@ class ttUser { var $first_unit_threshold = 0;// Threshold for 1st unit for Work units plugin. var $unit_totals_only = 0; // Totals only option for the Work units plugin. + var $behalfGroup = null; // A ttGroup instance with on behalf group attributes. + // Constructor. function __construct($login, $id = null) { if (!$login && !$id) { @@ -150,13 +153,15 @@ class ttUser { // Set "on behalf" id and name (user). if (isset($_SESSION['behalf_id'])) { - $this->behalf_id = $_SESSION['behalf_id']; - $this->behalf_name = $_SESSION['behalf_name']; + $this->behalf_id = $_SESSION['behalf_id']; + $this->behalf_name = $_SESSION['behalf_name']; } // Set "on behalf" id and name (group). if (isset($_SESSION['behalf_group_id'])) { - $this->behalf_group_id = $_SESSION['behalf_group_id']; - $this->behalf_group_name = $_SESSION['behalf_group_name']; + $this->behalf_group_id = $_SESSION['behalf_group_id']; + $this->behalf_group_name = $_SESSION['behalf_group_name']; + + $this->behalfGroup = new ttGroup($this->behalf_group_id, $this->org_id); } } } @@ -306,12 +311,13 @@ class ttUser { // getUsers obtains users in a group, as specififed by options. function getUsers($options) { - $mdb2 = getConnection(); + $group_id = $this->getActiveGroup(); + $org_id = $this->org_id; + $skipClients = !isset($options['include_clients']); $includeSelf = isset($options['include_self']); - $group_id = isset($options['group_id']) ? $options['group_id'] : $this->group_id; $select_part = 'select u.id, u.name'; if (isset($options['include_login'])) $select_part .= ', u.login'; @@ -324,7 +330,7 @@ class ttUser { if (isset($options['max_rank']) || $skipClients || isset($options['include_role'])) $left_joins .= ' left join tt_roles r on (u.role_id = r.id)'; - $where_part = " where u.org_id = $this->org_id and u.group_id = $group_id"; + $where_part = " where u.org_id = $org_id and u.group_id = $group_id"; if (isset($options['status'])) $where_part .= ' and u.status = '.(int)$options['status']; else @@ -439,11 +445,13 @@ class ttUser { if (!$this->can('manage_users')) return false; $mdb2 = getConnection(); + $group_id = $this->getActiveGroup(); + $org_id = $this->org_id; $sql = "select u.id, u.name, u.login, u.role_id, u.client_id, u.status, u.rate, u.email from tt_users u". - " left join tt_roles r on (u.role_id = r.id)". - " where u.id = $user_id and u.group_id = $this->group_id and u.status is not null". - " and (r.rank < $this->rank or (r.rank = $this->rank and u.id = $this->id))"; // Users with lesser roles or self. + " left join tt_roles r on (u.role_id = r.id)". + " where u.id = $user_id and u.group_id = $group_id and u.org_id = $org_id and u.status is not null". + " and (r.rank < $this->rank or (r.rank = $this->rank and u.id = $this->id))"; // Users with lesser roles or self. $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { $val = $res->fetchRow(); @@ -564,21 +572,26 @@ class ttUser { if (!$user_details) return false; $mdb2 = getConnection(); + $group_id = $this->getActiveGroup(); + $org_id = $this->org_id; // Mark user to project binds as deleted. - $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id"; + $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id". + " and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; // Mark user favorite reports as deleted. - $sql = "update tt_fav_reports set status = NULL where user_id = $user_id"; + $sql = "update tt_fav_reports set status = NULL where user_id = $user_id". + " and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; // Mark user as deleted. - $sql = "update tt_users set status = NULL where id = $user_id and group_id = ".$this->group_id; + $sql = "update tt_users set status = NULL where id = $user_id". + " and group_id = $group_id and org_id = $org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; @@ -683,8 +696,12 @@ class ttUser { // Unset things first. $this->behalf_group_id = null; $this->behalf_group_name = null; + $this->behalf_id = null; + $this->behalf_name = null; unset($_SESSION['behalf_group_id']); unset($_SESSION['behalf_group_name']); + unset($_SESSION['behalf_id']); + unset($_SESSION['behalf_name']); // Do not do anything if we don't have rights. if (!$this->can('manage_subgroups')) return; @@ -702,10 +719,10 @@ class ttUser { $this->behalf_group_id = $group_id; $this->behalf_group_name = $onBehalfGroupName; - // Question remains whether or not we need to adjust on behalf user. - // Adjusting for now. Test it and redesign if necessary. - unset($_SESSION['behalf_id']); - unset($_SESSION['behalf_name']); + unset($this->behalfGroup); + $this->behalfGroup = new ttGroup($this->behalf_group_id, $this->org_id); + + // Adjust on behalf user. $this->adjustBehalfId(); return; }