X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/52efa3cc9f8ad94f363f41cc2bca472b6492268d..035970e91c0a4c132874656b8f13a88c46684717:/WEB-INF/lib/ttUser.class.php diff --git a/WEB-INF/lib/ttUser.class.php b/WEB-INF/lib/ttUser.class.php index 968a1f10..0db272ff 100644 --- a/WEB-INF/lib/ttUser.class.php +++ b/WEB-INF/lib/ttUser.class.php @@ -59,7 +59,6 @@ class ttUser { var $punch_mode = 0; // Whether punch mode is enabled for user. var $allow_overlap = 0; // Whether to allow overlapping time entries. var $future_entries = 0; // Whether to allow creating future entries. - var $uncompleted_indicators = 0; // Uncompleted time entry indicators (show nowhere or on users page). var $bcc_email = null; // Bcc email. var $allow_ip = null; // Specification from where user is allowed access. var $password_complexity = null; // Password complexity example. @@ -142,7 +141,6 @@ class ttUser { $this->punch_mode = $config->getDefinedValue('punch_mode'); $this->allow_overlap = $config->getDefinedValue('allow_overlap'); $this->future_entries = $config->getDefinedValue('future_entries'); - $this->uncompleted_indicators = $config->getDefinedValue('uncompleted_indicators'); if ($this->isPluginEnabled('wu')) { $minutes_in_unit = $config->getIntValue('minutes_in_unit'); if ($minutes_in_unit) $this->minutes_in_unit = $minutes_in_unit; @@ -166,8 +164,13 @@ class ttUser { } } + // The getUser returns user id on behalf of whom the current user is operating. + function getUser() { + return ($this->behalf_id ? $this->behalf_id : $this->id); + } + // The getGroup returns group id on behalf of which the current user is operating. - function getGroup() { + function getGroup() { return ($this->behalfGroup ? $this->behalfGroup->id : $this->group_id); } @@ -196,9 +199,13 @@ class ttUser { return ($this->behalfGroup ? $this->behalfGroup->config : $this->config); } - // The getActiveUser returns user id on behalf of whom the current user is operating. - function getActiveUser() { - return ($this->behalf_id ? $this->behalf_id : $this->id); + // getConfigOption returns true if an option is defined for group. + // This helps us keeping a set of user attributes smaller. + // We determine whether the option is set only on pages that need to know. + // For example: confirm_save is used only on time and expense edit pages. + function getConfigOption($name) { + $config = new ttConfigHelper($this->getConfig()); + return $config->getDefinedValue($name); } // can - determines whether user has a right to do something. @@ -226,7 +233,7 @@ class ttUser { $group_id = $this->behalf_group_id ? $this->behalf_group_id : $this->group_id; // Do a query with inner join to get assigned projects. $sql = "select p.id, p.name, p.description, p.tasks, upb.rate from tt_projects p - inner join tt_user_project_binds upb on (upb.user_id = ".$this->getActiveUser()." and upb.project_id = p.id and upb.status = 1) + inner join tt_user_project_binds upb on (upb.user_id = ".$this->getUser()." and upb.project_id = p.id and upb.status = 1) where p.group_id = $group_id and p.status = 1 order by p.name"; $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { @@ -344,7 +351,7 @@ class ttUser { $skipClients = !isset($options['include_clients']); $includeSelf = isset($options['include_self']); - $select_part = 'select u.id, u.name'; + $select_part = 'select u.id, u.group_id, u.name'; if (isset($options['include_login'])) $select_part .= ', u.login'; if (!isset($options['include_clients'])) $select_part .= ', r.rights'; if (isset($options['include_role'])) $select_part .= ', r.name as role_name, r.rank'; @@ -479,19 +486,23 @@ class ttUser { return $groups; } - // getUser function is used to manage users in group and returns user details. + // getUserDetails function is used to manage users in group and returns user details. // At the moment, the function is used for user edits and deletes. - function getUser($user_id) { + function getUserDetails($user_id) { if (!$this->can('manage_users')) return false; $mdb2 = getConnection(); $group_id = $this->getGroup(); $org_id = $this->org_id; + // Determine max rank. If we are searching in on behalf group + // then rank restriction does not apply. + $max_rank = $this->behalfGroup ? MAX_RANK : $this->rank; + $sql = "select u.id, u.name, u.login, u.role_id, u.client_id, u.status, u.rate, u.email from tt_users u". " left join tt_roles r on (u.role_id = r.id)". " where u.id = $user_id and u.group_id = $group_id and u.org_id = $org_id and u.status is not null". - " and (r.rank < $this->rank or (r.rank = $this->rank and u.id = $this->id))"; // Users with lesser roles or self. + " and (r.rank < $max_rank or (r.rank = $max_rank and u.id = $this->id))"; // Users with lesser roles or self. $res = $mdb2->query($sql); if (!is_a($res, 'PEAR_Error')) { $val = $res->fetchRow(); @@ -608,7 +619,7 @@ class ttUser { return false; // Make sure we operate on a legit user. - $user_details = $this->getUser($user_id); + $user_details = $this->getUserDetails($user_id); if (!$user_details) return false; $mdb2 = getConnection(); @@ -671,14 +682,7 @@ class ttUser { function isUserValid($user_id) { if ($user_id == $this->id) return true; - - $user_details = $this->getUser($user_id); // TODO: this will probably not work for higher ranks. - // In this case we'll need another function. - // Or adjust getUser for max rank. - if (!$user_details) - return false; - - return true; + return ($this->getUserDetails($user_id) != null); } // isGroupValid determines if a group is valid for user.