currentProject($_REQUEST['active_project_id']); return $this->jok($this->currentProject()); } if (!isset($_REQUEST['ajax_body'])) { return; } $this->masterTemplate = 'project.html'; $p = DB_DataObject::factory('core_project'); $p->get( $this->currentProject()); $this->project = $p; /// milestones.. $this->milestones = $this->project->milestones(); // compoennts... // permissions.. if (!$this->authUser) { return; } ///DB_DataObject::debugLevel(1); // fetch permissions. $gr = DB_DataObject::factory('core_group_right'); $ar = $gr->defaultPermData(); //echo '
';print_r($ar); $perms = array(); foreach($ar as $nm=>$data) { if (!preg_match('/^MTrack\./', $nm)) { continue; } $perms[] = $nm; } $gr = DB_DataObject::factory('core_group_right'); $gr->whereAddIn('rightname', $perms, 'string'); $gr->selectAdd(); $gr->selectAdd('distinct(group_id) as group_id'); $gr->whereAdd("AccessMask != ''"); $gids = $gr->fetchAll('group_id'); //print_R($gids); $g = DB_DataObject::factory('core_group'); $g->whereAddIn('id',$gids, 'int'); $this->groups = $g->fetchAll( ); // find out which groups are using those perms... so that we can offer membership to people.. // members... (might be large one day) $pr = DB_DataObject::Factory('ProjectDirectory'); $pr->project_id = $this->currentProject(); //$pr->autoJoin(); if ($this->authUser->company()->comptype !='OWNER') { $pr->whereAdd("role=''"); } $pr->orderBY('role DESC'); $ar = $pr->fetchAll(); foreach($ar as $pd) { $pd->person = $pd->person(); $pd->person->perms = $pd->person->getPerms(); $g = DB_DataObject::factory('core_group_member'); $pd->person->groups = $g->listGroupMembership($pd->person); $this->people[] = $pd; } } function checkGroupPerson($p,$g) { $str = 'id, $p->groups)) { $str .= ' checked="checked"'; } return $str. '>'; } /** * * Things that can change... * - permission updates * */ function post() { if (empty($_POST['action'])) { $this->jerr("invalid action"); } switch ($_POST['action']) { case 'perm': //DB_DataObject::debugLevel(1); if ($this->authUser->company()->comptype != 'OWNER') { $this->jerr("Owner company only"); } if (!$this->hasPerm('Core.Groups', 'E')) { $this->jerr("permission denied"); } $p = DB_DataObject::factory('core_person'); if (empty($_POST['uid']) || !$p->get($_POST['uid'])) { $this->jerr("invalid user"); } $g = DB_DataObject::factory('core_group'); if (empty($_POST['gid']) || !$g->get($_POST['gid'])) { $this->jerr("invalid group"); } // verify group is a MTrack only?? $state = empty($_POST['value']) ? 0 : 1; $gm = DB_DataObject::factory('core_group_member'); $gm->change($p, $g, $state); $this->jok("updated"); case 'role': //DB_DataObject::debugLevel(1); if ($this->authUser->company()->comptype != 'OWNER') { $this->jerr("Owner company only"); } // which role ... this is not really correct. if (!$this->hasPerm('Core.Groups', 'E')) { $this->jerr("permission denied"); } $pd = DB_DataObject::factory('ProjectDirectory'); if (empty($_POST['pdid']) || !$pd->get($_POST['pdid'])) { $this->jerr("invalid line"); } $pd->role = $_POST['value']; $pd->update(); default: $this->jerr("invalid action"); } } }