6e56756b1516b98ad06effe91b099b75fafffb2a
[Pman.Core] / DataObjects / Person.php
1 <?php
2 /**
3  * Table Definition for Person
4  */
5 require_once 'DB/DataObject.php';
6
7
8 class Pman_Core_DataObjects_Person extends DB_DataObject 
9 {
10     ###START_AUTOCODE
11     /* the code below is auto generated do not remove the above tag */
12
13     public $__table = 'Person';                          // table name
14     public $id;                              // int(11)  not_null primary_key auto_increment
15     public $email;                           // string(128)  not_null
16     public $alt_email;
17     
18     public $company_id;                      // int(11)  
19     public $office_id;                       // int(11)  
20     public $name;                            // string(128)  not_null
21     public $firstname;                            // string(128)  not_null
22     public $lastname;                            // string(128)  not_null
23     public $phone;                           // string(32)  not_null
24     public $fax;                             // string(32)  not_null
25     
26     public $role;                            // string(32)  not_null
27     public $remarks;                         // blob(65535)  not_null blob
28     public $passwd;                          // string(64)  not_null
29     public $owner_id;                        // int(11)  not_null
30     public $lang;                            // string(8)  
31     public $no_reset_sent;                   // int(11)  
32     public $action_type;                     // string(32)  
33     public $project_id;                      // int(11)
34
35     
36     public $active;                          // int(11)  not_null
37     public $deleted_by;                      // int(11)  not_null
38     public $deleted_dt;                      // datetime(19)  binary
39
40
41     public $name_facebook; // VARCHAR(128) NULL;
42     public $url_blog; // VARCHAR(256) NULL ;
43     public $url_twitter; // VARCHAR(256) NULL ;
44     public $url_linkedin; // VARCHAR(256) NULL ;
45     public $linkedin_id; // VARCHAR(256) NULL ;
46     
47     public $phone_mobile; // varchar(32)  NOT NULL  DEFAULT '';
48     public $phone_direct; // varchar(32)  NOT NULL  DEFAULT '';
49     public $countries; // VARCHAR(128) NULL;
50     
51     /* the code above is auto generated do not remove the tag below */
52     ###END_AUTOCODE
53     
54     function owner()
55     {
56         $p = DB_DataObject::Factory($this->tableName());
57         $p->get($this->owner_id);
58         return $p;
59     }
60     
61     /**
62      *
63      *
64      *
65      *
66      *  FIXME !!!! -- USE Pman_Core_Mailer !!!!!
67      *
68      *
69      *
70      *  
71      */
72     function buildMail($templateFile, $args)
73     {
74           
75         $args = (array) $args;
76         $content  = clone($this);
77         
78         foreach((array)$args as $k=>$v) {
79             $content->$k = $v;
80         }
81         
82         $ff = HTML_FlexyFramework::get();
83         
84         
85         //?? is this really the place for this???
86         if (
87                 !$ff->cli && 
88                 empty($args['no_auth']) &&
89                 !in_array($templateFile, array(
90                     // templates that can be sent without authentication.
91                      'password_reset' ,
92                      'password_welcome'
93                  ))
94             ) {
95             
96             $content->authUser = $this->getAuthUser();
97             if (!$content->authUser) {
98                 return PEAR::raiseError("Not authenticated");
99             }
100         }
101         
102         // should handle x-forwarded...
103         
104         $content->HTTP_HOST = isset($_SERVER["HTTP_HOST"]) ?
105             $_SERVER["HTTP_HOST"] :
106             (isset($ff->HTTP_HOST) ? $ff->HTTP_HOST : 'localhost');
107             
108         /* use the regex compiler, as it doesnt parse <tags */
109         
110         $tops = array(
111             'compiler'    => 'Flexy',
112             'nonHTML' => true,
113             'filters' => array('SimpleTags','Mail'),
114             //     'debug'=>1,
115         );
116         
117         
118         
119         if (!empty($args['templateDir'])) {
120             $tops['templateDir'] = $args['templateDir'];
121         }
122         
123         
124         
125         require_once 'HTML/Template/Flexy.php';
126         $template = new HTML_Template_Flexy( $tops );
127         $template->compile("mail/$templateFile.txt");
128         
129         /* use variables from this object to ouput data. */
130         $mailtext = $template->bufferedOutputObject($content);
131         
132         $htmlbody = false;
133         // if a html file with the same name exists, use that as the body
134         // I've no idea where this code went, it was here before..
135         if (false !== $template->resolvePath ( "mail/$templateFile.html" )) {
136             $tops['nonHTML'] = false;
137             $template = new HTML_Template_Flexy( $tops );
138             $template->compile("mail/$templateFile.html");
139             $htmlbody = $template->bufferedOutputObject($content);
140             
141         }
142         
143         
144         
145         //echo "<PRE>";print_R($mailtext);
146         //print_R($mailtext);exit;
147         /* With the output try and send an email, using a few tricks in Mail_MimeDecode. */
148         require_once 'Mail/mimeDecode.php';
149         require_once 'Mail.php';
150         
151         $decoder = new Mail_mimeDecode($mailtext);
152         $parts = $decoder->getSendArray();
153         
154         if (PEAR::isError($parts)) {
155             return $parts;
156             //echo "PROBLEM: {$parts->message}";
157             //exit;
158         } 
159         list($recipents,$headers,$body) = $parts;
160         $recipents = array($this->email);
161         if (!empty($content->bcc) && is_array($content->bcc)) {
162             $recipents =array_merge($recipents, $content->bcc);
163         }
164         $headers['Date'] = date('r');
165         
166         if ($htmlbody !== false) {
167             require_once 'Mail/mime.php';
168             $mime = new Mail_mime(array('eol' => "\n"));
169             $mime->setTXTBody($body);
170             $mime->setHTMLBody($htmlbody);
171             // I think there might be code in mediaoutreach toEmail somewhere
172             // h embeds images here..
173             $body = $mime->get();
174             $headers = $mime->headers($headers);
175             
176         }
177         
178          
179         
180         return array(
181             'recipients' => $recipents,
182             'headers'    => $headers,
183             'body'      => $body
184         );
185         
186         
187     }
188     
189     
190     /**
191      * send a template
192      * - user must be authenticate or args[no_auth] = true
193      *   or template = password_[reset|welcome]
194      * 
195      */
196     function sendTemplate($templateFile, $args)
197     {
198         
199         $ar = $this->buildMail($templateFile, $args);
200       
201         
202         //print_r($recipents);exit;
203         $mailOptions = PEAR::getStaticProperty('Mail','options');
204         $mail = Mail::factory("SMTP",$mailOptions);
205         
206         if (PEAR::isError($mail)) {
207             return $mail;
208         } 
209         $oe = error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT);
210         $ret = $mail->send($ar['recipients'],$ar['headers'],$ar['body']);
211         error_reporting($oe);
212        
213         return $ret;
214     
215     }
216     
217   
218     
219     
220     function getEmailFrom()
221     {
222         if (empty($this->name)) {
223             return $this->email;
224         }
225         return '"' . addslashes($this->name) . '" <' . $this->email . '>';
226     }
227     
228     function toEventString() 
229     {
230         return empty($this->name) ? $this->email : $this->name;
231     } 
232     
233     function verifyAuth()
234     { 
235         $ff= HTML_FlexyFramework::get();
236         if (!empty($ff->Pman['auth_comptype']) &&
237             (!$this->company_id || ($ff->Pman['auth_comptype'] != $this->company()->comptype))
238            ){
239             
240             $sesPrefix = $this->sesPrefix();
241        
242             $_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
243             
244             return false;
245             
246             $ff->page->jerr("Login not permited to outside companies");
247         }
248         return true;
249         
250     }    
251    
252    
253     //   ---------------- authentication / passwords and keys stuff  ----------------
254     function isAuth()
255     {
256         
257         @session_start();
258        
259         $ff= HTML_FlexyFramework::get();
260        
261         $sesPrefix = $this->sesPrefix();
262         
263         if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
264             // in session...
265             $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
266             
267             
268             $u = DB_DataObject::factory($this->tableName());
269             if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
270               
271                 return $u->verifyAuth();
272                 
273     
274             }
275             
276             unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
277             
278         }
279         if (!$this->canInitializeSystem()) {
280             return false;
281         }
282         
283         
284         // local auth - 
285         $default_admin = false;
286         if (!empty($ff->Pman['local_autoauth']) && 
287             ($ff->Pman['local_autoauth'] === true) &&
288             (!empty($_SERVER['SERVER_ADDR'])) &&
289             ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
290             ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')  
291         ) {
292             $group = DB_DataObject::factory('Groups');
293             $group->get('name', 'Administrators');
294             
295             $member = DB_DataObject::factory('group_members');
296             $member->autoJoin();
297             $member->group_id = $group->id;
298             $member->whereAdd("
299                 join_user_id_id.id IS NOT NULL
300             ");
301             if($member->find(true)){
302                 $default_admin = DB_DataObject::factory($this->tableName());
303                 if(!$default_admin->get($member->user_id)){
304                     $default_admin = false;
305                 }
306             }
307         }
308         
309         //var_dump($ff->Pman['local_autoauth']);         var_dump($_SERVER); exit;
310         $u = DB_DataObject::factory($this->tableName());
311         $ff = HTML_FlexyFramework::get();
312         if (!empty($ff->Pman['local_autoauth']) && 
313             (!empty($_SERVER['SERVER_ADDR'])) &&
314             ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
315             ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')  &&
316             ($default_admin ||  $u->get('email', $ff->Pman['local_autoauth']))
317         ) {
318             $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($default_admin ? $default_admin : $u);
319             return true;
320         }
321            
322         // http basic auth..
323         $u = DB_DataObject::factory($this->tableName());
324
325         if (!empty($_SERVER['PHP_AUTH_USER']) 
326             &&
327             !empty($_SERVER['PHP_AUTH_PW'])
328             &&
329             $u->get('email', $_SERVER['PHP_AUTH_USER'])
330             &&
331             $u->checkPassword($_SERVER['PHP_AUTH_PW'])
332            ) {
333             $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
334             return true; 
335         }
336         //var_dump(session_id());
337         //var_dump($_SESSION[__CLASS__]);
338         
339         //if (!empty(   $_SESSION[__CLASS__][$sesPrefix .'-empty'] )) {
340         //    return false;
341         //}
342         //die("got this far?");
343         // not in session or not matched...
344         $u = DB_DataObject::factory($this->tableName());
345         $u->whereAdd(' LENGTH(passwd) > 0');
346         $n = $u->count();
347         $_SESSION[get_class($this)][$sesPrefix .'-empty']  = $n;
348         $error =  PEAR::getStaticProperty('DB_DataObject','lastError');
349         if ($error) {
350             die($error->toString()); // not really a good thing to do...
351         }
352         if (!$n){ // authenticated as there are no users in the system...
353             return true;
354         }
355         
356         return false;
357         
358     }
359     
360     function canInitializeSystem()
361     {
362         return !strcasecmp(get_class($this) , __CLASS__);
363     }
364     
365     function getAuthUser()
366     {
367         if (!$this->isAuth()) {
368             return false;
369         }
370         
371         $ff= HTML_FlexyFramework::get();
372         
373         $sesPrefix = $this->sesPrefix();
374         
375         //var_dump(array(get_class($this),$sesPrefix .'-auth'));
376        
377         if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
378             $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
379             
380             
381             $u = DB_DataObject::factory($this->tableName()); // allow extending this ...
382             $u->autoJoin();
383             if ($u->get($a->id)) { /// && strlen($u->passwd)) {  // should work out the pid .. really..
384                 return clone($u);
385             }
386             unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
387         }
388         
389         
390         
391         if (!$this->canInitializeSystem()) {
392             return false;
393         }
394         
395         
396         
397         if (empty(   $_SESSION[get_class($this)][$sesPrefix .'-empty'] )) {
398             $u = DB_DataObject::factory($this->tableName());
399             $u->whereAdd(' LENGTH(passwd) > 0');
400             $_SESSION[get_class($this)][$sesPrefix .'-empty']  = $u->count();
401         }
402                 
403              
404         if (isset(   $_SESSION[get_class($this)][$sesPrefix .'-empty'] ) && $_SESSION[get_class($this)][$sesPrefix .'-empty']  < 1) {
405             
406             // fake person - open system..
407             //$ce = DB_DataObject::factory('core_enum');
408             //$ce->initEnums();
409             
410             
411             $u = DB_DataObject::factory($this->tableName());
412             $u->id = -1;
413             
414             // if a company has been created fill that in in company_id_id
415             $c = DB_DAtaObject::factory('Companies')->lookupOwner();
416             if ($c) {
417                 $u->company_id_id = $c->pid();
418                 $u->company_id = $c->pid();
419             }
420             
421             return $u;
422             
423         }
424         return false;
425     }     
426     function login()
427     {
428         $this->isAuth(); // force session start..
429         if (!$this->verifyAuth()) { // check for company valid..
430             return false;
431         }
432         
433         // open up iptables at login..
434         $dbname = $this->database();
435         touch( '/tmp/run_pman_admin_iptables-'.$dbname);
436          
437         // refresh admin group if we are logged in as one..
438         //DB_DataObject::debugLevel(1);
439         $g = DB_DataObject::factory('Groups');
440         $g->type = 0;
441         $g->get('name', 'Administrators');
442         $gm = DB_DataObject::Factory('group_members');
443         if (in_array($g->id,$gm->listGroupMembership($this))) {
444             // refresh admin groups.
445             $gr = DB_DataObject::Factory('group_rights');
446             $gr->applyDefs($g, 0);
447         }
448         
449         $sesPrefix = $this->sesPrefix();
450         
451         // we should not store the whole data in the session - otherwise it get's huge.
452         $p = DB_DAtaObject::Factory($this->tableName());
453         $p->get($this->pid());
454         
455         //var_dump(array(get_class($this),$sesPrefix .'-auth'));
456         $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object)$p->toArray());
457         // ensure it's written so that ajax calls can fetch it..
458         
459         
460         
461     }
462     function logout()
463     {
464         $this->isAuth(); // force session start..
465         
466         $sesPrefix = $this->sesPrefix();
467         
468         $_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
469         
470     }    
471     function genPassKey ($t) 
472     {
473         return md5($this->email . $t. $this->passwd);
474     }
475     function simpleAuthKey($m = 0)
476     {
477         $month = $m > -1 ? date('Y-m') : date('Y-m', strtotime('LAST MONTH'));
478         
479         return md5(implode(',' ,  array($month, $this->email , $this->passwd, $this->id)));
480     } 
481     function checkPassword($val)
482     {
483         
484         if (substr($this->passwd,0,1) == '$') {
485             
486             return crypt($val,$this->passwd) == $this->passwd ;
487         }
488         // old style md5 passwords...- cant be used with courier....
489         return md5($val) == $this->passwd;
490     }
491     
492     function setPassword($value) 
493     {
494         $salt='';
495         while(strlen($salt)<9) {
496             $salt.=chr(rand(64,126));
497             //php -r var_dump(crypt('testpassword', '$1$'. (rand(64,126)). '$'));
498         }
499         $this->passwd = crypt($value, '$1$'. $salt. '$');
500        
501        
502     }      
503     
504     function generatePassword() // genearte a password (add set 'rawPasswd' to it's value)
505     {
506         require_once 'Text/Password.php';
507         $this->rawPasswd = strtr(ucfirst(Text_Password::create(5)).ucfirst(Text_Password::create(5)), array(
508         "a"=>"4", "e"=>"3",  "i"=>"1",  "o"=>"0", "s"=>"5",  "t"=>"7"));
509         $this->setPassword($this->rawPasswd);
510         return $this->rawPasswd;
511     }
512     
513     function company()
514     {
515         $x = DB_DataObject::factory('Companies');
516         $x->autoJoin();
517         $x->get($this->company_id);
518         return $x;
519     }
520     function loadCompany()
521     {
522         $this->company = $this->company();
523     }
524     
525     function active()
526     { 
527         return $this->active;
528     }
529     function authUserName($n) // set username prior to acheck user exists query.
530     {
531         
532         $this->whereAdd('LENGTH(passwd) > 1'); 
533         $this->email = $n;
534     }
535     function lang()
536     {
537         if (!func_num_args()) {
538             return $this->lang;
539         }
540         $val = array_shift(func_get_args());
541         if ($val == $this->lang) {
542             return;
543         }
544         $uu = clone($this);
545         $this->lang = $val;
546         $this->update($uu);
547         return $this->lang;
548     }
549             
550     
551     function authUserArray()
552     {
553         
554         $aur = $this->toArray();
555         
556         if ($this->id < 1) {
557             return $aur;
558         }
559         
560         
561         //DB_DataObject::debugLevel(1);
562         $c = DB_Dataobject::factory('Companies');
563         $im = DB_Dataobject::factory('Images');
564         $c->joinAdd($im, 'LEFT');
565         $c->selectAdd();
566         $c->selectAs($c, 'company_id_%s');
567         $c->selectAs($im, 'company_id_logo_id_%s');
568         $c->id = $this->company_id;
569         $c->limit(1);
570         $c->find(true);
571         
572         $aur = array_merge( $c->toArray(),$aur);
573         
574         if (empty($c->company_id_logo_id_id))  {
575                  
576             $im = DB_Dataobject::factory('Images');
577             $im->ontable = 'Companies';
578             $im->onid = $c->id;
579             $im->imgtype = 'LOGO';
580             $im->limit(1);
581             $im->selectAdd();
582             $im->selectAs($im,  'company_id_logo_id_%s');
583             if ($im->find(true)) {
584                     
585                 foreach($im->toArray() as $k=>$v) {
586                     $aur[$k] = $v;
587                 }
588             }
589         }
590       
591         // perms + groups.
592         $aur['perms']  = $this->getPerms();
593         $g = DB_DataObject::Factory('group_members');
594         $aur['groups']  = $g->listGroupMembership($this, 'name');
595         
596         $aur['passwd'] = '';
597         $aur['dailykey'] = '';
598         
599         
600         
601         return $aur;
602     }
603     
604     //   ----------PERMS------  ----------------
605     function getPerms() 
606     {
607          //DB_DataObject::debugLevel(1);
608         // find out all the groups they are a member of.. + Default..
609         
610         // ------ INIITIALIZE IF NO GROUPS ARE SET UP.
611         
612         $g = DB_DataObject::Factory('group_rights');
613         if (!$g->count()) {
614             $g->genDefault();
615         }
616         
617         if ($this->id < 0) {
618             return $g->adminRights(); // system is not set up - so they get full rights.
619         }
620         //DB_DataObject::debugLevel(1);
621         $g = DB_DataObject::Factory('group_members');
622         $g->whereAdd('group_id is NOT NULL AND user_id IS NOT NULL');
623         if (!$g->count()) {
624             // add the current user to the admin group..
625             $g = DB_DataObject::Factory('Groups');
626             if ($g->get('name', 'Administrators')) {
627                 $gm = DB_DataObject::Factory('group_members');
628                 $gm->group_id = $g->id;
629                 $gm->user_id = $this->id;
630                 $gm->insert();
631             }
632             
633         }
634         
635         // ------ STANDARD PERMISSION HANDLING.
636         $isOwner = $this->company()->comptype == 'OWNER';
637         $g = DB_DataObject::Factory('group_members');
638         $grps = $g->listGroupMembership($this);
639        //var_dump($grps);
640         $isAdmin = $g->inAdmin;
641         //echo '<PRE>'; print_r($grps);var_dump($isAdmin);
642         // the load all the perms for those groups, and add them all together..
643         // then load all those 
644         $g = DB_DataObject::Factory('group_rights');
645         $ret =  $g->listPermsFromGroupIds($grps, $isAdmin, $isOwner);
646         //echo '<PRE>';print_r($ret);
647         return $ret;
648          
649         
650     }
651     /**
652      *Basic group fetching - probably needs to filter by type eventually.
653      *
654      *@param String $what - fetchall() argument - eg. 'name' returns names of all groups that they are members of.
655      */
656     
657     function groups($what=false)
658     {
659         $g = DB_DataObject::Factory('group_members');
660         $grps = $g->listGroupMembership($this);
661         $g = DB_DataObject::Factory('Groups');
662         $g->whereAddIn('id', $grps, 'int');
663         return $g->fetchAll($what);
664         
665     }
666     
667     
668     
669     function hasPerm($name, $lvl) 
670     {
671         static $pcache = array();
672         
673         if (!isset($pcache[$this->id])) {
674             $pcache[$this->id] = $this->getPerms();
675         }
676        // echo "<PRE>";print_r($pcache[$au->id]);
677        // var_dump($pcache[$au->id]);
678         if (empty($pcache[$this->id][$name])) {
679             return false;
680         }
681         
682         return strpos($pcache[$this->id][$name], $lvl) > -1;
683         
684     }    
685     
686     //  ------------ROO HOOKS------------------------------------
687     function applyFilters($q, $au, $roo)
688     {
689         //DB_DataObject::DebugLevel(1);
690         
691         if (!empty($q['query']['is_owner'])) {
692             $this->whereAdd(" join_company_id_id.comptype = 'OWNER'");
693         }
694         
695         if (!empty($q['query']['person_not_internal'])) {
696             $this->whereAdd(" join_company_id_id.isOwner = 0 ");
697         }
698         
699         if (!empty($q['query']['person_internal_only_all'])) {
700             
701             
702             // must be internal and not current user (need for distribution list)
703             // user has a projectdirectory entry and role is not blank.
704             //DB_DataObject::DebugLevel(1);
705             $pd = DB_DataObject::factory('ProjectDirectory');
706             $pd->whereAdd("role != ''");
707             $pd->selectAdd();
708             $pd->selectAdd('distinct(person_id) as person_id');
709             $roled = $pd->fetchAll('person_id');
710             $rs = $roled  ? "  OR
711                     {$this->tableName()}.id IN (".implode(',', $roled) . ") 
712                     " : '';
713             $this->whereAdd(" join_company_id_id.comptype = 'OWNER' $rs ");
714             
715         }
716         // -- for distribution
717         if (!empty($q['query']['person_internal_only'])) {
718             // must be internal and not current user (need for distribution list)
719             $this->whereAdd(" join_company_id_id.comptype = 'OWNER'");
720             
721             //$this->whereAdd(($this->tableName() == 'Person' ? 'Person' : "join_person_id_id") .
722             //    ".id  != ".$au->id);
723             $this->whereAdd("{$this->tableName()}.id != {$au->id}");
724         } 
725         
726         if (!empty($q['query']['comptype_or_company_id'])) {
727            // DB_DataObject::debugLevel(1);
728             $bits = explode(',', $q['query']['comptype_or_company_id']);
729             $id = (int) array_pop($bits);
730             $ct = $this->escape($bits[0]);
731             
732             $this->whereAdd(" join_company_id_id.comptype = '$ct' OR {$this->tableName()}.company_id = $id");
733             
734         }
735         
736         
737         // staff list..
738         if (!empty($q['query']['person_inactive'])) {
739            // DB_Dataobject::debugLevel(1);
740             $this->active = 1;
741         }
742         $tn_p = $this->tableName();
743         $tn_gm = DB_DataObject::Factory('group_members')->tableName();
744         $tn_g = DB_DataObject::Factory('Groups')->tableName();
745
746         ///---------------- Group views --------
747         if (!empty($q['query']['in_group'])) {
748             // DB_DataObject::debugLevel(1);
749             $ing = (int) $q['query']['in_group'];
750             if ($q['query']['in_group'] == -1) {
751              
752                 // list all staff who are not in a group.
753                 $this->whereAdd("{$this->tableName()}.id NOT IN (
754                     SELECT distinct(user_id) FROM $tn_gm LEFT JOIN
755                         $tn_g ON $tn_g.id = $tn_gm.group_id
756                         WHERE $tn_g.type = ".$q['query']['type']."
757                     )");
758                 
759                 
760             } else {
761                 
762                 $this->whereAdd("$tn_p.id IN (
763                     SELECT distinct(user_id) FROM $tn_gm
764                         WHERE group_id = $ing
765                     )");
766                }
767             
768         }
769         
770         // #2307 Search Country!!
771         if (!empty($q['query']['in_country'])) {
772             // DB_DataObject::debugLevel(1);
773             $inc = $q['query']['in_country'];
774             $this->whereAdd("$tn_p.countries LIKE '%{$inc}%'");
775         }
776         
777         if (!empty($q['query']['not_in_directory'])) { 
778             // it's a Person list..
779             // DB_DATaobjecT::debugLevel(1);
780             
781             // specific to project directory which is single comp. login
782             //
783             $owncomp = DB_DataObject::Factory('Companies');
784             $owncomp->get('comptype', 'OWNER');
785             if ($q['company_id'] == $owncomp->id) {
786                 $this->active =1;
787             }
788             
789             
790
791             if ( $q['query']['not_in_directory'] > -1) {
792                 $tn_pd = DB_DataObject::Factory('ProjectDirectory')->tableName();
793                 // can list current - so that it does not break!!!
794                 $this->whereAdd("$tn_p.id NOT IN 
795                     ( SELECT distinct person_id FROM $tn_pd WHERE
796                         project_id = " . $q['query']['not_in_directory'] . " AND 
797                         company_id = " . $this->company_id . ')');
798             }
799         }
800            
801         if (!empty($q['query']['role'])) { 
802             // it's a Person list..
803             // DB_DATaobjecT::debugLevel(1);
804             
805             // specific to project directory which is single comp. login
806             //
807             $tn_pd = DB_DataObject::Factory('ProjectDirectory')->tableName();
808                 // can list current - so that it does not break!!!
809             $this->whereAdd("$tn_p.id IN 
810                     ( SELECT distinct person_id FROM $tn_pd WHERE
811                         role = '". $this->escape($q['query']['role']) ."'
812             )");
813         
814         }
815         
816         
817         if (!empty($q['query']['project_member_of'])) {
818                // this is also a flag to return if they are a member..
819             //DB_DataObject::debugLevel(1);
820             $do = DB_DataObject::factory('ProjectDirectory');
821             $do->project_id = $q['query']['project_member_of'];
822             $tn_pd = DB_DataObject::Factory('ProjectDirectory')->tableName();
823             $this->joinAdd($do,array('joinType' => 'LEFT', 'useWhereAsOn' => true));
824             $this->selectAdd("IF($tn_pd.id IS NULL, 0,  $tn_pd.id )  as is_member");
825                 
826                 
827             if (!empty($q['query']['project_member_filter'])) {
828                 $this->having('is_member !=0');
829             
830             }
831             
832         }
833         
834         if(!empty($q['query']['name'])){
835             $this->whereAdd("
836                 {$this->tableName()}.name LIKE '%{$this->escape($q['query']['name'])}%'
837             ");
838         }
839         
840         if (!empty($q['query']['search'])) {
841             
842             // use our magic search builder...
843             
844              require_once 'Text/SearchParser.php';
845             $x = new Text_SearchParser($q['query']['search']);
846             
847             $props = array(
848                     "$tn_p.name",
849                     "$tn_p.email",
850                     "$tn_p.role",
851                     "$tn_p.phone",
852                     "$tn_p.remarks",
853                     "join_company_id_id.name"
854             );
855             $tbcols = $this->table();
856             foreach(array('firstname','lastname') as $k) {
857                 if (isset($tbcols[$k])) {
858                     $props[] = "{$tn_p}.{$k}";
859                 }
860             }
861             
862             
863             
864             
865             $str =  $x->toSQL(array(
866                 'default' => $props,
867                 'map' => array(
868                     'company' => 'join_company_id_id.name',
869                     //'country' => 'Clipping.country',
870                     //  'media' => 'Clipping.media_name',
871                 ),
872                 'escape' => array($this->getDatabaseConnection(), 'escapeSimple'), /// pear db or mdb object..
873
874             ));
875             
876             
877             $this->whereAdd($str); /*
878                         $tn_p.name LIKE '%$s%'  OR
879                         $tn_p.email LIKE '%$s%'  OR
880                         $tn_p.role LIKE '%$s%'  OR
881                         $tn_p.phone LIKE '%$s%' OR
882                         $tn_p.remarks LIKE '%$s%' 
883                         
884                     ");*/
885         }
886         
887         // project directory rules -- this may distrupt things.
888         $p = DB_DataObject::factory('ProjectDirectory');
889         // if project directories are set up, then we can apply project query rules..
890         if ($p->count()) {
891             $p->autoJoin();
892             $pids = $p->projects($au);
893             if (isset($q['query']['project_id'])) {   
894                 $pid = (int)$q['query']['project_id'];
895                 if (!in_array($pid, $pids)) {
896                     $roo->jerr("Project not in users valid projects");
897                 }
898                 $pids = array($pid);
899             }
900             // project roles..
901             //if (empty($q['_anyrole'])) {  // should be project_directry_role
902             //    $p->whereAdd("{$p->tableName()}.role != ''");
903             // }
904             if (!empty($q['query']['role'])) {  // should be project_directry_role
905                 $role = $this->escape($q['query']['role']); 
906                
907                 $p->whereAdd("{$p->tableName()}.role LIKE '%{$role}%'");
908                  
909             }
910             
911             if (!$roo->hasPerm('Core.Projects_All', 'S')) {
912                 $peps = $p->people($pids);
913                 $this->whereAddIn("{$tn}.id", $peps, 'int');
914             }
915         }    
916         
917         // fixme - this needs a more generic fix - it was from the mtrack_person code...
918         if (isset($q['query']['ticket_id'])) {  
919             // find out what state the ticket is in.
920             $t = DB_DataObject::Factory('mtrack_ticket');
921             $t->autoJoin();
922             $t->get($q['query']['ticket_id']);
923             
924             if (!$this->checkPerm('S', $au)) {
925                 $roo->jerr("permssion denied to query state of ticket");
926             }
927             
928             $p = DB_DataObject::factory('ProjectDirectory');
929             $pids = array($t->project_id);
930            
931             $peps = $p->people($pids);
932             
933             $this->whereAddIn($this->tableName().'.id', $peps, 'int');
934             
935             //$this->whereAdd('join_prole != ''");
936             
937         }  
938     }
939     function setFromRoo($ar, $roo)
940     {
941         $this->setFrom($ar);
942         if (!empty($ar['passwd1'])) {
943             $this->setPassword($ar['passwd1']);
944         }
945         
946         
947         if (    $this->id &&
948                 ($this->email == $roo->old->email)&&
949                 ($this->company_id == $roo->old->company_id)
950             ) {
951             return true;
952         }
953         if (empty($this->email)) {
954             return true;
955         }
956         $xx = DB_Dataobject::factory($this->tableName());
957         $xx->setFrom(array(
958             'email' => $this->email,
959            // 'company_id' => $x->company_id
960         ));
961         
962         if ($xx->count()) {
963             return "Duplicate Email found";
964         }
965         return true;
966     }
967     /**
968      *
969      * before Delete - delete significant dependancies..
970      * this is called after checkPerm..
971      */
972     
973     function beforeDelete()
974     {
975         
976         $e = DB_DataObject::Factory('Events');
977         $e->whereAdd('person_id = ' . $this->id);
978         $e->delete(true);
979         
980         // anything else?  
981         
982     }
983     
984     
985     /***
986      * Check if the a user has access to modify this item.
987      * @param String $lvl Level (eg. Core.Projects)
988      * @param Pman_Core_DataObjects_Person $au The authenticated user.
989      * @param boolean $changes alllow changes???
990      *
991      * @return false if no access..
992      */
993     function checkPerm($lvl, $au, $changes=false) //heck who is trying to access this. false == access denied..
994     {
995          
996        // do we have an empty system..
997         if ($au && $au->id == -1) {
998             return true;
999         }
1000         // if not authenticated... do not allow in???
1001         if (!$au ) {
1002             return false;
1003         }
1004         
1005         // determine if it's staff!!!
1006         $owncomp = DB_DataObject::Factory('Companies');
1007         $owncomp->get('comptype', 'OWNER');
1008         $isStaff = ($au->company_id ==  $owncomp->id);
1009        
1010        
1011         if (!$isStaff) {
1012             
1013             // - can not change company!!!
1014             if ($changes && 
1015                 isset($changes['company_id']) && 
1016                 $changes['company_id'] != $au->company_id) {
1017                 return false;
1018             }
1019             // can only set new emails..
1020             if ($changes && 
1021                     !empty($this->email) && 
1022                     isset($changes['email']) && 
1023                     $changes['email'] != $this->email) {
1024                 return false;
1025             }
1026             
1027             
1028             // mtrack had the idea that all 'S' should be allowed.. - but filtered later..
1029             // ???? do we want this?
1030             
1031             // edit self... - what about other staff members...
1032             
1033             //return $this->company_id == $au->company_id;
1034         }
1035         
1036          
1037         // yes, only owner company can mess with this...
1038         
1039         
1040         
1041     
1042         switch ($lvl) {
1043             // extra case change passwod?
1044             case 'P': //??? password
1045                 // standard perms -- for editing + if the user is dowing them selves..
1046                 $ret = $isStaff ? $au->hasPerm("Core.Staff", "E") : $au->hasPerm("Core.Person", "E");
1047                 return $ret || $au->id == $this->id;
1048             
1049             default:                
1050                 return $isStaff ? $au->hasPerm("Core.Staff", $lvl) : $au->hasPerm("Core.Person", $lvl);
1051         
1052         }
1053         return false;
1054     }
1055     
1056     function beforeInsert($req, $roo)
1057     {
1058         $p = DB_DataObject::factory('person');
1059         if ($roo->authUser->id > -1 ||  $p->count() > 1) {
1060             return;
1061         }
1062         $c = DB_DAtaObject::Factory('Companies');
1063         $tc =$c->count();
1064         if (!$tc || $tc> 1) {
1065             $roo->jerr("can not create initial user as multiple companies already exist");
1066         }
1067         $c->find(true);
1068         $this->company_id = $c->id;
1069         
1070     }
1071     
1072     function onInsert($req, $roo)
1073     {
1074          
1075         $p = DB_DataObject::factory('person');
1076         if ($roo->authUser->id < 0 && $p->count() == 1) {
1077             // this seems a bit risky...
1078             
1079             $g = DB_DataObject::factory('Groups');
1080             $g->initGroups();
1081             
1082             $g->type = 0;
1083             $g->get('name', 'Administrators');
1084             
1085             $p = DB_DataObject::factory('group_members');
1086             $p->group_id = $g->id;
1087             $p->user_id = $this->id;     
1088             if (!$p->count()) {
1089                 $p->insert();
1090                 $roo->addEvent("ADD", $p, $g->toEventString(). " Added " . $this->toEventString());
1091             }
1092             $this->login();
1093         }
1094         if (!empty($req['project_id_addto'])) {
1095             $pd = DB_DataObject::factory('ProjectDirectory');
1096             $pd->project_id = $req['project_id_addto'];
1097             $pd->person_id = $this->id; 
1098             $pd->ispm =0;
1099             $pd->office_id = $this->office_id;
1100             $pd->company_id = $this->company_id;
1101             $pd->insert();
1102         }
1103         
1104     }
1105     
1106     function importFromArray($roo, $persons, $opts)
1107     {
1108         if (empty($opts['prefix'])) {
1109             $roo->jerr("opts[prefix] is empty - you can not just create passwords based on the user names");
1110         }
1111         
1112         if (!is_array($persons) || empty($persons)) {
1113             $roo->jerr("error in the person data. - empty on not valid");
1114         }
1115         DB_DataObject::factory('groups')->initGroups();
1116         
1117         foreach($persons as $person){
1118             $p = DB_DataObject::factory('person');
1119             if($p->get('name', $person['name'])){
1120                 continue;
1121             }
1122             $p->setFrom($person);
1123             
1124             $companies = DB_DataObject::factory('companies');
1125             if(!$companies->get('comptype', 'OWNER')){
1126                 $roo->jerr("Missing OWNER companies!");
1127             }
1128             $p->company_id = $companies->pid();
1129             // strip the 'spaces etc.. make lowercase..
1130             $name = strtolower(str_replace(' ', '', $person['name']));
1131             $p->setPassword("{$opts['prefix']}{$name}");
1132             $p->insert();
1133             // set up groups
1134             // if $person->groups is set.. then
1135             // add this person to that group eg. groups : [ 'Administrator' ] 
1136             if(!empty($person['groups'])){
1137                 $groups = DB_DataObject::factory('groups');
1138                 if(!$groups->get('name', $person['groups'])){
1139                     $roo->jerr("Missing groups : {$person['groups']}");
1140                 }
1141                 $gm = DB_DataObject::factory('group_members');
1142                 $gm->change($p, $groups, true);
1143             }
1144             
1145             $p->onInsert(array(), $roo);
1146         }
1147     }
1148     
1149     function getEmailName()
1150     {
1151         $name = array();
1152         
1153         if(!empty($this->honor)){
1154             array_push($name, $this->honor);
1155         }
1156         
1157         if(!empty($this->name)){
1158             array_push($name, $this->name);
1159             
1160             return implode(' ', $name);
1161         }
1162         
1163         if(!empty($this->firstname) || !empty($this->lastname)){
1164             array_push($name, $this->firstname);
1165             array_push($name, $this->lastname);
1166             
1167             $name = array_filter($name);
1168             
1169             return $name;
1170         }
1171         
1172         return $this->email;
1173     }
1174     
1175     function sesPrefix()
1176     {
1177         $ff= HTML_FlexyFramework::get();
1178         
1179         $appname = empty($ff->appNameShort) ? $ff->project : $ff->project . '-' . $ff->appNameShort;
1180         
1181         $db = $this->getDatabaseConnection();
1182         
1183         $sesPrefix = $appname.'-' .get_class($this) .'-'.$db->dsn['database'] ;
1184
1185         return $sesPrefix;
1186     }
1187     
1188  }