git.roojs.org Git - web.mtrack/blob - MTrackWeb/Project.php

   1 <?php
   2 require_once 'MTrackWeb.php';
   3
   4 class MTrackWeb_Project extends MTrackWeb
   5 {
   6
   7     //function getAuth-- inherit
   8
   9     function get($code='') {
  10
  11         if (isset($_REQUEST['active_project_id'])) {
  12             $this->currentProject($_REQUEST['active_project_id']);
  13             return $this->jok($this->currentProject());
  14         }
  15
  16         if (!isset($_REQUEST['ajax_body'])) {
  17             return;
  18         }
  19         $this->masterTemplate = 'project.html';
  20
  21         $p = DB_DataObject::factory('core_project');
  22         $p->get( $this->currentProject());
  23         $this->project = $p;
  24
  25         /// milestones..
  26
  27         $this->milestones = $this->project->milestones();
  28
  29
  30
  31         // compoennts...
  32
  33
  34         // permissions..
  35         if (!$this->authUser) {
  36             return;
  37         }
  38         ///DB_DataObject::debugLevel(1);
  39         // fetch permissions.
  40         $gr = DB_DataObject::factory('core_group_right');
  41         $ar = $gr->defaultPermData();
  42         //echo '<PRE>';print_r($ar);
  43         $perms = array();
  44         foreach($ar as $nm=>$data) {
  45             if (!preg_match('/^MTrack\./', $nm)) {
  46                 continue;
  47             }
  48             $perms[] = $nm;
  49
  50         }
  51         $gr = DB_DataObject::factory('core_group_right');
  52         $gr->whereAddIn('rightname', $perms, 'string');
  53         $gr->selectAdd();
  54
  55         $gr->selectAdd('distinct(group_id) as group_id');
  56         $gr->whereAdd("AccessMask != ''");
  57         $gids = $gr->fetchAll('group_id');
  58         //print_R($gids);
  59
  60         $g = DB_DataObject::factory('core_group');
  61         $g->whereAddIn('id',$gids, 'int');
  62         $this->groups = $g->fetchAll( );
  63
  64
  65         // find out which groups are using those perms... so that we can offer membership to people..
  66
  67
  68
  69
  70         // members... (might be large one day)
  71         $pr = DB_DataObject::Factory('ProjectDirectory');
  72         $pr->project_id = $this->currentProject();
  73         //$pr->autoJoin();
  74
  75         if ($this->authUser->company()->comptype !='OWNER') {
  76             $pr->whereAdd("role=''");
  77         }
  78         $pr->orderBY('role DESC');
  79         $ar  = $pr->fetchAll();
  80
  81
  82         foreach($ar as $pd) {
  83             $pd->person = $pd->person();
  84             $pd->person->perms = $pd->person->getPerms();
  85
  86             $g = DB_DataObject::factory('core_group_member');
  87             $pd->person->groups  = $g->listGroupMembership($pd->person);
  88
  89
  90
  91             $this->people[] = $pd;
  92
  93
  94         }
  95
  96
  97
  98     }
  99
 100     function checkGroupPerson($p,$g)
 101     {
 102
 103         $str = '<input class="mtrack-perm" type="checkbox" name="'. $p->id . '_'. $g->id. '" value="1"';
 104
 105         if (in_array($g->id, $p->groups)) {
 106             $str .= ' checked="checked"';
 107         }
 108         return $str. '>';
 109
 110     }
 111     /**
 112      *
 113      * Things that can change...
 114      * - permission updates
 115      *
 116      */
 117     function post()
 118     {
 119         if (empty($_POST['action'])) {
 120             $this->jerr("invalid action");
 121
 122         }
 123
 124         switch ($_POST['action']) {
 125             case 'perm':
 126
 127                 //DB_DataObject::debugLevel(1);
 128                 if ($this->authUser->company()->comptype != 'OWNER') {
 129                     $this->jerr("Owner company only");
 130                 }
 131                 if (!$this->hasPerm('Core.Groups', 'E')) {
 132                     $this->jerr("permission denied");
 133                 }
 134
 135                 $p = DB_DataObject::factory('core_person');
 136                 if (empty($_POST['uid']) || !$p->get($_POST['uid'])) {
 137                     $this->jerr("invalid user");
 138                 }
 139                 $g = DB_DataObject::factory('core_group');
 140                 if (empty($_POST['gid']) || !$g->get($_POST['gid'])) {
 141                     $this->jerr("invalid group");
 142                 }
 143                 // verify group is a MTrack only??
 144
 145
 146                 $state = empty($_POST['value']) ? 0 : 1;
 147                 $gm = DB_DataObject::factory('core_group_member');
 148                 $gm->change($p, $g, $state);
 149                 $this->jok("updated");
 150
 151             case 'role':
 152                 //DB_DataObject::debugLevel(1);
 153                 if ($this->authUser->company()->comptype != 'OWNER') {
 154                     $this->jerr("Owner company only");
 155                 }
 156                 // which role ... this is not really correct.
 157                 if (!$this->hasPerm('Core.Groups', 'E')) {
 158                     $this->jerr("permission denied");
 159                 }
 160
 161                 $pd = DB_DataObject::factory('ProjectDirectory');
 162                 if (empty($_POST['pdid']) || !$pd->get($_POST['pdid'])) {
 163                     $this->jerr("invalid line");
 164                 }
 165                 $pd->role = $_POST['value'];
 166                 $pd->update();
 167
 168
 169
 170
 171
 172             default:
 173                 $this->jerr("invalid action");
 174
 175
 176
 177
 178         }
 179
 180
 181     }
 182
 183 }