git.roojs.org Git - web.mtrack/blob - MTrackWeb/Project.php

   1 <?php
   2 require_once 'MTrackWeb.php';
   3
   4 class MTrackWeb_Project extends MTrackWeb
   5 {
   6
   7     //function getAuth-- inherit
   8
   9     function get($code='') {
  10
  11         if (isset($_REQUEST['active_project_id'])) {
  12             $this->currentProject($_REQUEST['active_project_id']);
  13             return $this->jok($this->currentProject());
  14         }
  15
  16         if (!isset($_REQUEST['ajax_body'])) {
  17             return;
  18         }
  19         $this->masterTemplate = 'project.html';
  20
  21         $p = DB_DataObject::factory('Projects');
  22         $p->get( $this->currentProject());
  23         $this->project = $p;
  24
  25         /// milestones..
  26
  27         $this->milestones = $this->project->milestones();
  28
  29
  30
  31         // compoennts...
  32
  33
  34         // permissions..
  35         if (!$this->authUser) {
  36             return;
  37         }
  38         ///DB_DataObject::debugLevel(1);
  39         // fetch permissions.
  40         $gr = DB_DataObject::factory('Group_Rights');
  41         $ar = $gr->defaultPermData();
  42         //echo '<PRE>';print_r($ar);
  43         $perms = array();
  44         foreach($ar as $nm=>$data) {
  45             if (!preg_match('/^MTrack\./', $nm)) {
  46                 continue;
  47             }
  48             $perms[] = $nm;
  49
  50         }
  51         $gr = DB_DataObject::factory('Group_Rights');
  52         $gr->whereAddIn('rightname', $perms, 'string');
  53         $gr->selectAdd();
  54
  55         $gr->selectAdd('distinct(group_id) as group_id');
  56         $gr->whereAdd("AccessMask != ''");
  57         $gids = $gr->fetchAll('group_id');
  58         //print_R($gids);
  59
  60         $g = DB_DataObject::Factory('groups');
  61         $g->whereAddIn('id',$gids, 'int');
  62         $this->groups = $g->fetchAll( );
  63
  64
  65         // find out which groups are using those perms... so that we can offer membership to people..
  66
  67
  68
  69
  70         // members... (might be large one day)
  71         $pr = DB_DataObject::Factory('ProjectDirectory');
  72         $pr->project_id = $this->currentProject();
  73         //$pr->autoJoin();
  74
  75         if ($this->authUser->company()->comptype !='OWNER') {
  76             $pr->whereAdd("role=''");
  77         }
  78         $ar  = $pr->fetchAll();
  79
  80
  81         foreach($ar as $pd) {
  82             $pd->person = $pd->person();
  83             $pd->person->perms = $pd->person->getPerms();
  84
  85             $g = DB_DataObject::Factory('Group_Members');
  86             $pd->person->groups  = $g->listGroupMembership($pd->person);
  87
  88
  89
  90             $this->people[] = $pd;
  91
  92
  93         }
  94
  95
  96
  97     }
  98
  99     function checkGroupPerson($p,$g)
 100     {
 101
 102         $str = '<input class="mtrack-perm" type="checkbox" name="'. $p->id . '_'. $g->id. '" value="1"';
 103
 104         if (in_array($g->id, $p->groups)) {
 105             $str .= ' checked="checked"';
 106         }
 107         return $str. '>';
 108
 109     }
 110     /**
 111      *
 112      * Things that can change...
 113      * - permission updates
 114      *
 115      */
 116     function post()
 117     {
 118         if (empty($_POST['action'])) {
 119             $this->jerr("invalid action");
 120
 121         }
 122
 123         switch ($_POST['action']) {
 124             case 'perm':
 125
 126                 //DB_DataObject::debugLevel(1);
 127                 if ($this->authUser->company()->comptype != 'OWNER') {
 128                     $this->jerr("Owner company only");
 129                 }
 130                 if (!$this->hasPerm('Core.Groups', 'E')) {
 131                     $this->jerr("permission denied");
 132                 }
 133
 134                 $p = DB_DataObject::factory('Person');
 135                 if (empty($_POST['uid']) || !$p->get($_POST['uid'])) {
 136                     $this->jerr("invalid user");
 137                 }
 138                 $g = DB_DataObject::factory('Groups');
 139                 if (empty($_POST['gid']) || !$g->get($_POST['gid'])) {
 140                     $this->jerr("invalid group");
 141                 }
 142                 // verify group is a MTrack only??
 143
 144
 145                 $state = empty($_POST['value']) ? 0 : 1;
 146                 $gm = DB_DataObject::factory('Group_Members');
 147                 $gm->change($p, $g, $state);
 148                 $this->jok("updated");
 149
 150             case 'role':
 151                 //DB_DataObject::debugLevel(1);
 152                 if ($this->authUser->company()->comptype != 'OWNER') {
 153                     $this->jerr("Owner company only");
 154                 }
 155                 // which role ... this is not really correct.
 156                 if (!$this->hasPerm('Core.Groups', 'E')) {
 157                     $this->jerr("permission denied");
 158                 }
 159
 160                 $pd = DB_DataObject::factory('ProjectDirectory');
 161                 if (empty($_POST['pdid']) || !$pd->get($_POST['pdid'])) {
 162                     $this->jerr("invalid line");
 163                 }
 164                 $pd->role = $_POST['role'];
 165                 $pd->update();
 166
 167
 168
 169
 170
 171             default:
 172                 $this->jerr("invalid action");
 173
 174
 175
 176
 177         }
 178
 179
 180     }
 181
 182 }