authUser) { if ($cando == 'S' && in_array( $what , array( 'MTrack.Repos', 'MTrack.Issue', 'MTrack.Wiki'))) { return true; // not a diffinative answer... } return false; } return $this->authUser->hasPerm($what, $cando); } function projectPerm($project_id, $what, $cando) { if (!$project_id) { return false; } $p = DB_DataObject::factory('core_project'); $p->get($project_id); if (!$this->authUser) { if ($p->code != '*PUBLIC') { return false; // only public projects } if ($cando != 'S') { return false; } // all permissions to view public stuff. return true; } if (!$this->authUser->hasPerm($what, $cando)) { echo "NO PERMS $what $cando"; echo '
'; print_r($this->authUser->getPerms());
            return false;
        // membership rules?
        //echo "COMPTYPE " . $this->authUser->company()->comptype ;
        if ($this->authUser->company()->comptype == 'OWNER') {
            if ($this->authUser->hasPerm('Core.Projects_All', $cando)) { // they can do what they like on all projects.
               return true;
           // return $p->hasPerm($what, $cando);
        // otherwise they have to be a team member of that project.
        $pd = DB_DataObject::factory('ProjectDirectory');
        $pd->project_id = $project_id;
        $pd->user_id = $this->authUser->id;
        $pd->whereAdd("role != ''");
        if (!$pd->count()) {
            return false;
        return true;
     * currentProject:
     * @param {int} $val set the current project (optional)
     * @return {int} The current project id.
    function currentProject($val = false)
        // we do need the option for me to look at all projects...
        static $currentProject = false;
        if (empty($_SESSION[__CLASS__])) {
            $_SESSION[__CLASS__] = array();
        if (isset($_SESSION[__CLASS__]['active_project_id'])) {
            $currentProject = $_SESSION[__CLASS__]['active_project_id']; 
        if ($val !== false) {
            // attempt to set it..
            $_SESSION[__CLASS__]['active_project_id'] = $val ;
            $currentProject = $val ; 
            // reset to ensure not cached..
        $ar = $this->userProjects();
        if (!isset($ar[$currentProject])) {
            $currentProject = false;
            $_SESSION[__CLASS__]['active_project_id'] = false;
        if ($currentProject !== false) {
          // var_dump($currentProject);
            return $currentProject;
        if (empty($currentProject))    {
            //$p = DB_DataObject::factory('Projects');
            //$p->get('code', '*PUBLIC');
            $id = 0;
            foreach($ar as $k=>$v) {
                $id= $k;
            $_SESSION[__CLASS__]['active_project_id'] = $id;
            $currentProject = $_SESSION[__CLASS__]['active_project_id'];
            return $id; // always allowed..
        $currentProject = $_SESSION[__CLASS__]['active_project_id'];
        return $_SESSION[__CLASS__]['active_project_id'];
    function userProjects()
        $p = DB_DataObject::factory('Projects');
        if (!$this->authUser) {
            $p->code = '*PUBLIC';
            $ar = $p->fetchAll('id', 'name');
        } else {
            $p->applyFilters(array(), $this->authUser, $this);
            if (!$this->authUser->hasPerm('Core.Projects_All', 'S')) { 
                $p->whereAdd(" in (SELECT ProjectDirectory.project_id FROM ProjectDirectory WHERE
                        person_id = ". $this->authUser->id . " and role != '')");
            $p->whereAdd('id in (SELECT distinct(project_id) FROM mtrack_repos)');
            // $pd->whereAdd("role != ''");
            $p->orderBy(' ASC');
            unset($p->client_id); // default projects serach enforces this..
            $ar = $p->fetchAll('id', 'name');
        return $ar;
    function loadProjectList()
       // DB_DataObject::debugLevel(1);

        $ar = $this->userProjects();
        $this->elements['active_project_id'] = new HTML_Template_Flexy_Element();
    function getAuthUser()
        $u = DB_DataObject::factory('Person');
        if (!$u->isAuth()) {
            return false;
        return $u->getAuthUser();
     * base getAuth allows everyone in..
    function getAuth()
        $this->registerClasses(); // to be destroyed??
        $ff = HTML_FlexyFramework::get();
        if ($ff->cli) {
            return true;
        // default timezone first..
        $ff = HTML_FlexyFramework::get();
        if (isset($ff->MTrack['timezone'])) {
        //MTrackConfig::boot(); // eak.. .remove me...
        $this->authUser = DB_DataObject::factory('Person')->getAuthUser();
        $p = DB_DataObject::factory('Projects');
        $this->currentProject = $p; /// mix up?
        if (!$this->authUser) {
            return true; // we do allow people in this far..
        // very public??
        $this->authUserArray = $this->authUser->toArray();
        // timezone setting... -- this may be a good addon to our core person class.
        if (!empty($this->authUser->timezone)) {
        /// fixme...
        //$this->authUser = 
        return true; // anyone at present..
    function get($loc='')

        if (!empty($loc)) {
            die ("invalid location". htmlspecialchars($loc));
        if (!$this->authUser) {
             return HTML_FlexyFramework::run('Wiki'); 
        return HTML_FlexyFramework::run('Wiki/Today'); 
    function post()
        header("Status: 404 Not Found");
        die("invalid post request? ");
    function initOptions()
        $q = MTrackDB::q('select priorityname, value from priorities');

        foreach ($q->fetchAll() as $row) {
            $this->priorities[$row[0]] = $row[1];
        $q = MTrackDB::q('select sevname, ordinal from severities');
        foreach ($q->fetchAll() as $row) {
            $this->severities[$row[0]] = $row[1];

    function registerClasses()
        // wiki rendering is done client side...
        // require_once 'MTrack/Wiki/HTMLFormatter.php';
        require_once 'MTrackWeb/LinkHandler.php';
        $this->link = new MTrackWeb_LinkHandler();
    function favicon()
        return false;
        /// FIXME - we should allow upload of a favion...
        $ff = HTML_FlexyFramework::get();
    /* renders the attachment list for a given object */
    // was Attachments::render
    // move it to MTrackWebAttachemnt...
  function attachmentsToHtml($object)
    return 'TODO';
    if (is_object($object)) {
        $object = $object->toIdString(); // eg. ticket:1
    $atts = MTrackDB::q('
      select * from attachments
      left join changes on (attachments.cid = changes.cid)
      where attachments.object = ? order by changedate, filename',

    if (count($atts) == 0) return '';

    $max_dim = 150;

    $html = "
"; return $html; } function jerr($str, $errors=array()) // standard error reporting.. { require_once 'Services/JSON.php'; $json = new Services_JSON(); // log all errors!!! //$this->addEvent("ERROR", false, $str); if ((isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE']))) { header('Content-type: text/html'); echo ""; echo $json->encodeUnsafe(array( 'success'=> false, 'message' => $str, // compate with exeption / loadexception. 'errors' => $errors ? $errors : true, // used by forms to flag errors. 'authFailure' => !empty($errors['authFailure']), )); echo ""; exit; } echo $json->encode(array( 'success'=> false, 'data'=> array(), 'message' => $str, // compate with exeption / loadexception. 'errors' => $errors ? $errors : true, // used by forms to flag errors. 'authFailure' => !empty($errors['authFailure']), )); exit; } function jok($str) { require_once 'Services/JSON.php'; $json = new Services_JSON(); if ( (isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE'])) ) { header('Content-type: text/html'); echo ""; echo $json->encodeUnsafe(array('success'=> true, 'data' => $str)); echo ""; exit; } echo $json->encode(array('success'=> true, 'data' => $str)); exit; } /** * output data for grids or tree * @ar {Array} ar Array of data * @total {Number|false} total number of records (or false to return count(ar) * @extra {Array} extra key value list of data to pass as extra data. * */ function jdata($ar,$total=false, $extra=array()) { // should do mobile checking??? if ($total == false) { $total = count($ar); } $extra= $extra ? $extra : array(); require_once 'Services/JSON.php'; $json = new Services_JSON(); echo $json->encode(array('success' => true, 'total'=> $total, 'data' => $ar) + $extra); exit; } /** * ---------------- Logging --------------- */ /** * addEventOnce: * Log an action (only if it has not been logged already. * * @param {String} action - group/name of event * @param {DataObject|false} obj - dataobject action occured on. * @param {String} any remarks */ function addEventOnce($act, $obj = false, $remarks = '') { $au = $this->getAuthUser(); $e = DB_DataObject::factory('Events'); $e->init($act,$obj,$remarks); if ($e->find(true)) { return; } $this->addEvent($act, $obj, $remarks); } /** * addEvent: * Log an action. * * @param {String} action - group/name of event * @param {DataObject|false} obj - dataobject action occured on. * @param {String} any remarks */ function addEvent($act, $obj = false, $remarks = '') { $au = $this->getAuthUser(); $e = DB_DataObject::factory('Events'); $e->init($act,$obj,$remarks); $e->event_when = date('Y-m-d H:i:s'); $eid = $e->insert(); $ff = HTML_FlexyFramework::get(); if (empty($ff->Pman['event_log_dir'])) { return; } $file = $ff->Pman['event_log_dir']. date('/Y/m/d/'). $eid . ".php"; if (!file_exists(dirname($file))) { mkdir(dirname($file),0700,true); } file_put_contents($file, var_export(array( 'REQUEST_URI' => empty($_SERVER['REQUEST_URI']) ? 'cli' : $_SERVER['REQUEST_URI'], 'GET' => empty($_GET) ? array() : $_GET, 'POST' => empty($_POST) ? array() : $_POST, ), true)); } function packJS($dir) { // target has to be 'aliased' // target filename can be an md5.. require_once 'Pman/Core/JsCompile.php'; $x = new Pman_Core_JsCompile(); $x->packScript(dirname(__FILE__).'/MTrackWeb/templates/images', array($dir), $this->rootURL . '/MTrackWeb/templates/images', false // do not compile ); //); } }