authUser) { if ($cando == 'S' && in_array( $what , array( 'MTrack.Repos', 'MTrack.Issue', 'MTrack.Wiki'))) { return true; // not a diffinative answer... } return false; } return $this->authUser->hasPerm($what, $cando); } function projectPerm($project_id, $what, $cando) { if (!$project_id) { return false; } $p = DB_DataObject::factory('core_project'); $p->get($project_id); if (!$this->authUser) { if ($p->code != '*PUBLIC') { return false; // only public projects } if ($cando != 'S') { return false; } // all permissions to view public stuff. return true; } if (!$this->authUser->hasPerm($what, $cando)) { echo "NO PERMS $what $cando"; echo '
'; print_r($this->authUser->getPerms());
            return false;
        }
        // membership rules?
        //echo "COMPTYPE " . $this->authUser->company()->comptype ;
        if ($this->authUser->company()->comptype == 'OWNER') {
                
            if ($this->authUser->hasPerm('Core.Projects_All', $cando)) { // they can do what they like on all projects.
               return true;
            }
           // return $p->hasPerm($what, $cando);
        }
        // otherwise they have to be a team member of that project.
        
        $pd = DB_DataObject::factory('ProjectDirectory');
        $pd->project_id = $project_id;
        $pd->user_id = $this->authUser->id;
        $pd->whereAdd("role != ''");
        
        if (!$pd->count()) {
            return false;
        }
        return true;
         
    }
    /**
     * currentProject:
     *
     * @param {int} $val set the current project (optional)
     * @return {int} The current project id.
     * 
     * 
     *
     */
    
    
    function currentProject($val = false)
    {
        // we do need the option for me to look at all projects...
        
        
        static $currentProject = false;
        if (empty($_SESSION[__CLASS__])) {
            $_SESSION[__CLASS__] = array();
        }
        
        if (isset($_SESSION[__CLASS__]['active_project_id'])) {
            $currentProject = $_SESSION[__CLASS__]['active_project_id']; 
        }
        
        if ($val !== false) {
            // attempt to set it..
            $_SESSION[__CLASS__]['active_project_id'] = $val ;
            $currentProject = $val ; 
            // reset to ensure not cached..
        }
        
        
        
        
        $ar = $this->userProjects();
         
        if (!isset($ar[$currentProject])) {
            $currentProject = false;
            $_SESSION[__CLASS__]['active_project_id'] = false;
        }
        if ($currentProject !== false) {
          // var_dump($currentProject);
            return $currentProject;
        }
         
        //print_r($ar);
        
        if (empty($currentProject))    {
            
        
            //$p = DB_DataObject::factory('core_project');
            //$p->get('code', '*PUBLIC');
            $id = 0;
            foreach($ar as $k=>$v) {
                $id= $k;
                break;
            }
            
        
            $_SESSION[__CLASS__]['active_project_id'] = $id;
            $currentProject = $_SESSION[__CLASS__]['active_project_id'];
            return $id; // always allowed..
        }
        //var_dump($currentProject);
        $currentProject = $_SESSION[__CLASS__]['active_project_id'];
        return $_SESSION[__CLASS__]['active_project_id'];
        
        
    }
    
    
    function userProjects()
    {
        
        $p = DB_DataObject::factory('core_project');
        if (!$this->authUser) {
            $p->code = '*PUBLIC';
           
            $ar = $p->fetchAll('id', 'name');
        } else {
            
           // DB_DAtaObject::debugLevel(1);
            $p->applyFilters(array(), $this->authUser, $this);
            if (!$this->authUser->hasPerm('Core.Projects_All', 'S')) { 
                $p->whereAdd("Projects.id in (SELECT ProjectDirectory.project_id FROM ProjectDirectory WHERE
                        person_id = ". $this->authUser->id . " and role != '')");
            }
            /*
             * SOME PROJECTS MIGHT NOT HAVE REPO's...
            $p->whereAdd('id in (SELECT distinct(project_id) FROM mtrack_repos)');
            */
            // $pd->whereAdd("role != ''");
            
            $p->orderBy('core_project.name ASC');
            unset($p->client_id); // default projects serach enforces this..
            $ar = $p->fetchAll('id', 'name');
        }
        return $ar;
        
    }
    
    
    function loadProjectList()
    {
       // DB_DataObject::debugLevel(1);

        $ar = $this->userProjects();
         
        $this->elements['active_project_id'] = new HTML_Template_Flexy_Element();
        $this->elements['active_project_id']->setOptions($ar);
         
        $this->elements['active_project_id']->setValue($this->currentProject());
   
        
        
    }
    
    
    function getAuthUser()
    {
        $u = DB_DataObject::factory('core_person');
        if (!$u->isAuth()) {
            return false;
        }
        return $u->getAuthUser();
    }
    /**
     * base getAuth allows everyone in..
     */
    
    function getAuth()
    {
        $this->registerClasses(); // to be destroyed??
        
        $ff = HTML_FlexyFramework::get();
        if ($ff->cli) {
            return true;
        }
        
        // default timezone first..
        $ff = HTML_FlexyFramework::get();
        if (isset($ff->MTrack['timezone'])) {
            date_default_timezone_set($ff->MTrack['timezone']);
        }
        
        //MTrackConfig::boot(); // eak.. .remove me...
      
        $this->authUser = DB_DataObject::factory('core_person')->getAuthUser();
        
        $this->loadProjectList();
        
        
        $p = DB_DataObject::factory('core_project');
        $p->get($this->currentProject());
        $this->currentProject = $p; /// mix up?
        
        
        
        if (!$this->authUser) {
            return true; // we do allow people in this far..
        }
        // very public??
        $this->authUserArray = $this->authUser->toArray();
        unset($this->authUserArray['passwd']);
         
        // timezone setting... -- this may be a good addon to our core person class.
        
        if (!empty($this->authUser->timezone)) {
            date_default_timezone_set($this->authUser->timezone);
        }
        
         
         
        /// fixme...
        //$this->authUser = 
        return true; // anyone at present..
    }
    function get($loc='')
    {
        // 
        
        
        HTML_FlexyFramework::get()->generateDataobjectsCache();

        
        if (!empty($loc)) {
            die ("invalid location". htmlspecialchars($loc));
        }
        
        
        
        if (!$this->authUser) {
             return HTML_FlexyFramework::run('Wiki'); 
        }
        
        
        
        return HTML_FlexyFramework::run('Wiki/Today'); 
 
    }
    function post($request)
    {
        header("Status: 404 Not Found");
        die("invalid post request? ");
    }
    
    
    function initOptions()
    {
        
         
        $q = MTrackDB::q('select priorityname, value from priorities');

        foreach ($q->fetchAll() as $row) {
            $this->priorities[$row[0]] = $row[1];
        }
        $q = MTrackDB::q('select sevname, ordinal from severities');
        
        foreach ($q->fetchAll() as $row) {
            $this->severities[$row[0]] = $row[1];
        }

    }
    
    function registerClasses()
    {
        // wiki rendering is done client side...
        // require_once 'MTrack/Wiki/HTMLFormatter.php';
        require_once 'MTrackWeb/LinkHandler.php';
        $this->link = new MTrackWeb_LinkHandler();
        //MTrack_Wiki_HTMLFormatter::registerLinkHandler($this->link);
 
        return;
 
   }
    
    function favicon()
    {
        return false;
        /// FIXME - we should allow upload of a favion...
        $ff = HTML_FlexyFramework::get();
        
        
    }
     
    
    /* renders the attachment list for a given object */
    // was Attachments::render
    // move it to MTrackWebAttachemnt...
    
  function attachmentsToHtml($object)
  {
    return 'TODO';
    if (is_object($object)) {
        $object = $object->toIdString(); // eg. ticket:1
    }
    $atts = MTrackDB::q('
      select * from attachments
      left join changes on (attachments.cid = changes.cid)
      where attachments.object = ? order by changedate, filename',
        $object)->fetchAll(PDO::FETCH_ASSOC);

    if (count($atts) == 0) return '';

    $max_dim = 150;

    $html = "Attachments";
    foreach ($atts as $row) {
      $url = "{$this->baseURL}/Attachment/$object/". $row['cid'] . '/' . $row['filename'];
      
      $html .= "".
        "$row[filename] ($row[size]) added by " .
        $this->link->username($row['who'], array(
          'no_image' => true
        )) .
        " " . $this->link->date($row['changedate']);
        require_once 'MTrack/Attachment.php';
      list($width, $height) = getimagesize(MTrackAttachment::local_path($row['hash']));
      if ($width + $height) {
        /* limit maximum size */
        if ($width > $max_dim) {
          $height *= $max_dim / $width;
          $width = $max_dim;
        }
        if ($height > $max_dim) {
          $width *= $max_dim / $height;
          $height = $max_dim;
        }
        $html .= "
";
      }

      $html .= "\n";
    }
    $html .= "";
    return $html;
  }
    function jerr($str, $errors=array()) // standard error reporting..
    {
        require_once 'Services/JSON.php';
        $json = new Services_JSON();
        
        // log all errors!!!
        //$this->addEvent("ERROR", false, $str);
        
        if ((isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE']))) {
            header('Content-type: text/html');
            echo "";
            echo  $json->encodeUnsafe(array(
                    'success'=> false, 
                    'message' => $str, // compate with exeption / loadexception.

                    'errors' => $errors ? $errors : true, // used by forms to flag errors.
                    'authFailure' => !empty($errors['authFailure']),
                ));
            echo "";
            exit;
        }
        
        echo $json->encode(array(
            'success'=> false, 
            'data'=> array(), 
            'message' => $str, // compate with exeption / loadexception.
            'errors' => $errors ? $errors : true, // used by forms to flag errors.
            'authFailure' => !empty($errors['authFailure']),
        ));
        exit;
        
    }
    function jok($str)
    {
        
        require_once 'Services/JSON.php';
        $json = new Services_JSON();
        
        if ( (isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE']))
        
        ) {
            header('Content-type: text/html');
            echo "";
            echo  $json->encodeUnsafe(array('success'=> true, 'data' => $str));
            echo "";
            exit;
        }
        
        
        echo  $json->encode(array('success'=> true, 'data' => $str));
        exit;
        
    }
    /**
     * output data for grids or tree
     * @ar {Array} ar Array of data
     * @total {Number|false} total number of records (or false to return count(ar)
     * @extra {Array} extra key value list of data to pass as extra data.
     * 
     */
    function jdata($ar,$total=false, $extra=array())
    {
        // should do mobile checking???
        if ($total == false) {
            $total = count($ar);
        }
        $extra=  $extra ? $extra : array();
        require_once 'Services/JSON.php';
        $json = new Services_JSON();
        echo $json->encode(array('success' =>  true, 'total'=> $total, 'data' => $ar) + $extra);    
        exit;
        
        
    }
    
    /**
     * ---------------- Logging ---------------   
     */
    
    /**
     * addEventOnce:
     * Log an action (only if it has not been logged already.
     * 
     * @param {String} action  - group/name of event
     * @param {DataObject|false} obj - dataobject action occured on.
     * @param {String} any remarks 
     */
    
    function addEventOnce($act, $obj = false, $remarks = '') 
    {
        $au = $this->getAuthUser();
        $e = DB_DataObject::factory('Events');
        $e->init($act,$obj,$remarks); 
        if ($e->find(true)) {
            return;
        }
        $this->addEvent($act, $obj, $remarks);
    }
    /**
     * addEvent:
     * Log an action.
     * 
     * @param {String} action  - group/name of event
     * @param {DataObject|false} obj - dataobject action occured on.
     * @param {String} any remarks 
     */
    
    function addEvent($act, $obj = false, $remarks = '') 
    {
        $au = $this->getAuthUser();
        $e = DB_DataObject::factory('Events');
        $e->init($act,$obj,$remarks); 
         
        $e->event_when = date('Y-m-d H:i:s');
        
        $eid = $e->insert();
        $ff  = HTML_FlexyFramework::get();
        if (empty($ff->Pman['event_log_dir'])) {
            return;
        }
        $file = $ff->Pman['event_log_dir']. date('/Y/m/d/'). $eid . ".php";
        if (!file_exists(dirname($file))) {
            mkdir(dirname($file),0700,true);
        }
        file_put_contents($file, var_export(array(
            'REQUEST_URI' => empty($_SERVER['REQUEST_URI']) ? 'cli' : $_SERVER['REQUEST_URI'],
            'GET' => empty($_GET) ? array() : $_GET,
            'POST' => empty($_POST) ? array() : $_POST,
        ), true));
        
        
        
    }

     function packJS($dir)
    {
       
        // target has to be 'aliased'
        // target filename can be an md5..
        
        require_once 'Pman/Core/JsCompile.php';
        $x = new Pman_Core_JsCompile();
        $x->packScript(dirname(__FILE__).'/MTrackWeb/templates/images',
                       array($dir),
                       $this->rootURL . '/MTrackWeb/templates/images',
                       false // do not compile
                       );
                        //);
        
        
    }
    
    

}