// watcher list
// who is currently watching
if (!$this->authUser) {
+ $this->jerr("not authenticated");
return ''; // no subscriptin data available to public..
}
$this->objname = preg_replace('/[^a-z_]+/i', '', $this->objname );
$obj = DB_DataObject::factory($this->objname );
- if (!$obj->get($this->objid) || $obj->project_id != $this->currentProject()) {
+
+ // if it's a project watch.. do not do this..
+ if (!$obj->get($this->objid)) {
$this->jerr("invalid object");
}
+ if ($this->objname == 'Projects') {
+ if ($this->objid != $this->currentProject()) {
+ $this->jerr("invalid project id");
+ }
+ } else {
+ if ($obj->project_id != $this->currentProject()) {
+ $this->jerr("invalid project id on object");
+ }
+ }
// DB_DataObject::debugLevel(1);
}
$this->subscribers = $existing;
-
-
+ if ($this->objname != 'Projects') {
+ $w = DB_DataObjecT::Factory('core_watch');
+ $w->ontable = 'Projects';
+ $w->onid = $this->currentProject();
+ $w->autoJoin();
+ $existing = $w->fetchAll();
+
+ $this->selfsubscribe = true;
+ foreach($existing as $w) {
+ if ($this->authUser->id == $w->person_id) {
+ $this->selfsubscribe = false;
+ }
+ }
+ $this->project_subscribers = $existing;
+
+ }
//print_r($existing);
/*
require_once 'HTML/Template/Flexy/Element.php';
{
if (!$this->authUser) {
+ $this->jerr("not authenticated");
return ''; // no subscriptin data available to public..
}
die("INVALID REQUEST.");
}
}
- $table = preg_replace('/[^a-z_]+/', '', $table);
+ $table = preg_replace('/[^a-z_]+/i', '', $table);
// question ... who do we allow to watch what..
$o = DB_DataObject::factory($table);
die('invalid table');
}
$o->get((int)$id);
- if (empty($o->project_id) || $o->project_id != $this->currentProject()) {
- die("invalid - project id does not match");
- // unless it's a project..
+ if ($table != 'Projects') {
+ if (empty($o->project_id) || $o->project_id != $this->currentProject()) {
+ die("invalid - project id does not match");
+ // unless it's a project..
+ }
+ } else {
+ if ($id != $this->currentProject()) {
+ die("invalid - project id does not match");
+ }
}