[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gforge-commits] gforge/common/pm ProjectGroup.class, 1.10, 1.11 Project
From: |
tperdue |
Subject: |
[Gforge-commits] gforge/common/pm ProjectGroup.class, 1.10, 1.11 ProjectGroupFactory.class, 1.6, 1.7 |
Date: |
Wed, 04 Aug 2004 11:18:37 -0500 |
Update of /cvsroot/gforge/gforge/common/pm
In directory db.perdue.net:/home/tperdue/share/dev.gforge.org/common/pm
Modified Files:
ProjectGroup.class ProjectGroupFactory.class
Log Message:
RBAC, DELETION, AND FORUM EMAIL GATEWAY
Index: ProjectGroup.class
===================================================================
RCS file: /cvsroot/gforge/gforge/common/pm/ProjectGroup.class,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- ProjectGroup.class 23 Jun 2003 19:47:54 -0000 1.10
+++ ProjectGroup.class 4 Aug 2004 16:18:33 -0000 1.11
@@ -80,6 +80,7 @@
var $statuses;
var $categories;
var $technicians;
+ var $current_user_perm;
/**
* Constructor.
@@ -113,14 +114,13 @@
return false;
}
}
- if (!$this->isPublic()) {
- $perm =& $this->Group->getPermission(
session_get_user() );
-
- if (!$perm || !is_object($perm) ||
!$perm->isMember()) {
- $this->setPermissionDeniedError();
- $this->data_array = null;
- return false;
- }
+ //
+ // Make sure they can even access this object
+ //
+ if (!$this->userCanView()) {
+ $this->setPermissionDeniedError();
+ $this->data_array = null;
+ return false;
}
}
return true;
@@ -174,6 +174,11 @@
$this->group_project_id=db_insertid($result,'project_group_list','group_project_id');
$this->fetchData($this->group_project_id);
+ if (!$this->addAllUsers()) {
+ db_rollback();
+ return false;
+ }
+
db_commit();
return true;
}
@@ -296,10 +301,10 @@
function getTechnicians () {
if (!$this->technicians) {
$sql="SELECT users.user_id,users.realname
- FROM users,user_group
- WHERE users.user_id=user_group.user_id
- AND user_group.group_id='".
$this->Group->getID() ."'
- AND user_group.project_flags IN (1,2)
+ FROM users,project_perm
+ WHERE users.user_id=project_perm.user_id
+ AND project_perm.group_project_id='".
$this->getID() ."'
+ AND project_perm.perm_level IN (1,2)
ORDER BY users.user_name";
$this->technicians=db_query($sql);
}
@@ -307,15 +312,14 @@
}
/**
- * create - create a new ProjectGroup in the database.
+ * update - update a ProjectGroup in the database.
*
* @param string The project name.
* @param string The project description.
- * @param int Whether it is (1) public or (0) private .
* @param string The email address to send new notifications to.
* @return boolean success.
*/
- function
update($project_name,$description,$is_public=1,$send_all_posts_to='') {
+ function update($project_name,$description,$send_all_posts_to='') {
global $Language;
if (strlen($project_name) < 3) {
@@ -331,28 +335,304 @@
return false;
}
- $perm =& $this->Group->getPermission( session_get_user() );
-
- if (!$perm || !is_object($perm) || !$perm->isPMAdmin()) {
+ if (!$this->userIsAdmin()) {
$this->setPermissionDeniedError();
return false;
}
- $res=db_query("UPDATE project_group_list SET
+ $sql="UPDATE project_group_list SET
project_name='". htmlspecialchars($project_name) ."',
description='". htmlspecialchars($description) ."',
- is_public='$is_public',
send_all_posts_to='$send_all_posts_to'
WHERE group_id='".$this->Group->getID()."'
- AND group_project_id='".$this->getID()."'");
+ AND group_project_id='".$this->getID()."'";
+ $res=db_query($sql);
if (!$res || db_affected_rows($res) < 1) {
- $this->setError('Error On Update: '.db_error());
+ $this->setError('Error On Update: '.db_error().$sql);
return false;
}
return true;
}
+ /**
+ * delete - delete this subproject and all its related data.
+ *
+ * @param bool I'm Sure.
+ * @param bool I'm REALLY sure.
+ * @return bool true/false;
+ */
+ function delete($sure, $really_sure) {
+ if (!$sure || !$really_sure) {
+ $this->setMissingParamsError();
+ return false;
+ }
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ db_begin();
+ db_query("DELETE FROM project_category
+ WHERE group_project_id='".$this->getID()."'");
+//echo '1'.db_error();
+ db_query("DELETE FROM project_perm
+ WHERE group_project_id='".$this->getID()."'");
+//echo '2'.db_error();
+ db_query("DELETE FROM project_assigned_to
+ WHERE EXISTS (SELECT project_task_id FROM project_task
+ WHERE group_project_id='".$this->getID()."'
+ AND
project_task.project_task_id=project_assigned_to.project_task_id)");
+//echo '4'.db_error();
+ db_query("DELETE FROM project_dependencies
+ WHERE EXISTS (SELECT project_task_id FROM project_task
+ WHERE group_project_id='".$this->getID()."'
+ AND
project_task.project_task_id=project_dependencies.project_task_id)");
+//echo '5'.db_error();
+ db_query("DELETE FROM project_history
+ WHERE EXISTS (SELECT project_task_id FROM project_task
+ WHERE group_project_id='".$this->getID()."'
+ AND
project_task.project_task_id=project_history.project_task_id)");
+//echo '6'.db_error();
+ db_query("DELETE FROM project_messages
+ WHERE EXISTS (SELECT project_task_id FROM project_task
+ WHERE group_project_id='".$this->getID()."'
+ AND
project_task.project_task_id=project_messages.project_task_id)");
+//echo '7'.db_error();
+ db_query("DELETE FROM project_task_artifact
+ WHERE EXISTS (SELECT project_task_id FROM project_task
+ WHERE group_project_id='".$this->getID()."'
+ AND
project_task.project_task_id=project_task_artifact.project_task_id)");
+//echo '8'.db_error();
+ db_query("DELETE FROM rep_time_tracking
+ WHERE EXISTS (SELECT project_task_id FROM project_task
+ WHERE group_project_id='".$this->getID()."'
+ AND
project_task.project_task_id=rep_time_tracking.project_task_id)");
+//echo '9'.db_error();
+ db_query("DELETE FROM project_task
+ WHERE group_project_id='".$this->getID()."'");
+//echo '10'.db_error();
+ db_query("DELETE FROM project_group_list
+ WHERE group_project_id='".$this->getID()."'");
+//echo '11'.db_error();
+ db_commit();
+ return true;
+ }
+
+ /**
+ * addAllUsers - add all users to this project.
+ *
+ * @return boolean success.
+ */
+ function addAllUsers() {
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ $sql="INSERT INTO project_perm
(group_project_id,user_id,perm_level)
+ SELECT '".$this->getID()."',user_id,project_flags
+ FROM user_group
+ WHERE
+ group_id='".$this->Group->getID()."'
+ AND NOT EXISTS (SELECT user_id FROM project_perm
+ WHERE group_project_id='".$this->getID()."'
+ AND user_id=user_group.user_id);";
+ $res= db_query($sql);
+ if (!$res) {
+ $this->setError(db_error());
+ return false;
+ } else {
+ return true;
+ }
+ }
+
+ /**
+ * addUser - add a user to this subproject.
+ *
+ * @param int user_id of the new user.
+ * @return boolean success.
+ */
+ function addUser($id) {
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ if (!$id) {
+ $this->setMissingParamsError();
+ return false;
+ }
+ $sql="SELECT * FROM project_perm
+ WHERE group_project_id='".$this->getID()."'
+ AND user_id='$id'";
+ $result=db_query($sql);
+ if (db_numrows($result) > 0) {
+ return true;
+ } else {
+ $sql="INSERT INTO project_perm
(group_project_id,user_id,perm_level)
+ VALUES ('".$this->getID()."','$id',0)";
+ $result=db_query($sql);
+ if ($result && db_affected_rows($result) > 0) {
+ return true;
+ } else {
+ $this->setError(db_error());
+ return false;
+ }
+ }
+ }
+
+ /**
+ * updateUser - update a user's permissions.
+ *
+ * @param int user_id of the user to update.
+ * @param int (0) read only, (1) tech only, (2) admin & tech (3)
admin only.
+ * @return boolean success.
+ */
+ function updateUser($id,$perm_level) {
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ if (!$id) {
+ $this->setMissingParamsError();
+ return false;
+ }
+ //
+ // Update and test if it already exists
+ //
+ $sql="UPDATE project_perm SET perm_level='$perm_level'
+ WHERE user_id='$id' AND
group_project_id='".$this->getID()."'";
+ $result=db_query($sql);
+ if (db_affected_rows($result) < 1) {
+ //
+ // If not, insert it.
+ //
+ $sql="INSERT INTO project_perm
(group_project_id,user_id,perm_level) VALUES
+ ('".$this->getID()."','$id','$perm_level')";
+ $result=db_query($sql);
+ if (!$result) {
+ $this->setError(db_error());
+ return false;
+ } else {
+ return true;
+ }
+ } else {
+ return true;
+ }
+ }
+
+ /**
+ * deleteUser - delete a user's permissions.
+ *
+ * @param int user_id of the user who's permissions to delete.
+ * @return boolean success.
+ */
+ function deleteUser($id) {
+ if (!$this->userIsAdmin()) {
+ $this->setPermissionDeniedError();
+ return false;
+ }
+ if (!$id) {
+ $this->setMissingParamsError();
+ return false;
+ }
+ $sql="DELETE FROM project_perm
+ WHERE user_id='$id' AND
group_project_id='".$this->getID()."'";
+ $result=db_query($sql);
+ if ($result) {
+ return true;
+ } else {
+ $this->setError(db_error());
+ return false;
+ }
+ }
+
+ /*
+
+ USER PERMISSION FUNCTIONS
+
+ */
+
+ /**
+ * userCanView - determine if the user can view this subproject.
+ *
+ * @return boolean user_can_view.
+ */
+ function userCanView() {
+ if ($this->isPublic()) {
+ return true;
+ } else {
+ if (!session_loggedin()) {
+ return false;
+ } else {
+ //
+ // You must have an entry in project_perm if
this subproject is not public
+ //
+ if ($this->getCurrentUserPerm() >= 0) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+ }
+
+ /**
+ * userIsAdmin - see if the logged-in user's perms are >= 2 or Group
PMAdmin.
+ *
+ * @return boolean user_is_admin.
+ */
+ function userIsAdmin() {
+ if (!session_loggedin()) {
+ return false;
+ } else {
+ $perm =& $this->Group->getPermission(
session_get_user() );
+
+ if (($this->getCurrentUserPerm() >= 2) ||
($perm->isPMAdmin())) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+
+ /**
+ * userIsTechnician - see if the logged-in user's perms are >= 1 or
Group PMAdmin.
+ *
+ * @return boolean user_is_technician.
+ */
+ function userIsTechnician() {
+ if (!session_loggedin()) {
+ return false;
+ } else {
+ $perm =& $this->Group->getPermission(
session_get_user() );
+
+ if (($this->getCurrentUserPerm() >= 1) ||
($perm->isPMAdmin())) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+
+ /**
+ * getCurrentUserPerm - get the logged-in user's perms from
project_perm.
+ *
+ * @return int perm level for the logged-in user.
+ */
+ function getCurrentUserPerm() {
+ if (!session_loggedin()) {
+ return -1;
+ } else {
+ if (!isset($this->current_user_perm)) {
+ $sql="select perm_level
+ FROM project_perm
+ WHERE group_project_id='". $this->getID() ."'
+ AND user_id='".user_getid()."'";
+
$this->current_user_perm=db_result(db_query($sql),0,0);
+ }
+ return $this->current_user_perm;
+ }
+ }
+
}
?>
Index: ProjectGroupFactory.class
===================================================================
RCS file: /cvsroot/gforge/gforge/common/pm/ProjectGroupFactory.class,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- ProjectGroupFactory.class 12 Feb 2003 17:23:47 -0000 1.6
+++ ProjectGroupFactory.class 4 Aug 2004 16:18:33 -0000 1.7
@@ -98,6 +98,9 @@
$public_flag='=1';
} else {
$public_flag='<3';
+ $exists=' AND EXISTS (SELECT group_project_ID
+ FROM project_perm
+ WHERE perm_level >= 0 AND
group_project_id=project_group_list.group_project_id) ';
}
} else {
$public_flag='=1';
@@ -106,7 +109,7 @@
$sql="SELECT *
FROM project_group_list
WHERE group_id='". $this->Group->getID() ."'
- AND is_public $public_flag
+ AND is_public $public_flag $exists
ORDER BY group_project_id;";
$result = db_query ($sql);
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gforge-commits] gforge/common/pm ProjectGroup.class, 1.10, 1.11 ProjectGroupFactory.class, 1.6, 1.7,
tperdue <=
- Prev by Date:
[Gforge-commits] gforge/www/forum/include ForumHTML.class, 1.25, 1.26
- Next by Date:
[Gforge-commits] gforge/common/frs FRSFile.class, 1.9, 1.10 FRSPackage.class, 1.11, 1.12 FRSRelease.class, 1.10, 1.11
- Previous by thread:
[Gforge-commits] gforge/www/forum/include ForumHTML.class, 1.25, 1.26
- Next by thread:
[Gforge-commits] gforge/common/frs FRSFile.class, 1.9, 1.10 FRSPackage.class, 1.11, 1.12 FRSRelease.class, 1.10, 1.11
- Index(es):