[evolvis-commits] r15165: Removed/ rewrote a handful of functions that were accessing the role_setting table directly (they now go through the RBAC engine)

mirabilos at evolvis.org mirabilos at evolvis.org
Mon Feb 28 23:47:29 CET 2011


Author: mirabilos
Date: 2011-02-28 23:47:29 +0100 (Mon, 28 Feb 2011)
New Revision: 15165

Modified:
   trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/ForumMessage.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBACEngine.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/ProjectGroup.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/import_utils.php
   trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/Artifact.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/ArtifactType.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/browse_task.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/ganttpage.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/include/ProjectTaskHTML.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/msproject/msp.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/pm/pm.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/tracker/tracker.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactTypeHtml.class.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php
   trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/reporting/index.php
Log:
Removed/rewrote a handful of functions that were accessing the role_setting table directly (they now go through the RBAC engine)

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -404,22 +404,6 @@
 	}
 	
 	/**
-	 *	getForumAdminIDs - return an array of user_id's for those users which are forum admins.
-	 *
-	 *	@return	array 	The array of user_id's.
-	 */
-	function getForumAdminIDs() {
-		$result = db_query_params ('SELECT user_group.user_id FROM user_group, role_setting
-			WHERE role_setting.section_name=$1
-			  AND role_setting.ref_id=$2
-			  AND role_setting.value::integer > 1
-			  AND user_group.role_id = role_setting.role_id',
-					   array ('forum',
-						  $this->getID())) ;
-		return util_result_column_to_array($result);
-	}
-	
-	/**
 	 * getReturnEmailAddress() - return the return email address for notification emails
 	 *
 	 * @return string return email address

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/ForumMessage.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/ForumMessage.class.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/ForumMessage.class.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -721,7 +721,13 @@
 	 *	@return boolean success.
 	 */
 	function sendNewModeratedMsgNotice() {
-		$ids =& $this->Forum->getForumAdminIDs();
+		$ids = array () ;
+		$engine = RBACEngine::getInstance () ;
+		$moderators = $engine->getUsersByAllowedAction ('forum', $this->Forum->getID(), 'moderate') ;
+
+		foreach ($moderators as $m) {
+			$ids[] = $m->getID () ;
+		}
 		
 		//
 		//	See if there is anyone to send messages to

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBACEngine.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBACEngine.class.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBACEngine.class.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -106,6 +106,20 @@
 		return $roles ;
 	}
 
+	public function getUsersByAllowedAction ($section, $reference, $action = NULL) {
+		$roles = $this->getRolesByAllowedAction ($section, $reference, $action) ;
+		$user_ids = array () ;
+		foreach ($roles as $role) {
+			foreach ($role->getUsers() as $user) {
+				$user_ids[] = $user->getID() ;
+			}
+		}
+
+		$user_ids = array_unique ($user_ids) ;
+
+		return user_get_objects ($user_ids) ;
+	}
+
 	private function _getRolesIdByAllowedAction ($section, $reference, $action = NULL) {
 		$result = array () ;
 		$qpa = db_construct_qpa () ;

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/ProjectGroup.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/ProjectGroup.class.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/ProjectGroup.class.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -320,38 +320,6 @@
 	}
 
 	/**
-	 * getTechnicians - Return a result set of pm technicians in this group.
-	 *
-	 * @returns Datbase result set.
-	 */
-	function getTechnicians () {
-		if (!$this->technicians) {
-			$this->technicians = db_query_params ('SELECT users.user_id, users.realname 
-				FROM users, role_setting, user_group
-				WHERE users.user_id=user_group.user_id
-                                AND role_setting.role_id=user_group.role_id
-                                AND role_setting.ref_id=$1
-				AND role_setting.value::integer IN (1,2) 
-                                AND role_setting.section_name=$2
-				ORDER BY users.realname',
-							      array ($this->getID(),
-								     'pm')) ;
-		}
-		return $this->technicians;
-	}
-
-	/**
-	 *  getTechnicianObjects - Array of User objects set up for this artifact type.
-	 *
-	 *  @return array   Of User objects.
-	 */
-	function &getTechnicianObjects() {
-		$res = $this->getTechnicians();
-		$arr =& util_result_column_to_array($res,0);
-		return user_get_objects($arr);
-	}
-
-	/**
 	 *	update - update a ProjectGroup in the database.
 	 *
 	 *	@param	string	The project name.

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/import_utils.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/import_utils.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/import_utils.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -65,7 +65,8 @@
 		//
 		//  Build hash list of technicians so we can get their ID for assigning tasks
 		//
-		$techs =& $pg->getTechnicianObjects();
+		$engine = RBACEngine::getInstance () ;
+		$techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
 		$tcount=count($techs);
 		for ($i=0; $i<$tcount; $i++) {
 			$tarr[strtolower($techs[$i]->getUnixName())]=$techs[$i]->getID();

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/Artifact.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/Artifact.class.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/Artifact.class.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -840,11 +840,9 @@
 		}
 
 
-		// Check that assigned_to is member of the project.
+		// Check that assigned_to is a tech for the tracker
 		if ($assigned_to != 100) {
-			$res = $this->ArtifactType->getTechnicians();
-			$arr =& util_result_column_to_array($res,0);
-			if (!in_array($assigned_to, $arr)) {
+			if (!forge_check_perm ('tracker', $this->ArtifactType->getID(), 'tech')) {
 				$this->setError("Invalid assigned_to (assigned person is not a technician)");
 				return false;
 			}
@@ -957,11 +955,9 @@
 				return false;
 			}
 
-			// Check that assigned_to is member of the project.
+			// Check that assigned_to is a tech in the new tracker
 			if ($assigned_to != 100) {
-				$res = $newArtifactType->getTechnicians();
-				$arr =& util_result_column_to_array($res,0);
-				if (!in_array($assigned_to, $arr)) {
+				if (!forge_check_perm ('tracker', $newArtifactType->getID(), 'tech')) {
 					$assigned_to = 100;
 				}
 			}

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/ArtifactType.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/ArtifactType.class.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/ArtifactType.class.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -865,34 +865,6 @@
 	}
 
 	/**
-	 *	getTechnicians - returns a result set of technicians.
-	 *
-	 *	@return database result set.
-	 */
-	function getTechnicians() {
-		if (!isset($this->technicians_res)) {
-			$this->technicians_res = db_query_params ('SELECT user_id,realname 
-				FROM artifactperm_user_vw
-				WHERE group_artifact_id=$1
-				AND perm_level in (1,2)
-				ORDER BY realname',
-				array ($this->getID())) ;
-		}
-		return $this->technicians_res;
-	}
-
-	/**
-	 *	getTechnicianObjects - Array of User objects set up for this artifact type.
-	 *
-	 *	@return	array	Of User objects.
-	 */
-	function &getTechnicianObjects() {
-		$res = $this->getTechnicians();
-		$arr =& util_result_column_to_array($res,0);
-		return user_get_objects($arr);
-	}
-
-	/**
 	 *	getCannedResponses - returns a result set of canned responses.
 	 *
 	 *	@return database result set.

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/browse_task.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/browse_task.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/browse_task.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -60,14 +60,21 @@
 /*
 		creating a custom technician box which includes "any" and "unassigned"
 */
-$res_tech=$pg->getTechnicians();
-$tech_id_arr=util_result_column_to_array($res_tech,0);
-$tech_id_arr[]='0';  //this will be the 'any' row
-$tech_name_arr=util_result_column_to_array($res_tech,1);
+$engine = RBACEngine::getInstance () ;
+$techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
+
+$tech_id_arr = array () ;
+$tech_name_arr = array () ;
+
+foreach ($techs as $tech) {
+	$tech_id_arr[] = $tech->getID() ;
+	$tech_name_arr[] = $tech->getRealName() ;
+}
+$tech_id_arr[]='0';
 $tech_name_arr[]=_('Any');
-$tech_box=html_build_select_box_from_arrays ($tech_id_arr,$tech_name_arr,'_assigned_to',
-$_assigned_to,true,_('Unassigned'));
 
+$tech_box=html_build_select_box_from_arrays ($tech_id_arr,$tech_name_arr,'_assigned_to',$_assigned_to,true,_('Unassigned'));
+
 /*
 		creating a custom category box which includes "any" and "none"
 */
@@ -305,12 +312,17 @@
 			creating a custom technician box which includes "No Change" and "Nobody"
 		*/
 
-		$res_tech=$pg->getTechnicians();
+		$engine = RBACEngine::getInstance () ;
+		$techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
 
-		$tech_id_arr=util_result_column_to_array($res_tech,0);
-		$tech_id_arr[]='100.1';  //this will be the 'any' row
-
-		$tech_name_arr=util_result_column_to_array($res_tech,1);
+		$tech_id_arr = array () ;
+		$tech_name_arr = array () ;
+		
+		foreach ($techs as $tech) {
+			$tech_id_arr[] = $tech->getID() ;
+			$tech_name_arr[] = $tech->getRealName() ;
+		}
+		$tech_id_arr[]='100.1';
 		$tech_name_arr[]=_('Unassigned');
 
 		$tech_box=html_build_select_box_from_arrays ($tech_id_arr,$tech_name_arr,'assigned_to',

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/ganttpage.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/ganttpage.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/ganttpage.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -40,8 +40,21 @@
 $_status = getIntFromRequest('_status', 100);
 $_order = getStringFromRequest('_order');
 
-$tech_box=html_build_select_box($pg->getTechnicians(),'_assigned_to',$_assigned_to,true,_('Unassigned'), true, _('Any'));
+$engine = RBACEngine::getInstance () ;
+$techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
 
+$tech_id_arr = array () ;
+$tech_name_arr = array () ;
+
+foreach ($techs as $tech) {
+	$tech_id_arr[] = $tech->getID() ;
+	$tech_name_arr[] = $tech->getRealName() ;
+}
+$tech_id_arr[]='0';
+$tech_name_arr[]=_('Any');
+
+$tech_box=html_build_select_box_from_arrays ($tech_id_arr,$tech_name_arr,'_assigned_to',$_assigned_to,true,_('Unassigned'), true, _('Any'));
+
 $status_box=html_build_select_box($pg->getStatuses(),'_status',$_status, false, '', true, _('Any'));
 
 $cat_box=html_build_select_box($pg->getCategories(), '_category_id', $_category_id, true, _('None'), true, _('Any'));

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/include/ProjectTaskHTML.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/include/ProjectTaskHTML.class.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/include/ProjectTaskHTML.class.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -32,10 +32,20 @@
 	}
 
 	function multipleAssignedBox ($name='assigned_to[]') {
-		$result = $this->ProjectGroup->getTechnicians ();
+		$engine = RBACEngine::getInstance () ;
+		$techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
+
+		$tech_id_arr = array () ;
+		$tech_name_arr = array () ;
+		
+		foreach ($techs as $tech) {
+			$tech_id_arr[] = $tech->getID() ;
+			$tech_name_arr[] = $tech->getRealName() ;
+		}
+		
 		//get the data so we can mark items as SELECTED
 		$arr2 =& $this->getAssignedTo();
-		return html_build_multiple_select_box ($result,$name,$arr2);
+		return html_build_multiple_select_box_from_arrays ($tech_id_arr,$tech_name_arr,$name,$arr2);
 	}
 
 

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/msproject/msp.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/msproject/msp.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/msproject/msp.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -37,17 +37,24 @@
 	if ($success) {
 		$array['success']=true;
 		$array['session_hash']=$session_ser;
-		$res=db_query_params ('SELECT pgl.group_project_id, g.group_name || $1 || pgl.project_name AS name
-			FROM groups g, project_group_list pgl, role_setting rs, user_group ug
-			WHERE ug.user_id=$2
-			AND g.group_id=pgl.group_id
-			AND rs.value::integer > 0
-			AND rs.group_project_id = pgl.group_project_id
-                        AND ug.role_id = rs.role_id
-                        AND rs.section_name=$3',
-				      array(': ',
-					    user_getid(),
-					    'pm'));
+
+
+		$result = db_query_params ('SELECT group_project_id FROM project_group_list',
+					   array ()) ;
+		
+		$gids = array () ;
+		while ($arr =& db_fetch_array($result)) {
+			if (forge_check_perm ('pm', $arr['group_project_id'], 'read')) {
+				$gids[] = $arr['group_project_id'] ;
+			}
+		}
+
+		$res = db_query_params ('SELECT pgl.group_project_id, g.group_name || $1 || pgl.project_name AS name
+			FROM groups g, project_group_list pgl
+			WHERE g.group_id=pgl.group_id
+                        AND pgl_group_project_id = ANY ($2)',
+					array(': ',
+					      db_int_array_to_any_clause ($tids))) ;
 		$rows=db_numrows($res);
 		if (!$res || $rows<1) {
 			$array['success']=false;

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/pm/pm.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/pm/pm.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/pm/pm.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -509,14 +509,17 @@
 		return new soap_fault ('','getProjectTechnicians',$grp->getErrorMessage(),$grp->getErrorMessage());
 	}
 
-	$at = new ProjectGroup($grp,$group_project_id);
-	if (!$at || !is_object($at)) {
+	$pg = new ProjectGroup($grp,$group_project_id);
+	if (!$pg || !is_object($pg)) {
 		return new soap_fault ('','getProjectTechnicians','Could Not Get ProjectGroup','Could Not Get ProjectGroup');
-	} elseif ($at->isError()) {
-		return new soap_fault ('','getProjectTechnicians',$at->getErrorMessage(),$at->getErrorMessage());
+	} elseif ($pg->isError()) {
+		return new soap_fault ('','getProjectTechnicians',$pg->getErrorMessage(),$pg->getErrorMessage());
 	}
 
-	return users_to_soap($at->getTechnicianObjects());
+	$engine = RBACEngine::getInstance () ;
+	$techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
+
+	return users_to_soap ($techs);
 }
 
 function &getProjectTasks($session_ser,$group_id,$group_project_id,$assigned_to,$status,$category,$group) {

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/tracker/tracker.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/tracker/tracker.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/tracker/tracker.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -690,7 +690,10 @@
 		return new soap_fault ('','getArtifactTechnicians',$at->getErrorMessage(),$at->getErrorMessage());
 	}
 
-	return users_to_soap($at->getTechnicianObjects());
+	$engine = RBACEngine::getInstance () ;
+	$techs = $engine->getUsersByAllowedAction ('tracker', $at->getID(), 'tech') ;
+
+	return users_to_soap ($techs);
 }
 
 //

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -138,12 +138,17 @@
 //
 //	creating a custom technician box which includes "any" and "unassigned"
 //
-$res_tech= $ath->getTechnicians();
+$engine = RBACEngine::getInstance () ;
+$techs = $engine->getUsersByAllowedAction ('tracker', $ath->getID(), 'tech') ;
 
-$tech_id_arr=util_result_column_to_array($res_tech,0);
+$tech_id_arr = array () ;
+$tech_name_arr = array () ;
+
+foreach ($techs as $tech) {
+	$tech_id_arr[] = $tech->getID() ;
+	$tech_name_arr[] = $tech->getRealName() ;
+}
 $tech_id_arr[]='0';  //this will be the 'any' row
-
-$tech_name_arr=util_result_column_to_array($res_tech,1);
 $tech_name_arr[]=_('Any');
 
 if (is_array($_assigned_to)) {

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactTypeHtml.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactTypeHtml.class.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactTypeHtml.class.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -606,11 +606,18 @@
 		if ($text_100=='none'){
 			$text_100=_('Nobody');
 		}
-		$result = $this->getTechnicians();
-		//	this was a bad hack to allow you to mass-update to unassigned, which is ID=100, which 
-		//	conflicted with the "No Change" ID of 100.
-		$ids =& util_result_column_to_array($result,0);
-		$names =& util_result_column_to_array($result,1);
+
+		$engine = RBACEngine::getInstance () ;
+		$techs = $engine->getUsersByAllowedAction ('tracker', $ath->getID(), 'tech') ;
+
+		$ids = array () ;
+		$names = array () ;
+
+		foreach ($techs as $tech) {
+			$ids[] = $tech->getID() ;
+			$names[] = $tech->getRealName() ;
+		}
+
 		if ($extra_id != '-1') {
 			$ids[]=$extra_id;
 			$names[]=$extra_name;

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -91,30 +91,20 @@
 		<td><strong><?php echo _('Data Type') ?>: <a href="javascript:help_window('<?php echo util_make_url ('/help/tracker.php?helpname=data_type'); ?>')"><strong>(?)</strong></a></strong><br />
 		<?php
 
-//
-//  kinda messy - but works for now
-//  need to get list of data types this person can admin
-//
-if (forge_check_perm ('tracker_admin', $group_id)) {
-	$rsv = db_int_array_to_any_clause (array (0, 1, 2)) ;
-} else {
-	$rsv = db_int_array_to_any_clause (array (1, 2)) ;
+$atf = new ArtifactTypeFactory ($group) ;
+$tids = array () ;
+foreach ($atf->getArtifactTypes() as $at) {
+	if (forge_check_perm ('tracker', $at->getID(), 'manager')) {
+		$tids[] = $at->getID() ;
+	}
 }
 
-$res = db_query_params ('SELECT agl.group_artifact_id, agl.name
-			FROM artifact_group_list agl, role_setting rs, user_group ug
-			WHERE agl.group_artifact_id=rs.ref_id
-			AND ug.user_id=$1
-			AND rs.value = ANY ($2)
-			AND agl.group_id=$3
-			AND ug.role_id = rs.role_id
-			AND rs.section_name=$4',
-				array(user_getid(),
-				      $rsv,
-				      $group_id,
-				      'tracker'));
+$res = db_query_params ('SELECT group_artifact_id, name
+			FROM artifact_group_list
+			WHERE group_artifact_id = ANY ($1)',
+			array (db_int_array_to_any_clause ($tids))) ;
 
-	echo html_build_select_box ($res,'new_artifact_type_id',$ath->getID(),false);
+echo html_build_select_box ($res,'new_artifact_type_id',$ath->getID(),false);
 
 		?>
 		</td>

Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/reporting/index.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/reporting/index.php	2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/reporting/index.php	2011-02-28 22:47:29 UTC (rev 15165)
@@ -78,24 +78,18 @@
 //	Get list of trackers this person can see
 //
 
-$restracker = db_query_params ('SELECT DISTINCT agl.group_artifact_id,agl.name
-	FROM artifact_group_list agl, role_setting rs, user_group ug
-        WHERE agl.group_id=$1
-        AND agl.group_id=ug.group_id
-        AND ug.user_id=$2
-        AND ug.role_id=rs.role_id
-        AND (
-                           (rs.section_name = $3 AND rs.value = $4)
-                           OR (rs.section_name = $5 AND rs.value = $6)
-                           OR (rs.section_name = $6 AND rs.value::integer >= 1 AND rs.ref_id = agl.group_artifact_id)
-        )',
-			array($group_id,
-			      user_getid() ,
-			      'projectadmin',
-			      'A',
-			      'trackeradmin',
-			      2,
-			      'tracker'));
+$atf = new ArtifactTypeFactory ($group) ;
+$tids = array () ;
+foreach ($atf->getArtifactTypes() as $at) {
+	if (forge_check_perm ('tracker', $at->getID(), 'read')) {
+		$tids[] = $at->getID() ;
+	}
+}
+
+$restracker = db_query_params ('SELECT group_artifact_id, name
+			FROM artifact_group_list
+			WHERE group_artifact_id = ANY ($1)',
+			       array (db_int_array_to_any_clause ($tids))) ;
 echo db_error();
 
 //



More information about the evolvis-commits mailing list