[evolvis-commits] r15165: Removed/ rewrote a handful of functions that were accessing the role_setting table directly (they now go through the RBAC engine)
mirabilos at evolvis.org
mirabilos at evolvis.org
Mon Feb 28 23:47:29 CET 2011
Author: mirabilos
Date: 2011-02-28 23:47:29 +0100 (Mon, 28 Feb 2011)
New Revision: 15165
Modified:
trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/ForumMessage.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBACEngine.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/ProjectGroup.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/import_utils.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/Artifact.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/ArtifactType.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/browse_task.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/ganttpage.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/include/ProjectTaskHTML.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/msproject/msp.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/pm/pm.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/tracker/tracker.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactTypeHtml.class.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php
trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/reporting/index.php
Log:
Removed/rewrote a handful of functions that were accessing the role_setting table directly (they now go through the RBAC engine)
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/Forum.class.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -404,22 +404,6 @@
}
/**
- * getForumAdminIDs - return an array of user_id's for those users which are forum admins.
- *
- * @return array The array of user_id's.
- */
- function getForumAdminIDs() {
- $result = db_query_params ('SELECT user_group.user_id FROM user_group, role_setting
- WHERE role_setting.section_name=$1
- AND role_setting.ref_id=$2
- AND role_setting.value::integer > 1
- AND user_group.role_id = role_setting.role_id',
- array ('forum',
- $this->getID())) ;
- return util_result_column_to_array($result);
- }
-
- /**
* getReturnEmailAddress() - return the return email address for notification emails
*
* @return string return email address
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/ForumMessage.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/ForumMessage.class.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/forum/ForumMessage.class.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -721,7 +721,13 @@
* @return boolean success.
*/
function sendNewModeratedMsgNotice() {
- $ids =& $this->Forum->getForumAdminIDs();
+ $ids = array () ;
+ $engine = RBACEngine::getInstance () ;
+ $moderators = $engine->getUsersByAllowedAction ('forum', $this->Forum->getID(), 'moderate') ;
+
+ foreach ($moderators as $m) {
+ $ids[] = $m->getID () ;
+ }
//
// See if there is anyone to send messages to
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBACEngine.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBACEngine.class.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/include/RBACEngine.class.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -106,6 +106,20 @@
return $roles ;
}
+ public function getUsersByAllowedAction ($section, $reference, $action = NULL) {
+ $roles = $this->getRolesByAllowedAction ($section, $reference, $action) ;
+ $user_ids = array () ;
+ foreach ($roles as $role) {
+ foreach ($role->getUsers() as $user) {
+ $user_ids[] = $user->getID() ;
+ }
+ }
+
+ $user_ids = array_unique ($user_ids) ;
+
+ return user_get_objects ($user_ids) ;
+ }
+
private function _getRolesIdByAllowedAction ($section, $reference, $action = NULL) {
$result = array () ;
$qpa = db_construct_qpa () ;
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/ProjectGroup.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/ProjectGroup.class.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/ProjectGroup.class.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -320,38 +320,6 @@
}
/**
- * getTechnicians - Return a result set of pm technicians in this group.
- *
- * @returns Datbase result set.
- */
- function getTechnicians () {
- if (!$this->technicians) {
- $this->technicians = db_query_params ('SELECT users.user_id, users.realname
- FROM users, role_setting, user_group
- WHERE users.user_id=user_group.user_id
- AND role_setting.role_id=user_group.role_id
- AND role_setting.ref_id=$1
- AND role_setting.value::integer IN (1,2)
- AND role_setting.section_name=$2
- ORDER BY users.realname',
- array ($this->getID(),
- 'pm')) ;
- }
- return $this->technicians;
- }
-
- /**
- * getTechnicianObjects - Array of User objects set up for this artifact type.
- *
- * @return array Of User objects.
- */
- function &getTechnicianObjects() {
- $res = $this->getTechnicians();
- $arr =& util_result_column_to_array($res,0);
- return user_get_objects($arr);
- }
-
- /**
* update - update a ProjectGroup in the database.
*
* @param string The project name.
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/import_utils.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/import_utils.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/pm/import_utils.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -65,7 +65,8 @@
//
// Build hash list of technicians so we can get their ID for assigning tasks
//
- $techs =& $pg->getTechnicianObjects();
+ $engine = RBACEngine::getInstance () ;
+ $techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
$tcount=count($techs);
for ($i=0; $i<$tcount; $i++) {
$tarr[strtolower($techs[$i]->getUnixName())]=$techs[$i]->getID();
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/Artifact.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/Artifact.class.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/Artifact.class.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -840,11 +840,9 @@
}
- // Check that assigned_to is member of the project.
+ // Check that assigned_to is a tech for the tracker
if ($assigned_to != 100) {
- $res = $this->ArtifactType->getTechnicians();
- $arr =& util_result_column_to_array($res,0);
- if (!in_array($assigned_to, $arr)) {
+ if (!forge_check_perm ('tracker', $this->ArtifactType->getID(), 'tech')) {
$this->setError("Invalid assigned_to (assigned person is not a technician)");
return false;
}
@@ -957,11 +955,9 @@
return false;
}
- // Check that assigned_to is member of the project.
+ // Check that assigned_to is a tech in the new tracker
if ($assigned_to != 100) {
- $res = $newArtifactType->getTechnicians();
- $arr =& util_result_column_to_array($res,0);
- if (!in_array($assigned_to, $arr)) {
+ if (!forge_check_perm ('tracker', $newArtifactType->getID(), 'tech')) {
$assigned_to = 100;
}
}
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/ArtifactType.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/ArtifactType.class.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/tracker/ArtifactType.class.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -865,34 +865,6 @@
}
/**
- * getTechnicians - returns a result set of technicians.
- *
- * @return database result set.
- */
- function getTechnicians() {
- if (!isset($this->technicians_res)) {
- $this->technicians_res = db_query_params ('SELECT user_id,realname
- FROM artifactperm_user_vw
- WHERE group_artifact_id=$1
- AND perm_level in (1,2)
- ORDER BY realname',
- array ($this->getID())) ;
- }
- return $this->technicians_res;
- }
-
- /**
- * getTechnicianObjects - Array of User objects set up for this artifact type.
- *
- * @return array Of User objects.
- */
- function &getTechnicianObjects() {
- $res = $this->getTechnicians();
- $arr =& util_result_column_to_array($res,0);
- return user_get_objects($arr);
- }
-
- /**
* getCannedResponses - returns a result set of canned responses.
*
* @return database result set.
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/browse_task.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/browse_task.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/browse_task.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -60,14 +60,21 @@
/*
creating a custom technician box which includes "any" and "unassigned"
*/
-$res_tech=$pg->getTechnicians();
-$tech_id_arr=util_result_column_to_array($res_tech,0);
-$tech_id_arr[]='0'; //this will be the 'any' row
-$tech_name_arr=util_result_column_to_array($res_tech,1);
+$engine = RBACEngine::getInstance () ;
+$techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
+
+$tech_id_arr = array () ;
+$tech_name_arr = array () ;
+
+foreach ($techs as $tech) {
+ $tech_id_arr[] = $tech->getID() ;
+ $tech_name_arr[] = $tech->getRealName() ;
+}
+$tech_id_arr[]='0';
$tech_name_arr[]=_('Any');
-$tech_box=html_build_select_box_from_arrays ($tech_id_arr,$tech_name_arr,'_assigned_to',
-$_assigned_to,true,_('Unassigned'));
+$tech_box=html_build_select_box_from_arrays ($tech_id_arr,$tech_name_arr,'_assigned_to',$_assigned_to,true,_('Unassigned'));
+
/*
creating a custom category box which includes "any" and "none"
*/
@@ -305,12 +312,17 @@
creating a custom technician box which includes "No Change" and "Nobody"
*/
- $res_tech=$pg->getTechnicians();
+ $engine = RBACEngine::getInstance () ;
+ $techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
- $tech_id_arr=util_result_column_to_array($res_tech,0);
- $tech_id_arr[]='100.1'; //this will be the 'any' row
-
- $tech_name_arr=util_result_column_to_array($res_tech,1);
+ $tech_id_arr = array () ;
+ $tech_name_arr = array () ;
+
+ foreach ($techs as $tech) {
+ $tech_id_arr[] = $tech->getID() ;
+ $tech_name_arr[] = $tech->getRealName() ;
+ }
+ $tech_id_arr[]='100.1';
$tech_name_arr[]=_('Unassigned');
$tech_box=html_build_select_box_from_arrays ($tech_id_arr,$tech_name_arr,'assigned_to',
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/ganttpage.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/ganttpage.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/ganttpage.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -40,8 +40,21 @@
$_status = getIntFromRequest('_status', 100);
$_order = getStringFromRequest('_order');
-$tech_box=html_build_select_box($pg->getTechnicians(),'_assigned_to',$_assigned_to,true,_('Unassigned'), true, _('Any'));
+$engine = RBACEngine::getInstance () ;
+$techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
+$tech_id_arr = array () ;
+$tech_name_arr = array () ;
+
+foreach ($techs as $tech) {
+ $tech_id_arr[] = $tech->getID() ;
+ $tech_name_arr[] = $tech->getRealName() ;
+}
+$tech_id_arr[]='0';
+$tech_name_arr[]=_('Any');
+
+$tech_box=html_build_select_box_from_arrays ($tech_id_arr,$tech_name_arr,'_assigned_to',$_assigned_to,true,_('Unassigned'), true, _('Any'));
+
$status_box=html_build_select_box($pg->getStatuses(),'_status',$_status, false, '', true, _('Any'));
$cat_box=html_build_select_box($pg->getCategories(), '_category_id', $_category_id, true, _('None'), true, _('Any'));
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/include/ProjectTaskHTML.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/include/ProjectTaskHTML.class.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/include/ProjectTaskHTML.class.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -32,10 +32,20 @@
}
function multipleAssignedBox ($name='assigned_to[]') {
- $result = $this->ProjectGroup->getTechnicians ();
+ $engine = RBACEngine::getInstance () ;
+ $techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
+
+ $tech_id_arr = array () ;
+ $tech_name_arr = array () ;
+
+ foreach ($techs as $tech) {
+ $tech_id_arr[] = $tech->getID() ;
+ $tech_name_arr[] = $tech->getRealName() ;
+ }
+
//get the data so we can mark items as SELECTED
$arr2 =& $this->getAssignedTo();
- return html_build_multiple_select_box ($result,$name,$arr2);
+ return html_build_multiple_select_box_from_arrays ($tech_id_arr,$tech_name_arr,$name,$arr2);
}
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/msproject/msp.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/msproject/msp.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/pm/msproject/msp.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -37,17 +37,24 @@
if ($success) {
$array['success']=true;
$array['session_hash']=$session_ser;
- $res=db_query_params ('SELECT pgl.group_project_id, g.group_name || $1 || pgl.project_name AS name
- FROM groups g, project_group_list pgl, role_setting rs, user_group ug
- WHERE ug.user_id=$2
- AND g.group_id=pgl.group_id
- AND rs.value::integer > 0
- AND rs.group_project_id = pgl.group_project_id
- AND ug.role_id = rs.role_id
- AND rs.section_name=$3',
- array(': ',
- user_getid(),
- 'pm'));
+
+
+ $result = db_query_params ('SELECT group_project_id FROM project_group_list',
+ array ()) ;
+
+ $gids = array () ;
+ while ($arr =& db_fetch_array($result)) {
+ if (forge_check_perm ('pm', $arr['group_project_id'], 'read')) {
+ $gids[] = $arr['group_project_id'] ;
+ }
+ }
+
+ $res = db_query_params ('SELECT pgl.group_project_id, g.group_name || $1 || pgl.project_name AS name
+ FROM groups g, project_group_list pgl
+ WHERE g.group_id=pgl.group_id
+ AND pgl_group_project_id = ANY ($2)',
+ array(': ',
+ db_int_array_to_any_clause ($tids))) ;
$rows=db_numrows($res);
if (!$res || $rows<1) {
$array['success']=false;
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/pm/pm.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/pm/pm.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/pm/pm.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -509,14 +509,17 @@
return new soap_fault ('','getProjectTechnicians',$grp->getErrorMessage(),$grp->getErrorMessage());
}
- $at = new ProjectGroup($grp,$group_project_id);
- if (!$at || !is_object($at)) {
+ $pg = new ProjectGroup($grp,$group_project_id);
+ if (!$pg || !is_object($pg)) {
return new soap_fault ('','getProjectTechnicians','Could Not Get ProjectGroup','Could Not Get ProjectGroup');
- } elseif ($at->isError()) {
- return new soap_fault ('','getProjectTechnicians',$at->getErrorMessage(),$at->getErrorMessage());
+ } elseif ($pg->isError()) {
+ return new soap_fault ('','getProjectTechnicians',$pg->getErrorMessage(),$pg->getErrorMessage());
}
- return users_to_soap($at->getTechnicianObjects());
+ $engine = RBACEngine::getInstance () ;
+ $techs = $engine->getUsersByAllowedAction ('pm', $pg->getID(), 'tech') ;
+
+ return users_to_soap ($techs);
}
function &getProjectTasks($session_ser,$group_id,$group_project_id,$assigned_to,$status,$category,$group) {
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/tracker/tracker.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/tracker/tracker.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/soap/tracker/tracker.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -690,7 +690,10 @@
return new soap_fault ('','getArtifactTechnicians',$at->getErrorMessage(),$at->getErrorMessage());
}
- return users_to_soap($at->getTechnicianObjects());
+ $engine = RBACEngine::getInstance () ;
+ $techs = $engine->getUsersByAllowedAction ('tracker', $at->getID(), 'tech') ;
+
+ return users_to_soap ($techs);
}
//
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/browse.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -138,12 +138,17 @@
//
// creating a custom technician box which includes "any" and "unassigned"
//
-$res_tech= $ath->getTechnicians();
+$engine = RBACEngine::getInstance () ;
+$techs = $engine->getUsersByAllowedAction ('tracker', $ath->getID(), 'tech') ;
-$tech_id_arr=util_result_column_to_array($res_tech,0);
+$tech_id_arr = array () ;
+$tech_name_arr = array () ;
+
+foreach ($techs as $tech) {
+ $tech_id_arr[] = $tech->getID() ;
+ $tech_name_arr[] = $tech->getRealName() ;
+}
$tech_id_arr[]='0'; //this will be the 'any' row
-
-$tech_name_arr=util_result_column_to_array($res_tech,1);
$tech_name_arr[]=_('Any');
if (is_array($_assigned_to)) {
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactTypeHtml.class.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactTypeHtml.class.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/include/ArtifactTypeHtml.class.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -606,11 +606,18 @@
if ($text_100=='none'){
$text_100=_('Nobody');
}
- $result = $this->getTechnicians();
- // this was a bad hack to allow you to mass-update to unassigned, which is ID=100, which
- // conflicted with the "No Change" ID of 100.
- $ids =& util_result_column_to_array($result,0);
- $names =& util_result_column_to_array($result,1);
+
+ $engine = RBACEngine::getInstance () ;
+ $techs = $engine->getUsersByAllowedAction ('tracker', $ath->getID(), 'tech') ;
+
+ $ids = array () ;
+ $names = array () ;
+
+ foreach ($techs as $tech) {
+ $ids[] = $tech->getID() ;
+ $names[] = $tech->getRealName() ;
+ }
+
if ($extra_id != '-1') {
$ids[]=$extra_id;
$names[]=$extra_name;
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/mod.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -91,30 +91,20 @@
<td><strong><?php echo _('Data Type') ?>: <a href="javascript:help_window('<?php echo util_make_url ('/help/tracker.php?helpname=data_type'); ?>')"><strong>(?)</strong></a></strong><br />
<?php
-//
-// kinda messy - but works for now
-// need to get list of data types this person can admin
-//
-if (forge_check_perm ('tracker_admin', $group_id)) {
- $rsv = db_int_array_to_any_clause (array (0, 1, 2)) ;
-} else {
- $rsv = db_int_array_to_any_clause (array (1, 2)) ;
+$atf = new ArtifactTypeFactory ($group) ;
+$tids = array () ;
+foreach ($atf->getArtifactTypes() as $at) {
+ if (forge_check_perm ('tracker', $at->getID(), 'manager')) {
+ $tids[] = $at->getID() ;
+ }
}
-$res = db_query_params ('SELECT agl.group_artifact_id, agl.name
- FROM artifact_group_list agl, role_setting rs, user_group ug
- WHERE agl.group_artifact_id=rs.ref_id
- AND ug.user_id=$1
- AND rs.value = ANY ($2)
- AND agl.group_id=$3
- AND ug.role_id = rs.role_id
- AND rs.section_name=$4',
- array(user_getid(),
- $rsv,
- $group_id,
- 'tracker'));
+$res = db_query_params ('SELECT group_artifact_id, name
+ FROM artifact_group_list
+ WHERE group_artifact_id = ANY ($1)',
+ array (db_int_array_to_any_clause ($tids))) ;
- echo html_build_select_box ($res,'new_artifact_type_id',$ath->getID(),false);
+echo html_build_select_box ($res,'new_artifact_type_id',$ath->getID(),false);
?>
</td>
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/reporting/index.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/reporting/index.php 2011-02-28 22:47:25 UTC (rev 15164)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/tracker/reporting/index.php 2011-02-28 22:47:29 UTC (rev 15165)
@@ -78,24 +78,18 @@
// Get list of trackers this person can see
//
-$restracker = db_query_params ('SELECT DISTINCT agl.group_artifact_id,agl.name
- FROM artifact_group_list agl, role_setting rs, user_group ug
- WHERE agl.group_id=$1
- AND agl.group_id=ug.group_id
- AND ug.user_id=$2
- AND ug.role_id=rs.role_id
- AND (
- (rs.section_name = $3 AND rs.value = $4)
- OR (rs.section_name = $5 AND rs.value = $6)
- OR (rs.section_name = $6 AND rs.value::integer >= 1 AND rs.ref_id = agl.group_artifact_id)
- )',
- array($group_id,
- user_getid() ,
- 'projectadmin',
- 'A',
- 'trackeradmin',
- 2,
- 'tracker'));
+$atf = new ArtifactTypeFactory ($group) ;
+$tids = array () ;
+foreach ($atf->getArtifactTypes() as $at) {
+ if (forge_check_perm ('tracker', $at->getID(), 'read')) {
+ $tids[] = $at->getID() ;
+ }
+}
+
+$restracker = db_query_params ('SELECT group_artifact_id, name
+ FROM artifact_group_list
+ WHERE group_artifact_id = ANY ($1)',
+ array (db_int_array_to_any_clause ($tids))) ;
echo db_error();
//
More information about the evolvis-commits
mailing list