Netsyms
/
Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

revert meeee

Browse Source
master
Mike Koch 6 years ago
parent f70c3635a9
commit 5ee4ed5864
No known key found for this signature in database
GPG Key ID: 9BA5D7F8391455ED
5 changed files with 171 additions and 67 deletions
Show Stats Download Patch File Download Diff File

2
api/BusinessLogic/Calendar/CalendarEvent.php
Unescape Escape View File

@ -4,6 +4,8 @@ namespace BusinessLogic\Calendar;
class CalendarEvent extends AbstractEvent {
public $id;
public $type = 'CALENDAR';
public $endTime;

21
api/BusinessLogic/Calendar/SearchEventsFilter.php
Unescape Escape View File

@ -0,0 +1,21 @@
<?php
namespace BusinessLogic\Calendar;
class SearchEventsFilter {
/* @var $categories int[]|null */
public $categories;
/* @var $reminderUserId int|null */
public $reminderUserId;
/* @var $includeTickets bool */
public $includeTickets;
/* @var $includeUnassignedTickets bool */
public $includeUnassignedTickets;
/* @var $includeTicketsAssignedToOthers bool */
public $includeTicketsAssignedToOthers;
}

4
api/BusinessLogic/Security/UserContext.php
Unescape Escape View File

@ -57,6 +57,10 @@ class UserContext extends \BaseClass {
/* @var $active bool */
public $active;
function isAnonymousUser() {
return $this->username === "API - ANONYMOUS USER";
}
static function buildAnonymousUser() {
$userContext = new UserContext();
$userContext->id = -1;

2
api/BusinessLogic/Security/UserPrivilege.php
Unescape Escape View File

@ -15,4 +15,6 @@ class UserPrivilege extends \BaseClass {
const CAN_EDIT_TICKETS = 'can_edit_tickets';
const CAN_DELETE_TICKETS = 'can_del_tickets';
const CAN_MANAGE_CATEGORIES = 'can_man_cat';
const CAN_VIEW_ASSIGNED_TO_OTHER = 'can_view_ass_others';
const CAN_VIEW_UNASSIGNED = 'can_view_unassigned';
}

209
api/DataAccess/Calendar/CalendarGateway.php
Unescape Escape View File

@ -3,84 +3,159 @@
namespace DataAccess\Calendar;
use BusinessLogic\Calendar\CalendarEvent;
use BusinessLogic\Calendar\SearchEventsFilter;
use BusinessLogic\Calendar\TicketEvent;
use BusinessLogic\Security\UserContext;
use BusinessLogic\Security\UserPrivilege;
use DataAccess\CommonDao;
class CalendarGateway extends CommonDao {
/**
* @param $startTime int
* @param $endTime int
* @param $userContext UserContext
* @param $searchEventsFilter SearchEventsFilter
* @param $heskSettings array
* @return array
*/
public function getEventsForStaff($startTime, $endTime, $userContext, $heskSettings) {
public function getEventsForStaff($startTime, $endTime, $searchEventsFilter, $heskSettings) {
$this->init();
$startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime) . " / 1000), @@session.time_zone, '+00:00')";
$endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')";
$sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
`categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border` ";
if ($staff) {
$sql .= ",`reminders`.`amount` AS `reminder_value`, `reminders`.`unit` AS `reminder_unit` ";
// EVENTS
$sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
`categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
`reminders`.`amount` AS `reminder_value`, `reminder`.`unit` AS `reminder_unit`
FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
ON `events`.`category` = `categories`.`id`
LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders`
ON `reminders`.`user_id` = " . intval($searchEventsFilter->reminderUserId) . "
AND `reminders`.`event_id` = `events`.`id`
WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql})
AND `categories`.`usage` <> 1
AND `categories`.`type` = '0'";
if (!empty($searchEventsFilter->categories)) {
$categoriesAsString = implode(',', $searchEventsFilter->categories);
$sql .= " AND `events`.`category` IN (" . $categoriesAsString . ")";
}
$sql .= "FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
ON `events`.`category` = `categories`.`id` ";
$rs = hesk_dbQuery($sql);
while ($row = hesk_dbFetchAssoc($rs)) {
$event = new CalendarEvent();
$event->id = intval($row['id']);
$event->startTime = $row['start'];
$event->endTime = $row['end'];
$event->allDay = $row['all_day'] ? true : false;
$event->title = $row['name'];
$event->location = $row['location'];
$event->comments = $row['comments'];
$event->categoryId = $row['category'];
$event->categoryName = $row['category_name'];
$event->backgroundColor = $row['background_color'];
$event->foregroundColor = $row['foreground_color'];
$event->displayBorder = $row['display_border'];
$event->reminderValue = $row['reminder_value'];
$event->reminderUnits = $row['reminder_unit'];
if ($staff) {
$sql .= "LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders` ON
`reminders`.`user_id` = " . intval($_SESSION['id']) . " AND `reminders`.`event_id` = `events`.`id`";
$events[] = $event;
}
$sql .= "WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql}) AND `categories`.`usage` <> 1";
if (!$staff) {
$sql .= " AND `categories`.`type` = '0'";
// TICKETS
if ($searchEventsFilter->includeTickets) {
$oldTimeSetting = $heskSettings['timeformat'];
$heskSettings['timeformat'] = 'Y-m-d';
$currentDate = hesk_date();
$heskSettings['timeformat'] = $oldTimeSetting;
$sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
`categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
CASE WHEN `due_date` < '{$currentDate}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
`tickets`.`priority` AS `priority`
FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "tickets` AS `tickets`
INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
ON `categories`.`id` = `tickets`.`category`
AND `categories`.`usage` <> 2
LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "users` AS `owner`
ON `tickets`.`owner` = `owner`.`id`
WHERE `due_date` >= {$startTimeSql})
AND `due_date` <= {$endTimeSql})
AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "statuses` WHERE `IsClosed` = 0)
AND (`owner` = " . $searchEventsFilter->reminderUserId;
if ($searchEventsFilter->includeUnassignedTickets) {
$sql .= "";
}
$sql .= ")";
}
$this->close();
}
/**
* @param $startTime int
* @param $endTime int
* @param $userContext UserContext
* @param $heskSettings array
* @return array
*/
public function getXXEventsForStaff($startTime, $endTime, $userContext, $heskSettings) {
$this->init();
$startTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($startTime) . " / 1000), @@session.time_zone, '+00:00')";
$endTimeSql = "CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')";
$sql = "SELECT `events`.*, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
`categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
`reminders`.`amount` AS `reminder_value`, `reminders`.`unit` AS `reminder_unit`
FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event` AS `events`
INNER JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "categories` AS `categories`
ON `events`.`category` = `categories`.`id`
LEFT JOIN `" . hesk_dbEscape($heskSettings['db_pfix']) . "calendar_event_reminder` AS `reminders`
ON `reminders`.`user_id` = " . intval($userContext->id) . "
AND `reminders`.`event_id` = `events`.`id`
WHERE NOT (`end` < {$startTimeSql} OR `start` > {$endTimeSql})
AND `categories`.`usage` <> 1
AND `categories`.`type` = '0'";
$rs = hesk_dbQuery($sql);
$events = array();
while ($row = hesk_dbFetchAssoc($rs)) {
// Skip the event if the user does not have access to it
// TODO This should be business logic
if ($staff && !$_SESSION['isadmin'] && !in_array($row['category'], $_SESSION['categories'])) {
if (!$userContext->admin && in_array($row['category'], $userContext->categories)) {
continue;
}
$event['type'] = 'CALENDAR';
$event['id'] = intval($row['id']);
$event['startTime'] = $row['start'];
$event['endTime'] = $row['end'];
$event['allDay'] = $row['all_day'] ? true : false;
$event['title'] = $row['name'];
$event['location'] = $row['location'];
$event['comments'] = $row['comments'];
$event['categoryId'] = $row['category'];
$event['categoryName'] = $row['category_name'];
$event['backgroundColor'] = $row['background_color'];
$event['foregroundColor'] = $row['foreground_color'];
$event['displayBorder'] = $row['display_border'];
if ($staff) {
$event['reminderValue'] = $row['reminder_value'];
$event['reminderUnits'] = $row['reminder_unit'];
}
$event = new CalendarEvent();
$event->id = intval($row['id']);
$event->startTime = $row['start'];
$event->endTime = $row['end'];
$event->allDay = $row['all_day'] ? true : false;
$event->title = $row['name'];
$event->location = $row['location'];
$event->comments = $row['comments'];
$event->categoryId = $row['category'];
$event->categoryName = $row['category_name'];
$event->backgroundColor = $row['background_color'];
$event->foregroundColor = $row['foreground_color'];
$event->displayBorder = $row['display_border'];
$event->reminderValue = $row['reminder_value'];
$event->reminderUnits = $row['reminder_unit'];
$events[] = $event;
}
if ($staff) {
$oldTimeSetting = $heskSettings['timeformat'];
$heskSettings['timeformat'] = 'Y-m-d';
$currentDate = hesk_date();
$heskSettings['timeformat'] = $oldTimeSetting;
$oldTimeSetting = $heskSettings['timeformat'];
$heskSettings['timeformat'] = 'Y-m-d';
$currentDate = hesk_date();
$heskSettings['timeformat'] = $oldTimeSetting;
$sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
$sql = "SELECT `trackid`, `subject`, `due_date`, `category`, `categories`.`name` AS `category_name`, `categories`.`background_color` AS `background_color`,
`categories`.`foreground_color` AS `foreground_color`, `categories`.`display_border_outline` AS `display_border`,
CASE WHEN `due_date` < '{$currentDate}' THEN 1 ELSE 0 END AS `overdue`, `owner`.`name` AS `owner_name`, `tickets`.`owner` AS `owner_id`,
`tickets`.`priority` AS `priority`
@ -95,31 +170,31 @@ class CalendarGateway extends CommonDao {
AND `due_date` <= CONVERT_TZ(FROM_UNIXTIME(" . hesk_dbEscape($endTime) . " / 1000), @@session.time_zone, '+00:00')
AND `status` IN (SELECT `id` FROM `" . hesk_dbEscape($heskSettings['db_pfix']) . "statuses` WHERE `IsClosed` = 0) ";
$rs = hesk_dbQuery($sql);
while ($row = hesk_dbFetchAssoc($rs)) {
// Skip the ticket if the user does not have access to it
if (!hesk_checkPermission('can_view_tickets', 0)
|| ($row['owner_id'] && $row['owner_id'] != $_SESSION['id'] && !hesk_checkPermission('can_view_ass_others', 0))
|| (!$row['owner_id'] && !hesk_checkPermission('can_view_unassigned', 0))) {
continue;
}
$event['type'] = 'TICKET';
$event['trackingId'] = $row['trackid'];
$event['subject'] = $row['subject'];
$event['title'] = $row['subject'];
$event['startTime'] = $row['due_date'];
$event['url'] = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
$event['categoryId'] = $row['category'];
$event['categoryName'] = $row['category_name'];
$event['backgroundColor'] = $row['background_color'];
$event['foregroundColor'] = $row['foreground_color'];
$event['displayBorder'] = $row['display_border'];
$event['owner'] = $row['owner_name'];
$event['priority'] = $row['priority'];
$events[] = $event;
$rs = hesk_dbQuery($sql);
while ($row = hesk_dbFetchAssoc($rs)) {
// Skip the ticket if the user does not have access to it
// TODO Move to Business logic
if (!in_array(UserPrivilege::CAN_VIEW_TICKETS, $userContext->permissions)
|| ($row['owner_id'] && $row['owner_id'] != $userContext->id && !in_array(UserPrivilege::CAN_VIEW_ASSIGNED_TO_OTHER, $userContext->permissions))
|| (!$row['owner_id']) && !in_array(UserPrivilege::CAN_VIEW_UNASSIGNED, $userContext->permissions)) {
continue;
}
$event = new TicketEvent();
$event->trackingId = $row['trackid'];
$event->subject = $row['subject'];
$event->title = $row['subject'];
$event->startTime = $row['due_date'];
$event->url = $heskSettings['hesk_url'] . '/' . $heskSettings['admin_dir'] . '/admin_ticket.php?track=' . $event['trackingId'];
$event->categoryId = $row['category'];
$event->categoryName = $row['category_name'];
$event->backgroundColor = $row['background_color'];
$event->foregroundColor = $row['foreground_color'];
$event->displayBorder = $row['display_border'];
$event->owner = $row['owner_name'];
$event->priority = $row['priority'];
$events[] = $event;
}
$this->close();

Write Preview
Loading…
Cancel
Save