本文整理汇总了PHP中access_has_bugnote_level函数的典型用法代码示例。如果您正苦于以下问题:PHP access_has_bugnote_level函数的具体用法?PHP access_has_bugnote_level怎么用?PHP access_has_bugnote_level使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了access_has_bugnote_level函数的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: skip
/**
* Whether to skip this event after access checks
* @return boolean
*/
public function skip()
{
if (!bugnote_exists($this->issue_note_id)) {
return true;
}
if (!access_has_bugnote_level(VIEWER, $this->issue_note_id)) {
return true;
}
return false;
}
示例2: access_ensure_bugnote_level
/**
* Check if the user has the specified access level for the given bugnote
* and deny access to the page if not
* @see access_has_bugnote_level
* @param int $p_access_level integer representing access level
* @param int $p_bugnote_id integer representing bugnote id to check access against
* @param int|null $p_user_id integer representing user id, defaults to null to use current user
* @access public
*/
function access_ensure_bugnote_level($p_access_level, $p_bugnote_id, $p_user_id = null)
{
if (!access_has_bugnote_level($p_access_level, $p_bugnote_id, $p_user_id)) {
access_denied();
}
}
示例3: access_has_bugnote_level
if (!bug_is_readonly($f_bug_id)) {
# check if the user can edit this bugnote
if ($t_user_id == $t_bugnote->reporter_id) {
$t_can_edit_bugnote = access_has_bugnote_level($t_bugnote_user_edit_threshold, $t_bugnote->id);
} else {
$t_can_edit_bugnote = $t_can_edit_all_bugnotes;
}
# check if the user can delete this bugnote
if ($t_user_id == $t_bugnote->reporter_id) {
$t_can_delete_bugnote = access_has_bugnote_level($t_bugnote_user_delete_threshold, $t_bugnote->id);
} else {
$t_can_delete_bugnote = $t_can_delete_all_bugnotes;
}
# check if the user can make this bugnote private
if ($t_user_id == $t_bugnote->reporter_id) {
$t_can_change_view_state = access_has_bugnote_level($t_bugnote_user_change_view_state_threshold, $t_bugnote->id);
} else {
$t_can_change_view_state = $t_can_change_view_state_all_bugnotes;
}
# show edit button if the user is allowed to edit this bugnote
if ($t_can_edit_bugnote) {
print_button('bugnote_edit_page.php?bugnote_id=' . $t_bugnote->id, lang_get('bugnote_edit_link'));
}
# show delete button if the user is allowed to delete this bugnote
if ($t_can_delete_bugnote) {
print_button('bugnote_delete.php?bugnote_id=' . $t_bugnote->id, lang_get('delete_link'));
}
# show make public or make private button if the user is allowed to change the view state of this bugnote
if ($t_can_change_view_state) {
if (VS_PRIVATE == $t_bugnote->view_state) {
print_button('bugnote_set_view_state.php?private=0&bugnote_id=' . $t_bugnote->id, lang_get('make_public'));
示例4: mc_issue_note_update
/**
* Update a note
*
* @param string $p_username The name of the user trying to add a note to an issue.
* @param string $p_password The password of the user.
* @param stdClass $p_note The note to update.
* @return true on success, false on failure
*/
function mc_issue_note_update($p_username, $p_password, stdClass $p_note)
{
global $g_project_override;
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
$p_note = SoapObjectsFactory::unwrapObject($p_note);
if (!isset($p_note['id']) || is_blank($p_note['id'])) {
return SoapObjectsFactory::newSoapFault('Client', 'Issue note id must not be blank.');
}
if (!isset($p_note['text']) || is_blank($p_note['text'])) {
return SoapObjectsFactory::newSoapFault('Client', 'Issue note text must not be blank.');
}
$t_issue_note_id = $p_note['id'];
if (!bugnote_exists($t_issue_note_id)) {
return SoapObjectsFactory::newSoapFault('Client', 'Issue note \'' . $t_issue_note_id . '\' does not exist.');
}
$t_issue_id = bugnote_get_field($t_issue_note_id, 'bug_id');
$t_project_id = bug_get_field($t_issue_id, 'project_id');
$g_project_override = $t_project_id;
if (!mci_has_readwrite_access($t_user_id, $t_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_issue_author_id = bugnote_get_field($t_issue_note_id, 'reporter_id');
# Check if the user owns the bugnote and is allowed to update their own bugnotes
# regardless of the update_bugnote_threshold level.
$t_user_owns_the_bugnote = bugnote_is_user_reporter($t_issue_note_id, $t_user_id);
$t_user_can_update_own_bugnote = config_get('bugnote_user_edit_threshold', null, $t_user_id, $t_project_id);
if ($t_user_owns_the_bugnote && !$t_user_can_update_own_bugnote) {
return mci_soap_fault_access_denied($t_user_id);
}
# Check if the user has an access level beyond update_bugnote_threshold for the
# project containing the bugnote to update.
$t_update_bugnote_threshold = config_get('update_bugnote_threshold', null, $t_user_id, $t_project_id);
if (!$t_user_owns_the_bugnote && !access_has_bugnote_level($t_update_bugnote_threshold, $t_issue_note_id, $t_user_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
# Check if the bug is readonly
if (bug_is_readonly($t_issue_id)) {
return mci_soap_fault_access_denied($t_user_id, 'Issue \'' . $t_issue_id . '\' is readonly');
}
if (isset($p_note['view_state'])) {
$t_view_state = $p_note['view_state'];
$t_view_state_id = mci_get_enum_id_from_objectref('view_state', $t_view_state);
bugnote_set_view_state($t_issue_note_id, $t_view_state_id == VS_PRIVATE);
}
log_event(LOG_WEBSERVICE, 'updating bugnote id \'' . $t_issue_note_id . '\'');
bugnote_set_text($t_issue_note_id, $p_note['text']);
return bugnote_date_update($t_issue_note_id);
}
示例5: email_collect_recipients
//.........这里部分代码省略.........
$t_bug_date = bug_get_field($p_bug_id, 'last_updated');
$t_bugnote_table = config_get('mantis_bugnote_table');
if (ON == email_notify_flag($p_notify_type, 'bugnotes')) {
$query = "SELECT DISTINCT reporter_id\n\t\t\t\t\t FROM {$t_bugnote_table}\n\t\t\t\t\t WHERE bug_id = {$c_bug_id}";
$result = db_query($query);
$count = db_num_rows($result);
for ($i = 0; $i < $count; $i++) {
$t_user_id = db_result($result, $i);
$t_recipients[$t_user_id] = true;
log_event(LOG_EMAIL_RECIPIENT, "bug={$p_bug_id}, add note author={$t_user_id}");
}
}
# add project users who meet the thresholds
$t_bug_is_private = bug_get_field($p_bug_id, 'view_state') == VS_PRIVATE;
$t_threshold_min = email_notify_flag($p_notify_type, 'threshold_min');
$t_threshold_max = email_notify_flag($p_notify_type, 'threshold_max');
$t_threshold_users = project_get_all_user_rows($t_project_id, $t_threshold_min);
foreach ($t_threshold_users as $t_user) {
if ($t_user['access_level'] <= $t_threshold_max) {
if (!$t_bug_is_private || access_compare_level($t_user['access_level'], config_get('private_bug_threshold'))) {
$t_recipients[$t_user['id']] = true;
log_event(LOG_EMAIL_RECIPIENT, "bug={$p_bug_id}, add project user=" . $t_user['id']);
}
}
}
# set up to eliminate unwanted users
# get list of status values that are not covered specifically in the prefs
# These are handled by email_on_status generically
# @@@ thraxisp note that email_on_assigned was co-opted to handle change in handler
$t_status_change = get_enum_to_array(config_get('status_enum_string'));
unset($t_status_change[NEW_]);
unset($t_status_change[FEEDBACK]);
unset($t_status_change[RESOLVED]);
unset($t_status_change[CLOSED]);
if ('owner' == $p_notify_type) {
$t_pref_field = 'email_on_assigned';
} else {
if (in_array($p_notify_type, $t_status_change)) {
$t_pref_field = 'email_on_status';
} else {
$t_pref_field = 'email_on_' . $p_notify_type;
}
}
$t_user_pref_table = config_get('mantis_user_pref_table');
if (!db_field_exists($t_pref_field, $t_user_pref_table)) {
$t_pref_field = false;
}
# @@@ we could optimize by modifiying user_cache() to take an array
# of user ids so we could pull them all in. We'll see if it's necessary
$t_final_recipients = array();
# Check whether users should receive the emails
# and put email address to $t_recipients[user_id]
foreach ($t_recipients as $t_id => $t_ignore) {
# Possibly eliminate the current user
if (auth_get_current_user_id() == $t_id && OFF == config_get('email_receive_own')) {
log_event(LOG_EMAIL_RECIPIENT, "bug={$p_bug_id}, drop {$t_id} (own)");
continue;
}
# Eliminate users who don't exist anymore or who are disabled
if (!user_exists($t_id) || !user_is_enabled($t_id)) {
log_event(LOG_EMAIL_RECIPIENT, "bug={$p_bug_id}, drop {$t_id} (disabled)");
continue;
}
# Exclude users who have this notification type turned off
if ($t_pref_field) {
$t_notify = user_pref_get_pref($t_id, $t_pref_field);
if (OFF == $t_notify) {
log_event(LOG_EMAIL_RECIPIENT, "bug={$p_bug_id}, drop {$t_id} (pref {$t_pref_field} off)");
continue;
} else {
# Users can define the severity of an issue before they are emailed for
# each type of notification
$t_min_sev_pref_field = $t_pref_field . '_min_severity';
$t_min_sev_notify = user_pref_get_pref($t_id, $t_min_sev_pref_field);
$t_bug_severity = bug_get_field($p_bug_id, 'severity');
if ($t_bug_severity < $t_min_sev_notify) {
log_event(LOG_EMAIL_RECIPIENT, "bug={$p_bug_id}, drop {$t_id} (pref threshold)");
continue;
}
}
}
# check that user can see bugnotes if the last update included a bugnote
if ($t_bug_date == $t_bugnote_date) {
if (!access_has_bugnote_level(VIEWER, $t_bugnote_id, $t_id)) {
log_event(LOG_EMAIL_RECIPIENT, "bug={$p_bug_id}, drop {$t_id} (access level)");
continue;
}
}
# Finally, let's get their emails, if they've set one
$t_email = user_get_email($t_id);
if (is_blank($t_email)) {
log_event(LOG_EMAIL_RECIPIENT, "bug={$p_bug_id}, drop {$t_id} (no email)");
} else {
# @@@ we could check the emails for validity again but I think
# it would be too slow
$t_final_recipients[$t_id] = $t_email;
}
}
return $t_final_recipients;
}
示例6: put
public function put($request)
{
/**
* Updates the note.
*
* Only the text and view state of the note can be altered.
*
* @param $request - The request we're responding to
*/
$this->note_id = Bugnote::get_mantis_id_from_url($request->url);
if (!bugnote_exists($this->note_id)) {
throw new HTTPException(404, "No such bug note: {$this->note_id}");
}
# Check if the current user is allowed to edit the bugnote
# (This comes from Mantis's bugnote_update.php)
$user_id = auth_get_current_user_id();
$reporter_id = bugnote_get_field($this->note_id, 'reporter_id');
$bug_id = bugnote_get_field($this->note_id, 'bug_id');
if ($user_id != $reporter_id || OFF == config_get('bugnote_allow_user_edit_delete')) {
if (!access_has_bugnote_level(config_get('update_bugnote_threshold'), $this->note_id)) {
throw new HTTPException(403, "Access denied");
}
}
if (bug_is_readonly($bug_id)) {
throw new HTTPException(500, "Can't edit a note on a read-only bug");
}
$this->populate_from_repr($request->body);
bugnote_set_view_state($this->note_id, !!$this->_get_rsrc_attr('private'));
bugnote_set_text($this->note_id, $this->_get_mantis_attr('note'));
$resp = new Response();
$resp->status = 204;
return $resp;
}
示例7: billing_get_for_project
/**
* Gets the billing information for the specified project during the specified date range.
*
* @param integer $p_project_id A project identifier or ALL_PROJECTS.
* @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param integer $p_cost_per_hour Cost per hour.
* @return array array of bugnotes
* @access public
*/
function billing_get_for_project($p_project_id, $p_from, $p_to, $p_cost_per_hour)
{
$t_params = array();
$c_to = strtotime($p_to) + SECONDS_PER_DAY - 1;
$c_from = strtotime($p_from);
if ($c_to === false || $c_from === false) {
error_parameters(array($p_from, $p_to));
trigger_error(ERROR_GENERIC, ERROR);
}
if (ALL_PROJECTS != $p_project_id) {
access_ensure_project_level(config_get('view_bug_threshold'), $p_project_id);
$t_project_where = ' AND b.project_id = ' . db_param() . ' AND bn.bug_id = b.id ';
$t_params[] = $p_project_id;
} else {
$t_project_ids = user_get_all_accessible_projects();
$t_project_where = ' AND b.project_id in (' . implode(', ', $t_project_ids) . ')';
}
if (!is_blank($c_from)) {
$t_from_where = ' AND bn.date_submitted >= ' . db_param();
$t_params[] = $c_from;
} else {
$t_from_where = '';
}
if (!is_blank($c_to)) {
$t_to_where = ' AND bn.date_submitted <= ' . db_param();
$t_params[] = $c_to;
} else {
$t_to_where = '';
}
$t_results = array();
$t_query = 'SELECT bn.id id, bn.time_tracking minutes, bn.date_submitted as date_submitted, bnt.note note,
u.realname realname, b.project_id project_id, b.summary bug_summary, bn.bug_id bug_id, bn.reporter_id reporter_id
FROM {user} u, {bugnote} bn, {bug} b, {bugnote_text} bnt
WHERE u.id = bn.reporter_id AND bn.time_tracking != 0 AND bn.bug_id = b.id AND bnt.id = bn.bugnote_text_id
' . $t_project_where . $t_from_where . $t_to_where . '
ORDER BY bn.id';
$t_result = db_query($t_query, $t_params);
$t_cost_per_min = $p_cost_per_hour / 60.0;
$t_access_level_required = config_get('time_tracking_view_threshold');
while ($t_row = db_fetch_array($t_result)) {
if (!access_has_bugnote_level($t_access_level_required, $t_row['id'])) {
continue;
}
$t_total_cost = $t_cost_per_min * $t_row['minutes'];
$t_row['cost'] = $t_total_cost;
$t_results[] = $t_row;
}
$t_billing_rows = billing_rows_to_array($t_results);
return $t_billing_rows;
}
示例8: mc_issue_note_delete
/**
* Delete a note given its id.
*
* @param string $p_username The name of the user trying to add a note to an issue.
* @param string $p_password The password of the user.
* @param integer $p_issue_note_id The id of the note to be deleted.
* @return true: success, false: failure
*/
function mc_issue_note_delete($p_username, $p_password, $p_issue_note_id)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if ((int) $p_issue_note_id < 1) {
return new soap_fault('Client', '', "Invalid issue note id '{$p_issue_note_id}'.");
}
if (!bugnote_exists($p_issue_note_id)) {
return new soap_fault('Client', '', "Issue note '{$p_issue_note_id}' does not exist.");
}
$t_issue_id = bugnote_get_field($p_issue_note_id, 'bug_id');
$t_project_id = bug_get_field($t_issue_id, 'project_id');
if (!mci_has_readwrite_access($t_user_id, $t_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_reporter_id = bugnote_get_field($p_issue_note_id, 'reporter_id');
// mirrors check from bugnote_delete.php
if ($t_user_id == $t_reporter_id) {
$t_threshold_config_name = 'bugnote_user_delete_threshold';
} else {
$t_threshold_config_name = 'delete_bugnote_threshold';
}
if (!access_has_bugnote_level(config_get($t_threshold_config_name), $p_issue_note_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
return bugnote_delete($p_issue_note_id);
}
示例9: mc_issue_note_update
/**
* Update a note
*
* @param string $p_username The name of the user trying to add a note to an issue.
* param string $p_password The password of the user.
* @param IssueNoteData $p_note The note to update.
* @return true on success, false on failure
*/
function mc_issue_note_update($p_username, $p_password, $p_note)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!isset($p_note['id']) || is_blank($p_note['id'])) {
return new soap_fault('Client', '', "Issue note id must not be blank.");
}
if (!isset($p_note['text']) || is_blank($p_note['text'])) {
return new soap_fault('Client', '', "Issue note text must not be blank.");
}
$t_issue_note_id = $p_note['id'];
if (!bugnote_exists($t_issue_note_id)) {
return new soap_fault('Server', '', "Issue note '{$t_issue_note_id}' does not exist.");
}
$t_issue_id = bugnote_get_field($t_issue_note_id, 'bug_id');
$t_project_id = bug_get_field($t_issue_id, 'project_id');
if (!mci_has_readwrite_access($t_user_id, $t_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_issue_author_id = bugnote_get_field($t_issue_note_id, 'reporter_id');
# Check if the user owns the bugnote and is allowed to update their own bugnotes
# regardless of the update_bugnote_threshold level.
$t_user_owns_the_bugnote = bugnote_is_user_reporter($t_issue_note_id, $t_user_id);
$t_user_can_update_own_bugnote = config_get('bugnote_allow_user_edit_delete', null, $t_user_id, $t_project_id);
if ($t_user_owns_the_bugnote && !$t_user_can_update_own_bugnote) {
return mci_soap_fault_access_denied($t_user_id);
}
# Check if the user has an access level beyond update_bugnote_threshold for the
# project containing the bugnote to update.
$t_update_bugnote_threshold = config_get('update_bugnote_threshold', null, $t_user_id, $t_project_id);
if (!$t_user_owns_the_bugnote && !access_has_bugnote_level($t_update_bugnote_threshold, $t_issue_note_id, $t_user_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
# Check if the bug is readonly
if (bug_is_readonly($t_issue_id)) {
return mci_soap_fault_access_denied($t_user_id, "Issue ' . {$t_issue_id} . ' is readonly");
}
if (isset($p_note['view_state'])) {
$t_view_state = $p_note['view_state'];
$t_view_state_id = mci_get_enum_id_from_objectref('view_state', $t_view_state);
bugnote_set_view_state($t_issue_note_id, $t_view_state_id);
}
bugnote_set_text($t_issue_note_id, $p_note['text']);
return bugnote_date_update($t_issue_note_id);
}