From c62a61c6ba34940be3be2229571f632037a02155 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Sun, 21 Feb 2010 17:02:04 +0000
Subject: [PATCH] Fix: A lot of fix in project permissions

---
 htdocs/lib/project.lib.php         | 13 +++++++-----
 htdocs/projet/activity/list.php    |  6 +++---
 htdocs/projet/project.class.php    |  2 +-
 htdocs/projet/tasks/task.class.php | 34 +++++++++++++++++-------------
 4 files changed, 31 insertions(+), 24 deletions(-)

diff --git a/htdocs/lib/project.lib.php b/htdocs/lib/project.lib.php
index 45e174ffbfd..74ea2427fea 100644
--- a/htdocs/lib/project.lib.php
+++ b/htdocs/lib/project.lib.php
@@ -202,10 +202,10 @@ function select_projects($socid, $selected='', $htmlname='projectid')
  * @param unknown_type $parent
  * @param unknown_type $lines
  * @param unknown_type $level
- * @param unknown_type $tasksrole
+ * @param unknown_type $projectsrole
  * @return unknown
  */
-function PLinesb(&$inc, $parent, $lines, &$level, &$tasksrole)
+function PLinesb(&$inc, $parent, $lines, &$level, &$projectsrole)
 {
 	global $user, $bc, $langs;
 	global $form;
@@ -242,6 +242,8 @@ function PLinesb(&$inc, $parent, $lines, &$level, &$tasksrole)
 			print "<td>";
 			$projectstatic->id=$lines[$i]->projectid;
 			$projectstatic->ref=$lines[$i]->projectref;
+			$projectstatic->public=$lines[$i]->public;
+			$projectstatic->label=$langs->transnoentitiesnoconv("YourRole").': '.$projectsrole[$lines[$i]->projectid];
 			print $projectstatic->getNomUrl(1);
 			print "</td>";
 
@@ -252,13 +254,13 @@ function PLinesb(&$inc, $parent, $lines, &$level, &$tasksrole)
 
 			$disabled=1;
 			// If at least one role for project
-			if (! empty($tasksrole[$lines[$i]->id])
-				&& sizeof($tasksrole[$lines[$i]->id]) > 0) $disabled=0;
+			if ($lines[$i]->public || ! empty($projectsrole[$lines[$i]->projectid])) $disabled=0;
 
 			print '<td nowrap="nowrap">';
 			print $form->select_date('',$lines[$i]->id,'','','',"addtime");
 			print '&nbsp;<input size="4" type="text" class="flat"'.($disabled?' disabled="true"':'').' name="task'.$lines[$i]->id.'" value="">';
 			print '&nbsp;<input type="submit" class="button"'.($disabled?' disabled="true"':'').' value="'.$langs->trans("Add").'">';
+			if ((! $lines[$i]->public) && $disabled) print '('.$langs->trans("YouAreNotContactOfProject").')';
 			print '</td>';
 			print "<td>&nbsp;";
 			print '</td>';
@@ -266,7 +268,7 @@ function PLinesb(&$inc, $parent, $lines, &$level, &$tasksrole)
 			print "</tr>\n";
 			$inc++;
 			$level++;
-			if ($lines[$i]->id) PLinesb($inc, $lines[$i]->id, $lines, $level, $tasksrole);
+			if ($lines[$i]->id) PLinesb($inc, $lines[$i]->id, $lines, $level, $projectsrole);
 			$level--;
 		}
 		else
@@ -353,6 +355,7 @@ function PLines(&$inc, $parent, &$lines, &$level, $var, $showproject, &$taskrole
 				{
 					$taskstatic->id=$lines[$i]->id;
 					$taskstatic->ref=$lines[$i]->id;
+					$taskstatic->label=($taskrole[$lines[$i]->id]?$langs->trans("YourRole").': '.$taskrole[$lines[$i]->id]:'');
 					print $taskstatic->getNomUrl(1);
 				}
 				print '</td>';
diff --git a/htdocs/projet/activity/list.php b/htdocs/projet/activity/list.php
index 9c2e52ab971..50afec1f4bd 100644
--- a/htdocs/projet/activity/list.php
+++ b/htdocs/projet/activity/list.php
@@ -112,9 +112,9 @@ print_barre_liste($title, $page, $_SERVER["PHP_SELF"], "", $sortfield, $sortorde
 if ($mesg) print $mesg;
 
 $tasksarray=$task->getTasksArray(0,0,$project->id,$socid);
-$tasksrole=$task->getUserRolesForProjectsOrTasks($user,0,$project->id,0);
+$projectsrole=$task->getUserRolesForProjectsOrTasks($user,0,$project->id,0);
 //var_dump($tasksarray);
-//var_dump($tasksrole);
+//var_dump($projectsrole);
 
 print '<form name="addtime" method="POST" action="'.$_SERVER["PHP_SELF"].'?id='.$project->id.'">';
 print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
@@ -128,7 +128,7 @@ print '<td>'.$langs->trans("Project").'</td>';
 print '<td align="right">'.$langs->trans("TimeSpent").'</td>';
 print '<td colspan="2">'.$langs->trans("AddDuration").'</td>';
 print "</tr>\n";
-PLinesb($j, 0, $tasksarray, $level, $tasksrole);
+PLinesb($j, 0, $tasksarray, $level, $projetsrole);
 print '</form>';
 
 
diff --git a/htdocs/projet/project.class.php b/htdocs/projet/project.class.php
index 6186b7eaa01..f2d4ef57820 100644
--- a/htdocs/projet/project.class.php
+++ b/htdocs/projet/project.class.php
@@ -521,7 +521,7 @@ class Project extends CommonObject
 
 		$picto='project';
 
-		$label=$langs->trans("ShowProject").': '.$this->ref;
+		$label=$langs->trans("ShowProject").': '.$this->ref.($this->label?' - '.$this->label:'');
 
 		if ($withpicto) $result.=($lien.img_object($label,$picto).$lienfin);
 		if ($withpicto && $withpicto != 2) $result.=' ';
diff --git a/htdocs/projet/tasks/task.class.php b/htdocs/projet/tasks/task.class.php
index 922cf502ba6..92c203bab60 100644
--- a/htdocs/projet/tasks/task.class.php
+++ b/htdocs/projet/tasks/task.class.php
@@ -398,7 +398,7 @@ class Task extends CommonObject
 
 		$picto='projecttask';
 
-		$label=$langs->trans("ShowTask").': '.$this->ref;
+		$label=$langs->trans("ShowTask").': '.$this->ref.($this->label?' - '.$this->label:'');
 
 		if ($withpicto) $result.=($lien.img_object($label,$picto).$lienfin);
 		if ($withpicto && $withpicto != 2) $result.=' ';
@@ -511,17 +511,20 @@ class Task extends CommonObject
 	}
 
 	/**
-	 * Return Array of role of user for each projects or each tasks
+	 * Return list of roles for a user for each projects or each tasks (or a particular project or task)
 	 * @param 	userp
-	 * @param	usert
-	 * @param 	projectid
-	 * @param 	taskid
-	 * @return 	array			Array of role of user for each projects or each tasks
+	 * @param	usert			Deprecated. Permissions are on project.
+	 * @param 	projectid		Project id to filter on a project
+	 * @param 	taskid			Task id to filter on a task
+	 * @return 	array			Array (projectid => 'list of roles for project')
 	 */
 	function getUserRolesForProjectsOrTasks($userp,$usert,$projectid=0,$taskid=0)
 	{
+		$projectsrole = array();
 		$tasksrole = array();
 
+		dol_syslog("Task::getUserRolesForProjectsOrTasks userp=".is_object($userp)." usert=".is_object($usert)." projectid=".$projectid." taskid=".$taskid);
+
 		// We want role of user for projet or role of user for task. Both are not possible.
 		if (empty($userp) && empty($usert))
 		{
@@ -529,8 +532,8 @@ class Task extends CommonObject
 			return -1;
 		}
 
-		/* Liste des taches et role sur la tache du user courant dans $tasksrole */
-		$sql = "SELECT ec.element_id, ctc.code";
+		/* Liste des taches et role sur les projets ou taches */
+		$sql = "SELECT pt.rowid as pid, ec.element_id, ctc.code";
 		if ($userp) $sql.= " FROM ".MAIN_DB_PREFIX."projet as pt";
 		if ($usert) $sql.= " FROM ".MAIN_DB_PREFIX."projet_task as pt";
 		$sql.= ", ".MAIN_DB_PREFIX."element_contact as ec";
@@ -544,8 +547,8 @@ class Task extends CommonObject
 		$sql.= " AND ec.statut = 4";
 		if ($projectid)
 		{
-			if ($userp || $usert) $sql.= " AND pt.fk_projet = ".$projectid;
-			//if ($usert) $sql.= " AND pt.rowid = ".$taskid;
+			if ($userp) $sql.= " AND pt.rowid = ".$projectid;
+			//if ($usert) $sql.= " AND pt.fk_projet = ".$projectid;
 		}
 		if ($taskid)
 		{
@@ -553,7 +556,8 @@ class Task extends CommonObject
 			if ($usert) $sql.= " AND pt.rowid = ".$taskid;
 		}
 
-		dol_syslog("Task::getTasksForProjectOwnedByAUser sql=".$sql);
+		//print $sql;
+		dol_syslog("Task::getUserRolesForProjectsOrTasks sql=".$sql);
 		$resql = $this->db->query($sql);
 		if ($resql)
 		{
@@ -561,9 +565,9 @@ class Task extends CommonObject
 			$i = 0;
 			while ($i < $num)
 			{
-				$row = $this->db->fetch_row($resql);
-				if (empty($tasksrole[$row[0]])) $tasksrole[$row[0]] = $row[1];
-				else $tasksrole[$row[0]].=','.$row[1];
+				$obj = $this->db->fetch_object($resql);
+				if (empty($projectsrole[$obj->pid])) $projectsrole[$obj->pid] = $obj->code;
+				else $projectsrole[$obj->pid].=','.$obj->code;
 				$i++;
 			}
 			$this->db->free($resql);
@@ -573,7 +577,7 @@ class Task extends CommonObject
 			dol_print_error($this->db);
 		}
 
-		return $tasksrole;
+		return $projectsrole;
 	}
 
 	/**