class.group.php

<?php
/*********************************************************************
    class.group.php

    User Group - Everything about a group!

    Peter Rotich <peter@osticket.com>
    Copyright (c)  2006-2013 osTicket
    http://www.osticket.com

    Released under the GNU General Public License WITHOUT ANY WARRANTY.
    See LICENSE.TXT for details.

    vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/

class Group {

    var $id;
    var $ht;

    var $members;
    var $departments;

    function Group($id){

        $this->id=0;
        return $this->load($id);
    }

    function load($id=0) {

        if(!$id && !($id=$this->getId()))
            return false;

        $sql='SELECT grp.*,grp.group_name as name, grp.group_enabled as isactive, count(staff.staff_id) as users '
            .'FROM '.GROUP_TABLE.' grp '
            .'LEFT JOIN '.STAFF_TABLE.' staff USING(group_id) '
            .'WHERE grp.group_id='.db_input($id).' GROUP BY grp.group_id ';
        if(!($res=db_query($sql)) || !db_num_rows($res))
            return false;

        $this->ht=db_fetch_array($res);
        $this->id=$this->ht['group_id'];
        $this->members=array();
        $this->departments = array();

        return $this->id;
    }

    function reload(){
        return $this->load();
    }

    function getHashtable() {
        return $this->ht;
    }

    function getInfo(){
        return  $this->getHashtable();
    }

    function getId(){
        return $this->id;
    }

    function getName(){
        return $this->ht['name'];
    }

    function getNumUsers(){
        return $this->ht['users'];
    }


    function isEnabled(){
        return ($this->ht['isactive']);
    }

    function isActive(){
        return $this->isEnabled();
    }
 
    //Get members of the group.
    function getMembers() {

        if(!$this->members && $this->getNumUsers()) {
            $sql='SELECT staff_id FROM '.STAFF_TABLE
                .' WHERE group_id='.db_input($this->getId())
                .' ORDER BY lastname, firstname';
            if(($res=db_query($sql)) && db_num_rows($res)) {
                while(list($id)=db_fetch_row($res))
                    if(($staff=Staff::lookup($id)))
                        $this->members[]= $staff;
            }
        }

        return $this->members;
    }

    //Get departments the group is allowed to access.
    function getDepartments() {

        if(!$this->departments) {
            $sql='SELECT dept_id FROM '.GROUP_DEPT_TABLE
                .' WHERE group_id='.db_input($this->getId());
            if(($res=db_query($sql)) && db_num_rows($res)) {
                while(list($id)=db_fetch_row($res))
                    $this->departments[]= $id;
            }
        }

        return $this->departments;
    }

        
    function updateDeptAccess($depts) {


        if($depts && is_array($depts)) {
            foreach($depts as $k=>$id) {
                $sql='INSERT IGNORE INTO '.GROUP_DEPT_TABLE
                    .' SET group_id='.db_input($this->getId())
                    .', dept_id='.db_input($id);
                db_query($sql);
            }
        }

        $sql='DELETE FROM '.GROUP_DEPT_TABLE.' WHERE group_id='.db_input($this->getId());
        if($depts && is_array($depts)) // just inserted departments IF any.
            $sql.=' AND dept_id NOT IN('.implode(',', db_input($depts)).')';

        db_query($sql);

        return true;
    }

    function update($vars,&$errors) {

        if(!Group::save($this->getId(),$vars,$errors))
            return false;

        $this->updateDeptAccess($vars['depts']);
        $this->reload();
        
        return true;
    }

    function delete() {

        //Can't delete with members
        if($this->getNumUsers())
            return false;

        $res = db_query('DELETE FROM '.GROUP_TABLE.' WHERE group_id='.db_input($this->getId()).' LIMIT 1');
        if(!$res || !db_affected_rows($res))
            return false;

        //Remove dept access entry.
        db_query('DELETE FROM '.GROUP_DEPT_TABLE.' WHERE group_id='.db_input($this->getId()));

        return true;
    }

    /*** Static functions ***/
    function getIdByName($name){
        $sql='SELECT group_id FROM '.GROUP_TABLE.' WHERE group_name='.db_input(trim($name));
        if(($res=db_query($sql)) && db_num_rows($res))
            list($id)=db_fetch_row($res);

        return $id;
    }

    function lookup($id){
        return ($id && is_numeric($id) && ($g= new Group($id)) && $g->getId()==$id)?$g:null;
    }

    function create($vars, &$errors) { 
        if(($id=self::save(0,$vars,$errors)) && ($group=self::lookup($id)))
            $group->updateDeptAccess($vars['depts']);

        return $id;
    }

    function save($id,$vars,&$errors) {

        if($id && $vars['id']!=$id)
            $errors['err']='Missing or invalid group ID';
            
        if(!$vars['name']) {
            $errors['name']='Group name required';
        }elseif(strlen($vars['name'])<3) {
            $errors['name']='Group name must be at least 3 chars.';
        }elseif(($gid=Group::getIdByName($vars['name'])) && $gid!=$id){
            $errors['name']='Group name already exists';
        }
        
        if($errors) return false;
            
        $sql=' SET updated=NOW() '
            .', group_name='.db_input(Format::striptags($vars['name']))
            .', group_enabled='.db_input($vars['isactive'])
            .', can_create_tickets='.db_input($vars['can_create_tickets'])
            .', can_delete_tickets='.db_input($vars['can_delete_tickets'])
            .', can_edit_tickets='.db_input($vars['can_edit_tickets'])
            .', can_assign_tickets='.db_input($vars['can_assign_tickets'])
            .', can_transfer_tickets='.db_input($vars['can_transfer_tickets'])
            .', can_close_tickets='.db_input($vars['can_close_tickets'])
            .', can_ban_emails='.db_input($vars['can_ban_emails'])
            .', can_manage_premade='.db_input($vars['can_manage_premade'])
            .', can_manage_faq='.db_input($vars['can_manage_faq'])
            .', can_post_ticket_reply='.db_input($vars['can_post_ticket_reply'])
            .', can_view_staff_stats='.db_input($vars['can_view_staff_stats'])
            .', notes='.db_input(Format::sanitize($vars['notes']));

        if($id) {
            
            $sql='UPDATE '.GROUP_TABLE.' '.$sql.' WHERE group_id='.db_input($id);
            if(($res=db_query($sql)))
                return true;

            $errors['err']='Unable to update group. Internal error occurred.';
            
        }else{
            $sql='INSERT INTO '.GROUP_TABLE.' '.$sql.',created=NOW()';
            if(($res=db_query($sql)) && ($id=db_insert_id()))
                return $id;
                
            $errors['err']='Unable to create the group. Internal error';
        }
        
        return false;
    }
}
?>