| [ Index ] |
PHP Cross Reference of vtigercrm-6.1.0 |
[Summary view] [Print] [Text view]
1 <?php 2 /*+*********************************************************************************** 3 * The contents of this file are subject to the vtiger CRM Public License Version 1.0 4 * ("License"); You may not use this file except in compliance with the License 5 * The Original Code is: vtiger CRM Open Source 6 * The Initial Developer of the Original Code is vtiger. 7 * Portions created by vtiger are Copyright (C) vtiger. 8 * All Rights Reserved. 9 *************************************************************************************/ 10 11 class VtigerCRMObjectMeta extends EntityMeta { 12 13 private $tabId; 14 15 private $meta; 16 private $assign; 17 private $hasAccess; 18 private $hasReadAccess; 19 private $hasWriteAccess; 20 private $hasDeleteAccess; 21 private $assignUsers; 22 23 function VtigerCRMObjectMeta($webserviceObject,$user){ 24 25 parent::__construct($webserviceObject,$user); 26 27 $this->columnTableMapping = null; 28 $this->fieldColumnMapping = null; 29 $this->userAccessibleColumns = null; 30 $this->mandatoryFields = null; 31 $this->emailFields = null; 32 $this->referenceFieldDetails = null; 33 $this->ownerFields = null; 34 $this->moduleFields = array(); 35 $this->hasAccess = false; 36 $this->hasReadAccess = false; 37 $this->hasWriteAccess = false; 38 $this->hasDeleteAccess = false; 39 $instance = vtws_getModuleInstance($this->webserviceObject); 40 $this->idColumn = $instance->tab_name_index[$instance->table_name]; 41 $this->baseTable = $instance->table_name; 42 $this->tableList = $instance->tab_name; 43 $this->tableIndexList = $instance->tab_name_index; 44 if(in_array('vtiger_crmentity',$instance->tab_name)){ 45 $this->defaultTableList = array('vtiger_crmentity'); 46 }else{ 47 $this->defaultTableList = array(); 48 } 49 $this->tabId = null; 50 } 51 52 /** 53 * returns tabid of the current object. 54 * @return Integer 55 */ 56 public function getTabId(){ 57 if($this->tabId == null){ 58 $this->tabId = getTabid($this->objectName); 59 } 60 return $this->tabId; 61 } 62 63 /** 64 * returns tabid that can be consumed for database lookup purpose generally, events and 65 * calendar are treated as the same module 66 * @return Integer 67 */ 68 public function getEffectiveTabId() { 69 return getTabid($this->getTabName()); 70 } 71 72 public function getTabName(){ 73 if($this->objectName == 'Events'){ 74 return 'Calendar'; 75 } 76 return $this->objectName; 77 } 78 79 private function computeAccess(){ 80 81 global $adb; 82 83 $active = vtlib_isModuleActive($this->getTabName()); 84 if($active == false){ 85 $this->hasAccess = false; 86 $this->hasReadAccess = false; 87 $this->hasWriteAccess = false; 88 $this->hasDeleteAccess = false; 89 return; 90 } 91 92 require('user_privileges/user_privileges_'.$this->user->id.'.php'); 93 if($is_admin == true || $profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] == 0){ 94 $this->hasAccess = true; 95 $this->hasReadAccess = true; 96 $this->hasWriteAccess = true; 97 $this->hasDeleteAccess = true; 98 }else{ 99 100 //TODO get oer sort out the preference among profile2tab and profile2globalpermissions. 101 //TODO check whether create/edit seperate controls required for web sevices? 102 $profileList = getCurrentUserProfileList(); 103 104 $sql = "select * from vtiger_profile2globalpermissions where profileid in (".generateQuestionMarks($profileList).");"; 105 $result = $adb->pquery($sql,array($profileList)); 106 107 $noofrows = $adb->num_rows($result); 108 //globalactionid=1 is view all action. 109 //globalactionid=2 is edit all action. 110 for($i=0; $i<$noofrows; $i++){ 111 $permission = $adb->query_result($result,$i,"globalactionpermission"); 112 $globalactionid = $adb->query_result($result,$i,"globalactionid"); 113 if($permission != 1 || $permission != "1"){ 114 $this->hasAccess = true; 115 if($globalactionid == 2 || $globalactionid == "2"){ 116 $this->hasWriteAccess = true; 117 $this->hasDeleteAccess = true; 118 }else{ 119 $this->hasReadAccess = true; 120 } 121 } 122 } 123 124 $sql = 'select * from vtiger_profile2tab where profileid in ('.generateQuestionMarks($profileList).') and tabid = ?;'; 125 $result = $adb->pquery($sql,array($profileList,$this->getTabId())); 126 $standardDefined = false; 127 $permission = $adb->query_result($result,1,"permissions"); 128 if($permission == 1 || $permission == "1"){ 129 $this->hasAccess = false; 130 return; 131 }else{ 132 $this->hasAccess = true; 133 } 134 135 //operation=2 is delete operation. 136 //operation=0 or 1 is create/edit operation. precise 0 create and 1 edit. 137 //operation=3 index or popup. //ignored for websevices. 138 //operation=4 is view operation. 139 $sql = "select * from vtiger_profile2standardpermissions where profileid in (".generateQuestionMarks($profileList).") and tabid=?"; 140 $result = $adb->pquery($sql,array($profileList,$this->getTabId())); 141 142 $noofrows = $adb->num_rows($result); 143 for($i=0; $i<$noofrows; $i++){ 144 $standardDefined = true; 145 $permission = $adb->query_result($result,$i,"permissions"); 146 $operation = $adb->query_result($result,$i,"Operation"); 147 if(!$operation){ 148 $operation = $adb->query_result($result,$i,"operation"); 149 } 150 151 if($permission != 1 || $permission != "1"){ 152 $this->hasAccess = true; 153 if($operation == 0 || $operation == "0"){ 154 $this->hasWriteAccess = true; 155 }else if($operation == 1 || $operation == "1"){ 156 $this->hasWriteAccess = true; 157 }else if($operation == 2 || $operation == "2"){ 158 $this->hasDeleteAccess = true; 159 }else if($operation == 4 || $operation == "4"){ 160 $this->hasReadAccess = true; 161 } 162 } 163 } 164 if(!$standardDefined){ 165 $this->hasReadAccess = true; 166 $this->hasWriteAccess = true; 167 $this->hasDeleteAccess = true; 168 } 169 170 } 171 } 172 173 function hasAccess(){ 174 if(!$this->meta){ 175 $this->retrieveMeta(); 176 } 177 return $this->hasAccess; 178 } 179 180 function hasWriteAccess(){ 181 if(!$this->meta){ 182 $this->retrieveMeta(); 183 } 184 return $this->hasWriteAccess; 185 } 186 187 function hasReadAccess(){ 188 if(!$this->meta){ 189 $this->retrieveMeta(); 190 } 191 return $this->hasReadAccess; 192 } 193 194 function hasDeleteAccess(){ 195 if(!$this->meta){ 196 $this->retrieveMeta(); 197 } 198 return $this->hasDeleteAccess; 199 } 200 201 function hasPermission($operation,$webserviceId){ 202 203 $idComponents = vtws_getIdComponents($webserviceId); 204 $id=$idComponents[1]; 205 206 $permitted = isPermitted($this->getTabName(),$operation,$id); 207 if(strcmp($permitted,"yes")===0){ 208 return true; 209 } 210 return false; 211 } 212 213 function hasAssignPrivilege($webserviceId){ 214 global $adb; 215 216 // administrator's have assign privilege 217 if(is_admin($this->user)) return true; 218 219 $idComponents = vtws_getIdComponents($webserviceId); 220 $userId=$idComponents[1]; 221 $ownerTypeId = $idComponents[0]; 222 223 if($userId == null || $userId =='' || $ownerTypeId == null || $ownerTypeId ==''){ 224 return false; 225 } 226 $webserviceObject = VtigerWebserviceObject::fromId($adb,$ownerTypeId); 227 if(strcasecmp($webserviceObject->getEntityName(),"Users")===0){ 228 if($userId == $this->user->id){ 229 return true; 230 } 231 if(!$this->assign){ 232 $this->retrieveUserHierarchy(); 233 } 234 if(in_array($userId,array_keys($this->assignUsers))){ 235 return true; 236 }else{ 237 return false; 238 } 239 }elseif(strcasecmp($webserviceObject->getEntityName(),"Groups") === 0){ 240 $tabId = $this->getTabId(); 241 $groups = vtws_getUserAccessibleGroups($tabId, $this->user); 242 foreach ($groups as $group) { 243 if($group['id'] == $userId){ 244 return true; 245 } 246 } 247 return false; 248 } 249 250 } 251 252 function getUserAccessibleColumns(){ 253 254 if(!$this->meta){ 255 $this->retrieveMeta(); 256 } 257 return parent::getUserAccessibleColumns(); 258 } 259 260 public function getModuleFields() { 261 if(!$this->meta){ 262 $this->retrieveMeta(); 263 } 264 return parent::getModuleFields(); 265 } 266 267 function getColumnTableMapping(){ 268 if(!$this->meta){ 269 $this->retrieveMeta(); 270 } 271 return parent::getColumnTableMapping(); 272 } 273 274 function getFieldColumnMapping(){ 275 276 if(!$this->meta){ 277 $this->retrieveMeta(); 278 } 279 if($this->fieldColumnMapping === null){ 280 $this->fieldColumnMapping = array(); 281 foreach ($this->moduleFields as $fieldName=>$webserviceField) { 282 if(strcasecmp($webserviceField->getFieldDataType(),'file') !== 0){ 283 $this->fieldColumnMapping[$fieldName] = $webserviceField->getColumnName(); 284 } 285 } 286 $this->fieldColumnMapping['id'] = $this->idColumn; 287 } 288 return $this->fieldColumnMapping; 289 } 290 291 function getMandatoryFields(){ 292 if(!$this->meta){ 293 $this->retrieveMeta(); 294 } 295 return parent::getMandatoryFields(); 296 } 297 298 function getReferenceFieldDetails(){ 299 if(!$this->meta){ 300 $this->retrieveMeta(); 301 } 302 return parent::getReferenceFieldDetails(); 303 } 304 305 function getOwnerFields(){ 306 if(!$this->meta){ 307 $this->retrieveMeta(); 308 } 309 return parent::getOwnerFields(); 310 } 311 312 function getEntityName(){ 313 return $this->objectName; 314 } 315 316 function getEntityId(){ 317 return $this->objectId; 318 } 319 320 function getEmailFields(){ 321 if(!$this->meta){ 322 $this->retrieveMeta(); 323 } 324 return parent::getEmailFields(); 325 } 326 327 function getFieldIdFromFieldName($fieldName){ 328 if(!$this->meta){ 329 $this->retrieveMeta(); 330 } 331 332 if(isset($this->moduleFields[$fieldName])){ 333 $webserviceField = $this->moduleFields[$fieldName]; 334 return $webserviceField->getFieldId(); 335 } 336 return null; 337 } 338 339 function retrieveMeta(){ 340 341 require_once ('modules/CustomView/CustomView.php'); 342 $current_user = vtws_preserveGlobal('current_user',$this->user); 343 $theme = vtws_preserveGlobal('theme',$this->user->theme); 344 $default_language = VTWS_PreserveGlobal::getGlobal('default_language'); 345 global $current_language; 346 if(empty($current_language)) $current_language = $default_language; 347 $current_language = vtws_preserveGlobal('current_language',$current_language); 348 349 $this->computeAccess(); 350 351 $cv = new CustomView(); 352 $module_info = $cv->getCustomViewModuleInfo($this->getTabName()); 353 $blockArray = array(); 354 foreach($cv->module_list[$this->getTabName()] as $label=>$blockList){ 355 $blockArray = array_merge($blockArray,explode(',',$blockList)); 356 } 357 $this->retrieveMetaForBlock($blockArray); 358 359 $this->meta = true; 360 VTWS_PreserveGlobal::flush(); 361 } 362 363 private function retrieveUserHierarchy(){ 364 365 $heirarchyUsers = get_user_array(false,"ACTIVE",$this->user->id); 366 $groupUsers = vtws_getUsersInTheSameGroup($this->user->id); 367 $this->assignUsers = $heirarchyUsers+$groupUsers; 368 $this->assign = true; 369 } 370 371 private function retrieveMetaForBlock($block){ 372 373 global $adb; 374 375 $tabid = $this->getTabId(); 376 require('user_privileges/user_privileges_'.$this->user->id.'.php'); 377 if($is_admin == true || $profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] ==0){ 378 $sql = "select *, '0' as readonly from vtiger_field where tabid =? and block in (".generateQuestionMarks($block).") and displaytype in (1,2,3,4,5)"; 379 $params = array($tabid, $block); 380 }else{ 381 $profileList = getCurrentUserProfileList(); 382 383 if (count($profileList) > 0) { 384 $sql = "SELECT vtiger_field.*, vtiger_profile2field.readonly 385 FROM vtiger_field 386 INNER JOIN vtiger_profile2field 387 ON vtiger_profile2field.fieldid = vtiger_field.fieldid 388 INNER JOIN vtiger_def_org_field 389 ON vtiger_def_org_field.fieldid = vtiger_field.fieldid 390 WHERE vtiger_field.tabid =? AND vtiger_profile2field.visible = 0 391 AND vtiger_profile2field.profileid IN (". generateQuestionMarks($profileList) .") 392 AND vtiger_def_org_field.visible = 0 and vtiger_field.block in (".generateQuestionMarks($block).") and vtiger_field.displaytype in (1,2,3,4,5) and vtiger_field.presence in (0,2) group by columnname"; 393 $params = array($tabid, $profileList, $block); 394 } else { 395 $sql = "SELECT vtiger_field.*, vtiger_profile2field.readonly 396 FROM vtiger_field 397 INNER JOIN vtiger_profile2field 398 ON vtiger_profile2field.fieldid = vtiger_field.fieldid 399 INNER JOIN vtiger_def_org_field 400 ON vtiger_def_org_field.fieldid = vtiger_field.fieldid 401 WHERE vtiger_field.tabid=? 402 AND vtiger_profile2field.visible = 0 403 AND vtiger_def_org_field.visible = 0 and vtiger_field.block in (".generateQuestionMarks($block).") and vtiger_field.displaytype in (1,2,3,4,5) and vtiger_field.presence in (0,2) group by columnname"; 404 $params = array($tabid, $block); 405 } 406 } 407 408 // Bulk Save Mode: Group by is not required!? 409 if(CRMEntity::isBulkSaveMode()) { 410 $sql = preg_replace("/group by [^ ]*/", " ", $sql); 411 } 412 // END 413 414 $result = $adb->pquery($sql,$params); 415 416 $noofrows = $adb->num_rows($result); 417 $referenceArray = array(); 418 $knownFieldArray = array(); 419 for($i=0; $i<$noofrows; $i++){ 420 $webserviceField = WebserviceField::fromQueryResult($adb,$result,$i); 421 $this->moduleFields[$webserviceField->getFieldName()] = $webserviceField; 422 } 423 } 424 425 function getObjectEntityName($webserviceId){ 426 global $adb; 427 428 $idComponents = vtws_getIdComponents($webserviceId); 429 $id=$idComponents[1]; 430 431 $seType = null; 432 if($this->objectName == 'Users'){ 433 $sql = "select user_name from vtiger_users where id=? and deleted=0"; 434 $result = $adb->pquery($sql , array($id)); 435 if($result != null && isset($result)){ 436 if($adb->num_rows($result)>0){ 437 $seType = 'Users'; 438 } 439 } 440 }else{ 441 $sql = "select setype from vtiger_crmentity where crmid=? and deleted=0"; 442 $result = $adb->pquery($sql , array($id)); 443 if($result != null && isset($result)){ 444 if($adb->num_rows($result)>0){ 445 $seType = $adb->query_result($result,0,"setype"); 446 if($seType == "Calendar"){ 447 $seType = vtws_getCalendarEntityType($id); 448 } 449 } 450 } 451 } 452 453 return $seType; 454 } 455 456 function exists($recordId){ 457 global $adb; 458 459 // Caching user existence value for optimizing repeated reads. 460 // 461 // NOTE: We are not caching the record existence 462 // to ensure only latest state from DB is sent. 463 static $user_exists_cache = array(); 464 465 $exists = false; 466 $sql = ''; 467 if($this->objectName == 'Users'){ 468 if (array_key_exists($recordId, $user_exists_cache)) { 469 $exists = true; 470 } else { 471 $sql = "select 1 from vtiger_users where id=? and deleted=0 and status='Active'"; 472 } 473 474 }else{ 475 $sql = "select 1 from vtiger_crmentity where crmid=? and deleted=0 and setype='". 476 $this->getTabName()."'"; 477 } 478 479 if ($sql) { 480 $result = $adb->pquery($sql , array($recordId)); 481 if($result != null && isset($result)){ 482 if($adb->num_rows($result)>0){ 483 $exists = true; 484 } 485 } 486 // Cache the value for further lookup. 487 if ($this->objectName == 'Users') { 488 $user_exists_cache[$recordId] = $exists; 489 } 490 } 491 492 return $exists; 493 } 494 495 public function getNameFields(){ 496 global $adb; 497 498 $data = getEntityFieldNames(getTabModuleName($this->getEffectiveTabId())); 499 $fieldNames = ''; 500 if ($data) { 501 $fieldNames = $data['fieldname']; 502 if (is_array($fieldNames)) { 503 $fieldNames = implode(',', $fieldNames); 504 } 505 } 506 return $fieldNames; 507 } 508 509 public function getName($webserviceId){ 510 511 $idComponents = vtws_getIdComponents($webserviceId); 512 $id=$idComponents[1]; 513 514 $nameList = getEntityName($this->getTabName(),array($id)); 515 return $nameList[$id]; 516 } 517 518 public function getEntityAccessControlQuery(){ 519 $accessControlQuery = ''; 520 $instance = vtws_getModuleInstance($this->webserviceObject); 521 if($this->getTabName() != 'Users') { 522 $accessControlQuery = $instance->getNonAdminAccessControlQuery($this->getTabName(), 523 $this->user); 524 } 525 return $accessControlQuery; 526 } 527 528 public function getJoinClause($tableName) { 529 $instance = vtws_getModuleInstance($this->webserviceObject); 530 return $instance->getJoinClause($tableName); 531 } 532 533 public function isModuleEntity() { 534 return true; 535 } 536 537 } 538 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Nov 28 20:08:37 2014 | Cross-referenced by PHPXref 0.7.1 |