| [ Index ] |
PHP Cross Reference of vtigercrm-6.1.0 |
[Summary view] [Print] [Text view]
1 <?php 2 /********************************************************************************* 3 ** The contents of this file are subject to the vtiger CRM Public License Version 1.0 4 * ("License"); You may not use this file except in compliance with the License 5 * The Original Code is: vtiger CRM Open Source 6 * The Initial Developer of the Original Code is vtiger. 7 * Portions created by vtiger are Copyright (C) vtiger. 8 * All Rights Reserved. 9 * 10 ********************************************************************************/ 11 12 require_once ('include/database/PearDatabase.php'); 13 require_once ('include/database/Postgres8.php'); 14 require_once ('include/utils/utils.php'); 15 require_once ('include/utils/GetUserGroups.php'); 16 include_once ('config.php'); 17 require_once ("include/events/include.inc"); 18 require_once 'includes/runtime/Cache.php'; 19 global $log; 20 21 /** To retreive the mail server info resultset for the specified user 22 * @param $user -- The user object:: Type Object 23 * @returns the mail server info resultset 24 */ 25 function getMailServerInfo($user) 26 { 27 global $log; 28 $log->debug("Entering getMailServerInfo(".$user->user_name.") method ..."); 29 global $adb; 30 $sql = "select * from vtiger_mail_accounts where status=1 and user_id=?"; 31 $result = $adb->pquery($sql, array($user->id)); 32 $log->debug("Exiting getMailServerInfo method ..."); 33 return $result; 34 } 35 36 /** To get the Role of the specified user 37 * @param $userid -- The user Id:: Type integer 38 * @returns vtiger_roleid :: Type String 39 */ 40 function fetchUserRole($userid) 41 { 42 global $log; 43 $log->debug("Entering fetchUserRole(".$userid.") method ..."); 44 global $adb; 45 $sql = "select roleid from vtiger_user2role where userid=?"; 46 $result = $adb->pquery($sql, array($userid)); 47 $roleid= $adb->query_result($result,0,"roleid"); 48 $log->debug("Exiting fetchUserRole method ..."); 49 return $roleid; 50 } 51 52 /** Function to get the lists of groupids releated with an user 53 * This function accepts the user id as arguments and 54 * returns the groupids related with the user id 55 * as a comma seperated string 56 */ 57 function fetchUserGroupids($userid) 58 { 59 global $log; 60 $log->debug("Entering fetchUserGroupids(".$userid.") method ..."); 61 global $adb; 62 $focus = new GetUserGroups(); 63 $focus->getAllUserGroups($userid); 64 //Asha: Remove implode if not required and if so, also remove explode functions used at the recieving end of this function 65 $groupidlists = implode(",",$focus->user_groups); 66 $log->debug("Exiting fetchUserGroupids method ..."); 67 return $groupidlists; 68 69 } 70 71 /** Function to get all the vtiger_tab utility action permission for the specified vtiger_profile 72 * @param $profileid -- Profile Id:: Type integer 73 * @returns Tab Utility Action Permission Array in the following format: 74 * $tabPermission = Array($tabid1=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission), 75 * $tabid2=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission), 76 * | 77 * $tabidn=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission)) 78 * 79 */ 80 81 function getTabsUtilityActionPermission($profileid) 82 { 83 global $log; 84 $log->debug("Entering getTabsUtilityActionPermission(".$profileid.") method ..."); 85 86 global $adb; 87 $check = Array(); 88 $temp_tabid = Array(); 89 $sql1 = "select * from vtiger_profile2utility where profileid=? order by(tabid)"; 90 $result1 = $adb->pquery($sql1, array($profileid)); 91 $num_rows1 = $adb->num_rows($result1); 92 for($i=0; $i<$num_rows1; $i++) 93 { 94 $tab_id = $adb->query_result($result1,$i,'tabid'); 95 if(! in_array($tab_id,$temp_tabid)) 96 { 97 $temp_tabid[] = $tab_id; 98 $access = Array(); 99 } 100 101 $action_id = $adb->query_result($result1,$i,'activityid'); 102 $per_id = $adb->query_result($result1,$i,'permission'); 103 $access[$action_id] = $per_id; 104 $check[$tab_id] = $access; 105 106 107 } 108 109 $log->debug("Exiting getTabsUtilityActionPermission method ..."); 110 return $check; 111 112 } 113 /**This Function returns the Default Organisation Sharing Action Array for all modules whose sharing actions are editable 114 * The result array will be in the following format: 115 * Arr=(tabid1=>Sharing Action Id, 116 * tabid2=>SharingAction Id, 117 * | 118 * | 119 * | 120 * tabid3=>SharingAcion Id) 121 */ 122 123 function getDefaultSharingEditAction() 124 { 125 global $log; 126 $log->debug("Entering getDefaultSharingEditAction() method ..."); 127 global $adb; 128 //retreiving the standard permissions 129 $sql= "select * from vtiger_def_org_share where editstatus=0"; 130 $result = $adb->pquery($sql, array()); 131 $permissionRow=$adb->fetch_array($result); 132 do 133 { 134 for($j=0;$j<count($permissionRow);$j++) 135 { 136 $copy[$permissionRow[1]]=$permissionRow[2]; 137 } 138 139 }while($permissionRow=$adb->fetch_array($result)); 140 141 $log->debug("Exiting getDefaultSharingEditAction method ..."); 142 return $copy; 143 144 } 145 /**This Function returns the Default Organisation Sharing Action Array for modules with edit status in (0,1) 146 * The result array will be in the following format: 147 * Arr=(tabid1=>Sharing Action Id, 148 * tabid2=>SharingAction Id, 149 * | 150 * | 151 * | 152 * tabid3=>SharingAcion Id) 153 */ 154 function getDefaultSharingAction() 155 { 156 global $log; 157 $log->debug("Entering getDefaultSharingAction() method ..."); 158 global $adb; 159 //retreivin the standard permissions 160 $sql= "select * from vtiger_def_org_share where editstatus in(0,1)"; 161 $result = $adb->pquery($sql, array()); 162 $permissionRow=$adb->fetch_array($result); 163 do 164 { 165 for($j=0;$j<count($permissionRow);$j++) 166 { 167 $copy[$permissionRow[1]]=$permissionRow[2]; 168 } 169 170 }while($permissionRow=$adb->fetch_array($result)); 171 $log->debug("Exiting getDefaultSharingAction method ..."); 172 return $copy; 173 174 } 175 176 177 /**This Function returns the Default Organisation Sharing Action Array for all modules 178 * The result array will be in the following format: 179 * Arr=(tabid1=>Sharing Action Id, 180 * tabid2=>SharingAction Id, 181 * | 182 * | 183 * | 184 * tabid3=>SharingAcion Id) 185 */ 186 function getAllDefaultSharingAction() 187 { 188 global $log; 189 $log->debug("Entering getAllDefaultSharingAction() method ..."); 190 global $adb; 191 $copy=Array(); 192 //retreiving the standard permissions 193 $sql= "select * from vtiger_def_org_share"; 194 $result = $adb->pquery($sql, array()); 195 $num_rows=$adb->num_rows($result); 196 197 for($i=0;$i<$num_rows;$i++) 198 { 199 $tabid=$adb->query_result($result,$i,'tabid'); 200 $permission=$adb->query_result($result,$i,'permission'); 201 $copy[$tabid]=$permission; 202 203 } 204 205 $log->debug("Exiting getAllDefaultSharingAction method ..."); 206 return $copy; 207 208 } 209 210 /** Function to update user to vtiger_role mapping based on the userid 211 * @param $roleid -- Role Id:: Type varchar 212 * @param $userid User Id:: Type integer 213 * 214 */ 215 function updateUser2RoleMapping($roleid,$userid) 216 { 217 global $log; 218 $log->debug("Entering updateUser2RoleMapping(".$roleid.",".$userid.") method ..."); 219 global $adb; 220 //Check if row already exists 221 $sqlcheck = "select * from vtiger_user2role where userid=?"; 222 $resultcheck = $adb->pquery($sqlcheck, array($userid)); 223 if($adb->num_rows($resultcheck) == 1) 224 { 225 $sqldelete = "delete from vtiger_user2role where userid=?"; 226 $delparams = array($userid); 227 $result_delete = $adb->pquery($sqldelete, $delparams); 228 } 229 $sql = "insert into vtiger_user2role(userid,roleid) values(?,?)"; 230 $params = array($userid, $roleid); 231 $result = $adb->pquery($sql, $params); 232 $log->debug("Exiting updateUser2RoleMapping method ..."); 233 234 } 235 236 /** Function to get the vtiger_role name from the vtiger_roleid 237 * @param $roleid -- Role Id:: Type varchar 238 * @returns $rolename -- Role Name:: Type varchar 239 * 240 */ 241 function getRoleName($roleid) 242 { 243 global $log; 244 $log->debug("Entering getRoleName(".$roleid.") method ..."); 245 global $adb; 246 $sql1 = "select * from vtiger_role where roleid=?"; 247 $result = $adb->pquery($sql1, array($roleid)); 248 $rolename = $adb->query_result($result,0,"rolename"); 249 $log->debug("Exiting getRoleName method ..."); 250 return $rolename; 251 } 252 253 /** Function to check if the currently logged in user is permitted to perform the specified action 254 * @param $module -- Module Name:: Type varchar 255 * @param $actionname -- Action Name:: Type varchar 256 * @param $recordid -- Record Id:: Type integer 257 * @returns yes or no. If Yes means this action is allowed for the currently logged in user. If no means this action is not allowed for the currently logged in user 258 * 259 */ 260 function isPermitted($module,$actionname,$record_id='') 261 { 262 global $log; 263 $log->debug("Entering isPermitted(".$module.",".$actionname.",".$record_id.") method ..."); 264 265 global $adb; 266 global $current_user; 267 global $seclog; 268 require('user_privileges/user_privileges_'.$current_user->id.'.php'); 269 require('user_privileges/sharing_privileges_'.$current_user->id.'.php'); 270 $permission = "no"; 271 if(($module == 'Users' || $module == 'Home' || $module == 'uploads') && $_REQUEST['parenttab'] != 'Settings') 272 { 273 //These modules dont have security right now 274 $permission = "yes"; 275 $log->debug("Exiting isPermitted method ..."); 276 return $permission; 277 278 } 279 280 //Checking the Access for the Settings Module 281 if($module == 'Settings' || $module == 'Administration' || $module == 'System' || $_REQUEST['parenttab'] == 'Settings') 282 { 283 if(! $is_admin) 284 { 285 $permission = "no"; 286 } 287 else 288 { 289 $permission = "yes"; 290 } 291 $log->debug("Exiting isPermitted method ..."); 292 return $permission; 293 } 294 295 //Retreiving the Tabid and Action Id 296 $tabid = getTabid($module); 297 $actionid=getActionid($actionname); 298 $checkModule = $module; 299 300 if($checkModule == 'Events'){ 301 $checkModule = 'Calendar'; 302 } 303 304 if(vtlib_isModuleActive($checkModule)){ 305 306 //Checking whether the user is admin 307 if($is_admin) 308 { 309 $permission ="yes"; 310 $log->debug("Exiting isPermitted method ..."); 311 return $permission; 312 } 313 314 //If no actionid, then allow action is vtiger_tab permission is available 315 if($actionid === '') 316 { 317 if($profileTabsPermission[$tabid] ==0) 318 { 319 $permission = "yes"; 320 $log->debug("Exiting isPermitted method ..."); 321 } 322 else 323 { 324 $permission ="no"; 325 } 326 return $permission; 327 328 } 329 330 $action = getActionname($actionid); 331 //Checking for view all permission 332 if($profileGlobalPermission[1] ==0 || $profileGlobalPermission[2] ==0) 333 { 334 if($actionid == 3 || $actionid == 4) 335 { 336 $permission = "yes"; 337 $log->debug("Exiting isPermitted method ..."); 338 return $permission; 339 340 } 341 } 342 //Checking for edit all permission 343 if($profileGlobalPermission[2] ==0) 344 { 345 if($actionid == 3 || $actionid == 4 || $actionid ==0 || $actionid ==1) 346 { 347 $permission = "yes"; 348 $log->debug("Exiting isPermitted method ..."); 349 return $permission; 350 351 } 352 } 353 //Checking for vtiger_tab permission 354 if($profileTabsPermission[$tabid] !=0) 355 { 356 $permission = "no"; 357 $log->debug("Exiting isPermitted method ..."); 358 return $permission; 359 } 360 //Checking for Action Permission 361 if(strlen($profileActionPermission[$tabid][$actionid]) < 1 && $profileActionPermission[$tabid][$actionid] == '') 362 { 363 $permission = "yes"; 364 $log->debug("Exiting isPermitted method ..."); 365 return $permission; 366 } 367 368 if($profileActionPermission[$tabid][$actionid] != 0 && $profileActionPermission[$tabid][$actionid] != '') 369 { 370 $permission = "no"; 371 $log->debug("Exiting isPermitted method ..."); 372 return $permission; 373 374 } 375 //Checking and returning true if recorid is null 376 if($record_id == '') 377 { 378 $permission = "yes"; 379 $log->debug("Exiting isPermitted method ..."); 380 return $permission; 381 } 382 383 //If modules is Products,Vendors,Faq,PriceBook then no sharing 384 if($record_id != '') 385 { 386 if(getTabOwnedBy($module) == 1) 387 { 388 $permission = "yes"; 389 $log->debug("Exiting isPermitted method ..."); 390 return $permission; 391 } 392 } 393 394 //Retreiving the RecordOwnerId 395 $recOwnType=''; 396 $recOwnId=''; 397 $recordOwnerArr=getRecordOwnerId($record_id); 398 foreach($recordOwnerArr as $type=>$id) 399 { 400 $recOwnType=$type; 401 $recOwnId=$id; 402 } 403 //Retreiving the default Organisation sharing Access 404 $others_permission_id = $defaultOrgSharingPermission[$tabid]; 405 406 if($recOwnType == 'Users') 407 { 408 //Checking if the Record Owner is the current User 409 if($current_user->id == $recOwnId) 410 { 411 $permission = "yes"; 412 $log->debug("Exiting isPermitted method ..."); 413 return $permission; 414 } 415 //Checking if the Record Owner is the Subordinate User 416 foreach($subordinate_roles_users as $roleid=>$userids) 417 { 418 if(in_array($recOwnId,$userids)) 419 { 420 $permission='yes'; 421 if($module == 'Calendar') { 422 $permission = isCalendarPermittedBySharing($record_id); 423 } 424 $log->debug("Exiting isPermitted method ..."); 425 return $permission; 426 } 427 428 } 429 430 431 } 432 elseif($recOwnType == 'Groups') 433 { 434 //Checking if the record owner is the current user's group 435 if(in_array($recOwnId,$current_user_groups)) 436 { 437 $permission='yes'; 438 $log->debug("Exiting isPermitted method ..."); 439 return $permission; 440 } 441 } 442 443 //Checking for Default Org Sharing permission 444 if($others_permission_id == 0) 445 { 446 if($actionid == 1 || $actionid == 0) 447 { 448 449 if($module == 'Calendar') 450 { 451 if($recOwnType == 'Users') 452 { 453 $permission = isCalendarPermittedBySharing($record_id); 454 } 455 else 456 { 457 $permission='no'; 458 } 459 } 460 else 461 { 462 $permission = isReadWritePermittedBySharing($module,$tabid,$actionid,$record_id); 463 } 464 $log->debug("Exiting isPermitted method ..."); 465 return $permission; 466 } 467 elseif($actionid == 2) 468 { 469 $permission = "no"; 470 $log->debug("Exiting isPermitted method ..."); 471 return $permission; 472 } 473 else 474 { 475 $permission = "yes"; 476 $log->debug("Exiting isPermitted method ..."); 477 return $permission; 478 } 479 } 480 elseif($others_permission_id == 1) 481 { 482 if($actionid == 2) 483 { 484 $permission = "no"; 485 $log->debug("Exiting isPermitted method ..."); 486 return $permission; 487 } 488 else 489 { 490 $permission = "yes"; 491 $log->debug("Exiting isPermitted method ..."); 492 return $permission; 493 } 494 } 495 elseif($others_permission_id == 2) 496 { 497 $permission = "yes"; 498 $log->debug("Exiting isPermitted method ..."); 499 return $permission; 500 } 501 elseif($others_permission_id == 3) 502 { 503 504 if($actionid == 3 || $actionid == 4) 505 { 506 if($module == 'Calendar') 507 { 508 if($recOwnType == 'Users') 509 { 510 $permission = isCalendarPermittedBySharing($record_id); 511 } 512 else 513 { 514 $permission='no'; 515 } 516 } 517 else 518 { 519 $permission = isReadPermittedBySharing($module,$tabid,$actionid,$record_id); 520 } 521 $log->debug("Exiting isPermitted method ..."); 522 return $permission; 523 } 524 elseif($actionid ==0 || $actionid ==1) 525 { 526 if($module == 'Calendar') 527 { 528 $permission='no'; 529 } 530 else 531 { 532 $permission = isReadWritePermittedBySharing($module,$tabid,$actionid,$record_id); 533 } 534 $log->debug("Exiting isPermitted method ..."); 535 return $permission; 536 } 537 elseif($actionid ==2) 538 { 539 $permission ="no"; 540 return $permission; 541 } 542 else 543 { 544 $permission = "yes"; 545 $log->debug("Exiting isPermitted method ..."); 546 return $permission; 547 } 548 } 549 else 550 { 551 $permission = "yes"; 552 } 553 }else { 554 $permission = "no"; 555 } 556 557 $log->debug("Exiting isPermitted method ..."); 558 return $permission; 559 560 } 561 562 /** Function to check if the currently logged in user has Read Access due to Sharing for the specified record 563 * @param $module -- Module Name:: Type varchar 564 * @param $actionid -- Action Id:: Type integer 565 * @param $recordid -- Record Id:: Type integer 566 * @param $tabid -- Tab Id:: Type integer 567 * @returns yes or no. If Yes means this action is allowed for the currently logged in user. If no means this action is not allowed for the currently logged in user 568 */ 569 function isReadPermittedBySharing($module,$tabid,$actionid,$record_id) 570 { 571 global $log; 572 $log->debug("Entering isReadPermittedBySharing(".$module.",".$tabid.",".$actionid.",".$record_id.") method ..."); 573 global $adb; 574 global $current_user; 575 require('user_privileges/sharing_privileges_'.$current_user->id.'.php'); 576 $ownertype=''; 577 $ownerid=''; 578 $sharePer='no'; 579 580 $sharingModuleList=getSharingModuleList(); 581 if(! in_array($module,$sharingModuleList)) 582 { 583 $sharePer='no'; 584 return $sharePer; 585 } 586 587 $recordOwnerArr=getRecordOwnerId($record_id); 588 foreach($recordOwnerArr as $type=>$id) 589 { 590 $ownertype=$type; 591 $ownerid=$id; 592 } 593 594 $varname=$module."_share_read_permission"; 595 $read_per_arr=$$varname; 596 if($ownertype == 'Users') 597 { 598 //Checking the Read Sharing Permission Array in Role Users 599 $read_role_per=$read_per_arr['ROLE']; 600 foreach($read_role_per as $roleid=>$userids) 601 { 602 if(in_array($ownerid,$userids)) 603 { 604 $sharePer='yes'; 605 $log->debug("Exiting isReadPermittedBySharing method ..."); 606 return $sharePer; 607 } 608 609 } 610 611 //Checking the Read Sharing Permission Array in Groups Users 612 $read_grp_per=$read_per_arr['GROUP']; 613 foreach($read_grp_per as $grpid=>$userids) 614 { 615 if(in_array($ownerid,$userids)) 616 { 617 $sharePer='yes'; 618 $log->debug("Exiting isReadPermittedBySharing method ..."); 619 return $sharePer; 620 } 621 622 } 623 624 } 625 elseif($ownertype == 'Groups') 626 { 627 $read_grp_per=$read_per_arr['GROUP']; 628 if(array_key_exists($ownerid,$read_grp_per)) 629 { 630 $sharePer='yes'; 631 $log->debug("Exiting isReadPermittedBySharing method ..."); 632 return $sharePer; 633 } 634 } 635 636 //Checking for the Related Sharing Permission 637 $relatedModuleArray=$related_module_share[$tabid]; 638 if(is_array($relatedModuleArray)) 639 { 640 foreach($relatedModuleArray as $parModId) 641 { 642 $parRecordOwner=getParentRecordOwner($tabid,$parModId,$record_id); 643 if(sizeof($parRecordOwner) > 0) 644 { 645 $parModName=getTabname($parModId); 646 $rel_var=$parModName."_".$module."_share_read_permission"; 647 $read_related_per_arr=$$rel_var; 648 $rel_owner_type=''; 649 $rel_owner_id=''; 650 foreach($parRecordOwner as $rel_type=>$rel_id) 651 { 652 $rel_owner_type=$rel_type; 653 $rel_owner_id=$rel_id; 654 } 655 if($rel_owner_type=='Users') 656 { 657 //Checking in Role Users 658 $read_related_role_per=$read_related_per_arr['ROLE']; 659 foreach($read_related_role_per as $roleid=>$userids) 660 { 661 if(in_array($rel_owner_id,$userids)) 662 { 663 $sharePer='yes'; 664 $log->debug("Exiting isReadPermittedBySharing method ..."); 665 return $sharePer; 666 } 667 668 } 669 //Checking in Group Users 670 $read_related_grp_per=$read_related_per_arr['GROUP']; 671 foreach($read_related_grp_per as $grpid=>$userids) 672 { 673 if(in_array($rel_owner_id,$userids)) 674 { 675 $sharePer='yes'; 676 $log->debug("Exiting isReadPermittedBySharing method ..."); 677 return $sharePer; 678 } 679 680 } 681 682 } 683 elseif($rel_owner_type=='Groups') 684 { 685 $read_related_grp_per=$read_related_per_arr['GROUP']; 686 if(array_key_exists($rel_owner_id,$read_related_grp_per)) 687 { 688 $sharePer='yes'; 689 $log->debug("Exiting isReadPermittedBySharing method ..."); 690 return $sharePer; 691 } 692 693 } 694 } 695 } 696 } 697 $log->debug("Exiting isReadPermittedBySharing method ..."); 698 return $sharePer; 699 } 700 701 702 703 /** Function to check if the currently logged in user has Write Access due to Sharing for the specified record 704 * @param $module -- Module Name:: Type varchar 705 * @param $actionid -- Action Id:: Type integer 706 * @param $recordid -- Record Id:: Type integer 707 * @param $tabid -- Tab Id:: Type integer 708 * @returns yes or no. If Yes means this action is allowed for the currently logged in user. If no means this action is not allowed for the currently logged in user 709 */ 710 function isReadWritePermittedBySharing($module,$tabid,$actionid,$record_id) 711 { 712 global $log; 713 $log->debug("Entering isReadWritePermittedBySharing(".$module.",".$tabid.",".$actionid.",".$record_id.") method ..."); 714 global $adb; 715 global $current_user; 716 require('user_privileges/sharing_privileges_'.$current_user->id.'.php'); 717 $ownertype=''; 718 $ownerid=''; 719 $sharePer='no'; 720 721 $sharingModuleList=getSharingModuleList(); 722 if(! in_array($module,$sharingModuleList)) 723 { 724 $sharePer='no'; 725 return $sharePer; 726 } 727 728 $recordOwnerArr=getRecordOwnerId($record_id); 729 foreach($recordOwnerArr as $type=>$id) 730 { 731 $ownertype=$type; 732 $ownerid=$id; 733 } 734 735 $varname=$module."_share_write_permission"; 736 $write_per_arr=$$varname; 737 738 if($ownertype == 'Users') 739 { 740 //Checking the Write Sharing Permission Array in Role Users 741 $write_role_per=$write_per_arr['ROLE']; 742 foreach($write_role_per as $roleid=>$userids) 743 { 744 if(in_array($ownerid,$userids)) 745 { 746 $sharePer='yes'; 747 $log->debug("Exiting isReadWritePermittedBySharing method ..."); 748 return $sharePer; 749 } 750 751 } 752 //Checking the Write Sharing Permission Array in Groups Users 753 $write_grp_per=$write_per_arr['GROUP']; 754 foreach($write_grp_per as $grpid=>$userids) 755 { 756 if(in_array($ownerid,$userids)) 757 { 758 $sharePer='yes'; 759 $log->debug("Exiting isReadWritePermittedBySharing method ..."); 760 return $sharePer; 761 } 762 763 } 764 765 } 766 elseif($ownertype == 'Groups') 767 { 768 $write_grp_per=$write_per_arr['GROUP']; 769 if(array_key_exists($ownerid,$write_grp_per)) 770 { 771 $sharePer='yes'; 772 $log->debug("Exiting isReadWritePermittedBySharing method ..."); 773 return $sharePer; 774 } 775 } 776 //Checking for the Related Sharing Permission 777 $relatedModuleArray=$related_module_share[$tabid]; 778 if(is_array($relatedModuleArray)) 779 { 780 foreach($relatedModuleArray as $parModId) 781 { 782 $parRecordOwner=getParentRecordOwner($tabid,$parModId,$record_id); 783 if(sizeof($parRecordOwner) > 0) 784 { 785 $parModName=getTabname($parModId); 786 $rel_var=$parModName."_".$module."_share_write_permission"; 787 $write_related_per_arr=$$rel_var; 788 $rel_owner_type=''; 789 $rel_owner_id=''; 790 foreach($parRecordOwner as $rel_type=>$rel_id) 791 { 792 $rel_owner_type=$rel_type; 793 $rel_owner_id=$rel_id; 794 } 795 if($rel_owner_type=='Users') 796 { 797 //Checking in Role Users 798 $write_related_role_per=$write_related_per_arr['ROLE']; 799 foreach($write_related_role_per as $roleid=>$userids) 800 { 801 if(in_array($rel_owner_id,$userids)) 802 { 803 $sharePer='yes'; 804 $log->debug("Exiting isReadWritePermittedBySharing method ..."); 805 return $sharePer; 806 } 807 808 } 809 //Checking in Group Users 810 $write_related_grp_per=$write_related_per_arr['GROUP']; 811 foreach($write_related_grp_per as $grpid=>$userids) 812 { 813 if(in_array($rel_owner_id,$userids)) 814 { 815 $sharePer='yes'; 816 $log->debug("Exiting isReadWritePermittedBySharing method ..."); 817 return $sharePer; 818 } 819 820 } 821 822 } 823 elseif($rel_owner_type=='Groups') 824 { 825 $write_related_grp_per=$write_related_per_arr['GROUP']; 826 if(array_key_exists($rel_owner_id,$write_related_grp_per)) 827 { 828 $sharePer='yes'; 829 $log->debug("Exiting isReadWritePermittedBySharing method ..."); 830 return $sharePer; 831 } 832 833 } 834 } 835 } 836 } 837 838 $log->debug("Exiting isReadWritePermittedBySharing method ..."); 839 return $sharePer; 840 } 841 842 /** Function to get the Profile Global Information for the specified vtiger_profileid 843 * @param $profileid -- Profile Id:: Type integer 844 * @returns Profile Gloabal Permission Array in the following format: 845 * $profileGloblaPermisson=Array($viewall_actionid=>permission, $editall_actionid=>permission) 846 */ 847 function getProfileGlobalPermission($profileid) 848 { 849 global $log; 850 $log->debug("Entering getProfileGlobalPermission(".$profileid.") method ..."); 851 global $adb; 852 $sql = "select * from vtiger_profile2globalpermissions where profileid=?" ; 853 $result = $adb->pquery($sql, array($profileid)); 854 $num_rows = $adb->num_rows($result); 855 856 for($i=0; $i<$num_rows; $i++) 857 { 858 $act_id = $adb->query_result($result,$i,"globalactionid"); 859 $per_id = $adb->query_result($result,$i,"globalactionpermission"); 860 $copy[$act_id] = $per_id; 861 } 862 863 $log->debug("Exiting getProfileGlobalPermission method ..."); 864 return $copy; 865 866 } 867 868 /** Function to get the Profile Tab Permissions for the specified vtiger_profileid 869 * @param $profileid -- Profile Id:: Type integer 870 * @returns Profile Tabs Permission Array in the following format: 871 * $profileTabPermisson=Array($tabid1=>permission, $tabid2=>permission,........., $tabidn=>permission) 872 */ 873 function getProfileTabsPermission($profileid) 874 { 875 global $log; 876 $log->debug("Entering getProfileTabsPermission(".$profileid.") method ..."); 877 global $adb; 878 $sql = "select * from vtiger_profile2tab where profileid=?" ; 879 $result = $adb->pquery($sql, array($profileid)); 880 $num_rows = $adb->num_rows($result); 881 882 $copy = array(); 883 for($i=0; $i<$num_rows; $i++) 884 { 885 $tab_id = $adb->query_result($result,$i,"tabid"); 886 $per_id = $adb->query_result($result,$i,"permissions"); 887 $copy[$tab_id] = $per_id; 888 } 889 // TODO This is temporarily required, till we provide a hook/entry point for Emails module. 890 // Once that is done, Webmails need to be removed permanently. 891 $emailsTabId = getTabid('Emails'); 892 $webmailsTabid = getTabid('Webmails'); 893 if(array_key_exists($emailsTabId, $copy)) { 894 $copy[$webmailsTabid] = $copy[$emailsTabId]; 895 } 896 897 $log->debug("Exiting getProfileTabsPermission method ..."); 898 return $copy; 899 900 } 901 902 903 /** Function to get the Profile Action Permissions for the specified vtiger_profileid 904 * @param $profileid -- Profile Id:: Type integer 905 * @returns Profile Tabs Action Permission Array in the following format: 906 * $tabActionPermission = Array($tabid1=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission), 907 * $tabid2=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission), 908 * | 909 * $tabidn=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission)) 910 */ 911 function getProfileActionPermission($profileid) 912 { 913 global $log; 914 $log->debug("Entering getProfileActionPermission(".$profileid.") method ..."); 915 global $adb; 916 $check = Array(); 917 $temp_tabid = Array(); 918 $sql1 = "select * from vtiger_profile2standardpermissions where profileid=?"; 919 $result1 = $adb->pquery($sql1, array($profileid)); 920 $num_rows1 = $adb->num_rows($result1); 921 for($i=0; $i<$num_rows1; $i++) 922 { 923 $tab_id = $adb->query_result($result1,$i,'tabid'); 924 if(! in_array($tab_id,$temp_tabid)) 925 { 926 $temp_tabid[] = $tab_id; 927 $access = Array(); 928 } 929 930 $action_id = $adb->query_result($result1,$i,'operation'); 931 $per_id = $adb->query_result($result1,$i,'permissions'); 932 $access[$action_id] = $per_id; 933 $check[$tab_id] = $access; 934 935 936 } 937 938 939 $log->debug("Exiting getProfileActionPermission method ..."); 940 return $check; 941 } 942 943 944 945 /** Function to get the Standard and Utility Profile Action Permissions for the specified vtiger_profileid 946 * @param $profileid -- Profile Id:: Type integer 947 * @returns Profile Tabs Action Permission Array in the following format: 948 * $tabActionPermission = Array($tabid1=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission), 949 * $tabid2=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission), 950 * | 951 * $tabidn=>Array(actionid1=>permission, actionid2=>permission,...,actionidn=>permission)) 952 */ 953 function getProfileAllActionPermission($profileid) 954 { 955 global $log; 956 $log->debug("Entering getProfileAllActionPermission(".$profileid.") method ..."); 957 global $adb; 958 $actionArr=getProfileActionPermission($profileid); 959 $utilArr=getTabsUtilityActionPermission($profileid); 960 foreach($utilArr as $tabid=>$act_arr) 961 { 962 $act_tab_arr=$actionArr[$tabid]; 963 foreach($act_arr as $utilid=>$util_perr) 964 { 965 $act_tab_arr[$utilid]=$util_perr; 966 } 967 $actionArr[$tabid]=$act_tab_arr; 968 } 969 $log->debug("Exiting getProfileAllActionPermission method ..."); 970 return $actionArr; 971 } 972 973 /** Function to get all the vtiger_role information 974 * @returns $allRoleDetailArray-- Array will contain the details of all the vtiger_roles. RoleId will be the key:: Type array 975 */ 976 function getAllRoleDetails() 977 { 978 global $log; 979 $log->debug("Entering getAllRoleDetails() method ..."); 980 global $adb; 981 $role_det = Array(); 982 $query = "select * from vtiger_role"; 983 $result = $adb->pquery($query, array()); 984 $num_rows=$adb->num_rows($result); 985 for($i=0; $i<$num_rows;$i++) 986 { 987 $each_role_det = Array(); 988 $roleid=$adb->query_result($result,$i,'roleid'); 989 $rolename=$adb->query_result($result,$i,'rolename'); 990 $roledepth=$adb->query_result($result,$i,'depth'); 991 $sub_roledepth=$roledepth + 1; 992 $parentrole=$adb->query_result($result,$i,'parentrole'); 993 $sub_role=''; 994 995 //getting the immediate subordinates 996 $query1="select * from vtiger_role where parentrole like ? and depth=?"; 997 $res1 = $adb->pquery($query1, array($parentrole."::%", $sub_roledepth)); 998 $num_roles = $adb->num_rows($res1); 999 if($num_roles > 0) 1000 { 1001 for($j=0; $j<$num_roles; $j++) 1002 { 1003 if($j == 0) 1004 { 1005 $sub_role .= $adb->query_result($res1,$j,'roleid'); 1006 } 1007 else 1008 { 1009 $sub_role .= ','.$adb->query_result($res1,$j,'roleid'); 1010 } 1011 } 1012 } 1013 1014 1015 $each_role_det[]=$rolename; 1016 $each_role_det[]=$roledepth; 1017 $each_role_det[]=$sub_role; 1018 $role_det[$roleid]=$each_role_det; 1019 1020 } 1021 $log->debug("Exiting getAllRoleDetails method ..."); 1022 return $role_det; 1023 } 1024 1025 /** Function to get the vtiger_role information of the specified vtiger_role 1026 * @param $roleid -- RoleId :: Type varchar 1027 * @returns $roleInfoArray-- RoleInfoArray in the following format: 1028 * $roleInfo=Array($roleId=>Array($rolename,$parentrole,$roledepth,$immediateParent)); 1029 */ 1030 function getRoleInformation($roleid) 1031 { 1032 global $log; 1033 $log->debug("Entering getRoleInformation(".$roleid.") method ..."); 1034 global $adb; 1035 $query = "select * from vtiger_role where roleid=?"; 1036 $result = $adb->pquery($query, array($roleid)); 1037 $rolename=$adb->query_result($result,0,'rolename'); 1038 $parentrole=$adb->query_result($result,0,'parentrole'); 1039 $roledepth=$adb->query_result($result,0,'depth'); 1040 $parentRoleArr=explode('::',$parentrole); 1041 $immediateParent=$parentRoleArr[sizeof($parentRoleArr)-2]; 1042 $roleDet=Array(); 1043 $roleDet[]=$rolename; 1044 $roleDet[]=$parentrole; 1045 $roleDet[]=$roledepth; 1046 $roleDet[]=$immediateParent; 1047 $roleInfo=Array(); 1048 $roleInfo[$roleid]=$roleDet; 1049 $log->debug("Exiting getRoleInformation method ..."); 1050 return $roleInfo; 1051 } 1052 1053 /** Function to get the vtiger_role related vtiger_users 1054 * @param $roleid -- RoleId :: Type varchar 1055 * @returns $roleUsers-- Role Related User Array in the following format: 1056 * $roleUsers=Array($userId1=>$userName,$userId2=>$userName,........,$userIdn=>$userName)); 1057 */ 1058 function getRoleUsers($roleId) 1059 { 1060 global $log; 1061 $log->debug("Entering getRoleUsers(".$roleId.") method ..."); 1062 global $adb; 1063 $query = "select vtiger_user2role.*,vtiger_users.* from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid where roleid=?"; 1064 $result = $adb->pquery($query, array($roleId)); 1065 $num_rows=$adb->num_rows($result); 1066 $roleRelatedUsers=Array(); 1067 for($i=0; $i<$num_rows; $i++) 1068 { 1069 $roleRelatedUsers[$adb->query_result($result,$i,'userid')]=getFullNameFromQResult($result, $i, 'Users'); 1070 } 1071 $log->debug("Exiting getRoleUsers method ..."); 1072 return $roleRelatedUsers; 1073 1074 1075 } 1076 1077 1078 /** Function to get the vtiger_role related user ids 1079 * @param $roleid -- RoleId :: Type varchar 1080 * @returns $roleUserIds-- Role Related User Array in the following format: 1081 * $roleUserIds=Array($userId1,$userId2,........,$userIdn); 1082 */ 1083 1084 function getRoleUserIds($roleId) 1085 { 1086 global $log; 1087 $log->debug("Entering getRoleUserIds(".$roleId.") method ..."); 1088 global $adb; 1089 $query = "select vtiger_user2role.*,vtiger_users.user_name from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid where roleid=?"; 1090 $result = $adb->pquery($query, array($roleId)); 1091 $num_rows=$adb->num_rows($result); 1092 $roleRelatedUsers=Array(); 1093 for($i=0; $i<$num_rows; $i++) 1094 { 1095 $roleRelatedUsers[]=$adb->query_result($result,$i,'userid'); 1096 } 1097 $log->debug("Exiting getRoleUserIds method ..."); 1098 return $roleRelatedUsers; 1099 1100 1101 } 1102 1103 /** Function to get the vtiger_role and subordinate vtiger_users 1104 * @param $roleid -- RoleId :: Type varchar 1105 * @returns $roleSubUsers-- Role and Subordinates Related Users Array in the following format: 1106 * $roleSubUsers=Array($userId1=>$userName,$userId2=>$userName,........,$userIdn=>$userName)); 1107 */ 1108 function getRoleAndSubordinateUsers($roleId) 1109 { 1110 global $log; 1111 $log->debug("Entering getRoleAndSubordinateUsers(".$roleId.") method ..."); 1112 global $adb; 1113 $roleInfoArr=getRoleInformation($roleId); 1114 $parentRole=$roleInfoArr[$roleId][1]; 1115 $query = "select vtiger_user2role.*,vtiger_users.user_name from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like ?"; 1116 $result = $adb->pquery($query, array($parentRole."%")); 1117 $num_rows=$adb->num_rows($result); 1118 $roleRelatedUsers=Array(); 1119 for($i=0; $i<$num_rows; $i++) 1120 { 1121 $roleRelatedUsers[$adb->query_result($result,$i,'userid')]=$adb->query_result($result,$i,'user_name'); 1122 } 1123 $log->debug("Exiting getRoleAndSubordinateUsers method ..."); 1124 return $roleRelatedUsers; 1125 1126 1127 } 1128 1129 /** Function to get the vtiger_role and subordinate Information for the specified vtiger_roleId 1130 * @param $roleid -- RoleId :: Type varchar 1131 * @returns $roleSubInfo-- Role and Subordinates Information array in the following format: 1132 * $roleSubInfo=Array($roleId1=>Array($rolename,$parentrole,$roledepth,$immediateParent), $roleId2=>Array($rolename,$parentrole,$roledepth,$immediateParent),.....); 1133 */ 1134 function getRoleAndSubordinatesInformation($roleId) 1135 { 1136 global $log; 1137 $log->debug("Entering getRoleAndSubordinatesInformation(".$roleId.") method ..."); 1138 global $adb; 1139 static $roleInfoCache = array(); 1140 if(!empty($roleInfoCache[$roleId])) { 1141 return $roleInfoCache[$roleId]; 1142 } 1143 $roleDetails=getRoleInformation($roleId); 1144 $roleInfo=$roleDetails[$roleId]; 1145 $roleParentSeq=$roleInfo[1]; 1146 1147 $query="select * from vtiger_role where parentrole like ? order by parentrole asc"; 1148 $result=$adb->pquery($query, array($roleParentSeq."%")); 1149 $num_rows=$adb->num_rows($result); 1150 $roleInfo=Array(); 1151 for($i=0;$i<$num_rows;$i++) 1152 { 1153 $roleid=$adb->query_result($result,$i,'roleid'); 1154 $rolename=$adb->query_result($result,$i,'rolename'); 1155 $roledepth=$adb->query_result($result,$i,'depth'); 1156 $parentrole=$adb->query_result($result,$i,'parentrole'); 1157 $roleDet=Array(); 1158 $roleDet[]=$rolename; 1159 $roleDet[]=$parentrole; 1160 $roleDet[]=$roledepth; 1161 $roleInfo[$roleid]=$roleDet; 1162 1163 } 1164 $roleInfoCache[$roleId] = $roleInfo; 1165 $log->debug("Exiting getRoleAndSubordinatesInformation method ..."); 1166 return $roleInfo; 1167 1168 } 1169 1170 1171 /** Function to get the vtiger_role and subordinate vtiger_role ids 1172 * @param $roleid -- RoleId :: Type varchar 1173 * @returns $roleSubRoleIds-- Role and Subordinates RoleIds in an Array in the following format: 1174 * $roleSubRoleIds=Array($roleId1,$roleId2,........,$roleIdn); 1175 */ 1176 function getRoleAndSubordinatesRoleIds($roleId) 1177 { 1178 global $log; 1179 $log->debug("Entering getRoleAndSubordinatesRoleIds(".$roleId.") method ..."); 1180 global $adb; 1181 $roleDetails=getRoleInformation($roleId); 1182 $roleInfo=$roleDetails[$roleId]; 1183 $roleParentSeq=$roleInfo[1]; 1184 1185 $query="select * from vtiger_role where parentrole like ? order by parentrole asc"; 1186 $result=$adb->pquery($query, array($roleParentSeq."%")); 1187 $num_rows=$adb->num_rows($result); 1188 $roleInfo=Array(); 1189 for($i=0;$i<$num_rows;$i++) 1190 { 1191 $roleid=$adb->query_result($result,$i,'roleid'); 1192 $roleInfo[]=$roleid; 1193 1194 } 1195 $log->debug("Exiting getRoleAndSubordinatesRoleIds method ..."); 1196 return $roleInfo; 1197 1198 } 1199 1200 /** Function to delete the vtiger_role related sharing rules 1201 * @param $roleid -- RoleId :: Type varchar 1202 */ 1203 function deleteRoleRelatedSharingRules($roleId) 1204 { 1205 global $log; 1206 $log->debug("Entering deleteRoleRelatedSharingRules(".$roleId.") method ..."); 1207 global $adb; 1208 $dataShareTableColArr=Array('vtiger_datashare_grp2role'=>'to_roleid', 1209 'vtiger_datashare_grp2rs'=>'to_roleandsubid', 1210 'vtiger_datashare_role2group'=>'share_roleid', 1211 'vtiger_datashare_role2role'=>'share_roleid::to_roleid', 1212 'vtiger_datashare_role2rs'=>'share_roleid::to_roleandsubid', 1213 'vtiger_datashare_rs2grp'=>'share_roleandsubid', 1214 'vtiger_datashare_rs2role'=>'share_roleandsubid::to_roleid', 1215 'vtiger_datashare_rs2rs'=>'share_roleandsubid::to_roleandsubid'); 1216 1217 foreach($dataShareTableColArr as $tablename=>$colname) 1218 { 1219 $colNameArr=explode('::',$colname); 1220 $query="select shareid from ".$tablename." where ".$colNameArr[0]."=?"; 1221 $params = array($roleId); 1222 if(sizeof($colNameArr) >1) 1223 { 1224 $query .=" or ".$colNameArr[1]."=?"; 1225 array_push($params, $roleId); 1226 } 1227 1228 $result=$adb->pquery($query, $params); 1229 $num_rows=$adb->num_rows($result); 1230 for($i=0;$i<$num_rows;$i++) 1231 { 1232 $shareid=$adb->query_result($result,$i,'shareid'); 1233 deleteSharingRule($shareid); 1234 } 1235 1236 } 1237 $log->debug("Exiting deleteRoleRelatedSharingRules method ..."); 1238 } 1239 1240 /** Function to delete the group related sharing rules 1241 * @param $roleid -- RoleId :: Type varchar 1242 */ 1243 function deleteGroupRelatedSharingRules($grpId) 1244 { 1245 global $log; 1246 $log->debug("Entering deleteGroupRelatedSharingRules(".$grpId.") method ..."); 1247 1248 global $adb; 1249 $dataShareTableColArr=Array('vtiger_datashare_grp2grp'=>'share_groupid::to_groupid', 1250 'vtiger_datashare_grp2role'=>'share_groupid', 1251 'vtiger_datashare_grp2rs'=>'share_groupid', 1252 'vtiger_datashare_role2group'=>'to_groupid', 1253 'vtiger_datashare_rs2grp'=>'to_groupid'); 1254 1255 1256 foreach($dataShareTableColArr as $tablename=>$colname) 1257 { 1258 $colNameArr=explode('::',$colname); 1259 $query="select shareid from ".$tablename." where ".$colNameArr[0]."=?"; 1260 $params = array($grpId); 1261 if(sizeof($colNameArr) >1) 1262 { 1263 $query .=" or ".$colNameArr[1]."=?"; 1264 array_push($params, $grpId); 1265 } 1266 1267 $result=$adb->pquery($query, $params); 1268 $num_rows=$adb->num_rows($result); 1269 for($i=0;$i<$num_rows;$i++) 1270 { 1271 $shareid=$adb->query_result($result,$i,'shareid'); 1272 deleteSharingRule($shareid); 1273 } 1274 1275 } 1276 $log->debug("Exiting deleteGroupRelatedSharingRules method ..."); 1277 } 1278 1279 1280 /** Function to get userid and username of all vtiger_users 1281 * @returns $userArray -- User Array in the following format: 1282 * $userArray=Array($userid1=>$username, $userid2=>$username,............,$useridn=>$username); 1283 */ 1284 function getAllUserName() 1285 { 1286 global $log; 1287 $log->debug("Entering getAllUserName() method ..."); 1288 global $adb; 1289 $query="select * from vtiger_users where deleted=0"; 1290 $result = $adb->pquery($query, array()); 1291 $num_rows=$adb->num_rows($result); 1292 $user_details=Array(); 1293 for($i=0;$i<$num_rows;$i++) 1294 { 1295 $userid=$adb->query_result($result,$i,'id'); 1296 $username=getFullNameFromQResult($result, $i, 'Users'); 1297 $user_details[$userid]=$username; 1298 1299 } 1300 $log->debug("Exiting getAllUserName method ..."); 1301 return $user_details; 1302 1303 } 1304 1305 1306 /** Function to get groupid and groupname of all vtiger_groups 1307 * @returns $grpArray -- Group Array in the following format: 1308 * $grpArray=Array($grpid1=>$grpname, $grpid2=>$grpname,............,$grpidn=>$grpname); 1309 */ 1310 function getAllGroupName() 1311 { 1312 global $log; 1313 $log->debug("Entering getAllGroupName() method ..."); 1314 global $adb; 1315 $query="select * from vtiger_groups"; 1316 $result = $adb->pquery($query, array()); 1317 $num_rows=$adb->num_rows($result); 1318 $group_details=Array(); 1319 for($i=0;$i<$num_rows;$i++) 1320 { 1321 $grpid=$adb->query_result($result,$i,'groupid'); 1322 $grpname=$adb->query_result($result,$i,'groupname'); 1323 $group_details[$grpid]=$grpname; 1324 1325 } 1326 $log->debug("Exiting getAllGroupName method ..."); 1327 return $group_details; 1328 1329 } 1330 1331 /** This function is to delete the organisation level sharing rule 1332 * It takes the following input parameters: 1333 * $shareid -- Id of the Sharing Rule to be updated 1334 */ 1335 function deleteSharingRule($shareid) 1336 { 1337 global $log; 1338 $log->debug("Entering deleteSharingRule(".$shareid.") method ..."); 1339 global $adb; 1340 $query2="select * from vtiger_datashare_module_rel where shareid=?"; 1341 $res=$adb->pquery($query2, array($shareid)); 1342 $typestr=$adb->query_result($res,0,'relationtype'); 1343 $tabname=getDSTableNameForType($typestr); 1344 $query3="delete from $tabname where shareid=?"; 1345 $adb->pquery($query3, array($shareid)); 1346 $query4="delete from vtiger_datashare_module_rel where shareid=?"; 1347 $adb->pquery($query4, array($shareid)); 1348 1349 //deleting the releated module sharing permission 1350 $query5="delete from vtiger_datashare_relatedmodule_permission where shareid=?"; 1351 $adb->pquery($query5, array($shareid)); 1352 $log->debug("Exiting deleteSharingRule method ..."); 1353 1354 } 1355 1356 /** Function get the Data Share Table Names 1357 * @returns the following Date Share Table Name Array: 1358 * $dataShareTableColArr=Array('GRP::GRP'=>'datashare_grp2grp', 1359 * 'GRP::ROLE'=>'datashare_grp2role', 1360 * 'GRP::RS'=>'datashare_grp2rs', 1361 * 'ROLE::GRP'=>'datashare_role2group', 1362 * 'ROLE::ROLE'=>'datashare_role2role', 1363 * 'ROLE::RS'=>'datashare_role2rs', 1364 * 'RS::GRP'=>'datashare_rs2grp', 1365 * 'RS::ROLE'=>'datashare_rs2role', 1366 * 'RS::RS'=>'datashare_rs2rs'); 1367 */ 1368 function getDataShareTableName() 1369 { 1370 global $log; 1371 $log->debug("Entering getDataShareTableName() method ..."); 1372 $dataShareTableColArr=Array('GRP::GRP'=>'vtiger_datashare_grp2grp', 1373 'GRP::ROLE'=>'vtiger_datashare_grp2role', 1374 'GRP::RS'=>'vtiger_datashare_grp2rs', 1375 'ROLE::GRP'=>'vtiger_datashare_role2group', 1376 'ROLE::ROLE'=>'vtiger_datashare_role2role', 1377 'ROLE::RS'=>'vtiger_datashare_role2rs', 1378 'RS::GRP'=>'vtiger_datashare_rs2grp', 1379 'RS::ROLE'=>'vtiger_datashare_rs2role', 1380 'RS::RS'=>'vtiger_datashare_rs2rs'); 1381 $log->debug("Exiting getDataShareTableName method ..."); 1382 return $dataShareTableColArr; 1383 1384 } 1385 1386 /** Function to get the Data Share Table Name from the speciified type string 1387 * @param $typeString -- Datashare Type Sting :: Type Varchar 1388 * @returns Table Name -- Type Varchar 1389 * 1390 */ 1391 function getDSTableNameForType($typeString) 1392 { 1393 global $log; 1394 $log->debug("Entering getDSTableNameForType(".$typeString.") method ..."); 1395 $dataShareTableColArr=getDataShareTableName(); 1396 $tableName=$dataShareTableColArr[$typeString]; 1397 $log->debug("Exiting getDSTableNameForType method ..."); 1398 return $tableName; 1399 1400 } 1401 1402 /** This function is to retreive the vtiger_profiles associated with the the specified user 1403 * It takes the following input parameters: 1404 * $userid -- The User Id:: Type Integer 1405 *This function will return the vtiger_profiles associated to the specified vtiger_users in an Array in the following format: 1406 * $userProfileArray=(profileid1,profileid2,profileid3,...,profileidn); 1407 */ 1408 function getUserProfile($userId) 1409 { 1410 global $log; 1411 $log->debug("Entering getUserProfile(".$userId.") method ..."); 1412 global $adb; 1413 $roleId=fetchUserRole($userId); 1414 $profArr=Array(); 1415 $sql1 = "select profileid from vtiger_role2profile where roleid=?"; 1416 $result1 = $adb->pquery($sql1, array($roleId)); 1417 $num_rows=$adb->num_rows($result1); 1418 for($i=0;$i<$num_rows;$i++) 1419 { 1420 1421 $profileid= $adb->query_result($result1,$i,"profileid"); 1422 $profArr[]=$profileid; 1423 } 1424 $log->debug("Exiting getUserProfile method ..."); 1425 return $profArr; 1426 1427 } 1428 1429 /** To retreive the global permission of the specifed user from the various vtiger_profiles associated with the user 1430 * @param $userid -- The User Id:: Type Integer 1431 * @returns user global permission array in the following format: 1432 * $gloabalPerrArray=(view all action id=>permission, 1433 edit all action id=>permission) ); 1434 */ 1435 function getCombinedUserGlobalPermissions($userId) 1436 { 1437 global $log; 1438 $log->debug("Entering getCombinedUserGlobalPermissions(".$userId.") method ..."); 1439 global $adb; 1440 $profArr=getUserProfile($userId); 1441 $no_of_profiles=sizeof($profArr); 1442 $userGlobalPerrArr=Array(); 1443 1444 $userGlobalPerrArr=getProfileGlobalPermission($profArr[0]); 1445 if($no_of_profiles != 1) 1446 { 1447 for($i=1;$i<$no_of_profiles;$i++) 1448 { 1449 $tempUserGlobalPerrArr=getProfileGlobalPermission($profArr[$i]); 1450 1451 foreach($userGlobalPerrArr as $globalActionId=>$globalActionPermission) 1452 { 1453 if($globalActionPermission == 1) 1454 { 1455 $now_permission = $tempUserGlobalPerrArr[$globalActionId]; 1456 if($now_permission == 0) 1457 { 1458 $userGlobalPerrArr[$globalActionId]=$now_permission; 1459 } 1460 1461 1462 } 1463 1464 } 1465 1466 } 1467 1468 } 1469 1470 $log->debug("Exiting getCombinedUserGlobalPermissions method ..."); 1471 return $userGlobalPerrArr; 1472 1473 } 1474 1475 /** To retreive the vtiger_tab permissions of the specifed user from the various vtiger_profiles associated with the user 1476 * @param $userid -- The User Id:: Type Integer 1477 * @returns user global permission array in the following format: 1478 * $tabPerrArray=(tabid1=>permission, 1479 * tabid2=>permission) ); 1480 */ 1481 function getCombinedUserTabsPermissions($userId) 1482 { 1483 global $log; 1484 $log->debug("Entering getCombinedUserTabsPermissions(".$userId.") method ..."); 1485 global $adb; 1486 $profArr=getUserProfile($userId); 1487 $no_of_profiles=sizeof($profArr); 1488 $userTabPerrArr=Array(); 1489 1490 $userTabPerrArr=getProfileTabsPermission($profArr[0]); 1491 if($no_of_profiles != 1) 1492 { 1493 for($i=1;$i<$no_of_profiles;$i++) 1494 { 1495 $tempUserTabPerrArr=getProfileTabsPermission($profArr[$i]); 1496 1497 foreach($userTabPerrArr as $tabId=>$tabPermission) 1498 { 1499 if($tabPermission == 1) 1500 { 1501 $now_permission = $tempUserTabPerrArr[$tabId]; 1502 if($now_permission == 0) 1503 { 1504 $userTabPerrArr[$tabId]=$now_permission; 1505 } 1506 1507 1508 } 1509 1510 } 1511 1512 } 1513 1514 } 1515 1516 $homeTabid = getTabid('Home'); 1517 if(!array_key_exists($homeTabid, $userTabPerrArr)) { 1518 $userTabPerrArr[$homeTabid] = 0; 1519 } 1520 $log->debug("Exiting getCombinedUserTabsPermissions method ..."); 1521 return $userTabPerrArr; 1522 1523 } 1524 1525 /** To retreive the vtiger_tab acion permissions of the specifed user from the various vtiger_profiles associated with the user 1526 * @param $userid -- The User Id:: Type Integer 1527 * @returns user global permission array in the following format: 1528 * $actionPerrArray=(tabid1=>permission, 1529 * tabid2=>permission); 1530 */ 1531 function getCombinedUserActionPermissions($userId) 1532 { 1533 global $log; 1534 $log->debug("Entering getCombinedUserActionPermissions(".$userId.") method ..."); 1535 global $adb; 1536 $profArr=getUserProfile($userId); 1537 $no_of_profiles=sizeof($profArr); 1538 $actionPerrArr=Array(); 1539 1540 $actionPerrArr=getProfileAllActionPermission($profArr[0]); 1541 if($no_of_profiles != 1) 1542 { 1543 for($i=1;$i<$no_of_profiles;$i++) 1544 { 1545 $tempActionPerrArr=getProfileAllActionPermission($profArr[$i]); 1546 1547 foreach($actionPerrArr as $tabId=>$perArr) 1548 { 1549 foreach($perArr as $actionid=>$per) 1550 { 1551 if($per == 1) 1552 { 1553 $now_permission = $tempActionPerrArr[$tabId][$actionid]; 1554 if($now_permission == 0 && $now_permission != "") 1555 { 1556 $actionPerrArr[$tabId][$actionid]=$now_permission; 1557 } 1558 1559 1560 } 1561 } 1562 1563 } 1564 1565 } 1566 1567 } 1568 $log->debug("Exiting getCombinedUserActionPermissions method ..."); 1569 return $actionPerrArr; 1570 1571 } 1572 1573 /** To retreive the parent vtiger_role of the specified vtiger_role 1574 * @param $roleid -- The Role Id:: Type varchar 1575 * @returns parent vtiger_role array in the following format: 1576 * $parentRoleArray=(roleid1,roleid2,.......,roleidn); 1577 */ 1578 function getParentRole($roleId) 1579 { 1580 global $log; 1581 $log->debug("Entering getParentRole(".$roleId.") method ..."); 1582 $roleInfo=getRoleInformation($roleId); 1583 $parentRole=$roleInfo[$roleId][1]; 1584 $tempParentRoleArr=explode('::',$parentRole); 1585 $parentRoleArr=Array(); 1586 foreach($tempParentRoleArr as $role_id) 1587 { 1588 if($role_id != $roleId) 1589 { 1590 $parentRoleArr[]=$role_id; 1591 } 1592 } 1593 $log->debug("Exiting getParentRole method ..."); 1594 return $parentRoleArr; 1595 1596 } 1597 1598 /** To retreive the subordinate vtiger_roles of the specified parent vtiger_role 1599 * @param $roleid -- The Role Id:: Type varchar 1600 * @returns subordinate vtiger_role array in the following format: 1601 * $subordinateRoleArray=(roleid1,roleid2,.......,roleidn); 1602 */ 1603 function getRoleSubordinates($roleId) 1604 { 1605 global $log; 1606 $log->debug("Entering getRoleSubordinates(".$roleId.") method ..."); 1607 1608 // Look at cache first for information 1609 $roleSubordinates = VTCacheUtils::lookupRoleSubordinates($roleId); 1610 1611 if($roleSubordinates === false) { 1612 global $adb; 1613 $roleDetails=getRoleInformation($roleId); 1614 $roleInfo=$roleDetails[$roleId]; 1615 $roleParentSeq=$roleInfo[1]; 1616 1617 $query="select * from vtiger_role where parentrole like ? order by parentrole asc"; 1618 $result=$adb->pquery($query, array($roleParentSeq."::%")); 1619 $num_rows=$adb->num_rows($result); 1620 $roleSubordinates=Array(); 1621 for($i=0;$i<$num_rows;$i++) 1622 { 1623 $roleid=$adb->query_result($result,$i,'roleid'); 1624 1625 $roleSubordinates[]=$roleid; 1626 1627 } 1628 // Update cache for re-use 1629 VTCacheUtils::updateRoleSubordinates($roleId, $roleSubordinates); 1630 } 1631 1632 $log->debug("Exiting getRoleSubordinates method ..."); 1633 return $roleSubordinates; 1634 1635 } 1636 1637 /** To retreive the subordinate vtiger_roles and vtiger_users of the specified parent vtiger_role 1638 * @param $roleid -- The Role Id:: Type varchar 1639 * @returns subordinate vtiger_role array in the following format: 1640 * $subordinateRoleUserArray=(roleid1=>Array(userid1,userid2,userid3), 1641 vtiger_roleid2=>Array(userid1,userid2,userid3) 1642 | 1643 | 1644 vtiger_roleidn=>Array(userid1,userid2,userid3)); 1645 */ 1646 function getSubordinateRoleAndUsers($roleId) 1647 { 1648 global $log; 1649 $log->debug("Entering getSubordinateRoleAndUsers(".$roleId.") method ..."); 1650 global $adb; 1651 $subRoleAndUsers=Array(); 1652 $subordinateRoles=getRoleSubordinates($roleId); 1653 foreach($subordinateRoles as $subRoleId) 1654 { 1655 $userArray=getRoleUsers($subRoleId); 1656 $subRoleAndUsers[$subRoleId]=$userArray; 1657 1658 } 1659 $log->debug("Exiting getSubordinateRoleAndUsers method ..."); 1660 return $subRoleAndUsers; 1661 1662 } 1663 1664 function getCurrentUserProfileList() 1665 { 1666 global $log; 1667 $log->debug("Entering getCurrentUserProfileList() method ..."); 1668 global $current_user; 1669 require('user_privileges/user_privileges_'.$current_user->id.'.php'); 1670 $profList = array(); 1671 $i=0; 1672 foreach ($current_user_profiles as $profid) 1673 { 1674 array_push($profList, $profid); 1675 $i++; 1676 } 1677 $log->debug("Exiting getCurrentUserProfileList method ..."); 1678 return $profList; 1679 1680 } 1681 1682 1683 function getCurrentUserGroupList() 1684 { 1685 global $log; 1686 $log->debug("Entering getCurrentUserGroupList() method ..."); 1687 global $current_user; 1688 require('user_privileges/user_privileges_'.$current_user->id.'.php'); 1689 $grpList= array(); 1690 if(sizeof($current_user_groups) > 0) 1691 { 1692 $i=0; 1693 foreach ($current_user_groups as $grpid) 1694 { 1695 array_push($grpList, $grpid); 1696 $i++; 1697 } 1698 } 1699 $log->debug("Exiting getCurrentUserGroupList method ..."); 1700 return $grpList; 1701 } 1702 1703 function getWriteSharingGroupsList($module) 1704 { 1705 global $log; 1706 $log->debug("Entering getWriteSharingGroupsList(".$module.") method ..."); 1707 global $adb; 1708 global $current_user; 1709 $grp_array=Array(); 1710 $tabid=getTabid($module); 1711 $query = "select sharedgroupid from vtiger_tmp_write_group_sharing_per where userid=? and tabid=?"; 1712 $result=$adb->pquery($query, array($current_user->id, $tabid)); 1713 $num_rows=$adb->num_rows($result); 1714 for($i=0;$i<$num_rows;$i++) 1715 { 1716 $grp_id=$adb->query_result($result,$i,'sharedgroupid'); 1717 $grp_array[]=$grp_id; 1718 } 1719 $shareGrpList=constructList($grp_array,'INTEGER'); 1720 $log->debug("Exiting getWriteSharingGroupsList method ..."); 1721 return $shareGrpList; 1722 } 1723 1724 function constructList($array,$data_type) 1725 { 1726 global $log; 1727 $log->debug("Entering constructList(".$array.",".$data_type.") method ..."); 1728 $list= array(); 1729 if(sizeof($array) > 0) 1730 { 1731 $i=0; 1732 foreach($array as $value) 1733 { 1734 if($data_type == "INTEGER") 1735 { 1736 array_push($list, $value); 1737 } 1738 elseif($data_type == "VARCHAR") 1739 { 1740 array_push($list, "'".$value."'"); 1741 } 1742 $i++; 1743 } 1744 } 1745 $log->debug("Exiting constructList method ..."); 1746 return $list; 1747 } 1748 1749 function getListViewSecurityParameter($module) 1750 { 1751 global $log; 1752 $log->debug("Entering getListViewSecurityParameter(".$module.") method ..."); 1753 global $adb; 1754 1755 $tabid=getTabid($module); 1756 global $current_user; 1757 if($current_user) 1758 { 1759 require('user_privileges/user_privileges_'.$current_user->id.'.php'); 1760 require('user_privileges/sharing_privileges_'.$current_user->id.'.php'); 1761 } 1762 if($module == 'Leads') 1763 { 1764 $sec_query .= " and ( 1765 vtiger_crmentity.smownerid in($current_user->id) 1766 or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') 1767 or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.") 1768 or ("; 1769 1770 if(sizeof($current_user_groups) > 0) 1771 { 1772 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1773 } 1774 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid."))) "; 1775 } 1776 elseif($module == 'Accounts') 1777 { 1778 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) " . 1779 "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') " . 1780 "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.") or ("; 1781 1782 if(sizeof($current_user_groups) > 0) 1783 { 1784 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1785 } 1786 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid."))) "; 1787 1788 } 1789 elseif($module == 'Contacts') 1790 { 1791 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) " . 1792 "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') " . 1793 "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.") or ("; 1794 1795 if(sizeof($current_user_groups) > 0) 1796 { 1797 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1798 } 1799 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid."))) "; 1800 1801 } 1802 elseif($module == 'Potentials') 1803 { 1804 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) " . 1805 "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') " . 1806 "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")"; 1807 1808 $sec_query .= " or ("; 1809 1810 if(sizeof($current_user_groups) > 0) 1811 { 1812 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1813 } 1814 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid."))) "; 1815 1816 } 1817 elseif($module == 'HelpDesk') 1818 { 1819 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.") "; 1820 1821 $sec_query .= " or ("; 1822 if(sizeof($current_user_groups) > 0) 1823 { 1824 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1825 } 1826 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid."))) "; 1827 1828 } 1829 elseif($module == 'Emails') 1830 { 1831 $sec_query .= " and vtiger_crmentity.smownerid=".$current_user->id." "; 1832 1833 } 1834 elseif($module == 'Calendar') 1835 { 1836 require_once ('modules/Calendar/CalendarCommon.php'); 1837 $shared_ids = getSharedCalendarId($current_user->id); 1838 if(isset($shared_ids) && $shared_ids != '') 1839 $condition = " or (vtiger_crmentity.smownerid in($shared_ids) and vtiger_activity.visibility = 'Public')"; 1840 else 1841 $condition = null; 1842 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) $condition or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%')"; 1843 1844 if(sizeof($current_user_groups) > 0) 1845 { 1846 $sec_query .= " or ((vtiger_groups.groupid in (". implode(",", $current_user_groups) .")))"; 1847 } 1848 $sec_query .= ")"; 1849 } 1850 elseif($module == 'Quotes') 1851 { 1852 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")"; 1853 1854 //Adding crteria for group sharing 1855 $sec_query .= " or (("; 1856 1857 if(sizeof($current_user_groups) > 0) 1858 { 1859 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1860 } 1861 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")))) "; 1862 1863 } 1864 elseif($module == 'PurchaseOrder') 1865 { 1866 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.") or ("; 1867 1868 if(sizeof($current_user_groups) > 0) 1869 { 1870 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1871 } 1872 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid."))) "; 1873 1874 } 1875 elseif($module == 'SalesOrder') 1876 { 1877 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")"; 1878 1879 //Adding crteria for group sharing 1880 $sec_query .= " or ("; 1881 1882 if(sizeof($current_user_groups) > 0) 1883 { 1884 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1885 } 1886 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid."))) "; 1887 1888 } 1889 elseif($module == 'Invoice') 1890 { 1891 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")"; 1892 1893 //Adding crteria for group sharing 1894 $sec_query .= " or (("; 1895 1896 if(sizeof($current_user_groups) > 0) 1897 { 1898 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1899 } 1900 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")))) "; 1901 1902 } 1903 elseif($module == 'Campaigns') 1904 { 1905 1906 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.") or (("; 1907 1908 if(sizeof($current_user_groups) > 0) 1909 { 1910 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1911 } 1912 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")))) "; 1913 1914 1915 } 1916 1917 elseif($module == 'Documents') 1918 { 1919 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.") or (("; 1920 1921 if(sizeof($current_user_groups) > 0) 1922 { 1923 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1924 } 1925 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")))) "; 1926 1927 } 1928 1929 elseif($module == 'Products') 1930 { 1931 $sec_query .= " and (vtiger_crmentity.smownerid in($current_user->id) " . 1932 "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '".$current_user_parent_role_seq."::%') " . 1933 "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=".$current_user->id." and tabid=".$tabid.")"; 1934 1935 $sec_query .= " or ("; 1936 1937 if(sizeof($current_user_groups) > 0) 1938 { 1939 $sec_query .= " vtiger_groups.groupid in (". implode(",", $current_user_groups) .") or "; 1940 } 1941 $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=".$current_user->id." and tabid=".$tabid."))) "; 1942 1943 } 1944 1945 else 1946 { 1947 $modObj = CRMEntity::getInstance($module); 1948 $sec_query = $modObj->getListViewSecurityParameter($module); 1949 1950 } 1951 $log->debug("Exiting getListViewSecurityParameter method ..."); 1952 return $sec_query; 1953 } 1954 1955 function get_current_user_access_groups($module) 1956 { 1957 global $log; 1958 $log->debug("Entering get_current_user_access_groups(".$module.") method ..."); 1959 global $adb,$noof_group_rows; 1960 $current_user_group_list=getCurrentUserGroupList(); 1961 $sharing_write_group_list=getWriteSharingGroupsList($module); 1962 $query ="select groupname,groupid from vtiger_groups"; 1963 $params = array(); 1964 if(count($current_user_group_list) > 0 && count($sharing_write_group_list) > 0) 1965 { 1966 $query .= " where (groupid in (". generateQuestionMarks($current_user_group_list) .") or groupid in (". generateQuestionMarks($sharing_write_group_list) ."))"; 1967 array_push($params, $current_user_group_list, $sharing_write_group_list); 1968 $result = $adb->pquery($query, $params); 1969 $noof_group_rows=$adb->num_rows($result); 1970 } 1971 elseif(count($current_user_group_list) > 0) 1972 { 1973 $query .= " where groupid in (". generateQuestionMarks($current_user_group_list) .")"; 1974 array_push($params, $current_user_group_list); 1975 $result = $adb->pquery($query, $params); 1976 $noof_group_rows=$adb->num_rows($result); 1977 } 1978 elseif(count($sharing_write_group_list) > 0) 1979 { 1980 $query .= " where groupid in (". generateQuestionMarks($sharing_write_group_list) .")"; 1981 array_push($params, $sharing_write_group_list); 1982 $result = $adb->pquery($query, $params); 1983 $noof_group_rows=$adb->num_rows($result); 1984 } 1985 $log->debug("Exiting get_current_user_access_groups method ..."); 1986 return $result; 1987 } 1988 /** Function to get the Group Id for a given group groupname 1989 * @param $groupname -- Groupname 1990 * @returns Group Id -- Type Integer 1991 */ 1992 1993 function getGrpId($groupname) 1994 { 1995 global $log; 1996 $log->debug("Entering getGrpId(".$groupname.") method ..."); 1997 global $adb; 1998 $groupid = Vtiger_Cache::get('group',$groupname); 1999 if(!$groupid && $groupid !== 0){ 2000 $result = $adb->pquery("select groupid from vtiger_groups where groupname=?", array($groupname)); 2001 $groupid = ($adb->num_rows($result) > 0) ? $adb->query_result($result,0,'groupid') : 0; 2002 Vtiger_Cache::set('group',$groupname,$groupid); 2003 } 2004 $log->debug("Exiting getGrpId method ..."); 2005 return $groupid; 2006 } 2007 2008 /** Function to check permission to access a vtiger_field for a given user 2009 * @param $fld_module -- Module :: Type String 2010 * @param $userid -- User Id :: Type integer 2011 * @param $fieldname -- Field Name :: Type varchar 2012 * @returns $rolename -- Role Name :: Type varchar 2013 * 2014 */ 2015 function getFieldVisibilityPermission($fld_module, $userid, $fieldname, $accessmode='readonly') 2016 { 2017 global $log; 2018 $log->debug("Entering getFieldVisibilityPermission(".$fld_module.",". $userid.",". $fieldname.") method ..."); 2019 2020 global $adb; 2021 global $current_user; 2022 2023 // Check if field is in-active 2024 $fieldActive = isFieldActive($fld_module,$fieldname); 2025 if($fieldActive == false) { 2026 return '1'; 2027 } 2028 2029 require('user_privileges/user_privileges_'.$userid.'.php'); 2030 2031 /* Asha: Fix for ticket #4508. Users with View all and Edit all permission will also have visibility permission for all fields */ 2032 if($is_admin || $profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] ==0) 2033 { 2034 $log->debug("Exiting getFieldVisibilityPermission method ..."); 2035 return '0'; 2036 } 2037 else 2038 { 2039 //get vtiger_profile list using userid 2040 $profilelist = getCurrentUserProfileList(); 2041 2042 //get tabid 2043 $tabid = getTabid($fld_module); 2044 2045 if (count($profilelist) > 0) { 2046 if($accessmode == 'readonly') { 2047 $query="SELECT vtiger_profile2field.visible FROM vtiger_field INNER JOIN vtiger_profile2field ON vtiger_profile2field.fieldid=vtiger_field.fieldid INNER JOIN vtiger_def_org_field ON vtiger_def_org_field.fieldid=vtiger_field.fieldid WHERE vtiger_field.tabid=? AND vtiger_profile2field.visible=0 AND vtiger_def_org_field.visible=0 AND vtiger_profile2field.profileid in (". generateQuestionMarks($profilelist) .") AND vtiger_field.fieldname= ? and vtiger_field.presence in (0,2) GROUP BY vtiger_field.fieldid"; 2048 } else { 2049 $query="SELECT vtiger_profile2field.visible FROM vtiger_field INNER JOIN vtiger_profile2field ON vtiger_profile2field.fieldid=vtiger_field.fieldid INNER JOIN vtiger_def_org_field ON vtiger_def_org_field.fieldid=vtiger_field.fieldid WHERE vtiger_field.tabid=? AND vtiger_profile2field.visible=0 AND vtiger_profile2field.readonly=0 AND vtiger_def_org_field.visible=0 AND vtiger_profile2field.profileid in (". generateQuestionMarks($profilelist) .") AND vtiger_field.fieldname= ? and vtiger_field.presence in (0,2) GROUP BY vtiger_field.fieldid"; 2050 } 2051 $params = array($tabid, $profilelist, $fieldname); 2052 2053 } else { 2054 if($accessmode == 'readonly') { 2055 $query="SELECT vtiger_profile2field.visible FROM vtiger_field INNER JOIN vtiger_profile2field ON vtiger_profile2field.fieldid=vtiger_field.fieldid INNER JOIN vtiger_def_org_field ON vtiger_def_org_field.fieldid=vtiger_field.fieldid WHERE vtiger_field.tabid=? AND vtiger_profile2field.visible=0 AND vtiger_def_org_field.visible=0 AND vtiger_field.fieldname= ? and vtiger_field.presence in (0,2) GROUP BY vtiger_field.fieldid"; 2056 } else { 2057 $query="SELECT vtiger_profile2field.visible FROM vtiger_field INNER JOIN vtiger_profile2field ON vtiger_profile2field.fieldid=vtiger_field.fieldid INNER JOIN vtiger_def_org_field ON vtiger_def_org_field.fieldid=vtiger_field.fieldid WHERE vtiger_field.tabid=? AND vtiger_profile2field.visible=0 AND vtiger_profile2field.readonly=0 AND vtiger_def_org_field.visible=0 AND vtiger_field.fieldname= ? and vtiger_field.presence in (0,2) GROUP BY vtiger_field.fieldid"; 2058 } 2059 $params = array($tabid, $fieldname); 2060 } 2061 //Postgres 8 fixes 2062 if( $adb->dbType == "pgsql") 2063 $query = fixPostgresQuery( $query, $log, 0); 2064 2065 2066 $result = $adb->pquery($query, $params); 2067 2068 $log->debug("Exiting getFieldVisibilityPermission method ..."); 2069 2070 // Returns value as a string 2071 if($adb->num_rows($result) == 0) return '1'; 2072 return ($adb->query_result($result,"0","visible").""); 2073 } 2074 } 2075 2076 /** Function to check permission to access the column for a given user 2077 * @param $userid -- User Id :: Type integer 2078 * @param $tablename -- tablename :: Type String 2079 * @param $columnname -- columnname :: Type String 2080 * @param $module -- Module Name :: Type varchar 2081 */ 2082 function getColumnVisibilityPermission($userid, $columnname, $module, $accessmode='readonly') 2083 { 2084 global $adb,$log; 2085 $log->debug("in function getcolumnvisibilitypermission $columnname -$userid"); 2086 $tabid = getTabid($module); 2087 2088 // Look at cache if information is available. 2089 $cacheFieldInfo = VTCacheUtils::lookupFieldInfoByColumn($tabid, $columnname); 2090 $fieldname = false; 2091 if($cacheFieldInfo === false) { 2092 $res = $adb->pquery("select fieldname from vtiger_field where tabid=? and columnname=? and vtiger_field.presence in (0,2)", array($tabid, $columnname)); 2093 $fieldname = $adb->query_result($res, 0, 'fieldname'); 2094 } else { 2095 $fieldname = $cacheFieldInfo['fieldname']; 2096 } 2097 2098 return getFieldVisibilityPermission($module,$userid,$fieldname,$accessmode); 2099 } 2100 2101 /** Function to get the permitted module name Array with presence as 0 2102 * @returns permitted module name Array :: Type Array 2103 * 2104 */ 2105 function getPermittedModuleNames() 2106 { 2107 global $log; 2108 $log->debug("Entering getPermittedModuleNames() method ..."); 2109 global $current_user; 2110 $permittedModules=Array(); 2111 require('user_privileges/user_privileges_'.$current_user->id.'.php'); 2112 include ('tabdata.php'); 2113 2114 if($is_admin == false && $profileGlobalPermission[1] == 1 && $profileGlobalPermission[2] == 1) 2115 { 2116 foreach($tab_seq_array as $tabid=>$seq_value) 2117 { 2118 if($seq_value === 0 && $profileTabsPermission[$tabid] === 0) 2119 { 2120 $permittedModules[]=getTabModuleName($tabid); 2121 } 2122 2123 } 2124 2125 2126 } 2127 else 2128 { 2129 foreach($tab_seq_array as $tabid=>$seq_value) 2130 { 2131 if($seq_value === 0) 2132 { 2133 $permittedModules[]=getTabModuleName($tabid); 2134 } 2135 2136 } 2137 } 2138 $log->debug("Exiting getPermittedModuleNames method ..."); 2139 return $permittedModules; 2140 } 2141 2142 2143 /** 2144 * Function to get the permitted module id Array with presence as 0 2145 * @global Users $current_user 2146 * @return Array Array of accessible tabids. 2147 */ 2148 function getPermittedModuleIdList() { 2149 global $current_user; 2150 $permittedModules=Array(); 2151 require('user_privileges/user_privileges_'.$current_user->id.'.php'); 2152 include ('tabdata.php'); 2153 2154 if($is_admin == false && $profileGlobalPermission[1] == 1 && 2155 $profileGlobalPermission[2] == 1) { 2156 foreach($tab_seq_array as $tabid=>$seq_value) { 2157 if($seq_value === 0 && $profileTabsPermission[$tabid] === 0) { 2158 $permittedModules[]=($tabid); 2159 } 2160 } 2161 } else { 2162 foreach($tab_seq_array as $tabid=>$seq_value) { 2163 if($seq_value === 0) { 2164 $permittedModules[]=($tabid); 2165 } 2166 } 2167 } 2168 $homeTabid = getTabid('Home'); 2169 if(!in_array($homeTabid, $permittedModules)) { 2170 $permittedModules[] = $homeTabid; 2171 } 2172 return $permittedModules; 2173 } 2174 2175 /** Function to recalculate the Sharing Rules for all the vtiger_users 2176 * This function will recalculate all the sharing rules for all the vtiger_users in the Organization and will write them in flat vtiger_files 2177 * 2178 */ 2179 function RecalculateSharingRules() 2180 { 2181 global $log; 2182 $log->debug("Entering RecalculateSharingRules() method ..."); 2183 global $adb; 2184 require_once ('modules/Users/CreateUserPrivilegeFile.php'); 2185 $query="select id from vtiger_users where deleted=0"; 2186 $result=$adb->pquery($query, array()); 2187 $num_rows=$adb->num_rows($result); 2188 for($i=0;$i<$num_rows;$i++) 2189 { 2190 $id=$adb->query_result($result,$i,'id'); 2191 createUserPrivilegesfile($id); 2192 createUserSharingPrivilegesfile($id); 2193 } 2194 $log->debug("Exiting RecalculateSharingRules method ..."); 2195 2196 } 2197 2198 /** Function to get the list of module for which the user defined sharing rules can be defined 2199 * @returns Array:: Type array 2200 * 2201 */ 2202 function getSharingModuleList($eliminateModules=false) 2203 { 2204 global $log; 2205 2206 $sharingModuleArray = Array(); 2207 2208 global $adb; 2209 if(empty($eliminateModules)) $eliminateModules = Array(); 2210 2211 // Module that needs to be eliminated explicitly 2212 if(!in_array('Calendar', $eliminateModules)) $eliminateModules[] = 'Calendar'; 2213 if(!in_array('Events', $eliminateModules)) $eliminateModules[] = 'Events'; 2214 2215 $query = "SELECT name FROM vtiger_tab WHERE presence=0 AND ownedby = 0 AND isentitytype = 1"; 2216 $query .= " AND name NOT IN('" . implode("','", $eliminateModules) . "')"; 2217 2218 $result = $adb->query($query); 2219 while($resrow = $adb->fetch_array($result)) { 2220 $sharingModuleArray[] = $resrow['name']; 2221 } 2222 2223 return $sharingModuleArray; 2224 } 2225 2226 2227 function isCalendarPermittedBySharing($recordId) 2228 { 2229 global $adb, $current_user; 2230 $permission = 'no'; 2231 $query = "SELECT vtiger_sharedcalendar.sharedid, vtiger_users.calendarsharedtype FROM vtiger_sharedcalendar RIGHT JOIN vtiger_users ON vtiger_sharedcalendar.userid=vtiger_users.id and status='Active' 2232 WHERE vtiger_users.id IN(SELECT smownerid FROM vtiger_activity INNER JOIN vtiger_crmentity ON vtiger_crmentity.crmid=vtiger_activity.activityid 2233 WHERE activityid=? AND visibility='Public' AND smownerid !=0)"; 2234 $result=$adb->pquery($query, array($recordId)); 2235 2236 for($i=0; $i< $adb->num_rows($result); $i++ ) { 2237 $sharedDetails = $adb->fetch_row($result,$i); 2238 $sharedType = $sharedDetails['calendarsharedtype']; 2239 if($sharedType == 'public') { 2240 $permission = 'yes'; 2241 break; 2242 } else if($sharedType == 'private') { 2243 $permission = 'no'; 2244 break; 2245 } else if($current_user->id == $sharedDetails['sharedid']) { 2246 $permission = 'yes'; 2247 break; 2248 } 2249 } 2250 2251 return $permission; 2252 } 2253 2254 /** Function to check if the field is Active 2255 * @params $modulename -- Module Name :: String Type 2256 * $fieldname -- Field Name :: String Type 2257 */ 2258 function isFieldActive($modulename,$fieldname){ 2259 $fieldid = getFieldid(getTabid($modulename), $fieldname, true); 2260 return ($fieldid !== false); 2261 } 2262 2263 /** 2264 * 2265 * @param String $module - module name for which query needs to be generated. 2266 * @param Users $user - user for which query needs to be generated. 2267 * @return String Access control Query for the user. 2268 */ 2269 function getNonAdminAccessControlQuery($module,$user,$scope=''){ 2270 $instance = CRMEntity::getInstance($module); 2271 return $instance->getNonAdminAccessControlQuery($module,$user,$scope); 2272 } 2273 2274 function appendFromClauseToQuery($query,$fromClause) { 2275 $query = preg_replace('/\s+/', ' ', $query); 2276 $condition = substr($query, strripos($query,' where '),strlen($query)); 2277 $newQuery = substr($query, 0, strripos($query,' where ')); 2278 $query = $newQuery.$fromClause.$condition; 2279 return $query; 2280 } 2281 2282 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Nov 28 20:08:37 2014 | Cross-referenced by PHPXref 0.7.1 |