[Summary view] [Print] [Text view]

   1  <?php
   2  /*+***********************************************************************************
   3   * The contents of this file are subject to the vtiger CRM Public License Version 1.0
   4   * ("License"); You may not use this file except in compliance with the License
   5   * The Original Code is:  vtiger CRM Open Source
   6   * The Initial Developer of the Original Code is vtiger.
   7   * Portions created by vtiger are Copyright (C) vtiger.
   8   * All Rights Reserved.
   9   *************************************************************************************/
  10  
  11  /**
  12   * User Privileges Model Class
  13   */
  14  class Users_Privileges_Model extends Users_Record_Model {
  15  
  16      /**
  17       * Function to get the Global Read Permission for the user
  18       * @return <Number> 0/1
  19       */
  20  	protected function getGlobalReadPermission() {
  21          $profileGlobalPermissions = $this->get('profile_global_permission');
  22          return $profileGlobalPermissions[Settings_Profiles_Module_Model::GLOBAL_ACTION_VIEW];
  23      }
  24  
  25      /**
  26       * Function to get the Global Write Permission for the user
  27       * @return <Number> 0/1
  28       */
  29  	protected function getGlobalWritePermission() {
  30          $profileGlobalPermissions = $this->get('profile_global_permission');
  31          return $profileGlobalPermissions[Settings_Profiles_Module_Model::GLOBAL_ACTION_EDIT];
  32      }
  33  
  34      /**
  35       * Function to check if the user has Global Read Permission
  36       * @return <Boolean> true/false
  37       */
  38  	public function hasGlobalReadPermission() {
  39          return ($this->isAdminUser() ||
  40                  $this->getGlobalReadPermission() === Settings_Profiles_Module_Model::IS_PERMITTED_VALUE ||
  41                  $this->getGlobalWritePermission() === Settings_Profiles_Module_Model::IS_PERMITTED_VALUE);
  42      }
  43  
  44      /**
  45       * Function to check if the user has Global Write Permission
  46       * @return <Boolean> true/false
  47       */
  48  	public function hasGlobalWritePermission() {
  49          return ($this->isAdminUser() || $this->getGlobalWritePermission() === Settings_Profiles_Module_Model::IS_PERMITTED_VALUE);
  50      }
  51  
  52  	public function hasGlobalPermission($actionId) {
  53          if($actionId == Settings_Profiles_Module_Model::GLOBAL_ACTION_VIEW) {
  54              return $this->hasGlobalReadPermission();
  55          }
  56          if($actionId == Settings_Profiles_Module_Model::GLOBAL_ACTION_EDIT) {
  57              return $this->hasGlobalWritePermission();
  58          }
  59          return false;
  60      }
  61  
  62      /**
  63       * Function to check whether the user has access to a given module by tabid
  64       * @param <Number> $tabId
  65       * @return <Boolean> true/false
  66       */
  67  	public function hasModulePermission($tabId) {
  68          $profileTabsPermissions = $this->get('profile_tabs_permission');
  69          $moduleModel = Vtiger_Module_Model::getInstance($tabId);
  70          return (($this->isAdminUser() || $profileTabsPermissions[$tabId] === 0) && $moduleModel->isActive());
  71      }
  72  
  73      /**
  74       * Function to check whether the user has access to the specified action/operation on a given module by tabid
  75       * @param <Number> $tabId
  76       * @param <String/Number> $action
  77       * @return <Boolean> true/false
  78       */
  79  	public function hasModuleActionPermission($tabId, $action) {
  80          if(!is_a($action, 'Vtiger_Action_Model')) {
  81              $action = Vtiger_Action_Model::getInstance($action);
  82          }
  83          $actionId = $action->getId();
  84          $profileTabsPermissions = $this->get('profile_action_permission');
  85          $moduleModel = Vtiger_Module_Model::getInstance($tabId);
  86          return (($this->isAdminUser() || $profileTabsPermissions[$tabId][$actionId] === Settings_Profiles_Module_Model::IS_PERMITTED_VALUE)
  87                   && $moduleModel->isActive());
  88      }
  89  
  90      /**
  91       * Static Function to get the instance of the User Privileges model from the given list of key-value array
  92       * @param <Array> $valueMap
  93       * @return Users_Privilege_Model object
  94       */
  95  	public static function getInstance($valueMap) {
  96          $instance = new self();
  97          foreach ($valueMap as $key => $value) {
  98              $instance->$key = $value;
  99          }
 100          $instance->setData($valueMap);
 101          return $instance;
 102      }
 103  
 104      /**
 105       * Static Function to get the instance of the User Privileges model, given the User id
 106       * @param <Number> $userId
 107       * @return Users_Privilege_Model object
 108       */
 109  	public static function getInstanceById($userId) {
 110          if (empty($userId))
 111              return null;
 112  
 113          require("user_privileges/user_privileges_$userId.php");
 114          require("user_privileges/sharing_privileges_$userId.php");
 115  
 116          $valueMap = array();
 117          $valueMap['id'] = $userId;
 118          $valueMap['is_admin'] = (bool) $is_admin;
 119          $valueMap['roleid'] = $current_user_roles;
 120          $valueMap['parent_role_seq'] = $current_user_parent_role_seq;
 121          $valueMap['profiles'] = $current_user_profiles;
 122          $valueMap['profile_global_permission'] = $profileGlobalPermission;
 123          $valueMap['profile_tabs_permission'] = $profileTabsPermission;
 124          $valueMap['profile_action_permission'] = $profileActionPermission;
 125          $valueMap['groups'] = $current_user_groups;
 126          $valueMap['subordinate_roles'] = $subordinate_roles;
 127          $valueMap['parent_roles'] = $parent_roles;
 128          $valueMap['subordinate_roles_users'] = $subordinate_roles_users;
 129          $valueMap['defaultOrgSharingPermission'] = $defaultOrgSharingPermission;
 130          $valueMap['related_module_share'] = $related_module_share;
 131  
 132          if(is_array($user_info)) {
 133              $valueMap = array_merge($valueMap, $user_info);
 134          }
 135  
 136          return self::getInstance($valueMap);
 137      }
 138  
 139      /**
 140       * Static function to get the User Privileges Model for the current user
 141       * @return Users_Privilege_Model object
 142       */
 143  	public static function getCurrentUserPrivilegesModel() {
 144          //TODO : Remove the global dependency
 145          $currentUser = vglobal('current_user');
 146          $currentUserId = $currentUser->id;
 147          return self::getInstanceById($currentUserId);
 148      }
 149  
 150      /**
 151       * Function to check permission for a Module/Action/Record
 152       * @param <String> $moduleName
 153       * @param <String> $actionName
 154       * @param <Number> $record
 155       * @return Boolean
 156       */
 157  	public static function isPermitted($moduleName, $actionName, $record=false) {
 158          $permission = isPermitted($moduleName, $actionName, $record);
 159          if($permission == 'yes') {
 160              return true;
 161          }
 162          return false;
 163      }
 164  
 165      
 166      /**
 167       * Function returns non admin access control check query
 168       * @param <String> $module
 169       * @return <String>
 170       */
 171  	public static function getNonAdminAccessControlQuery($module) {
 172          $currentUser = vglobal('current_user');
 173          return getNonAdminAccessControlQuery($module, $currentUser);
 174      }
 175  }