/** * Only allow access to users with the user admin setting * * @param string $module * @param string $view * @param array $context * * @return bool|void */ public function checkAccess($module, $action, $context) { $action = $this->fixUpActionName($action); if ($action == "field") { return true; } if (!empty($this->parentLink)) { $linkName = $this->parentLink; $bean = SugarACL::loadBean($module, $context); $bean->load_relationship($linkName); if (empty($bean->{$linkName})) { throw new SugarException("Invalid link {$linkName} for parent ACL"); } if ($bean->{$linkName}->getType() == "many") { throw new SugarException("Cannot serch for owners through multi-link {$linkName}"); } $parentModule = $bean->{$linkName}->getRelatedModuleName(); if (!empty($this->parentModule) && $parentModule != $this->parentModule) { throw new SugarException("Cannot search for owners through link with incorrect module {$parentModule}"); } if (in_array($action, self::$requiresOwnerCheck)) { //Check ACL's that require a parent such as edit/detail $parentIds = $bean->{$linkName}->get(); if (is_array($parentIds) && !empty($parentIds)) { $parentId = $parentIds[0]; $parentBean = BeanFactory::getBean($parentModule, $parentId); //The parent failed to retrieve, you probably don't have access if (empty($parentBean->id)) { return false; } $context['bean'] = $parentBean; return $parentBean->ACLAccess($action, $context); } } else { //Fall here for ACL's like list that don't require a parent to check //Don't pass the context since the bean won't match the module. //We also can't check owner at this level since we don't have the bean so owner_override must be true unset($context['bean']); $context['owner_override'] = true; return SugarACL::checkAccess($parentModule, $action, $context); } } return true; }