public function getData(Vtiger_Request $request, $widget)
{
$db = PearDatabase::getInstance();
$fields = ['id', 'name', 'calculationsstatus', 'relatedid', 'hdnGrandTotal', 'assigned_user_id'];
$limit = 10;
$params = [];
if (!empty($widget->get('limit'))) {
$limit = $widget->get('limit');
}
$calculationConfig = Settings_SalesProcesses_Module_Model::getConfig('calculation');
$calculationsStatus = $calculationConfig['calculationsstatus'];
$currentUser = Users_Record_Model::getCurrentUserModel();
$module = 'Calculations';
$instance = CRMEntity::getInstance($module);
$securityParameter = $instance->getUserAccessConditionsQuerySR($module, $currentUser);
$queryGenerator = new QueryGenerator($module, $currentUser);
$queryGenerator->setFields($fields);
$sql = $queryGenerator->getQuery();
if ($securityParameter != '') {
$sql .= $securityParameter;
}
if (!empty($calculationsStatus)) {
$calculationsStatusSearch = implode("','", $calculationsStatus);
$sql .= " AND vtiger_calculations.calculationsstatus NOT IN ('{$calculationsStatusSearch}')";
}
$showtype = $request->get('showtype');
if ($showtype == 'common') {
$shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($module);
$sql .= ' AND vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid = ?';
} else {
$sql .= ' AND vtiger_crmentity.smownerid = ?';
}
$params[] = $currentUser->getId();
$sql .= ' LIMIT ' . $limit;
$result = $db->pquery($sql, $params);
$returnData = array();
for ($i = 0; $i < $db->num_rows($result); $i++) {
$returnData[] = $db->query_result_rowdata($result, $i);
}
return $returnData;
}
function handleEvent($eventName, $entityData)
{
if ($eventName == 'vtiger.entity.aftersave.final' && vglobal('shared_owners') == true) {
$moduleName = $entityData->getModuleName();
$recordId = $entityData->getId();
$vtEntityDelta = new VTEntityDelta();
$delta = $vtEntityDelta->getEntityDelta($moduleName, $recordId, true);
if (array_key_exists('assigned_user_id', $delta)) {
$usersUpadated = TRUE;
$oldValue = Vtiger_Functions::getArrayFromValue($delta['assigned_user_id']['oldValue']);
$currentValue = Vtiger_Functions::getArrayFromValue($delta['assigned_user_id']['currentValue']);
$addUsers = $currentValue;
$removeUser = array_diff($oldValue, $currentValue);
Users_Privileges_Model::setSharedOwnerRecursively($recordId, $addUsers, $removeUser, $moduleName);
}
}
if ($eventName == 'vtiger.entity.link.after' && vglobal('shared_owners') == true && Vtiger_Processes_Model::getConfig('sales', 'popup', 'update_shared_permissions') == 'true') {
$destinationModule = ['Products', 'Services'];
if ($entityData['sourceModule'] == 'Potentials' && in_array($entityData['destinationModule'], $destinationModule)) {
$db = PearDatabase::getInstance();
$sourceRecordId =& $entityData['sourceRecordId'];
$destinationRecordId =& $entityData['destinationRecordId'];
$recordMetaData = Vtiger_Functions::getCRMRecordMetadata($sourceRecordId);
$shownerIds = Vtiger_SharedOwner_UIType::getSharedOwners($sourceRecordId, $entityData['sourceModule']);
$shownerIds[] = $recordMetaData['smownerid'];
$shownerIds = array_unique($shownerIds);
$usersExist = [];
$shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($entityData['destinationModule']);
$result = $db->pquery('SELECT crmid, userid FROM ' . $shownersTable . ' WHERE userid IN(' . implode(',', $shownerIds) . ') AND crmid = ?', [$destinationRecordId]);
while ($row = $db->getRow($result)) {
$usersExist[$row['crmid']][$row['userid']] = true;
}
foreach ($shownerIds as $userId) {
if (!isset($usersExist[$destinationRecordId][$userId])) {
$db->insert($shownersTable, ['crmid' => $destinationRecordId, 'userid' => $userId]);
}
}
}
}
}
/**
* Function to get set Shared Owner Recursively
*/
public static function setSharedOwnerRecursively($recordId, $addUser, $removeUser, $moduleName)
{
$log = vglobal('log');
$db = PearDatabase::getInstance();
$log->info('Entering Into setSharedOwnerRecursively( ' . $recordId . ', ' . $moduleName . ')');
$recordsByModule = self::getSharedRecordsRecursively($recordId, $moduleName);
if (count($recordsByModule) === 0) {
$log->info('Exiting setSharedOwnerRecursively() - No shared records');
return false;
}
$removeUserString = $addUserString = false;
if (count($removeUser) > 0) {
$removeUserString = implode(',', $removeUser);
}
if (count($addUser) > 0) {
$addUserString = implode(',', $addUser);
}
foreach ($recordsByModule as $parentModuleName => &$records) {
$sqlRecords = implode(',', $records);
$shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($parentModuleName);
if ($removeUserString !== false) {
$db->delete($shownersTable, 'userid IN(' . $removeUserString . ') AND crmid IN (' . $sqlRecords . ')');
}
if ($addUserString !== false) {
$usersExist = [];
$result = $db->query('SELECT crmid, userid FROM ' . $shownersTable . ' WHERE userid IN(' . $addUserString . ') AND crmid IN (' . $sqlRecords . ')');
while ($row = $db->getRow($result)) {
$usersExist[$row['crmid']][$row['userid']] = true;
}
foreach ($records as &$record) {
foreach ($addUser as $userId) {
if (!isset($usersExist[$record][$userId])) {
$db->insert($shownersTable, ['crmid' => $record, 'userid' => $userId]);
}
}
}
}
}
$log->info('Exiting setSharedOwnerRecursively()');
}
/**
*
* @param mixed $value
* @param String $operator
* @param WebserviceField $field
*/
private function getConditionValue($value, $operator, $field)
{
$operator = strtolower($operator);
$db = PearDatabase::getInstance();
$inEqualityFieldTypes = ['currency', 'percentage', 'double', 'integer', 'number'];
if (is_string($value) && $this->ignoreComma == false) {
$commaSeparatedFieldTypes = ['picklist', 'multipicklist', 'owner', 'date', 'datetime', 'time', 'tree', 'sharedOwner', 'sharedOwner'];
if (in_array($field->getFieldDataType(), $commaSeparatedFieldTypes)) {
$valueArray = explode(',', $value);
if ($field->getFieldDataType() == 'multipicklist' && in_array($operator, ['e', 'n'])) {
$valueArray = getCombinations($valueArray);
foreach ($valueArray as $key => $value) {
$valueArray[$key] = ltrim($value, ' |##| ');
}
}
} else {
if ($field->getFieldDataType() == 'multiReferenceValue') {
$valueArray = explode(',', $value);
foreach ($valueArray as $key => $value) {
$valueArray[$key] = '|#|' . $value . '|#|';
}
} else {
$valueArray = [$value];
}
}
} elseif (is_array($value)) {
$valueArray = $value;
} else {
$valueArray = [$value];
}
$sql = array();
if ($operator == 'between' || $operator == 'bw' || $operator == 'notequal') {
if ($field->getFieldName() == 'birthday') {
$valueArray[0] = getValidDBInsertDateTimeValue($valueArray[0]);
$valueArray[1] = getValidDBInsertDateTimeValue($valueArray[1]);
$sql[] = "BETWEEN DATE_FORMAT(" . $db->quote($valueArray[0]) . ", '%m%d') AND " . "DATE_FORMAT(" . $db->quote($valueArray[1]) . ", '%m%d')";
} else {
if ($this->isDateType($field->getFieldDataType())) {
$start = explode(' ', $valueArray[0]);
$end = explode(' ', $valueArray[1]);
if ($operator == 'between' && count($start) == 2 && count($end) == 2) {
$valueArray[0] = getValidDBInsertDateTimeValue($start[0] . ' ' . $start[1]);
if ($start[0] == $end[0]) {
$dateTime = new DateTime($valueArray[0]);
$nextDay = $dateTime->modify('+1 days');
$nextDay = strtotime($nextDay->format('Y-m-d H:i:s')) - 1;
$nextDay = date('Y-m-d H:i:s', $nextDay);
$values = explode(' ', $nextDay);
$valueArray[1] = getValidDBInsertDateTimeValue($values[0]) . ' ' . $values[1];
} else {
$end = $valueArray[1];
$dateObject = new DateTimeField($end);
$valueArray[1] = $dateObject->getDBInsertDateTimeValue();
}
} else {
$valueArray[0] = getValidDBInsertDateTimeValue($valueArray[0]);
$dateTimeStart = explode(' ', $valueArray[0]);
if ($dateTimeStart[1] == '00:00:00' && $operator != 'between') {
$valueArray[0] = $dateTimeStart[0];
}
$valueArray[1] = getValidDBInsertDateTimeValue($valueArray[1]);
$dateTimeEnd = explode(' ', $valueArray[1]);
if ($dateTimeEnd[1] == '00:00:00' || $dateTimeEnd[1] == '23:59:59') {
$valueArray[1] = $dateTimeEnd[0];
}
}
}
if ($operator == 'notequal') {
$sql[] = "NOT BETWEEN " . $db->quote($valueArray[0]) . " AND " . $db->quote($valueArray[1]);
} else {
$sql[] = "BETWEEN " . $db->quote($valueArray[0]) . " AND " . $db->quote($valueArray[1]);
}
}
return $sql;
}
foreach ($valueArray as $value) {
if (!$this->isStringType($field->getFieldDataType())) {
$value = trim($value);
}
if ($operator == 'empty' || $operator == 'y') {
$sql[] = sprintf("IS NULL OR %s = ''", $this->getSQLColumn($field->getFieldName()));
continue;
}
if ($operator == 'ny') {
$sql[] = sprintf("IS NOT NULL AND %s != ''", $this->getSQLColumn($field->getFieldName()));
continue;
}
if (strtolower(trim($value)) == 'null' || trim($value) == '' && !$this->isStringType($field->getFieldDataType()) && ($operator == 'e' || $operator == 'n')) {
if ($operator == 'e') {
$sql[] = "IS NULL";
continue;
}
$sql[] = "IS NOT NULL";
continue;
} elseif ($field->getFieldDataType() == 'boolean') {
$value = strtolower($value);
if ($value == 'yes') {
$value = 1;
} elseif ($value == 'no') {
$value = 0;
}
} elseif ($this->isDateType($field->getFieldDataType())) {
// For "after" and "before" conditions
$values = explode(' ', $value);
if (($operator == 'a' || $operator == 'b') && count($values) == 2) {
if ($operator == 'a') {
// for after comparator we should check the date after the given
$dateTime = new DateTime($value);
$modifiedDate = $dateTime->modify('+1 days');
$nextday = $modifiedDate->format('Y-m-d H:i:s');
$temp = strtotime($nextday) - 1;
$date = date('Y-m-d H:i:s', $temp);
$value = getValidDBInsertDateTimeValue($date);
} else {
$dateTime = new DateTime($value);
$prevday = $dateTime->format('Y-m-d H:i:s');
$temp = strtotime($prevday) - 1;
$date = date('Y-m-d H:i:s', $temp);
$value = getValidDBInsertDateTimeValue($date);
}
} else {
$value = getValidDBInsertDateTimeValue($value);
$dateTime = explode(' ', $value);
if ($dateTime[1] == '00:00:00') {
$value = $dateTime[0];
}
}
} else {
if (in_array($field->getFieldDataType(), $inEqualityFieldTypes)) {
$table = get_html_translation_table(HTML_ENTITIES, ENT_COMPAT, vglobal('default_charset'));
$chars = implode('', array_keys($table));
if (preg_match("/[{$chars}]+/", $value) === 1) {
if ($operator == 'g' || $operator == 'l') {
$value = substr($value, 4);
} else {
if ($operator == 'h' || $operator == 'm') {
$value = substr($value, 5);
}
}
}
} else {
if ($field->getFieldDataType() === 'currency') {
$uiType = $field->getUIType();
if ($uiType == 72) {
$value = CurrencyField::convertToDBFormat($value, null, true);
} elseif ($uiType == 71) {
$value = CurrencyField::convertToDBFormat($value);
}
}
}
}
if ($field->getFieldName() == 'birthday' && !$this->isRelativeSearchOperators($operator)) {
$value = "DATE_FORMAT(" . $db->quote($value) . ", '%m%d')";
} else {
$value = $db->sql_escape_string($value, true);
}
if ($field->getFieldDataType() == 'multiReferenceValue' && in_array($operator, ['e', 's', 'ew', 'c'])) {
$sql[] = "LIKE '%{$value}%'";
continue;
} else {
if ($field->getFieldDataType() == 'multiReferenceValue' && in_array($operator, ['n', 'k'])) {
$sql[] = "NOT LIKE '%{$value}%'";
continue;
}
}
if (trim($value) == '' && ($operator == 's' || $operator == 'ew' || $operator == 'c') && ($this->isStringType($field->getFieldDataType()) || $field->getFieldDataType() == 'picklist' || $field->getFieldDataType() == 'multipicklist')) {
$sql[] = "LIKE ''";
continue;
}
if (trim($value) == '' && $operator == 'om' && in_array($field->getFieldName(), $this->ownerFields)) {
$sql[] = " = '" . Users_Record_Model::getCurrentUserModel()->get('id') . "'";
continue;
}
if ($field->getUIType() == 120) {
$shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($this->getModule());
if ($operator == 'om') {
$sql[] = 'vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid = ' . Users_Record_Model::getCurrentUserModel()->get('id') . ')';
} else {
if (in_array($operator, ['e', 's', 'ew', 'c'])) {
$sql[] = 'vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid = ' . $value . ')';
} else {
if (in_array($operator, ['n', 'k'])) {
$sql[] = 'vtiger_crmentity.crmid NOT IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid = ' . $value . ')';
}
}
}
continue;
}
if (trim($value) == '' && $operator == 'k' && $this->isStringType($field->getFieldDataType())) {
$sql[] = "NOT LIKE ''";
continue;
}
$sqlOperatorData = $this->getSqlOperator($operator, $value);
$sqlOperator = $sqlOperatorData[0];
$value = $sqlOperatorData[1];
if (!$this->isNumericType($field->getFieldDataType()) && ($field->getFieldName() != 'birthday' || $field->getFieldName() == 'birthday' && $this->isRelativeSearchOperators($operator))) {
$value = "'{$value}'";
}
if ($this->isNumericType($field->getFieldDataType()) && empty($value)) {
$value = '0';
}
$sql[] = "{$sqlOperator} {$value}";
}
return $sql;
}
function getUserAccessConditionsQuerySR($module, $current_user = false, $relatedRecord = false)
{
if ($current_user == false) {
$current_user = vglobal('current_user');
}
require 'user_privileges/user_privileges_' . $current_user->id . '.php';
require 'user_privileges/sharing_privileges_' . $current_user->id . '.php';
global $shared_owners;
$is_admin = is_admin($current_user);
$sharedParameter = $securityParameter = '';
$query = '';
$tabId = getTabid($module);
if ($relatedRecord) {
$role = getRoleInformation($current_user->roleid);
if ($role['listrelatedrecord'] != 0) {
$rparentRecord = Users_Privileges_Model::getParentRecord($relatedRecord, false, $role['listrelatedrecord']);
if ($rparentRecord) {
$relatedRecord = $rparentRecord;
}
$recordMetaData = Vtiger_Functions::getCRMRecordMetadata($relatedRecord);
$recordPermission = Users_Privileges_Model::isPermitted($recordMetaData['setype'], 'DetailView', $relatedRecord);
if (!$recordPermission) {
throw new AppException('LBL_PERMISSION_DENIED');
}
if ($recordMetaData['smownerid'] == $current_user->id) {
return '';
}
}
}
if ($is_admin == false && $profileGlobalPermission[1] == 1 && $profileGlobalPermission[2] == 1 && $defaultOrgSharingPermission[$tabId] == 3) {
$securityParameter = $this->getUserAccessConditionsQuery($module, $current_user);
$shownerid = array_merge([$current_user->id], $current_user_groups);
$shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($module);
$sharedParameter .= 'vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid IN (' . implode(',', $shownerid) . '))';
}
if ($shared_owners == true) {
if ($securityParameter != '') {
$query .= " AND ( ({$securityParameter}) OR ({$sharedParameter}) )";
} elseif ($sharedParameter != '') {
$query .= ' AND (' . $sharedParameter . ')';
}
} else {
$query .= $securityParameter;
}
return $query;
}
