public function getNonAdminAccessControlQuery($module, $user, $scope = '')
{
require 'user_privileges/user_privileges_' . $user->id . '.php';
require 'user_privileges/sharing_privileges_' . $user->id . '.php';
$query = ' ';
$tabId = getTabid($module);
if ($is_admin == false && $profileGlobalPermission[1] == 1 && $profileGlobalPermission[2] == 1 && $defaultOrgSharingPermission[$tabId] == 3) {
$tableName = 'vt_tmp_u' . $user->id . '_t' . $tabId;
$sharingRuleInfoVariable = $module . '_share_read_permission';
$sharingRuleInfo = ${$sharingRuleInfoVariable};
$sharedTabId = null;
$this->setupTemporaryTable($tableName, $sharedTabId, $user, $current_user_parent_role_seq, $current_user_groups);
$query = " INNER JOIN {$tableName} {$tableName}{$scope} ON ({$tableName}{$scope}.id = " . "vtiger_crmentity{$scope}.smownerid and {$tableName}{$scope}.shared=0) ";
$sharedIds = getSharedCalendarId($user->id);
if (!empty($sharedIds)) {
$query .= "or ({$tableName}{$scope}.id = vtiger_crmentity{$scope}.smownerid AND " . "{$tableName}{$scope}.shared=1 and vtiger_activity.visibility = 'Public') ";
}
}
return $query;
}
function getSecListViewSecurityParameter($module)
{
global $log;
$log->debug("Entering getListViewSecurityParameter(" . $module . ") method ...");
global $adb;
global $current_user;
$tabid = getTabid($module);
global $current_user;
if ($current_user) {
require 'user_privileges/user_privileges_' . $current_user->id . '.php';
require 'user_privileges/sharing_privileges_' . $current_user->id . '.php';
}
if ($module == 'Leads') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'Accounts') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'Contacts') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'Potentials') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or vtiger_potential.related_to in (select crmid from vtiger_crmentity where setype in ('Accounts', 'Contacts') and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid in (" . getTabid('Accounts') . ", " . getTabid('Contacts') . ") and relatedtabid=" . $tabid . ")) ";
if (vtlib_isModuleActive("Accounts")) {
"or vtiger_potential.related_to in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in (select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) ";
}
if (vtlib_isModuleActive("Contacts")) {
"or vtiger_potential.related_to in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Contacts' and vtiger_groups.groupid in (select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Contacts') . " and relatedtabid=" . $tabid . ")) ";
}
$sec_query .= " or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'HelpDesk') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") ";
if (vtlib_isModuleActive("Accounts")) {
"or vtiger_troubletickets.parent_id in (select crmid from vtiger_crmentity where setype='Accounts' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) or vtiger_troubletickets.parent_id in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) ";
}
$sec_query .= " or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'Calendar') {
require_once 'modules/Calendar/CalendarCommon.php';
$shared_ids = getSharedCalendarId($current_user->id);
if (isset($shared_ids) && $shared_ids != '') {
$condition = " or (vtiger_crmentity{$module}.smownerid in({$shared_ids}) and vtiger_activity.visibility = 'Public')";
} else {
$condition = null;
}
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) {$condition} or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%')";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " or ((vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ")))";
}
$sec_query .= ")";
} elseif ($module == 'Quotes') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")";
//Adding crterial for vtiger_account related vtiger_quotes sharing
if (vtlib_isModuleActive("Accounts")) {
$sec_query .= " or vtiger_quotes.accountid in (select crmid from vtiger_crmentity where setype='Accounts' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) or vtiger_quotes.accountid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . "))";
}
//Adding crterial for vtiger_potential related vtiger_quotes sharing
if (vtlib_isModuleActive("Potentials")) {
$sec_query .= " or vtiger_quotes.potentialid in (select crmid from vtiger_crmentity where setype='Potentials' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Potentials') . " and relatedtabid=" . $tabid . ")) or vtiger_quotes.potentialid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Potentials' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Potentials') . " and relatedtabid=" . $tabid . "))";
}
//Adding crteria for group sharing
$sec_query .= " or ((";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) ";
} elseif ($module == 'PurchaseOrder') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'SalesOrder') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")";
//Adding crterial for vtiger_account related so sharing
if (vtlib_isModuleActive("Accounts")) {
$sec_query .= " or vtiger_salesorder.accountid in (select crmid from vtiger_crmentity where setype='Accounts' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) or vtiger_salesorder.accountid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . "))";
}
//Adding crterial for vtiger_potential related so sharing
if (vtlib_isModuleActive("Potentials")) {
$sec_query .= " or vtiger_salesorder.potentialid in (select crmid from vtiger_crmentity where setype='Potentials' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Potentials') . " and relatedtabid=" . $tabid . ")) or vtiger_salesorder.potentialid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Potentials' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Potentials') . " and relatedtabid=" . $tabid . "))";
}
//Adding crterial for vtiger_quotes related so sharing
if (vtlib_isModuleActive("Quotes")) {
$sec_query .= " or vtiger_salesorder.quoteid in (select crmid from vtiger_crmentity where setype='Quotes' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Quotes') . " and relatedtabid=" . $tabid . ")) or vtiger_salesorder.quoteid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Quotes' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Quotes') . " and relatedtabid=" . $tabid . "))";
}
//Adding crteria for group sharing
$sec_query .= " or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'Invoice') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")";
//Adding crterial for vtiger_account related vtiger_invoice sharing
if (vtlib_isModuleActive("Accounts")) {
$sec_query .= " or vtiger_invoice.accountid in (select crmid from vtiger_crmentity where setype='Accounts' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) or vtiger_invoice.accountid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . "))";
}
//Adding crterial for vtiger_salesorder related vtiger_invoice sharing
if (vtlib_isModuleActive("SalesOrder")) {
$sec_query .= " or vtiger_invoice.salesorderid in (select crmid from vtiger_crmentity where setype='SalesOrder' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('SalesOrder') . " and relatedtabid=" . $tabid . ")) or vtiger_invoice.salesorderid in(select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='SalesOrder' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('SalesOrder') . " and relatedtabid=" . $tabid . "))";
}
//Adding crteria for group sharing
$sec_query .= " or ((";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) ";
} elseif ($module == 'Campaigns') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ((";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) ";
} elseif ($module == 'Documents') {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ((";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) ";
} else {
$sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ((";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) ";
}
$log->debug("Exiting getListViewSecurityParameter method ...");
return $sec_query;
}
function getListViewSecurityParameter($module)
{
$log = vglobal('log');
$log->debug("Entering getListViewSecurityParameter(" . $module . ") method ...");
$adb = PearDatabase::getInstance();
$tabid = getTabid($module);
$current_user = vglobal('current_user');
if ($current_user) {
require 'user_privileges/user_privileges_' . $current_user->id . '.php';
require 'user_privileges/sharing_privileges_' . $current_user->id . '.php';
}
if ($module == 'Leads') {
$sec_query .= " and (\n\t\t\t\t\t\tvtiger_crmentity.smownerid in({$current_user->id})\n\t\t\t\t\t\tor vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%')\n\t\t\t\t\t\tor vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")\n\t\t\t\t\t\tor (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'Accounts') {
$sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) " . "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') " . "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'Contacts') {
$sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) " . "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') " . "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'HelpDesk') {
$sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") ";
$sec_query .= " or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} elseif ($module == 'Emails') {
$sec_query .= " and vtiger_crmentity.smownerid=" . $current_user->id . " ";
} elseif ($module == 'Calendar') {
require_once 'modules/Calendar/CalendarCommon.php';
$shared_ids = getSharedCalendarId($current_user->id);
if (isset($shared_ids) && $shared_ids != '') {
$condition = " or (vtiger_crmentity.smownerid in({$shared_ids}) and vtiger_activity.visibility = 'Public')";
} else {
$condition = null;
}
$sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) {$condition} or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%')";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " or ((vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ")))";
}
$sec_query .= ")";
} elseif ($module == 'Campaigns') {
$sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ((";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) ";
} elseif ($module == 'Documents') {
$sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ((";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) ";
} elseif ($module == 'Products') {
$sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) " . "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') " . "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")";
$sec_query .= " or (";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or ";
}
$sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) ";
} else {
$modObj = CRMEntity::getInstance($module);
$sec_query = $modObj->getListViewSecurityParameter($module);
}
$log->debug("Exiting getListViewSecurityParameter method ...");
return $sec_query;
}
/**
* Function returns the list of privileges and permissions of the events that the current user can view the details of.
* return string - query that is used as secondary parameter to fetch the events that the user can view and the schedule of the users
*/
function getCalendarViewSecurityParameter()
{
global $current_user;
require 'user_privileges/user_privileges_' . $current_user->id . '.php';
require 'user_privileges/sharing_privileges_' . $current_user->id . '.php';
require_once 'modules/Calendar/CalendarCommon.php';
$shared_ids = getSharedCalendarId($current_user->id);
if (isset($shared_ids) && $shared_ids != '') {
$condition = " or (vtiger_crmentity.smownerid in({$shared_ids})) or (vtiger_crmentity.smownerid NOT LIKE ({$current_user->id}))";
} else {
$condition = "or (vtiger_crmentity.smownerid NOT LIKE ({$current_user->id}))";
}
$sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) {$condition} or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%')";
if (sizeof($current_user_groups) > 0) {
$sec_query .= " or (vtiger_groups.groupid in (" . implode(",", $current_user_groups) . "))";
}
$sec_query .= ")";
return $sec_query;
}
