public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
if (!Users_Privileges_Model::isPermitted($moduleName, 'Save')) {
throw new AppException(vtranslate($moduleName) . ' ' . vtranslate('LBL_NOT_ACCESSIBLE'));
}
}
public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
if (!Users_Privileges_Model::isPermitted($moduleName, 'EditView')) {
throw new AppException('LBL_PERMISSION_DENIED');
}
}
public function process(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$moduleModel = Vtiger_Module_Model::getInstance($moduleName);
if ($request->get('selected_ids') == 'all' && $request->get('mode') == 'FindDuplicates') {
$recordIds = Vtiger_FindDuplicate_Model::getMassDeleteRecords($request);
} else {
$recordIds = $this->getRecordsListFromRequest($request);
}
foreach ($recordIds as $recordId) {
if (Users_Privileges_Model::isPermitted($moduleName, 'Delete', $recordId)) {
$recordModel = Vtiger_Record_Model::getInstanceById($recordId, $moduleModel);
$recordModel->delete();
} else {
$permission = 'No';
}
}
if ($permission === 'No') {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
$cvId = $request->get('viewname');
$response = new Vtiger_Response();
$response->setResult(array('viewname' => $cvId, 'module' => $moduleName));
$response->emit();
}
public function process(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$documentIdsList = $this->getRecordsListFromRequest($request);
$folderId = $request->get('folderid');
if (!empty($documentIdsList)) {
foreach ($documentIdsList as $documentId) {
$documentModel = Vtiger_Record_Model::getInstanceById($documentId, $moduleName);
if (Users_Privileges_Model::isPermitted($moduleName, 'EditView', $documentId)) {
$documentModel->set('folderid', $folderId);
$documentModel->set('mode', 'edit');
$documentModel->save();
} else {
$documentsMoveDenied[] = $documentModel->getName();
}
}
}
if (empty($documentsMoveDenied)) {
$result = array('success' => true, 'message' => vtranslate('LBL_DOCUMENTS_MOVED_SUCCESSFULLY', $moduleName));
} else {
$result = array('success' => false, 'message' => vtranslate('LBL_DENIED_DOCUMENTS', $moduleName), 'LBL_RECORDS_LIST' => $documentsMoveDenied);
}
$response = new Vtiger_Response();
$response->setResult($result);
$response->emit();
}
function process(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$moduleModel = Vtiger_Module_Model::getInstance($moduleName);
$records = $request->get('records');
$primaryRecord = $request->get('primaryRecord');
$primaryRecordModel = Vtiger_Record_Model::getInstanceById($primaryRecord, $moduleName);
$fields = $moduleModel->getFields();
foreach ($fields as $field) {
$fieldValue = $request->get($field->getName());
if ($field->isEditable()) {
$primaryRecordModel->set($field->getName(), $fieldValue);
}
}
$primaryRecordModel->set('mode', 'edit');
$primaryRecordModel->save();
$deleteRecords = array_diff($records, array($primaryRecord));
foreach ($deleteRecords as $deleteRecord) {
$recordPermission = Users_Privileges_Model::isPermitted($moduleName, 'Delete', $deleteRecord);
if ($recordPermission) {
$primaryRecordModel->transferRelationInfoOfRecords(array($deleteRecord));
$record = Vtiger_Record_Model::getInstanceById($deleteRecord);
$record->delete();
}
}
$response = new Vtiger_Response();
$response->setResult(true);
$response->emit();
}
/**
* Function to get the module is permitted to specific action
* @param <String> $actionName
* @return <boolean>
*/
public function isPermitted($actionName)
{
if ($actionName === 'EditView') {
return false;
}
return Users_Privileges_Model::isPermitted($this->getName(), $actionName);
}
public function searchRecord($searchValue, $searchModule, $potentialId)
{
$db = PearDatabase::getInstance();
$potentialId = intval($potentialId);
if ($searchModule == 'Products') {
$sql = "SELECT\n\t\t\t\t\t\tcrm.*,\n\t\t\t\t\t\tprod.*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t`vtiger_products` prod\n\t\t\t\t\t\tINNER JOIN `vtiger_crmentity` crm\n\t\t\t\t\t\t\tON crm.`crmid` = prod.`productid`\n\t\t\t\t\t\tINNER JOIN `vtiger_seproductsrel` prodrel\n\t\t\t\t\t\t\tON prod.`productid` = prodrel.`productid`\n\t\t\t\t\t\t\tAND prodrel.`setype` = 'Potentials'\n\t\t\t\t\tWHERE prod.`productname` LIKE '%{$searchValue}%'\n\t\t\t\t\t\tAND crm.`setype` = 'Products'\n\t\t\t\t\t\tAND crm.`deleted` = 0\n\t\t\t\t\t\tAND prodrel.`crmid` = '{$potentialId}';";
} else {
$sql = "SELECT\n\t\t\t\t\t\tcrm.*,\n\t\t\t\t\t\tserv.*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t`vtiger_service` serv\n\t\t\t\t\t\tINNER JOIN `vtiger_crmentity` crm\n\t\t\t\t\t\t\tON crm.`crmid` = serv.`serviceid`\n\t\t\t\t\t\tINNER JOIN `vtiger_crmentityrel` crmrel\n\t\t\t\t\t\t\tON serv.`serviceid` = crmrel.`relcrmid`\n\t\t\t\t\t\t\tAND crmrel.`module` = 'Potentials'\n\t\t\t\t\tWHERE serv.`servicename` LIKE '%{$searchValue}%'\n\t\t\t\t\t\tAND crm.`setype` = 'Services'\n\t\t\t\t\t\tAND crm.`deleted` = 0\n\t\t\t\t\t\tAND crmrel.`crmid` = '{$potentialId}';";
}
$result = $db->pquery($sql, array());
$noOfRows = $db->num_rows($result);
$moduleModels = array();
$matchingRecords = array();
for ($i = 0; $i < $noOfRows; ++$i) {
$row = $db->query_result_rowdata($result, $i);
if (Users_Privileges_Model::isPermitted($row['setype'], 'DetailView', $row['crmid'])) {
$row['id'] = $row['crmid'];
$moduleName = $row['setype'];
if (!array_key_exists($moduleName, $moduleModels)) {
$moduleModels[$moduleName] = Vtiger_Module_Model::getInstance($moduleName);
}
$moduleModel = $moduleModels[$moduleName];
$modelClassName = Vtiger_Loader::getComponentClassName('Model', 'Record', $moduleName);
$recordInstance = new $modelClassName();
$matchingRecords[$moduleName][$row['id']] = $recordInstance->setData($row)->setModuleFromInstance($moduleModel);
}
}
return $matchingRecords;
}
public function checkPermission(Vtiger_Request $request)
{
$recordPermission = Users_Privileges_Model::isPermitted('Faq', 'EditView');
if (!$recordPermission) {
throw new NoPermittedException('LBL_PERMISSION_DENIED');
}
}
/**
* Function to get the detail view links (links and widgets)
* @param <array> $linkParams - parameters which will be used to calicaulate the params
* @return <array> - array of link models in the format as below
* array('linktype'=>list of link models);
*/
public function getDetailViewLinks($linkParams)
{
$linkModelList = Vtiger_DetailView_Model::getDetailViewLinks($linkParams);
$recordModel = $this->getRecord();
$moduleModel = $this->getModule();
$moduleName = $moduleModel->getName();
$recordId = $recordModel->getId();
//TODO: update the database so that these separate handlings are not required
$index = 0;
foreach ($linkModelList['DETAILVIEW'] as $link) {
if ($link->linklabel == 'View History' || $link->linklabel == 'Send SMS') {
unset($linkModelList['DETAILVIEW'][$index]);
} else {
if ($link->linklabel == 'LBL_SHOW_ACCOUNT_HIERARCHY') {
$link->linklabel = 'LBL_SHOW_ACCOUNT_HIERARCHY';
$linkURL = 'index.php?module=Accounts&view=AccountHierarchy&record=' . $recordId;
$link->linkurl = 'javascript:Accounts_Detail_Js.triggerAccountHierarchy("' . $linkURL . '");';
unset($linkModelList['DETAILVIEW'][$index]);
$linkModelList['DETAILVIEW'][$index] = $link;
}
}
$index++;
}
if (Users_Privileges_Model::isPermitted($moduleModel->getName(), 'ConvertLead', $recordModel->getId()) && Users_Privileges_Model::isPermitted($moduleModel->getName(), 'EditView', $recordModel->getId())) {
$convert = !Leads_Module_Model::checkIfAllowedToConvert($recordModel->get('leadstatus')) ? 'hide' : '';
$basicActionLink = array('linktype' => 'DETAILVIEWBASIC', 'linklabel' => '', 'linkclass' => 'btn-info btn-convertLead ' . $convert, 'linkhint' => vtranslate('LBL_CONVERT_LEAD', $moduleName), 'linkurl' => 'javascript:Leads_Detail_Js.convertLead("' . $recordModel->getConvertLeadUrl() . '",this);', 'linkicon' => 'glyphicon glyphicon-transfer');
$linkModelList['DETAILVIEWBASIC'][] = Vtiger_Link_Model::getInstanceFromValues($basicActionLink);
}
return $linkModelList;
}
public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
if (!Users_Privileges_Model::isPermitted($moduleName, 'DetailView', $request->get('record'))) {
throw new NoPermittedToRecordException(vtranslate('LBL_PERMISSION_DENIED', $moduleName));
}
}
function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
if (!Users_Privileges_Model::isPermitted($moduleName, $actionName)) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
}
/**
* Overrided to remove Edit button, Duplicate button
* To remove related links
*/
public function getDetailViewLinks($linkParams)
{
$linkTypes = array('DETAILVIEWBASIC', 'DETAILVIEW');
$moduleModel = $this->getModule();
$recordModel = $this->getRecord();
$moduleName = $moduleModel->getName();
$recordId = $recordModel->getId();
$detailViewLink = array();
$linkModelListDetails = Vtiger_Link_Model::getAllByType($moduleModel->getId(), $linkTypes, $linkParams);
//Mark all detail view basic links as detail view links.
//Since ui will be look ugly if you need many basic links
$detailViewBasiclinks = $linkModelListDetails['DETAILVIEWBASIC'];
unset($linkModelListDetails['DETAILVIEWBASIC']);
if (Users_Privileges_Model::isPermitted($moduleName, 'Delete', $recordId)) {
$deletelinkModel = array('linktype' => 'DETAILVIEW', 'linklabel' => sprintf("%s %s", getTranslatedString('LBL_DELETE', $moduleName), vtranslate('SINGLE_' . $moduleName, $moduleName)), 'linkurl' => 'javascript:Vtiger_Detail_Js.deleteRecord("' . $recordModel->getDeleteUrl() . '")', 'linkicon' => '');
$linkModelList['DETAILVIEW'][] = Vtiger_Link_Model::getInstanceFromValues($deletelinkModel);
}
if (!empty($detailViewBasiclinks)) {
foreach ($detailViewBasiclinks as $linkModel) {
// Remove view history, needed in vtiger5 to see history but not in vtiger6
if ($linkModel->linklabel == 'View History') {
continue;
}
$linkModelList['DETAILVIEW'][] = $linkModel;
}
}
$widgets = $this->getWidgets();
foreach ($widgets as $widgetLinkModel) {
$linkModelList['DETAILVIEWWIDGET'][] = $widgetLinkModel;
}
return $linkModelList;
}
/**
* Function to get the list of listview links for the module
* @param <Array> $linkParams
* @return <Array> - Associate array of Link Type to List of Vtiger_Link_Model instances
*/
public function getListViewLinks($linkParams)
{
$currentUserModel = Users_Record_Model::getCurrentUserModel();
$moduleModel = $this->getModule();
$linkTypes = array('LISTVIEWBASIC', 'LISTVIEW', 'LISTVIEWSETTING');
$links = Vtiger_Link_Model::getAllByType($moduleModel->getId(), $linkTypes, $linkParams);
$createPermission = Users_Privileges_Model::isPermitted($moduleModel->getName(), 'EditView');
if ($createPermission) {
$basicLinks = array(array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_ADD_RECORD', 'linkurl' => $moduleModel->getCreateRecordUrl(), 'linkicon' => ''), array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_ADD_FOLDER', 'linkurl' => 'javascript:Documents_List_Js.triggerAddFolder("' . $moduleModel->getAddFolderUrl() . '")', 'linkicon' => ''));
foreach ($basicLinks as $basicLink) {
$links['LISTVIEWBASIC'][] = Vtiger_Link_Model::getInstanceFromValues($basicLink);
}
}
$exportPermission = Users_Privileges_Model::isPermitted($moduleModel->getName(), 'Export');
if ($exportPermission) {
$advancedLink = array('linktype' => 'LISTVIEW', 'linklabel' => 'LBL_EXPORT', 'linkurl' => 'javascript:Vtiger_List_Js.triggerExportAction("' . $moduleModel->getExportUrl() . '")', 'linkicon' => '');
$links['LISTVIEW'][] = Vtiger_Link_Model::getInstanceFromValues($advancedLink);
}
if ($currentUserModel->isAdminUser()) {
$settingsLinks = $this->getSettingLinks();
foreach ($settingsLinks as $settingsLink) {
$links['LISTVIEWSETTING'][] = Vtiger_Link_Model::getInstanceFromValues($settingsLink);
}
}
return $links;
}
/**
* Function to get the list of listview links for the module
* @param <Array> $linkParams
* @return <Array> - Associate array of Link Type to List of Vtiger_Link_Model instances
*/
public function getListViewLinks($linkParams)
{
$currentUserModel = Users_Record_Model::getCurrentUserModel();
$moduleModel = $this->getModule();
$linkTypes = array('LISTVIEWBASIC', 'LISTVIEW', 'LISTVIEWSETTING');
$links = Vtiger_Link_Model::getAllByType($moduleModel->getId(), $linkTypes, $linkParams);
$basicLinks = array();
$createPermission = Users_Privileges_Model::isPermitted($moduleModel->getName(), 'EditView');
if ($createPermission) {
$basicLinks[] = array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_ADD_RECORD', 'linkurl' => $moduleModel->getCreateRecordUrl(), 'linkicon' => '');
}
foreach ($basicLinks as $basicLink) {
$links['LISTVIEWBASIC'][] = Vtiger_Link_Model::getInstanceFromValues($basicLink);
}
$advancedLinks = array();
foreach ($advancedLinks as $advancedLink) {
$links['LISTVIEW'][] = Vtiger_Link_Model::getInstanceFromValues($advancedLink);
}
if ($currentUserModel->isAdminUser()) {
$settingsLinks = $this->getSettingLinks();
foreach ($settingsLinks as $settingsLink) {
$links['LISTVIEWSETTING'][] = Vtiger_Link_Model::getInstanceFromValues($settingsLink);
}
}
return $links;
}
/**
* Overided to make editview=false for this module
*/
public function isPermitted($actionName)
{
if ($actionName == 'EditView' || $actionName == 'Edit') {
return false;
} else {
return $this->isActive() && Users_Privileges_Model::isPermitted($this->getName(), $actionName);
}
}
public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$record = $request->get('record');
if (!Users_Privileges_Model::isPermitted($moduleName, 'Save', $record)) {
throw new NoPermittedToRecordException('LBL_NO_PERMISSIONS_FOR_THE_RECORD');
}
}
public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$record = $request->get('id');
if (!(Users_Privileges_Model::isPermitted($moduleName, 'EditView', $record) && Users_Privileges_Model::isPermitted($moduleName, 'Delete', $record))) {
throw new NoPermittedException('LBL_PERMISSION_DENIED');
}
}
public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$record = $request->get('record');
if (!Users_Privileges_Model::isPermitted($moduleName, 'WorkflowTrigger', $record)) {
throw new NoPermittedToRecordException('LBL_PERMISSION_DENIED');
}
}
public function getBasicLinks()
{
$basicLinks = parent::getBasicLinks();
$createPermission = Users_Privileges_Model::isPermitted('Potentials', 'EditView');
if ($createPermission) {
$basicLinks[] = array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_GENERATE_EXTENSION', 'linkurl' => 'javascript:Vtiger_List_Js.generatePotentials()', 'linkicon' => 'icon-star-empty', 'linkclass' => 'btn-success');
return $basicLinks;
}
}
public function checkPermission(Vtiger_Request $request)
{
global $log;
$log->debug("Entering ./views/QuickCreateAjax.php::checkPermission");
$moduleName = $request->getModule();
if (!Users_Privileges_Model::isPermitted($moduleName, 'EditView')) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED', $moduleName));
}
}
public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$record = $request->get('record');
$recordPermission = Users_Privileges_Model::isPermitted($moduleName, 'EditView', $record);
if (!$recordPermission) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
}
public function checkPermission(Vtiger_Request $request)
{
$currentUserModel = Users_Record_Model::getCurrentUserModel();
$moduleName = $request->getModule();
$record = $request->get('record');
if (!empty($record) || !Users_Privileges_Model::isPermitted($moduleName, 'EditView')) {
throw new AppException('LBL_PERMISSION_DENIED');
}
}
function checkPermission(Vtiger_Request $request)
{
global $log;
$log->debug("Entering ./views/DashBoard.php::checkPermission");
$moduleName = $request->getModule();
if (!Users_Privileges_Model::isPermitted($moduleName, $actionName)) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
}
function checkPermission(Vtiger_Request $request)
{
$srcModuleName = $request->get('srcModule');
$recordId = $request->get('record');
$recordPermission = Users_Privileges_Model::isPermitted($srcModuleName, 'DetailView', $recordId);
if (!$recordPermission) {
throw new NoPermittedToRecordException('LBL_NO_PERMISSIONS_FOR_THE_RECORD');
}
return true;
}
public function getBasicLinks()
{
$basicLinks = array();
$moduleModel = $this->getModule();
$createPermission = Users_Privileges_Model::isPermitted($moduleModel->getName(), 'EditView');
if ($createPermission) {
$basicLinks[] = array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_CREATEMAIL', 'linkurl' => "javascript:window.location='index.php?module=OSSMail&view=compose'", 'linkicon' => '');
}
return $basicLinks;
}
public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$record = $request->get('record');
$recordModel = Vtiger_Record_Model::getInstanceById($record, $moduleName);
$currentUserModel = Users_Record_Model::getCurrentUserModel();
if (!Users_Privileges_Model::isPermitted($moduleName, 'Save', $record) || $recordModel->isAccountOwner() && $currentUserModel->get('id') != $recordModel->getId() && !$currentUserModel->isAdminUser()) {
throw new AppException('LBL_PERMISSION_DENIED');
}
}
function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$recordId = $request->get('record');
$recordPermission = Users_Privileges_Model::isPermitted($moduleName, 'DetailView', $recordId);
if (!$recordPermission) {
throw new AppException('LBL_PERMISSION_DENIED');
}
return true;
}
public function checkPermission(Vtiger_Request $request)
{
global $log;
$log->debug("Entering ./actions/DeleteImage.php::checkPermission");
$moduleName = $request->getModule();
$record = $request->get('id');
if (!(Users_Privileges_Model::isPermitted($moduleName, 'EditView', $record) && Users_Privileges_Model::isPermitted($moduleName, 'Delete', $record))) {
throw new AppException('LBL_PERMISSION_DENIED');
}
}
/**
* Function to get the detail view links (links and widgets)
* @param <array> $linkParams - parameters which will be used to calicaulate the params
* @return <array> - array of link models in the format as below
* array('linktype'=>list of link models);
*/
public function getDetailViewLinks($linkParams)
{
$linkModelList = parent::getDetailViewLinks($linkParams);
$recordModel = $this->getRecord();
$moduleName = $recordModel->getmoduleName();
if (Users_Privileges_Model::isPermitted($moduleName, 'DetailView', $recordModel->getId())) {
$sendEmailLink = array('linklabel' => '', 'linkurl' => 'javascript:Inventory_Detail_Js.sendEmailPDFClickHandler(\'' . $recordModel->getSendEmailPDFUrl() . '\')', 'linkicon' => 'icon-envelope', 'title' => vtranslate('LBL_SEND_MAIL_PDF', $moduleName));
$linkModelList['DETAILVIEW'][] = Vtiger_Link_Model::getInstanceFromValues($sendEmailLink);
}
return $linkModelList;
}
public function checkPermission(Vtiger_Request $request)
{
$moduleName = $request->getModule();
$record = $request->get('record');
$recordPermission = Users_Privileges_Model::isPermitted($moduleName, 'EditView', $record);
$lockEdit = Users_Privileges_Model::checkLockEdit($moduleName, $record);
if (!$recordPermission || $lockEdit && $request->get('isDuplicate') != 'true') {
throw new NoPermittedToRecordException('LBL_NO_PERMISSIONS_FOR_THE_RECORD');
}
}
