/** * Retrieves all saved reports that meet args-driven criteria * * @param $api ServiceBase The API class of the request * @param $args array The arguments array passed in from the API * @return array */ public function getSavedReports($api, $args) { // Make sure the user isn't seeing reports they don't have access to require_once 'modules/Reports/SavedReport.php'; $modules = array_keys(getACLDisAllowedModules()); $fieldList = array('id', 'name', 'module', 'report_type', 'content', 'chart_type', 'assigned_user_id'); $sq = new SugarQuery(); $sq->from(BeanFactory::getBean('Reports')); $sq->select($fieldList); $sq->orderBy('name', 'asc'); // if there were restricted modules, add those to the query if (count($modules)) { $sq->where()->notIn('module', $modules); } if (isset($args['has_charts']) && $args['has_charts'] == 'true') { $sq->where()->notEquals('chart_type', 'none'); } if (isset($args['module']) && $args['module'] !== '') { $sq->where()->in('module', array($args['module'])); } $result = $sq->execute(); // check acls foreach ($result as $key => &$row) { $savedReport = $this->getSavedReportFromData($row); if ($savedReport->ACLAccess('list')) { // for front-end to check acls $row['_acl'] = ApiHelper::getHelper($api, $savedReport)->getBeanAcl($savedReport, $fieldList); } else { unset($result[$key]); } } return $result; }
/** * Gets the proper query where clause to use to prevent special user types from * being returned in the result * * @param string $module The name of the module we are looking for * @param SugarQuery|null * @return string */ protected function getCustomWhereForModule($module, $query = null) { $ACLUnAllowedModules = getACLDisAllowedModules(); if ($query instanceof SugarQuery) { foreach ($ACLUnAllowedModules as $module => $class_name) { $query->where()->notEquals('saved_reports.module', $module); } return; } $where_clauses = array(); foreach ($ACLUnAllowedModules as $module => $class_name) { array_push($where_clauses, "saved_reports.module != '{$module}'"); } return implode(' AND ', $where_clauses); }
function getReportCharts($category) { global $current_user; $chartsList = array(); require_once 'modules/Reports/SavedReport.php'; $sq = new SugarQuery(); $savedReportBean = BeanFactory::getBean('Reports'); $sq->from($savedReportBean); // Make sure the user isn't seeing reports they don't have access to $modules = array_keys(getACLDisAllowedModules()); if (count($modules)) { $sq->where()->notIn('module', $modules); } //create the $where statement(s) $sq->where()->notEquals('chart_type', 'none'); switch ($category) { case 'global': // build global where string $sq->where()->equals('saved_reports.team_set_id', '1'); break; case 'myTeams': // build myTeams where string $myTeams = $current_user->get_my_teams(); $teamWhere = ''; foreach ($myTeams as $team_id => $team_name) { if ($team_id != '1' && $team_id != $current_user->getPrivateTeamID()) { if ($teamWhere == '') { $teamWhere .= ' '; } else { $teamWhere .= 'OR '; } $teamWhere .= "saved_reports.team_set_id='" . $team_id . "' "; } } $sq->whereRaw($teamWhere); break; case 'mySaved': // build mySaved where string $sq->where()->equals('saved_reports.team_set_id', $current_user->getPrivateTeamID()); break; case 'myFavorites': global $current_user; $sugaFav = BeanFactory::getBean('SugarFavorites'); $current_favorites_beans = $sugaFav->getUserFavoritesByModule('Reports', $current_user); $current_favorites = array(); foreach ((array) $current_favorites_beans as $key => $val) { array_push($current_favorites, $val->record_id); } if (is_array($current_favorites) && !empty($current_favorites)) { $sq->where()->in('saved_reports.id', array_values($current_favorites)); } else { $sq->where()->in('saved_reports.id', array('-1')); } break; default: break; } //retrieve array of reports $savedReports = $savedReportBean->fetchFromQuery($sq); $chartsList = array(); if (!empty($savedReports)) { foreach ($savedReports as $savedReport) { // clint - fixes bug #20398 // only display dashlets that are from visibile modules and that the user has permission to list require_once 'include/MySugar/MySugar.php'; $myDashlet = new MySugar($savedReport->module); $displayDashlet = $myDashlet->checkDashletDisplay(); if ($displayDashlet) { $title = getReportNameTranslation($savedReport->name); $report_def = array('title' => $title, 'onclick' => 'return SUGAR.mySugar.addDashlet(\'' . $savedReport->id . '\', \'chart\', \'' . $savedReport->module . '\');'); array_push($chartsList, $report_def); } } } asort($chartsList); $this->dashlets[$category] = $chartsList; }
$storeQuery->loadQuery($currentModule); $storeQuery->populateRequest(); } else { $storeQuery->saveFromRequest($currentModule); } // setup for search form $thisMod = 'Reports'; $searchForm = new SearchFormReports($thisMod, $savedReportsSeed); $searchForm->tabs = array(array('title' => $app_strings['LNK_BASIC_SEARCH'], 'link' => $thisMod . '|basic_search', 'key' => $thisMod . '|basic_search'), array('title' => $app_strings['LNK_ADVANCED_SEARCH'], 'link' => $thisMod . '|advanced_search', 'key' => $thisMod . '|advanced_search')); $searchForm->populateFromRequest(); $searchForm->searchFields['module'] = $searchForm->searchFields['report_module']; unset($searchForm->searchFields['report_module']); $where_clauses = $searchForm->generateSearchWhere(); include 'include/modules.php'; $ACLAllowedModules = getACLAllowedModules(); $ACLUnAllowedModules = getACLDisAllowedModules(); $ACLAllowedModulesKeys = array_keys($ACLAllowedModules); $listViewDefsNewArray = array(); $listViewDefsNewArray = sugarArrayMerge($listViewDefsNewArray, $listViewDefs); unset($listViewDefsNewArray['Reports']['IS_EDIT']); unset($listViewDefsNewArray['Reports']['LAST_RUN_DATE']); foreach ($ACLUnAllowedModules as $module => $class_name) { array_push($where_clauses, "saved_reports.module != '{$module}'"); } $reportModules = array(); foreach ($ACLAllowedModules as $key => $module) { $reportModules[$key] = isset($app_list_strings['moduleList'][$key]) ? $app_list_strings['moduleList'][$key] : $key; } asort($reportModules); if (!empty($_REQUEST['search_form_only']) && $_REQUEST['search_form_only']) { // handle ajax requests for search forms only