function getFormBody($prefix, $mod = '', $formname = '') { if (!ACLController::checkAccess('Accounts', 'edit', true)) { return ''; } global $mod_strings; $temp_strings = $mod_strings; if (!empty($mod)) { global $current_language; $mod_strings = return_module_language($current_language, $mod); } global $app_strings; global $current_user; $lbl_required_symbol = $app_strings['LBL_REQUIRED_SYMBOL']; $lbl_account_name = $mod_strings['LBL_ACCOUNT_NAME']; $lbl_phone = $mod_strings['LBL_PHONE']; $lbl_website = $mod_strings['LBL_WEBSITE']; $lbl_save_button_title = $app_strings['LBL_SAVE_BUTTON_TITLE']; $lbl_save_button_key = $app_strings['LBL_SAVE_BUTTON_KEY']; $lbl_save_button_label = $app_strings['LBL_SAVE_BUTTON_LABEL']; $user_id = $current_user->id; $form = <<<EOQ \t\t\t<p><input type="hidden" name="record" value=""> \t\t\t<input type="hidden" name="email1" value=""> \t\t\t<input type="hidden" name="email2" value=""> \t\t\t<input type="hidden" name="assigned_user_id" value='{$user_id}'> \t\t\t<input type="hidden" name="action" value="Save"> EOQ; if (SugarACL::checkField('Accounts', 'name', 'edit', array("owner_override" => true))) { $form .= "{$lbl_account_name} <span class='required'>{$lbl_required_symbol}</span><br><input name='name' type='text' value=''><br>"; } if (SugarACL::checkField('Accounts', 'phone_office', 'edit', array("owner_override" => true))) { $form .= "{$lbl_phone}<br><input name='phone_office' type='text' value=''><br>"; } if (SugarACL::checkField('Accounts', 'website', 'edit', array("owner_override" => true))) { $form .= "{$lbl_website}<br><input name='website' type='text' value='http://'><br>"; } $form .= '</p>'; $javascript = new javascript(); $javascript->setFormName($formname); $javascript->setSugarBean(BeanFactory::getBean('Accounts')); $javascript->addRequiredFields($prefix); $form .= $javascript->getScript(); $mod_strings = $temp_strings; return $form; }
/** * Check field access for certain field * @param string $field Field name * @param string $action Action to check * @param array $context * @return bool has access? */ public function ACLFieldAccess($field, $action = 'access', $context = array()) { if (empty($context['bean'])) { $context['bean'] = $this; } return SugarACL::checkField($this->getACLCategory(), $field, $action, $context); }
function checkACLForEachColForFilter($filters, $full_table_list, $is_owner, $hasAccess) { if (!$hasAccess) { return false; } // if $i = 0; while (isset($filters[$i])) { $current_filter = $filters[$i]; if (isset($current_filter['operator'])) { $hasAccess = checkACLForEachColForFilter($current_filter, $full_table_list, $is_owner, $hasAccess); if ($hasAccess) { return $hasAccess; } // if } else { if (!empty($full_table_list[$current_filter['table_key']]['module'])) { $col_module = $full_table_list[$current_filter['table_key']]['module']; if (!SugarACL::checkField($col_module, $current_filter['name'], 'detail', $is_owner ? array('owner_override' => true) : array())) { return false; } // if } } $i++; } // while return $hasAccess; }