PHP Vtiger_SharedOwner_UIType Examples

Programming Language: PHP

Examples at hotexamples.com: 6

PHP Vtiger_SharedOwner_UIType - 6 examples found. These are the top rated real world PHP examples of Vtiger_SharedOwner_UIType extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

getShownerTable(5)

getSharedOwners(2)

Example #1

Show file

File: Calculations.php Project: Bergdahls/YetiForceCRM

 public function getData(Vtiger_Request $request, $widget)
 {
     $db = PearDatabase::getInstance();
     $fields = ['id', 'name', 'calculationsstatus', 'relatedid', 'hdnGrandTotal', 'assigned_user_id'];
     $limit = 10;
     $params = [];
     if (!empty($widget->get('limit'))) {
         $limit = $widget->get('limit');
     }
     $calculationConfig = Settings_SalesProcesses_Module_Model::getConfig('calculation');
     $calculationsStatus = $calculationConfig['calculationsstatus'];
     $currentUser = Users_Record_Model::getCurrentUserModel();
     $module = 'Calculations';
     $instance = CRMEntity::getInstance($module);
     $securityParameter = $instance->getUserAccessConditionsQuerySR($module, $currentUser);
     $queryGenerator = new QueryGenerator($module, $currentUser);
     $queryGenerator->setFields($fields);
     $sql = $queryGenerator->getQuery();
     if ($securityParameter != '') {
         $sql .= $securityParameter;
     }
     if (!empty($calculationsStatus)) {
         $calculationsStatusSearch = implode("','", $calculationsStatus);
         $sql .= " AND vtiger_calculations.calculationsstatus NOT IN ('{$calculationsStatusSearch}')";
     }
     $showtype = $request->get('showtype');
     if ($showtype == 'common') {
         $shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($module);
         $sql .= ' AND vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid = ?';
     } else {
         $sql .= ' AND vtiger_crmentity.smownerid = ?';
     }
     $params[] = $currentUser->getId();
     $sql .= ' LIMIT ' . $limit;
     $result = $db->pquery($sql, $params);
     $returnData = array();
     for ($i = 0; $i < $db->num_rows($result); $i++) {
         $returnData[] = $db->query_result_rowdata($result, $i);
     }
     return $returnData;
 }

Example #2

Show file

File: SharingPrivileges.php Project: Bergdahls/YetiForceCRM

 function handleEvent($eventName, $entityData)
 {
     if ($eventName == 'vtiger.entity.aftersave.final' && vglobal('shared_owners') == true) {
         $moduleName = $entityData->getModuleName();
         $recordId = $entityData->getId();
         $vtEntityDelta = new VTEntityDelta();
         $delta = $vtEntityDelta->getEntityDelta($moduleName, $recordId, true);
         if (array_key_exists('assigned_user_id', $delta)) {
             $usersUpadated = TRUE;
             $oldValue = Vtiger_Functions::getArrayFromValue($delta['assigned_user_id']['oldValue']);
             $currentValue = Vtiger_Functions::getArrayFromValue($delta['assigned_user_id']['currentValue']);
             $addUsers = $currentValue;
             $removeUser = array_diff($oldValue, $currentValue);
             Users_Privileges_Model::setSharedOwnerRecursively($recordId, $addUsers, $removeUser, $moduleName);
         }
     }
     if ($eventName == 'vtiger.entity.link.after' && vglobal('shared_owners') == true && Vtiger_Processes_Model::getConfig('sales', 'popup', 'update_shared_permissions') == 'true') {
         $destinationModule = ['Products', 'Services'];
         if ($entityData['sourceModule'] == 'Potentials' && in_array($entityData['destinationModule'], $destinationModule)) {
             $db = PearDatabase::getInstance();
             $sourceRecordId =& $entityData['sourceRecordId'];
             $destinationRecordId =& $entityData['destinationRecordId'];
             $recordMetaData = Vtiger_Functions::getCRMRecordMetadata($sourceRecordId);
             $shownerIds = Vtiger_SharedOwner_UIType::getSharedOwners($sourceRecordId, $entityData['sourceModule']);
             $shownerIds[] = $recordMetaData['smownerid'];
             $shownerIds = array_unique($shownerIds);
             $usersExist = [];
             $shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($entityData['destinationModule']);
             $result = $db->pquery('SELECT crmid, userid FROM ' . $shownersTable . ' WHERE userid IN(' . implode(',', $shownerIds) . ') AND crmid = ?', [$destinationRecordId]);
             while ($row = $db->getRow($result)) {
                 $usersExist[$row['crmid']][$row['userid']] = true;
             }
             foreach ($shownerIds as $userId) {
                 if (!isset($usersExist[$destinationRecordId][$userId])) {
                     $db->insert($shownersTable, ['crmid' => $destinationRecordId, 'userid' => $userId]);
                 }
             }
         }
     }
 }

Example #3

Show file

File: UserInfoUtil.php Project: nikdejan/YetiForceCRM

/** Function to check if the currently logged in user is permitted to perform the specified action
 * @param $module -- Module Name:: Type varchar
 * @param $actionname -- Action Name:: Type varchar
 * @param $recordid -- Record Id:: Type integer
 * @returns yes or no. If Yes means this action is allowed for the currently logged in user. If no means this action is not allowed for the currently logged in user
 *
 */
function isPermitted($module, $actionname, $record_id = '')
{
    $log = vglobal('log');
    $log->debug("Entering isPermitted(" . $module . "," . $actionname . "," . $record_id . ") method ...");
    $adb = PearDatabase::getInstance();
    $current_user = vglobal('current_user');
    global $seclog;
    require 'user_privileges/user_privileges_' . $current_user->id . '.php';
    require 'user_privileges/sharing_privileges_' . $current_user->id . '.php';
    $permission = 'no';
    if (($module == 'Users' || $module == 'Home' || $module == 'uploads') && $_REQUEST['parenttab'] != 'Settings') {
        //These modules dont have security right now
        $permission = 'yes';
        $log->debug("Exiting isPermitted method ...");
        return $permission;
    }
    //Checking the Access for the Settings Module
    if ($module == 'Settings' || $module == 'Administration' || $module == 'System' || $_REQUEST['parenttab'] == 'Settings') {
        if (!$is_admin) {
            $permission = 'no';
        } else {
            $permission = 'yes';
        }
        $log->debug("Exiting isPermitted method ...");
        return $permission;
    }
    //Retreiving the Tabid and Action Id
    $tabid = getTabid($module);
    $actionid = getActionid($actionname);
    $checkModule = $module;
    if ($checkModule == 'Events') {
        $checkModule = 'Calendar';
    }
    if (vtlib_isModuleActive($checkModule)) {
        //Checking whether the user is admin
        if ($is_admin) {
            $permission = 'yes';
            $log->debug("Exiting isPermitted method ...");
            return $permission;
        }
        //If no actionid, then allow action is vtiger_tab permission is available
        if ($actionid === '') {
            if ($profileTabsPermission[$tabid] == 0) {
                $permission = 'yes';
                $log->debug("Exiting isPermitted method ...");
            } else {
                $permission = 'no';
            }
            return $permission;
        }
        $action = getActionname($actionid);
        //Checking for view all permission
        if ($profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] == 0) {
            if ($actionid == 3 || $actionid == 4) {
                $permission = 'yes';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            }
        }
        //Checking for edit all permission
        if ($profileGlobalPermission[2] == 0) {
            if ($actionid == 3 || $actionid == 4 || $actionid == 0 || $actionid == 1) {
                $permission = 'yes';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            }
        }
        //Checking for vtiger_tab permission
        if ($profileTabsPermission[$tabid] != 0) {
            $permission = 'no';
            $log->debug("Exiting isPermitted method ...");
            return $permission;
        }
        //Checking for Action Permission
        if (strlen($profileActionPermission[$tabid][$actionid]) < 1 && $profileActionPermission[$tabid][$actionid] == '') {
            $permission = 'yes';
            $log->debug("Exiting isPermitted method ...");
            return $permission;
        }
        if ($profileActionPermission[$tabid][$actionid] != 0 && $profileActionPermission[$tabid][$actionid] != '') {
            $permission = 'no';
            $log->debug("Exiting isPermitted method ...");
            return $permission;
        }
        //Checking and returning true if recorid is null
        if ($record_id == '') {
            $permission = 'yes';
            $log->debug("Exiting isPermitted method ...");
            return $permission;
        }
        //If modules is Products,Vendors,Faq,PriceBook then no sharing
        if ($record_id != '') {
            if (getTabOwnedBy($module) == 1) {
                $permission = 'yes';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            }
        }
        //Retreiving the RecordOwnerId
        $recOwnType = '';
        $recOwnId = '';
        $recordOwnerArr = getRecordOwnerId($record_id);
        $shownerids = Vtiger_SharedOwner_UIType::getSharedOwners($record_id, $module);
        foreach ($recordOwnerArr as $type => $id) {
            $recOwnType = $type;
            $recOwnId = $id;
        }
        //Retreiving the default Organisation sharing Access
        $others_permission_id = $defaultOrgSharingPermission[$tabid];
        if (in_array($current_user->id, $shownerids) || count(array_intersect($shownerids, $current_user_groups)) > 0) {
            $permission = 'yes';
            $log->debug('Exiting isPermitted method ... - Shared Owner');
            return $permission;
        }
        if ($recOwnType == 'Users') {
            //Checking if the Record Owner is the current User
            if ($current_user->id == $recOwnId) {
                $permission = 'yes';
                $log->debug('Exiting isPermitted method ...');
                return $permission;
            }
            //Checking if the Record Owner is the Subordinate User
            foreach ($subordinate_roles_users as $roleid => $userids) {
                if (in_array($recOwnId, $userids)) {
                    $permission = 'yes';
                    $log->debug('Exiting isPermitted method ...');
                    return $permission;
                }
            }
        } elseif ($recOwnType == 'Groups') {
            //Checking if the record owner is the current user's group
            if (in_array($recOwnId, $current_user_groups)) {
                $permission = 'yes';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            }
        }
        $role = getRoleInformation($current_user->roleid);
        if (($actionid == 3 || $actionid == 4) && $role['previewrelatedrecord'] != 0 || ($actionid == 0 || $actionid == 1) && $role['editrelatedrecord'] != 0) {
            $parentRecord = Users_Privileges_Model::getParentRecord($record_id, $module, $role['previewrelatedrecord']);
            if ($parentRecord) {
                $recordMetaData = Vtiger_Functions::getCRMRecordMetadata($parentRecord);
                if ($role['permissionsrelatedfield'] == 0) {
                    $relatedPermission = $current_user->id == $recordMetaData['smownerid'];
                } else {
                    if ($role['permissionsrelatedfield'] == 1) {
                        $relatedPermission = in_array($current_user->id, Vtiger_SharedOwner_UIType::getSharedOwners($parentRecord, $recordMetaData['setype']));
                    } else {
                        if ($role['permissionsrelatedfield'] == 2) {
                            $relatedPermission = $current_user->id == $recordMetaData['smownerid'] || in_array($current_user->id, Vtiger_SharedOwner_UIType::getSharedOwners($parentRecord, $recordMetaData['setype']));
                        }
                    }
                }
                if ($relatedPermission) {
                    $permission = 'yes';
                    $log->debug('Exiting isPermitted method ... - Parent Record Owner');
                    return $permission;
                }
            }
        }
        //Checking for Default Org Sharing permission
        if ($others_permission_id == 0) {
            if ($actionid == 1 || $actionid == 0) {
                $permission = isReadWritePermittedBySharing($module, $tabid, $actionid, $record_id);
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            } elseif ($actionid == 2) {
                $permission = 'no';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            } else {
                $permission = 'yes';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            }
        } elseif ($others_permission_id == 1) {
            if ($actionid == 2) {
                $permission = 'no';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            } else {
                $permission = 'yes';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            }
        } elseif ($others_permission_id == 2) {
            $permission = 'yes';
            $log->debug("Exiting isPermitted method ...");
            return $permission;
        } elseif ($others_permission_id == 3) {
            if ($actionid == 3 || $actionid == 4) {
                $permission = isReadPermittedBySharing($module, $tabid, $actionid, $record_id);
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            } elseif ($actionid == 0 || $actionid == 1) {
                if ($module == 'Calendar') {
                    $permission = 'no';
                } else {
                    $permission = isReadWritePermittedBySharing($module, $tabid, $actionid, $record_id);
                }
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            } elseif ($actionid == 2) {
                $permission = 'no';
                return $permission;
            } else {
                $permission = 'yes';
                $log->debug("Exiting isPermitted method ...");
                return $permission;
            }
        } else {
            $permission = 'yes';
        }
    } else {
        $permission = 'no';
    }
    $log->debug("Exiting isPermitted method ...");
    return $permission;
}

Example #4

Show file

File: Privileges.php Project: Bergdahls/YetiForceCRM

 /**
  * Function to get set Shared Owner Recursively
  */
 public static function setSharedOwnerRecursively($recordId, $addUser, $removeUser, $moduleName)
 {
     $log = vglobal('log');
     $db = PearDatabase::getInstance();
     $log->info('Entering Into setSharedOwnerRecursively( ' . $recordId . ', ' . $moduleName . ')');
     $recordsByModule = self::getSharedRecordsRecursively($recordId, $moduleName);
     if (count($recordsByModule) === 0) {
         $log->info('Exiting setSharedOwnerRecursively() - No shared records');
         return false;
     }
     $removeUserString = $addUserString = false;
     if (count($removeUser) > 0) {
         $removeUserString = implode(',', $removeUser);
     }
     if (count($addUser) > 0) {
         $addUserString = implode(',', $addUser);
     }
     foreach ($recordsByModule as $parentModuleName => &$records) {
         $sqlRecords = implode(',', $records);
         $shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($parentModuleName);
         if ($removeUserString !== false) {
             $db->delete($shownersTable, 'userid IN(' . $removeUserString . ') AND crmid IN (' . $sqlRecords . ')');
         }
         if ($addUserString !== false) {
             $usersExist = [];
             $result = $db->query('SELECT crmid, userid FROM ' . $shownersTable . ' WHERE userid IN(' . $addUserString . ') AND crmid IN (' . $sqlRecords . ')');
             while ($row = $db->getRow($result)) {
                 $usersExist[$row['crmid']][$row['userid']] = true;
             }
             foreach ($records as &$record) {
                 foreach ($addUser as $userId) {
                     if (!isset($usersExist[$record][$userId])) {
                         $db->insert($shownersTable, ['crmid' => $record, 'userid' => $userId]);
                     }
                 }
             }
         }
     }
     $log->info('Exiting setSharedOwnerRecursively()');
 }

Example #5

Show file

File: QueryGenerator.php Project: Bergdahls/YetiForceCRM

 /**
  *
  * @param mixed $value
  * @param String $operator
  * @param WebserviceField $field
  */
 private function getConditionValue($value, $operator, $field)
 {
     $operator = strtolower($operator);
     $db = PearDatabase::getInstance();
     $inEqualityFieldTypes = ['currency', 'percentage', 'double', 'integer', 'number'];
     if (is_string($value) && $this->ignoreComma == false) {
         $commaSeparatedFieldTypes = ['picklist', 'multipicklist', 'owner', 'date', 'datetime', 'time', 'tree', 'sharedOwner', 'sharedOwner'];
         if (in_array($field->getFieldDataType(), $commaSeparatedFieldTypes)) {
             $valueArray = explode(',', $value);
             if ($field->getFieldDataType() == 'multipicklist' && in_array($operator, ['e', 'n'])) {
                 $valueArray = getCombinations($valueArray);
                 foreach ($valueArray as $key => $value) {
                     $valueArray[$key] = ltrim($value, ' |##| ');
                 }
             }
         } else {
             if ($field->getFieldDataType() == 'multiReferenceValue') {
                 $valueArray = explode(',', $value);
                 foreach ($valueArray as $key => $value) {
                     $valueArray[$key] = '|#|' . $value . '|#|';
                 }
             } else {
                 $valueArray = [$value];
             }
         }
     } elseif (is_array($value)) {
         $valueArray = $value;
     } else {
         $valueArray = [$value];
     }
     $sql = array();
     if ($operator == 'between' || $operator == 'bw' || $operator == 'notequal') {
         if ($field->getFieldName() == 'birthday') {
             $valueArray[0] = getValidDBInsertDateTimeValue($valueArray[0]);
             $valueArray[1] = getValidDBInsertDateTimeValue($valueArray[1]);
             $sql[] = "BETWEEN DATE_FORMAT(" . $db->quote($valueArray[0]) . ", '%m%d') AND " . "DATE_FORMAT(" . $db->quote($valueArray[1]) . ", '%m%d')";
         } else {
             if ($this->isDateType($field->getFieldDataType())) {
                 $start = explode(' ', $valueArray[0]);
                 $end = explode(' ', $valueArray[1]);
                 if ($operator == 'between' && count($start) == 2 && count($end) == 2) {
                     $valueArray[0] = getValidDBInsertDateTimeValue($start[0] . ' ' . $start[1]);
                     if ($start[0] == $end[0]) {
                         $dateTime = new DateTime($valueArray[0]);
                         $nextDay = $dateTime->modify('+1 days');
                         $nextDay = strtotime($nextDay->format('Y-m-d H:i:s')) - 1;
                         $nextDay = date('Y-m-d H:i:s', $nextDay);
                         $values = explode(' ', $nextDay);
                         $valueArray[1] = getValidDBInsertDateTimeValue($values[0]) . ' ' . $values[1];
                     } else {
                         $end = $valueArray[1];
                         $dateObject = new DateTimeField($end);
                         $valueArray[1] = $dateObject->getDBInsertDateTimeValue();
                     }
                 } else {
                     $valueArray[0] = getValidDBInsertDateTimeValue($valueArray[0]);
                     $dateTimeStart = explode(' ', $valueArray[0]);
                     if ($dateTimeStart[1] == '00:00:00' && $operator != 'between') {
                         $valueArray[0] = $dateTimeStart[0];
                     }
                     $valueArray[1] = getValidDBInsertDateTimeValue($valueArray[1]);
                     $dateTimeEnd = explode(' ', $valueArray[1]);
                     if ($dateTimeEnd[1] == '00:00:00' || $dateTimeEnd[1] == '23:59:59') {
                         $valueArray[1] = $dateTimeEnd[0];
                     }
                 }
             }
             if ($operator == 'notequal') {
                 $sql[] = "NOT BETWEEN " . $db->quote($valueArray[0]) . " AND " . $db->quote($valueArray[1]);
             } else {
                 $sql[] = "BETWEEN " . $db->quote($valueArray[0]) . " AND " . $db->quote($valueArray[1]);
             }
         }
         return $sql;
     }
     foreach ($valueArray as $value) {
         if (!$this->isStringType($field->getFieldDataType())) {
             $value = trim($value);
         }
         if ($operator == 'empty' || $operator == 'y') {
             $sql[] = sprintf("IS NULL OR %s = ''", $this->getSQLColumn($field->getFieldName()));
             continue;
         }
         if ($operator == 'ny') {
             $sql[] = sprintf("IS NOT NULL AND %s != ''", $this->getSQLColumn($field->getFieldName()));
             continue;
         }
         if (strtolower(trim($value)) == 'null' || trim($value) == '' && !$this->isStringType($field->getFieldDataType()) && ($operator == 'e' || $operator == 'n')) {
             if ($operator == 'e') {
                 $sql[] = "IS NULL";
                 continue;
             }
             $sql[] = "IS NOT NULL";
             continue;
         } elseif ($field->getFieldDataType() == 'boolean') {
             $value = strtolower($value);
             if ($value == 'yes') {
                 $value = 1;
             } elseif ($value == 'no') {
                 $value = 0;
             }
         } elseif ($this->isDateType($field->getFieldDataType())) {
             // For "after" and "before" conditions
             $values = explode(' ', $value);
             if (($operator == 'a' || $operator == 'b') && count($values) == 2) {
                 if ($operator == 'a') {
                     // for after comparator we should check the date after the given
                     $dateTime = new DateTime($value);
                     $modifiedDate = $dateTime->modify('+1 days');
                     $nextday = $modifiedDate->format('Y-m-d H:i:s');
                     $temp = strtotime($nextday) - 1;
                     $date = date('Y-m-d H:i:s', $temp);
                     $value = getValidDBInsertDateTimeValue($date);
                 } else {
                     $dateTime = new DateTime($value);
                     $prevday = $dateTime->format('Y-m-d H:i:s');
                     $temp = strtotime($prevday) - 1;
                     $date = date('Y-m-d H:i:s', $temp);
                     $value = getValidDBInsertDateTimeValue($date);
                 }
             } else {
                 $value = getValidDBInsertDateTimeValue($value);
                 $dateTime = explode(' ', $value);
                 if ($dateTime[1] == '00:00:00') {
                     $value = $dateTime[0];
                 }
             }
         } else {
             if (in_array($field->getFieldDataType(), $inEqualityFieldTypes)) {
                 $table = get_html_translation_table(HTML_ENTITIES, ENT_COMPAT, vglobal('default_charset'));
                 $chars = implode('', array_keys($table));
                 if (preg_match("/[{$chars}]+/", $value) === 1) {
                     if ($operator == 'g' || $operator == 'l') {
                         $value = substr($value, 4);
                     } else {
                         if ($operator == 'h' || $operator == 'm') {
                             $value = substr($value, 5);
                         }
                     }
                 }
             } else {
                 if ($field->getFieldDataType() === 'currency') {
                     $uiType = $field->getUIType();
                     if ($uiType == 72) {
                         $value = CurrencyField::convertToDBFormat($value, null, true);
                     } elseif ($uiType == 71) {
                         $value = CurrencyField::convertToDBFormat($value);
                     }
                 }
             }
         }
         if ($field->getFieldName() == 'birthday' && !$this->isRelativeSearchOperators($operator)) {
             $value = "DATE_FORMAT(" . $db->quote($value) . ", '%m%d')";
         } else {
             $value = $db->sql_escape_string($value, true);
         }
         if ($field->getFieldDataType() == 'multiReferenceValue' && in_array($operator, ['e', 's', 'ew', 'c'])) {
             $sql[] = "LIKE '%{$value}%'";
             continue;
         } else {
             if ($field->getFieldDataType() == 'multiReferenceValue' && in_array($operator, ['n', 'k'])) {
                 $sql[] = "NOT LIKE '%{$value}%'";
                 continue;
             }
         }
         if (trim($value) == '' && ($operator == 's' || $operator == 'ew' || $operator == 'c') && ($this->isStringType($field->getFieldDataType()) || $field->getFieldDataType() == 'picklist' || $field->getFieldDataType() == 'multipicklist')) {
             $sql[] = "LIKE ''";
             continue;
         }
         if (trim($value) == '' && $operator == 'om' && in_array($field->getFieldName(), $this->ownerFields)) {
             $sql[] = " = '" . Users_Record_Model::getCurrentUserModel()->get('id') . "'";
             continue;
         }
         if ($field->getUIType() == 120) {
             $shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($this->getModule());
             if ($operator == 'om') {
                 $sql[] = 'vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid = ' . Users_Record_Model::getCurrentUserModel()->get('id') . ')';
             } else {
                 if (in_array($operator, ['e', 's', 'ew', 'c'])) {
                     $sql[] = 'vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid = ' . $value . ')';
                 } else {
                     if (in_array($operator, ['n', 'k'])) {
                         $sql[] = 'vtiger_crmentity.crmid NOT IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid = ' . $value . ')';
                     }
                 }
             }
             continue;
         }
         if (trim($value) == '' && $operator == 'k' && $this->isStringType($field->getFieldDataType())) {
             $sql[] = "NOT LIKE ''";
             continue;
         }
         $sqlOperatorData = $this->getSqlOperator($operator, $value);
         $sqlOperator = $sqlOperatorData[0];
         $value = $sqlOperatorData[1];
         if (!$this->isNumericType($field->getFieldDataType()) && ($field->getFieldName() != 'birthday' || $field->getFieldName() == 'birthday' && $this->isRelativeSearchOperators($operator))) {
             $value = "'{$value}'";
         }
         if ($this->isNumericType($field->getFieldDataType()) && empty($value)) {
             $value = '0';
         }
         $sql[] = "{$sqlOperator} {$value}";
     }
     return $sql;
 }

Example #6

Show file

File: CRMEntity.php Project: Bergdahls/YetiForceCRM

 function getUserAccessConditionsQuerySR($module, $current_user = false, $relatedRecord = false)
 {
     if ($current_user == false) {
         $current_user = vglobal('current_user');
     }
     require 'user_privileges/user_privileges_' . $current_user->id . '.php';
     require 'user_privileges/sharing_privileges_' . $current_user->id . '.php';
     global $shared_owners;
     $is_admin = is_admin($current_user);
     $sharedParameter = $securityParameter = '';
     $query = '';
     $tabId = getTabid($module);
     if ($relatedRecord) {
         $role = getRoleInformation($current_user->roleid);
         if ($role['listrelatedrecord'] != 0) {
             $rparentRecord = Users_Privileges_Model::getParentRecord($relatedRecord, false, $role['listrelatedrecord']);
             if ($rparentRecord) {
                 $relatedRecord = $rparentRecord;
             }
             $recordMetaData = Vtiger_Functions::getCRMRecordMetadata($relatedRecord);
             $recordPermission = Users_Privileges_Model::isPermitted($recordMetaData['setype'], 'DetailView', $relatedRecord);
             if (!$recordPermission) {
                 throw new AppException('LBL_PERMISSION_DENIED');
             }
             if ($recordMetaData['smownerid'] == $current_user->id) {
                 return '';
             }
         }
     }
     if ($is_admin == false && $profileGlobalPermission[1] == 1 && $profileGlobalPermission[2] == 1 && $defaultOrgSharingPermission[$tabId] == 3) {
         $securityParameter = $this->getUserAccessConditionsQuery($module, $current_user);
         $shownerid = array_merge([$current_user->id], $current_user_groups);
         $shownersTable = Vtiger_SharedOwner_UIType::getShownerTable($module);
         $sharedParameter .= 'vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM ' . $shownersTable . ' WHERE userid IN (' . implode(',', $shownerid) . '))';
     }
     if ($shared_owners == true) {
         if ($securityParameter != '') {
             $query .= " AND ( ({$securityParameter}) OR ({$sharedParameter}) )";
         } elseif ($sharedParameter != '') {
             $query .= ' AND (' . $sharedParameter . ')';
         }
     } else {
         $query .= $securityParameter;
     }
     return $query;
 }