public function save(waContact $contact, $fields)
 {
     if (!isset($fields['categories'])) {
         return TRUE;
     }
     if (empty($fields['categories'][0])) {
         $fields['categories'] = array();
     }
     if (wa()->getApp() == 'contacts' && !wa()->getUser()->getRights('contacts', 'category.all')) {
         // only save categories available for current user to see, and do not change others
         $crm = new contactsRightsModel();
         $cats = $this->getModel()->getContactCategories($contact->getId());
         $allowed = $crm->getAllowedCategories();
         $set = $fields['categories'] ? array_flip($fields['categories']) : array();
         foreach ($allowed as $id => $cat) {
             if (isset($set[$id])) {
                 $cats[$id] = true;
             } else {
                 unset($cats[$id]);
             }
         }
         $fields['categories'] = array_keys($cats);
     }
     $this->getModel()->setContactCategories($contact->getId(), $fields['categories']);
     return TRUE;
 }
 function getOptions($id = null)
 {
     if (!$this->model) {
         $this->model = new waContactCategoryModel();
     }
     if (!$this->categories) {
         $this->categories = $this->model->getALl('id');
     }
     // Checklist options, category_id => name
     $options = array();
     foreach ($this->categories as $id => $row) {
         $options[$id] = $row['name'];
     }
     // Admins are allowed to see everything, and person outside of contacts app can see a list of categories too
     if (wa()->getApp() != 'contacts' || wa()->getUser()->getRights('contacts', 'category.all')) {
         return $options;
     }
     // Only load categories available for current user
     $crm = new contactsRightsModel();
     $allowed = $crm->getAllowedCategories();
     foreach ($options as $id => $row) {
         if (!isset($allowed[$id])) {
             unset($options[$id]);
         }
     }
     return $options;
 }
 public function execute()
 {
     // Only show categories available to current user
     $crm = new contactsRightsModel();
     $cm = new waContactCategoryModel();
     // List of categories user is allowed to add contacts to
     $categories = $cm->getAll('id');
     $allowed = $crm->getAllowedCategories();
     if ($allowed === true) {
         $allowed = $categories;
     }
     foreach ($categories as $id => &$cat) {
         if (!isset($allowed[$id]) || $cat['system_id']) {
             unset($categories[$id]);
         }
         $cat = $cat['name'];
     }
     unset($cat);
     // Set of catorories that are always checked and disabled in list
     $d = waRequest::get('disabled');
     if (!is_array($d)) {
         $d = array($d);
     }
     $this->view->assign('categories', $categories);
     $this->view->assign('disabled', array_fill_keys($d, true));
 }
 public function execute()
 {
     $system = wa();
     $datetime = $system->getDateTime();
     if (!($this->id = (int) waRequest::get('id'))) {
         throw new waException('No id specified.');
     }
     $user = $this->getUser()->getRights('contacts', 'backend');
     $admin = $user >= 2;
     $ownProfile = $this->id == wa()->getUser()->getId();
     $cr = new contactsRightsModel();
     if (!$cr->getRight(null, $this->id)) {
         if ($user && $ownProfile) {
             $this->view->assign('readonly', true);
         } else {
             throw new waRightsException('Access denied.');
         }
     }
     $this->getContactInfo();
     $this->getUserInfo();
     // free or premium app?
     $this->view->assign('versionFull', $this->getConfig()->getInfo('edition') === 'full');
     // collect data from other applications to show in tabs (for premium app only)
     if ($this->getConfig()->getInfo('edition') === 'full') {
         $links = array();
         foreach (wa()->event('profile.tab', $this->id) as $app_id => $one_or_more_links) {
             if (!isset($one_or_more_links['html'])) {
                 $i = '';
                 foreach ($one_or_more_links as $link) {
                     $key = isset($link['id']) ? $link['id'] : $app_id . $i;
                     $links[$key] = $link;
                     $i++;
                 }
             } else {
                 $key = isset($one_or_more_links['id']) ? $one_or_more_links['id'] : $app_id;
                 $links[$key] = $one_or_more_links;
             }
         }
         $this->view->assign('links', $links);
     }
     // tab to open by default
     $this->view->assign('tab', waRequest::get('tab'));
     $this->view->assign('admin', $admin);
     $this->view->assign('superadmin', $admin && $this->getUser()->getRights('webasyst', 'backend'));
     $this->view->assign('current_user_id', wa()->getUser()->getId());
     $this->view->assign('limitedCategories', $admin || $this->getRights('category.all') ? 0 : 1);
     // Update history
     if (($name = $this->contact->get('name')) || $name === '0') {
         $name = trim($this->contact->get('title') . ' ' . $name);
         $history = new contactsHistoryModel();
         $history->save('/contact/' . $this->id, $name);
     }
     // Update history in user's browser
     $historyModel = new contactsHistoryModel();
     $this->view->assign('history', $historyModel->get());
     $this->view->assign('wa_view', $this->view);
 }
 public function execute()
 {
     $ids = waRequest::post('id', array(), 'array_int');
     if (!$ids) {
         $ids = (int) waRequest::get('id');
         if (!$ids) {
             throw new Exception('No ids specified.');
         }
         $ids = array($ids);
     }
     // do not try to delete self
     if (in_array($this->getUser()->getId(), $ids)) {
         die('<p>' . _w('You can not delete yourself.') . '</p><p>' . _w('Please eliminate yourself from deletion list.') . '</p>');
     }
     // Only allow actions with contacts available for current user
     if (!$this->getRights('category.all')) {
         $crm = new contactsRightsModel();
         $ccm = new waContactCategoriesModel();
         $allowed = array_keys($crm->getAllowedCategories());
         foreach ($ccm->getContactsCategories($ids) as $id => $cats) {
             if (!array_intersect($allowed, $cats)) {
                 throw new waRightsException('Access denied');
             }
         }
     }
     $superadmin = wa()->getUser()->getRights('webasyst', 'backend');
     $result = wa()->event('links', $ids);
     $this->view->assign('apps', wa()->getApps());
     $links = array();
     foreach ($result as $app_id => $app_links) {
         foreach ($app_links as $contact_id => $contact_links) {
             if ($contact_links) {
                 $links[$contact_id][$app_id] = $contact_links;
             }
         }
     }
     // Do not allow non-superadmin to remove users
     if (!$superadmin) {
         $um = new waUserModel();
         $users = array_keys($um->getByField(array('id' => $ids, 'is_user' => 1), 'id'));
         foreach ($users as $user_id) {
             if (!isset($links[$user_id]['contacts'])) {
                 $links[$user_id]['contacts'] = array();
             }
             $links[$user_id]['contacts'][] = array('user', 1);
         }
     }
     $contact_model = new waContactModel();
     $this->view->assign('ids', $superadmin ? $ids : array_diff($ids, array_keys($links)));
     $this->view->assign('contacts', $contact_model->getName(array_keys($links)));
     $this->view->assign('superadmin', $superadmin);
     $this->view->assign('all', count($ids));
     $this->view->assign('links', $links);
 }
 public function execute()
 {
     $superadmin = $this->getUser()->getRights('webasyst', 'backend');
     $contacts = waRequest::post('id', array(), 'array_int');
     // do not try to delete self
     if (in_array($this->getUser()->getId(), $contacts)) {
         throw new waRightsException('Access denied: attempt to delete own account.');
     }
     $this->getRights();
     $crm = new contactsRightsModel();
     $contacts = $crm->getAllowedContactsIds($contacts);
     if (!$contacts) {
         throw new waRightsException('Access denied: no access to contacts ');
     }
     // Deletion of contacts with links to other applications is only allowed to superadmins
     if (!$superadmin && ($links = wa()->event('links', $contacts))) {
         foreach ($links as $app_id => $l) {
             foreach ($l as $contact_id => $contact_links) {
                 if ($contact_links) {
                     throw new waRightsException('Access denied: only superadmin is allowed to delete contacts with links to other applications.');
                 }
             }
         }
     }
     // Are there users among $contacts?
     $um = new waUserModel();
     $users = array_keys($um->getByField(array('id' => $contacts, 'is_user' => 1), 'id'));
     // deletion of users is only allowed to superadmins
     if (!$superadmin && $users) {
         throw new waRightsException('Access denied: only superadmin is allowed to delete users.');
     }
     // Revoke user access before deletion
     foreach ($users as $user_id) {
         waUser::revokeUser($user_id);
     }
     $contact_model = new waContactModel();
     $cnt = count($contacts);
     if ($cnt > 30) {
         $log_params = $cnt;
     } else {
         // contact names
         $log_params = $contact_model->getName($contacts);
     }
     $history_model = new contactsHistoryModel();
     foreach ($contacts as $contact_id) {
         $history_model->deleteByField(array('type' => 'add', 'hash' => '/contact/' . $contact_id));
     }
     // Bye bye...
     $contact_model->delete($contacts);
     // also throws a contacts.delete event
     $this->response['deleted'] = $cnt;
     $this->response['message'] = sprintf(_w("%d contact has been deleted", "%d contacts have been deleted", $this->response['deleted']), $this->response['deleted']);
     $this->logAction('contact_delete', $log_params);
 }
 public function execute()
 {
     $superadmin = $this->getUser()->getRights('webasyst', 'backend');
     $contacts = waRequest::post('id', array(), 'array_int');
     // do not try to delete self
     if (in_array($this->getUser()->getId(), $contacts)) {
         throw new waRightsException('Access denied: attempt to delete own account.');
     }
     // Only allow actions with contacts available for current user
     if (!$this->getRights('category.all')) {
         $crm = new contactsRightsModel();
         $ccm = new waContactCategoriesModel();
         $allowed = array_keys($crm->getAllowedCategories());
         foreach ($ccm->getContactsCategories($contacts) as $id => $cats) {
             if (!array_intersect($allowed, $cats)) {
                 throw new waRightsException('Access denied: no access to contact ' . $id);
             }
         }
     }
     // Deletion of contacts with links to other applications is only allowed to superadmins
     if (!$superadmin && ($links = wa()->event('links', $contacts))) {
         foreach ($links as $app_id => $l) {
             foreach ($l as $contact_id => $contact_links) {
                 if ($contact_links) {
                     throw new waRightsException('Access denied: only superadmin is allowed to delete contacts with links to other applications.');
                 }
             }
         }
     }
     // Are there users among $contacts?
     $um = new waUserModel();
     $users = array_keys($um->getByField(array('id' => $contacts, 'is_user' => 1), 'id'));
     // deletion of users is only allowed to superadmins
     if (!$superadmin && $users) {
         throw new waRightsException('Access denied: only superadmin is allowed to delete users.');
     }
     // Revoke user access before deletion
     foreach ($users as $user_id) {
         waUser::revokeUser($user_id);
     }
     // Bye bye...
     $contact_model = new waContactModel();
     $contact_model->delete($contacts);
     // also throws a contacts.delete event
     $this->response['deleted'] = count($contacts);
     $this->response['message'] = sprintf(_w("%d contact has been deleted", "%d contacts have been deleted", $this->response['deleted']), $this->response['deleted']);
     $this->log('contact_delete', count($contacts));
 }
 public function execute()
 {
     $this->view->assign('views', null);
     $this->view->assign('settings', $this->getUser()->getSettings('contacts'));
     $historyModel = new contactsHistoryModel();
     $this->view->assign('history', $historyModel->get());
     $cc = new contactsCollection();
     $this->view->assign('totalContacts', $cc->count());
     // only show categories available to current user
     $crm = new contactsRightsModel();
     $wcrm = new waContactRightsModel();
     $ccm = new waContactCategoryModel();
     $allowed = $crm->getAllowedCategories();
     $categories = array();
     if ($allowed === true) {
         $categories = $ccm->getAll();
     } else {
         if ($allowed) {
             foreach ($ccm->getAll() as $cat) {
                 if (isset($allowed[$cat['id']])) {
                     $categories[] = $cat;
                 }
             }
         }
     }
     $this->view->assign('categories', $categories);
     // User views are only available to global admin
     $r = new waContactRightsModel();
     $this->view->assign('superadmin', FALSE);
     $this->view->assign('admin', FALSE);
     if (wa()->getUser()->getRights('webasyst', 'backend')) {
         $this->view->assign('superadmin', TRUE);
         $this->view->assign('admin', TRUE);
         $group_model = new waGroupModel();
         $this->view->assign('groups', $group_model->getAll());
         $cc = new contactsCollection('/users/all/');
         $this->view->assign('totalUsers', $cc->count());
     } else {
         if (wa()->getUser()->getRights('contacts', 'backend') >= 2) {
             $this->view->assign('admin', TRUE);
         }
     }
     // is user allowed to add contacts?
     $this->view->assign('show_create', $wcrm->get(null, null, 'create'));
 }
 protected function checkAccess()
 {
     if ($this->getRights('category.all')) {
         return;
     }
     // Only allow actions with categories available for current user
     $crm = new contactsRightsModel();
     $allowed = $crm->getAllowedCategories();
     foreach (waRequest::post('categories', array(), 'array_int') as $id) {
         if (!isset($allowed[$id])) {
             throw new waRightsException('Access denied');
         }
     }
     // Only allow actions with contacts available for current user
     $allowed = array_keys($allowed);
     $ccm = new waContactCategoriesModel();
     foreach ($ccm->getContactsCategories(waRequest::post('contacts', array(), 'array_int')) as $id => $cats) {
         if (!array_intersect($allowed, $cats)) {
             throw new waRightsException('Access denied');
         }
     }
 }
Example #10
0
function wa_header()
{
    $system = waSystem::getInstance();
    if ($system->getEnv() == 'frontend') {
        return '';
    }
    $root_url = $system->getRootUrl();
    $backend_url = $system->getConfig()->getBackendUrl(true);
    $user = $system->getUser();
    $apps = $user->getApps();
    $current_app = $system->getApp();
    $app_settings_model = new waAppSettingsModel();
    $apps_html = '';
    $applist_class = '';
    $counts = wa()->getStorage()->read('apps-count');
    if (is_array($counts)) {
        $applist_class .= ' counts-cached';
    }
    foreach ($apps as $app_id => $app) {
        if (isset($app['img'])) {
            $img = '<img ' . (!empty($app['icon'][96]) ? 'data-src2="' . $root_url . $app['icon'][96] . '"' : '') . ' src="' . $root_url . $app['img'] . '" alt="">';
        } else {
            $img = '';
        }
        $count = '';
        $app_url = $backend_url . $app_id . '/';
        if ($counts && isset($counts[$app_id])) {
            if (is_array($counts[$app_id])) {
                $app_url = $counts[$app_id]['url'];
                $n = $counts[$app_id]['count'];
            } else {
                $n = $counts[$app_id];
            }
            if ($n) {
                $count = '<span class="indicator">' . $n . '</span>';
            }
        }
        $apps_html .= '<li id="wa-app-' . $app_id . '"' . ($app_id == $current_app ? ' class="selected"' : '') . '><a href="' . $app_url . '">' . $img . ' ' . $app['name'] . $count . '</a></li>';
    }
    $announcement_model = new waAnnouncementModel();
    $announcements = array();
    if ($current_app != 'webasyst') {
        $data = $announcement_model->getByApps($user->getId(), array_keys($apps), $user['create_datetime']);
        foreach ($data as $row) {
            // show no more than 1 message per application
            if (isset($announcements[$row['app_id']]) && count($announcements[$row['app_id']]) >= 1) {
                continue;
            }
            $announcements[$row['app_id']][] = $row['text'] . ' <span class="hint">' . waDateTime::format('humandatetime', $row['datetime']) . '</span>';
        }
    }
    $announcements_html = '';
    foreach ($announcements as $app_id => $texts) {
        $announcements_html .= '<a href="#" rel="' . $app_id . '" class="wa-announcement-close" title="close">&times;</a><p>';
        $announcements_html .= implode('<br />', $texts);
        $announcements_html .= '</p>';
    }
    if ($announcements_html) {
        $announcements_html = '<div id="wa-announcement">' . $announcements_html . '</div>';
    }
    $logout = _ws('logout');
    $userpic = '<img width="32" height="32" src="' . $user->getPhoto(32) . '" alt="">';
    $username = htmlspecialchars(waContactNameField::formatName($user), ENT_QUOTES, 'utf-8');
    // If the user has access to contacts app then show a link to his profile
    if (wa()->appExists('contacts')) {
        require_once wa()->getConfig()->getAppsPath('contacts', 'lib/models/contactsRights.model.php');
        try {
            $cr = new contactsRightsModel();
        } catch (waDbException $e) {
            wa('contacts');
            $cr = new contactsRightsModel();
        }
        if ($user->getRights('contacts', 'backend') && $cr->getRight(null, $user['id'])) {
            $userpic = '<a href="' . $backend_url . 'contacts/#/contact/' . $user['id'] . '">' . $userpic . '</a>';
            $username = '******' . $backend_url . 'contacts/#/contact/' . $user['id'] . '" id="wa-my-username">' . $username . '</a>';
        } else {
            $userpic = '<a href="' . $backend_url . '?module=profile">' . $userpic . '</a>';
            $username = '******' . $backend_url . '?module=profile" id="wa-my-username">' . $username . '</a>';
        }
    }
    $more = _ws('more');
    if ($applist_class) {
        $applist_class = ' class="' . trim($applist_class) . '"';
    }
    $company_name = htmlspecialchars($app_settings_model->get('webasyst', 'name', 'Webasyst'), ENT_QUOTES, 'utf-8');
    $company_url = $app_settings_model->get('webasyst', 'url', $system->getRootUrl(true));
    $version = wa()->getVersion();
    $strings = array('customize' => _ws('Customize dashboard'), 'done' => _ws('Done editing'), 'date' => _ws(waDateTime::date('l')) . ', ' . trim(str_replace(date('Y'), '', waDateTime::format('humandate')), ' ,/'));
    $html = <<<HTML
<script type="text/javascript">var backend_url = "{$backend_url}";</script>
{$announcements_html}
<div id="wa-header">
    <div id="wa-account">
HTML;
    if (wa()->getApp() == 'webasyst') {
        $html .= <<<HTML
        <h3>{$company_name} <a href="{$company_url}" class="wa-frontend-link" target="_blank"><i class="icon16 new-window"></i></a></h3>
        <a class="inline-link" id="show-dashboard-editable-mode" href="{$backend_url}"><b><i>{$strings['customize']}</i></b></a>
        <input id="close-dashboard-editable-mode" type="button" value="{$strings['done']}" style="display: none;">
HTML;
    } else {
        $html .= <<<HTML
        <a href="{$backend_url}" class="wa-dashboard-link"><h3>{$company_name}</h3>
        <span class="gray">{$strings['date']}</span></a>
HTML;
    }
    $html .= <<<HTML
    </div>
    <div id="wa-usercorner">
        <div class="profile image32px">
            <div class="image">
                {$userpic}
            </div>
            <div class="details">
                {$username}
                <p class="status"></p>
                <a class="hint" href="{$backend_url}?action=logout">{$logout}</a>
            </div>
        </div>
    </div>
    <div id="wa-applist" {$applist_class}>
        <ul>
            {$apps_html}
            <li>
                <a href="#" id="wa-moreapps"></a>
            </li>
        </ul>
HTML;
    if (wa()->getApp() == 'webasyst') {
        $html .= '<div class="d-dashboard-header-content">
            <div class="d-dashboards-list-wrapper" id="d-dashboards-list-wrapper"></div>
            <div class="d-dashboard-link-wrapper" id="d-dashboard-link-wrapper"><i class="icon10 lock-bw"></i> ' . _w('Only you can see this dashboard.') . '</div>
        </div>';
    }
    $html .= <<<HTML
    </div>
</div>
<script id="wa-header-js" type="text/javascript" src="{$root_url}wa-content/js/jquery-wa/wa.header.js?v{$version}"></script>
HTML;
    return $html;
}
 public function execute()
 {
     $system = wa();
     $datetime = $system->getDateTime();
     $user = $this->getUser()->getRights('contacts', 'backend');
     $admin = $user >= 2;
     $cr = new contactsRightsModel();
     if (!empty($this->params['limited_own_profile'])) {
         $this->id = wa()->getUser()->getId();
         $this->view->assign('limited_own_profile', true);
         $this->view->assign('save_url', '?module=profile&action=save');
         $this->view->assign('password_save_url', '?module=profile&action=password');
         $this->view->assign('save_geocoords_url', '?module=profile&action=saveGeocoords');
         $this->view->assign('photo_upload_url', '?module=profile&action=tmpimage');
         $this->view->assign('photo_editor_url', '?module=profile&action=photo');
         $this->view->assign('photo_editor_uploaded_url', '?module=profile&action=photo&uploaded=1');
     } else {
         $this->id = (int) waRequest::get('id');
         if (empty($this->id)) {
             throw new waException('No id specified.');
         }
         $r = $cr->getRight(null, $this->id);
         //var_dump($r );exit;
         if (!$r) {
             throw new waRightsException(_w('Access denied'));
         } else {
             $this->view->assign('readonly', $r === 'read');
         }
     }
     $exists = $this->getContactInfo();
     if ($exists) {
         $this->getUserInfo();
         $this->view->assign('last_view_context', $this->getLastViewContext());
         // collect data from other applications to show in tabs
         if (empty($this->params['limited_own_profile'])) {
             $links = array();
             foreach (wa()->event('profile.tab', $this->id) as $app_id => $one_or_more_links) {
                 if (!isset($one_or_more_links['html'])) {
                     $i = '';
                     foreach ($one_or_more_links as $link) {
                         $key = isset($link['id']) ? $link['id'] : $app_id . $i;
                         $links[$key] = $link;
                         $i++;
                     }
                 } else {
                     $key = isset($one_or_more_links['id']) ? $one_or_more_links['id'] : $app_id;
                     $links[$key] = $one_or_more_links;
                 }
             }
             $this->view->assign('links', $links);
         }
         // tab to open by default
         $this->view->assign('tab', waRequest::get('tab'));
         $this->view->assign('admin', $admin);
         $this->view->assign('superadmin', $admin && $this->getUser()->getRights('webasyst', 'backend'));
         $this->view->assign('current_user_id', wa()->getUser()->getId());
         $this->view->assign('can_edit', $cr->getRight(null, $this->id));
         // Update history
         if (empty($this->params['limited_own_profile'])) {
             $name = $this->contact->get('name');
             if ($name || $name === '0') {
                 $history = new contactsHistoryModel();
                 $history->save('/contact/' . $this->id, $name);
             }
             // Update history in user's browser
             $historyModel = new contactsHistoryModel();
             $this->view->assign('history', $historyModel->get());
         }
         $this->view->assign('wa_view', $this->view);
         $this->view->assign('access_disable_msg', contactsHelper::getAccessDisableMsg($this->contact));
         $this->view->assign('my_url', wa()->getRootUrl(true) . 'my/');
         $this->view->assign('backend_url', wa()->getRootUrl(true) . wa()->getConfig()->getBackendUrl(false) . '/');
         $this->view->assign('static_url', wa()->getAppStaticUrl('contacts'));
     }
     $this->view->assign('exists', $exists);
     if ($this->getRequest()->request('standalone')) {
         /**
          * Include plugins js and css
          * @event backend_assets
          * @return array[string]string $return[%plugin_id%]
          */
         $this->view->assign('backend_assets', wa()->event('backend_assets'));
     }
     $auth = wa()->getAuthConfig();
     $this->view->assign('personal_portal_available', !empty($auth['app']));
     /*
      * @event backend_contact_info
      * @return array[string]array $return[%plugin_id%] array of html output
      * @return array[string][string]string $return[%plugin_id%]['after_header'] html output
      * @return array[string][string]string $return[%plugin_id%]['header'] html output
      * @return array[string][string]string $return[%plugin_id%]['before_header'] html output
      * @return array[string][string]string $return[%plugin_id%]['before_top'] html output
      * @return array[string][string]string $return[%plugin_id%]['top'] html output
      * @return array[string][string]string $return[%plugin_id%]['after_top'] html output
      * @return array[string][string]string $return[%plugin_id%]['photo'] html output
      */
     $backend_contact_info_params = array('contact_id' => $this->id);
     $this->view->assign('backend_contact_info', wa()->event('backend_contact_info', $backend_contact_info_params));
 }
 public function clearRights($contact_id)
 {
     self::$model->deleteByField(array('group_id' => -$contact_id));
 }
 /**
  * Delete one or more contacts and fire event сontacts.delete
  *
  * @event contacts.delete
  *
  * @param int|array $id - contact id or array of contact ids
  * @return bool
  */
 public function delete($id, $send_event = true)
 {
     if ($send_event) {
         // Fire @event contacts.delete allowing other applications to clean up their data
         if (!is_array($id)) {
             $id = array($id);
         }
         wa()->event(array('contacts', 'delete'), $id);
     }
     if (is_array($id)) {
         $nid = array();
         foreach ($id as $i) {
             $nid[] = -(int) $i;
         }
     } else {
         $nid = -(int) $id;
     }
     // Delete rights
     $right_model = new waContactRightsModel();
     $right_model->deleteByField('group_id', $nid);
     // Delete settings
     $setting_model = new waContactSettingsModel();
     $setting_model->deleteByField('contact_id', $id);
     // Delete emails
     $contact_email_model = new waContactEmailsModel();
     $contact_email_model->deleteByField('contact_id', $id);
     // Delete from groups
     $user_groups_model = new waUserGroupsModel();
     $user_groups_model->deleteByField('contact_id', $id);
     // Delete from contact lists
     if (class_exists('contactsContactListsModel')) {
         // @todo: Use plugin for contacts
         $contact_lists_model = new contactsContactListsModel();
         $contact_lists_model->deleteByField('contact_id', $id);
     }
     // Delete from contact rights
     $contact_rights_model = new contactsRightsModel();
     $contact_rights_model->deleteByField('group_id', $nid);
     // Delete data
     $contact_data_model = new waContactDataModel();
     $contact_data_model->deleteByField('contact_id', $id);
     $contact_data_text_model = new waContactDataTextModel();
     $contact_data_text_model->deleteByField('contact_id', $id);
     //        // Delete contact from logs
     //        $login_log_model = new waLoginLogModel();
     //        $login_log_model->deleteByField('contact_id', $id);
     // Clear references
     $this->updateByField(array('company_contact_id' => $id), array('company_contact_id' => 0));
     // Delete contact
     return $this->deleteById($id);
 }
 public function execute()
 {
     $this->id = (int) waRequest::post('id');
     // Check access
     if (!$this->id) {
         if (!$this->getRights('create')) {
             throw new waRightsException('Access denied.');
         }
     } else {
         $cr = new contactsRightsModel();
         if ($cr->getRight(null, $this->id) != 'write') {
             throw new waRightsException('Access denied.');
         }
     }
     $this->type = waRequest::post('type');
     $this->contact = new waContact($this->id);
     if ($this->type == 'company') {
         $this->contact['is_company'] = 1;
     }
     $data = json_decode(waRequest::post('data'), true);
     if (!$this->id && !isset($data['create_method'])) {
         $data['create_method'] = 'add';
     }
     $oldLocale = $this->getUser()->getLocale();
     // get old data for logging
     if ($this->id) {
         $old_data = array();
         foreach ($data as $field_id => $field_value) {
             $old_data[$field_id] = $this->contact->get($field_id);
         }
     }
     $response = array();
     if (!($errors = $this->contact->save($data, true))) {
         if ($this->id) {
             $new_data = array();
             foreach ($data as $field_id => $field_value) {
                 if (!isset($errors[$field_id])) {
                     $response[$field_id] = $this->contact->get($field_id, 'js');
                     $new_data[$field_id] = $this->contact->get($field_id);
                 }
             }
             if (empty($errors)) {
                 $this->logContactEdit($old_data, $new_data);
             }
             $response['name'] = $this->contact->get('name', 'js');
             $response['top'] = contactsHelper::getTop($this->contact);
             $response['id'] = $this->contact->getId();
         } else {
             $response = array('id' => $this->contact->getId());
             $response['address'] = $this->contact->get('address', 'js');
             $this->logAction('contact_add', null, $this->contact->getId());
         }
         // Update recently added menu item
         $name = waContactNameField::formatName($this->contact);
         if ($name || $name === '0') {
             $history = new contactsHistoryModel();
             $history->save('/contact/' . $this->contact->getId(), $name, $this->id ? null : 'add');
             $history = $history->get();
             // to update history in user's browser
         }
     }
     // Reload page with new language if user just changed it in own profile
     if ($this->contact->getId() == $this->getUser()->getId() && $oldLocale != $this->contact->getLocale()) {
         $response['reload'] = true;
     }
     $this->response = array('errors' => $errors, 'data' => $response);
     if (isset($history)) {
         $this->response['history'] = $history;
     }
 }
Example #15
0
 /**
  * Verifies current user's access rights to contact with specified id.
  *
  * @param int|null $contact_id Contact id. If not specified, access rights to all contacts are verified.
  * @return bool
  */
 public static function getContactRights($contact_id = null)
 {
     $rights = false;
     if (wa()->appExists('contacts')) {
         if ($contact_id) {
             wa('contacts');
             $contact_rights = new contactsRightsModel();
             if ($contact_rights->getRight(null, $contact_id)) {
                 $rights = true;
             }
         } else {
             $rights = wa()->getUser()->getRights('contacts');
             $rights = $rights && !empty($rights['backend']);
         }
     }
     return $rights;
 }
Example #16
0
function wa_header()
{
    $system = waSystem::getInstance();
    if ($system->getEnv() == 'frontend') {
        return '';
    }
    $root_url = $system->getRootUrl();
    $backend_url = $system->getConfig()->getBackendUrl(true);
    $user = $system->getUser();
    $apps = $user->getApps();
    $current_app = $system->getApp();
    $app_settings_model = new waAppSettingsModel();
    $apps_html = '';
    $applist_class = '';
    $counts = wa()->getStorage()->read('apps-count');
    if (is_array($counts)) {
        $applist_class .= ' counts-cached';
    }
    foreach ($apps as $app_id => $app) {
        if (isset($app['img'])) {
            $img = '<img ' . (!empty($app['icon'][96]) ? 'data-src2="' . $root_url . $app['icon'][96] . '"' : '') . ' src="' . $root_url . $app['img'] . '" alt="">';
        } else {
            $img = '';
        }
        $count = '';
        $app_url = $backend_url . $app_id . '/';
        if ($counts && isset($counts[$app_id])) {
            if (is_array($counts[$app_id])) {
                $app_url = $counts[$app_id]['url'];
                $n = $counts[$app_id]['count'];
            } else {
                $n = $counts[$app_id];
            }
            if ($n) {
                $count = '<span class="indicator">' . $n . '</span>';
            }
        }
        $apps_html .= '<li id="wa-app-' . $app_id . '"' . ($app_id == $current_app ? ' class="selected"' : '') . '><a href="' . $app_url . '">' . $img . ' ' . $app['name'] . $count . '</a></li>';
    }
    if ($system->getRequest()->isMobile(false)) {
        $top_url = '<a href="' . $backend_url . '?mobile=1">mobile version</a>';
    } else {
        $url = $app_settings_model->get('webasyst', 'url', $system->getRootUrl(true));
        $url_info = @parse_url($url);
        if ($url_info) {
            $url_name = '';
            if (empty($url_info['scheme'])) {
                $url = 'http://' . $url;
            }
            if (isset($url_info['host'])) {
                $url_name .= $url_info['host'];
            }
            if (isset($url_info['path'])) {
                if ($url_info['path'] == '/' && !isset($url_info['query'])) {
                } else {
                    $url_name .= $url_info['path'];
                }
            }
            if (isset($url_info['query'])) {
                $url_name .= '?' . $url_info['query'];
            }
        } else {
            $url = $url_name = $system->getRootUrl(true);
        }
        $top_url = '<a target="_blank" href="' . $url . '">' . $url_name . '</a>';
    }
    $announcement_model = new waAnnouncementModel();
    $data = $announcement_model->getByApps($user->getId(), array_keys($apps), $user['create_datetime']);
    $announcements = array();
    foreach ($data as $row) {
        // show no more than 1 message per application
        if (isset($announcements[$row['app_id']]) && count($announcements[$row['app_id']]) >= 1) {
            continue;
        }
        $announcements[$row['app_id']][] = $row['text'] . ' <span class="hint">' . waDateTime::format('humandatetime', $row['datetime']) . '</span>';
    }
    $announcements_html = '';
    foreach ($announcements as $app_id => $texts) {
        $announcements_html .= '<a href="#" rel="' . $app_id . '" class="wa-announcement-close inline-link" title="close"><b><i>' . _ws('Close') . '</i></b></a><p>';
        $announcements_html .= implode('<br />', $texts);
        $announcements_html .= '</p>';
    }
    if ($announcements_html) {
        $announcements_html = '<div id="wa-announcement">' . $announcements_html . '</div>';
    }
    $logout = _ws('logout');
    $userpic = '<img width="32" height="32" src="' . $user->getPhoto(32) . '" alt="">';
    $username = htmlspecialchars(waContactNameField::formatName($user), ENT_QUOTES, 'utf-8');
    // If the user has access to contacts app then show a link to his profile
    if (wa()->appExists('contacts')) {
        require_once wa()->getConfig()->getAppsPath('contacts', 'lib/models/contactsRights.model.php');
        try {
            $cr = new contactsRightsModel();
        } catch (waDbException $e) {
            wa('contacts');
            $cr = new contactsRightsModel();
        }
        if ($user->getRights('contacts', 'backend') && $cr->getRight(null, $user['id'])) {
            $userpic = '<a href="' . $backend_url . 'contacts/#/contact/' . $user['id'] . '">' . $userpic . '</a>';
            $username = '******' . $backend_url . 'contacts/#/contact/' . $user['id'] . '" id="wa-my-username">' . $username . '</a>';
        } else {
            $userpic = '<a href="' . $backend_url . '?module=profile">' . $userpic . '</a>';
            $username = '******' . $backend_url . '?module=profile" id="wa-my-username">' . $username . '</a>';
        }
    }
    $more = _ws('more');
    if ($applist_class) {
        $applist_class = ' class="' . trim($applist_class) . '"';
    }
    $company_name = htmlspecialchars($app_settings_model->get('webasyst', 'name', 'Webasyst'), ENT_QUOTES, 'utf-8');
    $version = wa()->getVersion();
    $html = <<<HTML
<script type="text/javascript">var backend_url = "{$backend_url}";</script>
{$announcements_html}
<div id="wa-header">
    <div id="wa-account">
        <h3>{$company_name}</h3>
        {$top_url}
    </div>
    <div id="wa-usercorner">
        <div class="profile image32px">
            <div class="image">
                {$userpic}
            </div>
            <div class="details">
                {$username}
                <p class="status"></p>
                <a class="hint" href="{$backend_url}?action=logout">{$logout}</a>
            </div>
        </div>
    </div>
    <div id="wa-applist" {$applist_class}>
        <ul>
            {$apps_html}
            <li>
                <a href="#" id="wa-moreapps"></a>
            </li>
        </ul>
    </div>
</div>
<script id="wa-header-js" type="text/javascript" src="{$root_url}wa-content/js/jquery-wa/wa.header.js?v{$version}"></script>
HTML;
    return $html;
}
 public function execute()
 {
     $this->id = (int) waRequest::post('id');
     // Check access
     if (!$this->id) {
         if (!$this->getRights('create')) {
             throw new waRightsException('Access denied.');
         }
     } else {
         $cr = new contactsRightsModel();
         if ($cr->getRight(null, $this->id) != 'write') {
             throw new waRightsException('Access denied.');
         }
     }
     $this->type = waRequest::post('type');
     $this->contact = new waContact($this->id);
     if ($this->type == 'company') {
         $this->contact['is_company'] = 1;
     }
     $data = json_decode(waRequest::post('data'), true);
     if (!$this->id && !isset($data['create_method'])) {
         $data['create_method'] = 'add';
     }
     $oldLocale = $this->getUser()->getLocale();
     $response = array();
     if (!($errors = $this->contact->save($data, true))) {
         if ($this->id) {
             foreach ($data as $field_id => $field_value) {
                 if (!isset($errors[$field_id])) {
                     $response[$field_id] = $this->contact->get($field_id, 'js');
                 }
             }
             $response['name'] = $this->contact->get('name', 'js');
             $fields = array('email', 'phone', 'im');
             $top = array();
             foreach ($fields as $f) {
                 if ($v = $this->contact->get($f, 'top,html')) {
                     $top[] = array('id' => $f, 'name' => waContactFields::get($f)->getName(), 'value' => is_array($v) ? implode(', ', $v) : $v);
                 }
             }
             $response['top'] = $top;
         } else {
             $response = array('id' => $this->contact->getId());
             $this->log('contact_add', 1);
         }
         // Update recently added menu item
         if (($name = $this->contact->get('name')) || $name === '0') {
             $name = trim($this->contact->get('title') . ' ' . $name);
             $history = new contactsHistoryModel();
             $history->save('/contact/' . $this->contact->getId(), $name, $this->id ? null : 'add');
             $history = $history->get();
             // to update history in user's browser
         }
     }
     // Reload page with new language if user just changed it in own profile
     if ($this->contact->getId() == $this->getUser()->getId() && $oldLocale != $this->contact->getLocale()) {
         $response['reload'] = TRUE;
     }
     $this->response = array('errors' => $errors, 'data' => $response);
     if (isset($history)) {
         $this->response['history'] = $history;
     }
 }