/** * Validates if current user has rights to push dashboard to users * @return bool */ public static function canCurrentUserPushDashboardOrLayout() { if (RightsUtil::doesUserHaveAllowByRightName('ZurmoModule', ZurmoModule::RIGHT_PUSH_DASHBOARD_OR_LAYOUT, Yii::app()->user->userModel)) { return true; } return false; }
/** * @return string content * @param EmailMessage object $emailMessage * @param User object $user */ public static function renderEmailMessageToMatchContent(EmailMessage $emailMessage, $user) { $userCanAccessContacts = RightsUtil::canUserAccessModule('ContactsModule', $user); $userCanAccessLeads = RightsUtil::canUserAccessModule('LeadsModule', $user); $userCanCreateContact = RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getCreateRight(), $user); $userCanCreateLead = RightsUtil::doesUserHaveAllowByRightName('LeadsModule', LeadsModule::getCreateRight(), $user); if ($userCanAccessLeads && $userCanAccessContacts) { $selectForm = new AnyContactSelectForm(); } elseif (!$userCanAccessLeads && $userCanAccessContacts) { $selectForm = new ContactSelectForm(); } else { $selectForm = new LeadSelectForm(); } if ($userCanCreateContact && $userCanCreateLead) { $gridSize = 3; } elseif ($userCanCreateContact || $userCanCreateLead) { $gridSize = 2; } else { $gridSize = 1; } $contact = new Contact(); self::resolveEmailAddressAndNameToContact($emailMessage, $contact); $view = new ArchivedEmailMatchingView('default', 'emailMessages', $emailMessage, $contact, $selectForm, $userCanAccessLeads, $userCanAccessContacts, $userCanCreateContact, $userCanCreateLead, $gridSize); return $view->render(); }
/** * Based on the current user, return the importRules types and their display labels. Only include import rules * that the user has a right to access its corresponding module. * @return array of import rules types and display labels. */ public static function getImportRulesTypesForCurrentUser() { //todo: cache results to improve performance if needed. $importRulesTypes = array(); $modules = Module::getModuleObjects(); foreach ($modules as $module) { $rulesClassNames = $module::getAllClassNamesByPathFolder('rules'); foreach ($rulesClassNames as $ruleClassName) { $classToEvaluate = new ReflectionClass($ruleClassName); if (is_subclass_of($ruleClassName, 'ImportRules') && !$classToEvaluate->isAbstract()) { $moduleClassNames = $ruleClassName::getModuleClassNames(); $addToArray = true; foreach ($moduleClassNames as $moduleClassNameToCheckAccess) { if (!RightsUtil::canUserAccessModule($moduleClassNameToCheckAccess, Yii::app()->user->userModel) || !RightsUtil::doesUserHaveAllowByRightName($moduleClassNameToCheckAccess, $moduleClassNameToCheckAccess::getCreateRight(), Yii::app()->user->userModel)) { $addToArray = false; } } if ($addToArray) { $importRulesTypes[$ruleClassName::getType()] = $ruleClassName::getDisplayLabel(); } } } } return $importRulesTypes; }
/** * @return string */ protected function getDefaultRoute() { if (RightsUtil::doesUserHaveAllowByRightName('ContactWebFormsModule', ContactWebFormsModule::getCreateRight(), Yii::app()->user->userModel)) { return Yii::app()->createUrl('contactWebForms/default/create/'); } return null; }
protected function preFilter($filterChain) { if (RightsUtil::doesUserHaveAllowByRightName($this->moduleClassName, $this->rightName, Yii::app()->user->userModel)) { return true; } static::processAccessFailure(); Yii::app()->end(0, false); }
public function getMenuItems() { $items = array(); if (RightsUtil::doesUserHaveAllowByRightName('WorkflowsModule', WorkflowsModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('WorkflowsModule', 'Create Workflow'), 'url' => Yii::app()->createUrl('workflows/default/create')); return $items; } return null; }
public function getMenuItems() { $items = array(); if (RightsUtil::doesUserHaveAllowByRightName('EmailTemplatesModule', EmailTemplatesModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('EmailTemplatesModule', 'Create Template'), 'url' => Yii::app()->createUrl('emailTemplates/default/create', array('type' => EmailTemplate::TYPE_WORKFLOW))); return $items; } return null; }
protected function getMenuItems() { $items = array(); if (RightsUtil::doesUserHaveAllowByRightName('CampaignsModule', CampaignsModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('CampaignsModule', 'Create Campaign'), 'url' => Yii::app()->createUrl('campaigns/default/create')); return $items; } return null; }
protected function renderContent() { $url = $this->getCreateMeetingUrl(); $content = ZurmoHtml::openTag('div', array('class' => $this->getIconName())); $content .= $this->getMessageContent(); if (RightsUtil::doesUserHaveAllowByRightName('MeetingsModule', MeetingsModule::getCreateRight(), Yii::app()->user->userModel)) { $content .= ZurmoHtml::link(ZurmoHtml::wrapLabel($this->getCreateLinkDisplayLabel()), $url, array('class' => 'z-button green-button')); } $content .= ZurmoHtml::closeTag('div'); return $content; }
/** * @return null or string containing create link */ public function getMenuItems() { $items = array(); if (RightsUtil::doesUserHaveAllowByRightName('ProductTemplatesModule', ProductTemplatesModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('ProductTemplatesModule', 'Create Category'), 'url' => Yii::app()->createUrl('productTemplates/category/create')); } if (!empty($items)) { return $items; } return null; }
protected function getMenuItems() { $items = array(); if (RightsUtil::doesUserHaveAllowByRightName('ProductsModule', ProductsModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('ProductsModule', 'Create ProductsModuleSingularLabel', LabelUtil::getTranslationParamsForAllModules()), 'url' => Yii::app()->createUrl('products/default/create')); } if (!empty($items)) { return $items; } return null; }
/** * @return boolean - true if user can perform action */ public function canUserPerformAction() { $rightToCheckArray = $this->getRightToCheck(); if (empty($rightToCheckArray) && $permissionToCheck == null) { throw new NotSupportedException(); } if (!empty($rightToCheckArray)) { if (!RightsUtil::doesUserHaveAllowByRightName($rightToCheckArray[0], $rightToCheckArray[1], $this->user)) { return false; } } return true; }
/** * Override to check for delete rights * Checks for $elementInformation['resolveToDisplay'] to be present and if it is, * will run the resolveName as a function on the group model. * @param $element * @param $elementInformation * @return bool */ protected function shouldRenderToolBarElement($element, $elementInformation) { assert('$element instanceof ActionElement'); assert('is_array($elementInformation)'); if (!parent::shouldRenderToolBarElement($element, $elementInformation)) { return false; } $actionType = $element->getActionType(); if ($actionType == null || $actionType != 'Delete') { return true; } return RightsUtil::doesUserHaveAllowByRightName('RolesModule', $actionType, Yii::app()->user->userModel); }
public function render() { $items = array(); if (RightsUtil::doesUserHaveAllowByRightName('WorkflowsModule', WorkflowsModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('WorkflowsModule', 'Create Workflow'), 'url' => Yii::app()->createUrl('workflows/default/create')); } if (RightsUtil::doesUserHaveAllowByRightName('EmailTemplatesModule', EmailTemplatesModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('EmailTemplatesModule', 'Create Template'), 'url' => Yii::app()->createUrl('emailTemplates/default/create', array('type' => EmailTemplate::TYPE_WORKFLOW))); } if (!empty($items)) { $menuItems = array('label' => $this->getLabel(), 'url' => null, 'items' => $items); $cClipWidget = new CClipWidget(); $cClipWidget->beginClip("ActionMenu"); $cClipWidget->widget('application.core.widgets.MbMenu', array('htmlOptions' => array('id' => 'MashableInboxCreateDropdown'), 'items' => array($menuItems))); $cClipWidget->endClip(); return $cClipWidget->getController()->clips['ActionMenu']; } return null; }
/** * Override to check for different scenarios depending on if the group is * special or not. Everyone and SuperAdministrators are special groups * for example. * Checks for $elementInformation['resolveToDisplay'] to be present and if it is, * will run the resolveName as a function on the group model. * @param $element * @param $elementInformation * @return bool */ protected function shouldRenderToolBarElement($element, $elementInformation) { assert('$element instanceof ActionElement'); assert('is_array($elementInformation)'); if (!parent::shouldRenderToolBarElement($element, $elementInformation)) { return false; } if (isset($elementInformation['resolveToDisplay'])) { $resolveMethodName = $elementInformation['resolveToDisplay']; if (!$this->model->{$resolveMethodName}()) { return false; } } $actionType = $element->getActionType(); if ($actionType == null || $actionType != 'Delete') { return true; } return RightsUtil::doesUserHaveAllowByRightName('GroupsModule', GroupsModule::RIGHT_DELETE_GROUPS, Yii::app()->user->userModel); }
/** * @return null or string containing create link */ public function render() { $items = array(); if (RightsUtil::doesUserHaveAllowByRightName('ProductsModule', ProductsModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('ProductsModule', 'Create Product'), 'url' => Yii::app()->createUrl('products/default/create')); } if (RightsUtil::doesUserHaveAllowByRightName('ProductTemplatesModule', ProductTemplatesModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('ProductTemplatesModule', 'Create Catalog Item'), 'url' => Yii::app()->createUrl('productTemplates/default/create')); $items[] = array('label' => Zurmo::t('ProductTemplatesModule', 'Create Category'), 'url' => Yii::app()->createUrl('productTemplates/category/create')); } if (!empty($items)) { $menuItems = array('label' => $this->getLabel(), 'url' => null, 'items' => $items); $cClipWidget = new CClipWidget(); $cClipWidget->beginClip("ActionMenu"); $cClipWidget->widget('application.core.widgets.MbMenu', array('htmlOptions' => array('id' => 'MashableInboxCreateDropdown'), 'items' => array($menuItems))); $cClipWidget->endClip(); return $cClipWidget->getController()->clips['ActionMenu']; } return null; }
public function actionWelcome() { $hasDashboardAccess = true; if (!RightsUtil::doesUserHaveAllowByRightName('HomeModule', HomeModule::RIGHT_ACCESS_DASHBOARDS, Yii::app()->user->userModel)) { $hasDashboardAccess = false; } if ($this->hideWelcomeViewGlobally() || UserConfigurationFormAdapter::resolveAndGetValue(Yii::app()->user->userModel, 'hideWelcomeView')) { //If you can see dashboards, then go there, otherwise stay here since the user has limited access. if ($hasDashboardAccess) { $this->redirect(array($this->getId() . '/index')); } } else { $tipContent = ZurmoTipsUtil::getRandomTipResolvedForCurrentUser(); if (Yii::app()->userInterface->isMobile()) { $welcomeView = new MobileWelcomeView($tipContent, $hasDashboardAccess); } else { $welcomeView = new WelcomeView($tipContent, $hasDashboardAccess); } } $view = new HomePageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $welcomeView)); echo $view->render(); }
public function render() { $items = array(); if (RightsUtil::doesUserHaveAllowByRightName('MarketingListsModule', MarketingListsModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('MarketingListsModule', 'Create List'), 'url' => Yii::app()->createUrl('marketingLists/default/create')); } if (RightsUtil::doesUserHaveAllowByRightName('EmailTemplatesModule', EmailTemplatesModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('EmailTemplatesModule', 'Create Template'), 'url' => Yii::app()->createUrl('emailTemplates/default/create', array('type' => EmailTemplate::TYPE_CONTACT))); } if (RightsUtil::doesUserHaveAllowByRightName('CampaignsModule', CampaignsModule::getCreateRight(), Yii::app()->user->userModel)) { $items[] = array('label' => Zurmo::t('CampaignsModule', 'Create Campaign'), 'url' => Yii::app()->createUrl('campaigns/default/create')); } if (!empty($items)) { $menuItems = array('label' => $this->getLabel(), 'url' => null, 'items' => $items); $cClipWidget = new CClipWidget(); $cClipWidget->beginClip("ActionMenu"); $cClipWidget->widget('application.core.widgets.MbMenu', array('htmlOptions' => array('id' => get_class($this)), 'items' => array($menuItems))); $cClipWidget->endClip(); return $cClipWidget->getController()->clips['ActionMenu']; } return null; }
/** * @return boolean - true if user can perform action */ public function canUserPerformAction() { $rightToCheckArray = $this->getRightToCheck(); $permissionToCheck = $this->getPermissionToCheck(); if (empty($rightToCheckArray) && $permissionToCheck == null) { throw new NotSupportedException(); } if (!empty($rightToCheckArray)) { if (!RightsUtil::doesUserHaveAllowByRightName($rightToCheckArray[0], $rightToCheckArray[1], $this->user)) { return false; } } if (!empty($permissionToCheck)) { try { $this->model->checkPermissionsHasAnyOf($permissionToCheck, $this->user); return true; } catch (AccessDeniedSecurityException $e) { return false; } } return true; }
protected function resolveCanCurrentUserAccessEmailTemplates() { if (!RightsUtil::doesUserHaveAllowByRightName('EmailTemplatesModule', EmailTemplatesModule::RIGHT_CREATE_EMAIL_TEMPLATES, Yii::app()->user->userModel)) { $messageView = new AccessFailureView(); $view = new AccessFailurePageView($messageView); echo $view->render(); Yii::app()->end(0, false); } return true; }
protected function init() { if (RightsUtil::doesUserHaveAllowByRightName('UsersModule', UsersModule::getAccessRight(), Yii::app()->user->userModel)) { $this->currentUserCanAccessUsers = true; } }
/** * Override to add link for meeting creation */ protected function renderContent() { $content = ''; if (RightsUtil::doesUserHaveAllowByRightName('MeetingsModule', MeetingsModule::getCreateRight(), Yii::app()->user->userModel)) { $spanContent = ZurmoHtml::tag('span', array('class' => 'z-label'), Zurmo::t('MeetingsModule', 'Create Meeting')); $linkContent = ZurmoHtml::link($spanContent, $this->getCreateMeetingUrl(), array('class' => 'secondary-button')); $divContent = ZurmoHtml::tag('div', array('class' => 'portlet-toolbar'), $linkContent); $content = ZurmoHtml::tag('div', array('class' => 'view-toolbar-container clearfix'), $divContent); } $content .= parent::renderContent(); return $content; }
public function actionConvert($id) { assert('!empty($id)'); $contact = Contact::getById(intval($id)); if (!LeadsUtil::isStateALead($contact->state)) { $urlParams = array('/contacts/' . $this->getId() . '/details', 'id' => $contact->id); $this->redirect($urlParams); } $convertToAccountSetting = LeadsModule::getConvertToAccountSetting(); $selectAccountForm = new AccountSelectForm(); $account = new Account(); ControllerSecurityUtil::resolveAccessCanCurrentUserWriteModel($contact); $userCanAccessContacts = RightsUtil::canUserAccessModule('ContactsModule', Yii::app()->user->userModel); $userCanAccessAccounts = RightsUtil::canUserAccessModule('AccountsModule', Yii::app()->user->userModel); $userCanCreateAccount = RightsUtil::doesUserHaveAllowByRightName('AccountsModule', AccountsModule::RIGHT_CREATE_ACCOUNTS, Yii::app()->user->userModel); LeadsControllerSecurityUtil::resolveCanUserProperlyConvertLead($userCanAccessContacts, $userCanAccessAccounts, $convertToAccountSetting); if (isset($_POST['AccountSelectForm'])) { $selectAccountForm->setAttributes($_POST['AccountSelectForm']); if ($selectAccountForm->validate()) { $account = Account::getById(intval($selectAccountForm->accountId)); $this->actionSaveConvertedContact($contact, $account); } } elseif (isset($_POST['Account'])) { $account = LeadsUtil::attributesToAccountWithNoPostData($contact, $account, $_POST['Account']); $account->setAttributes($_POST['Account']); if ($account->save()) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($contact); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($account, $explicitReadWriteModelPermissions); if (!$account->save()) { throw new NotSupportedException(); } $this->actionSaveConvertedContact($contact, $account); } } elseif (isset($_POST['AccountSkip']) || $convertToAccountSetting == LeadsModule::CONVERT_NO_ACCOUNT || $convertToAccountSetting == LeadsModule::CONVERT_ACCOUNT_NOT_REQUIRED && !$userCanAccessAccounts) { $this->actionSaveConvertedContact($contact); } else { $account = LeadsUtil::attributesToAccount($contact, $account); } $convertView = new LeadConvertView($this->getId(), $this->getModule()->getId(), $contact->id, strval($contact), $selectAccountForm, $account, $convertToAccountSetting, $userCanCreateAccount); $view = new LeadsPageView(ZurmoDefaultViewUtil::makeStandardViewForCurrentUser($this, $convertView)); echo $view->render(); }
public function resolveRecordSharingPerformanceTime($count) { $groupMembers = array(); // create group $this->resetGetArray(); $this->setPostArray(array('Group' => array('name' => "Group {$count}"))); $this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/create'); $group = Group::getByName("Group {$count}"); $this->assertNotNull($group); $this->assertEquals("Group {$count}", strval($group)); $group->setRight('ContactsModule', ContactsModule::getAccessRight()); $group->setRight('ContactsModule', ContactsModule::getCreateRight()); $group->setRight('ContactsModule', ContactsModule::getDeleteRight()); $this->assertTrue($group->save()); $groupId = $group->id; $group->forgetAll(); $group = Group::getById($groupId); $this->resetGetArray(); for ($i = 0; $i < $count; $i++) { $username = static::$baseUsername . "_{$i}_of_{$count}"; // Populate group $this->setPostArray(array('UserPasswordForm' => array('firstName' => 'Some', 'lastName' => 'Body', 'username' => $username, 'newPassword' => 'myPassword123', 'newPassword_repeat' => 'myPassword123', 'officePhone' => '456765421', 'userStatus' => 'Active'))); $this->runControllerWithRedirectExceptionAndGetContent('/users/default/create'); $user = User::getByUsername($username); $this->assertNotNull($user); $groupMembers['usernames'][] = $user->username; $groupMembers['ids'][] = $user->id; } $this->assertCount($count, $groupMembers['ids']); // set user's group $this->setGetArray(array('id' => $groupId)); $this->setPostArray(array('GroupUserMembershipForm' => array('userMembershipData' => $groupMembers['ids']))); $this->runControllerWithRedirectExceptionAndGetUrl('/zurmo/group/editUserMembership'); $group->forgetAll(); $group = Group::getById($groupId); $this->assertCount($count, $group->users); foreach ($groupMembers['ids'] as $userId) { $user = User::getById($userId); $this->assertEquals($group->id, $user->groups[0]->id); $this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getAccessRight(), $user)); $this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getCreateRight(), $user)); $this->assertTrue(RightsUtil::doesUserHaveAllowByRightName('ContactsModule', ContactsModule::getDeleteRight(), $user)); } $this->clearAllCaches(); // go ahead and create contact with group given readwrite, use group's first member to confirm he has create access $this->logoutCurrentUserLoginNewUserAndGetByUsername($groupMembers['usernames'][0]); $this->resetGetArray(); $startingState = ContactsUtil::getStartingState(); $this->setPostArray(array('Contact' => array('firstName' => 'John', 'lastName' => 'Doe', 'officePhone' => '456765421', 'state' => array('id' => $startingState->id), 'explicitReadWriteModelPermissions' => array('type' => ExplicitReadWriteModelPermissionsUtil::MIXED_TYPE_NONEVERYONE_GROUP, 'nonEveryoneGroup' => $groupId)))); $startTime = microtime(true); $url = $this->runControllerWithRedirectExceptionAndGetUrl('/contacts/default/create'); $timeTakenForSave = microtime(true) - $startTime; $johnDoeContactId = intval(substr($url, strpos($url, 'id=') + 3)); $johnDoeContact = Contact::getById($johnDoeContactId); $this->assertNotNull($johnDoeContact); $this->resetPostArray(); $this->setGetArray(array('id' => $johnDoeContactId)); $content = $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); $this->assertContains('Who can read and write ' . strval($group), $content); $this->clearAllCaches(); $this->resetPostArray(); // ensure group members have access foreach ($groupMembers['usernames'] as $member) { $user = $this->logoutCurrentUserLoginNewUserAndGetByUsername($member); $this->assertNotNull($user); $this->setGetArray(array('id' => $johnDoeContactId)); $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/details'); $this->runControllerWithNoExceptionsAndGetContent('/contacts/default/edit'); } return $timeTakenForSave; }
protected function resolveCanCurrentUserAccessReports() { if (!RightsUtil::doesUserHaveAllowByRightName('ReportsModule', ReportsModule::RIGHT_CREATE_REPORTS, Yii::app()->user->userModel)) { $messageView = new AccessFailureView(); $view = new AccessFailurePageView($messageView); echo $view->render(); Yii::app()->end(0, false); } return true; }
public function hasAccess() { return RightsUtil::doesUserHaveAllowByRightName($this->moduleClassName, $this->rightName, Yii::app()->user->userModel); }
/** * Based on security, render an email address as a clickable link to a modal window or just a mailto: link * that will open the user's configured email client. * @param EmailMessage $emailAddress * @param RedBeanModel $model * @return string $content */ public static function renderEmailAddressAsMailToOrModalLinkStringContent($emailAddress, RedBeanModel $model) { assert('is_string($emailAddress) || $emailAddress == null'); if ($emailAddress == null) { return; } $userCanAccess = RightsUtil::canUserAccessModule('EmailMessagesModule', Yii::app()->user->userModel); $userCanCreate = RightsUtil::doesUserHaveAllowByRightName('EmailMessagesModule', EmailMessagesModule::RIGHT_CREATE_EMAIL_MESSAGES, Yii::app()->user->userModel); if (!$userCanAccess || !$userCanCreate) { $showLink = false; } else { $showLink = true; } if ($showLink && !$model instanceof Account) { $url = Yii::app()->createUrl('/emailMessages/default/createEmailMessage', array('toAddress' => $emailAddress, 'relatedId' => $model->id, 'relatedModelClassName' => get_class($model), 'redirectUrl' => Yii::app()->request->getRequestUri())); $modalAjaxOptions = ModalView::getAjaxOptionsForModalLink(Zurmo::t('EmailMessagesModule', 'Compose Email'), 'modalContainer', 'auto', 800, array('my' => 'top', 'at' => 'bottom', 'of' => '#HeaderView')); $content = ZurmoHtml::ajaxLink($emailAddress, $url, $modalAjaxOptions); } else { $content = Yii::app()->format->email($emailAddress); } return $content; }
public function actionConvertFinal($id) { assert('!empty($id)'); $accountPostData = LeadsUtil::getFromSession(LeadsUtil::LEAD_CONVERSION_ACCOUNT_DATA_SESSION_KEY); if (empty($accountPostData)) { $urlParams = array('/leads/' . $this->getId() . '/convert', 'id' => $id); $this->redirect($urlParams); } $contact = Contact::getById(intval($id)); if (!LeadsUtil::isStateALead($contact->state)) { $urlParams = array('/contacts/' . $this->getId() . '/details', 'id' => $contact->id); $this->redirect($urlParams); } $convertToAccountSetting = LeadsModule::getConvertToAccountSetting(); $convertToOpportunitySetting = LeadsModule::getConvertToOpportunitySetting(); $opportunity = new Opportunity(); ControllerSecurityUtil::resolveAccessCanCurrentUserWriteModel($contact); $userCanAccessContacts = RightsUtil::canUserAccessModule('ContactsModule', Yii::app()->user->userModel); $userCanAccessAccounts = RightsUtil::canUserAccessModule('AccountsModule', Yii::app()->user->userModel); $userCanAccessOpportunities = RightsUtil::canUserAccessModule('OpportunitiesModule', Yii::app()->user->userModel); $userCanCreateOpportunity = RightsUtil::doesUserHaveAllowByRightName('OpportunitiesModule', OpportunitiesModule::RIGHT_CREATE_OPPORTUNITIES, Yii::app()->user->userModel); LeadsControllerSecurityUtil::resolveCanUserProperlyConvertLead($userCanAccessContacts, $userCanAccessAccounts, $convertToAccountSetting); LeadsControllerSecurityUtil::resolveCanUserProperlyConvertLeadFinalStep($userCanAccessContacts, $userCanAccessOpportunities, $convertToOpportunitySetting); if (isset($_POST['Opportunity'])) { $controllerUtil = static::getZurmoControllerUtil(); $savedSuccessfully = false; $modelToStringValue = null; $postData = $_POST['Opportunity']; $opportunity = $controllerUtil->saveModelFromPost($postData, $opportunity, $savedSuccessfully, $modelToStringValue, false); if ($savedSuccessfully) { $explicitReadWriteModelPermissions = ExplicitReadWriteModelPermissionsUtil::makeBySecurableItem($contact); ExplicitReadWriteModelPermissionsUtil::resolveExplicitReadWriteModelPermissions($opportunity, $explicitReadWriteModelPermissions); $account = LeadsUtil::createAccountForLeadConversionFromAccountPostData($accountPostData, $contact, $controllerUtil); $opportunity->account = $account; if (!$opportunity->save()) { throw new NotSupportedException(); } LeadsUtil::removeFromSession(LeadsUtil::LEAD_CONVERSION_ACCOUNT_DATA_SESSION_KEY); $this->actionSaveConvertedContact($contact, $account, $opportunity); } } elseif (isset($_POST['OpportunitySkip']) || $convertToOpportunitySetting == LeadsModule::CONVERT_NO_OPPORTUNITY || $convertToOpportunitySetting == LeadsModule::CONVERT_OPPORTUNITY_NOT_REQUIRED && !$userCanAccessOpportunities) { $controllerUtil = static::getZurmoControllerUtil(); $account = LeadsUtil::createAccountForLeadConversionFromAccountPostData($accountPostData, $contact, $controllerUtil); LeadsUtil::removeFromSession(LeadsUtil::LEAD_CONVERSION_ACCOUNT_DATA_SESSION_KEY); $this->actionSaveConvertedContact($contact, $account, null); } $progressBarAndStepsView = new LeadConversionStepsAndProgressBarForWizardView(1); $convertView = new LeadConvertOpportunityView($this->getId(), $this->getModule()->getId(), $contact->id, strval($contact), $opportunity, $convertToOpportunitySetting, $userCanCreateOpportunity); $view = new LeadsPageView(ZurmoDefaultViewUtil::makeTwoStandardViewsForCurrentUser($this, $progressBarAndStepsView, $convertView)); echo $view->render(); }
/** * Add new field to existing Custom Field Data * @throws ApiException */ public function actionAddValues($id) { $params = Yii::app()->apiRequest->getParams(); if (!isset($params['data'])) { $message = Zurmo::t('ZurmoModule', 'Please provide data.'); throw new ApiException($message); } $customFieldData = CustomFieldData::getByName($id); if (!RightsUtil::doesUserHaveAllowByRightName('DesignerModule', DesignerModule::getAccessRight(), Yii::app()->user->userModel)) { $message = Zurmo::t('ZurmoModule', 'You do not have rights to perform this action.'); throw new ApiException($message); } else { $unserializedValues = unserialize($customFieldData->serializedData); if (is_array($params['data']['values'])) { foreach ($params['data']['values'] as $value) { if (!is_array($value) && !is_object($value) && !in_array($value, $unserializedValues)) { $unserializedValues[] = $value; } } } $customFieldData->serializedData = serialize($unserializedValues); if ($customFieldData->save()) { $customFieldData->forgetAll(); $result = $this->processRead($id); Yii::app()->apiHelper->sendResponse($result); } else { $message = Zurmo::t('ZurmoModule', 'Error saving model.'); throw new ApiException($message); } } }
/** * Based on the current user, return the NotificationRules types and their display labels. * Only include notification rules that the user has a right to access its corresponding module. * @return array of notification rules types and display labels. */ public static function getNotificationRulesTypesForCurrentUserByModule() { $notificationRulesTypes = array(); $modules = Module::getModuleObjects(); foreach ($modules as $module) { $rulesClassNames = $module::getAllClassNamesByPathFolder('rules'); foreach ($rulesClassNames as $ruleClassName) { $classToEvaluate = new ReflectionClass($ruleClassName); if (is_subclass_of($ruleClassName, 'NotificationRules') && !$classToEvaluate->isAbstract()) { $rule = new $ruleClassName(); $addToArray = true; try { $moduleClassNames = $rule->getModuleClassNames(); foreach ($moduleClassNames as $moduleClassNameToCheckAccess) { if (!RightsUtil::canUserAccessModule($moduleClassNameToCheckAccess, Yii::app()->user->userModel) || !RightsUtil::doesUserHaveAllowByRightName($moduleClassNameToCheckAccess, $moduleClassNameToCheckAccess::getCreateRight(), Yii::app()->user->userModel) || $rule->isSuperAdministratorNotification() && !Yii::app()->user->userModel->isSuperAdministrator() || !$rule->canBeConfiguredByUser()) { $addToArray = false; } } } catch (NotImplementedException $exception) { if (!$rule->canBeConfiguredByUser()) { $addToArray = false; } } if ($addToArray) { $label = $module::getModuleLabelByTypeAndLanguage('Plural'); $notificationRulesTypes[$label][$rule->getType()] = $rule->getDisplayName(); } } } } return $notificationRulesTypes; }