public static function install_permissions() { Utils_RecordBrowserCommon::wipe_access('company'); Utils_RecordBrowserCommon::add_access('company', 'print', 'SUPERADMIN'); Utils_RecordBrowserCommon::add_access('company', 'export', 'SUPERADMIN'); Utils_RecordBrowserCommon::add_access('company', 'view', 'ACCESS:employee', array('(!permission' => 2, '|:Created_by' => 'USER_ID')); Utils_RecordBrowserCommon::add_access('company', 'view', 'ALL', array('id' => 'USER_COMPANY')); Utils_RecordBrowserCommon::add_access('company', 'add', 'ACCESS:employee'); Utils_RecordBrowserCommon::add_access('company', 'edit', 'ACCESS:employee', array('(permission' => 0, '|:Created_by' => 'USER_ID')); Utils_RecordBrowserCommon::add_access('company', 'edit', array('ALL', 'ACCESS:manager'), array('id' => 'USER_COMPANY'), array('group', 'permission')); Utils_RecordBrowserCommon::add_access('company', 'edit', array('ACCESS:employee', 'ACCESS:manager'), array()); Utils_RecordBrowserCommon::add_access('company', 'delete', 'ACCESS:employee', array(':Created_by' => 'USER_ID')); Utils_RecordBrowserCommon::add_access('company', 'delete', array('ACCESS:employee', 'ACCESS:manager')); Utils_RecordBrowserCommon::wipe_access('contact'); Utils_RecordBrowserCommon::add_access('contact', 'print', 'SUPERADMIN'); Utils_RecordBrowserCommon::add_access('contact', 'export', 'SUPERADMIN'); Utils_RecordBrowserCommon::add_access('contact', 'view', 'ACCESS:employee', array('(!permission' => 2, '|:Created_by' => 'USER_ID')); Utils_RecordBrowserCommon::add_access('contact', 'view', 'ALL', array('login' => 'USER_ID')); Utils_RecordBrowserCommon::add_access('contact', 'add', 'ACCESS:employee'); Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ACCESS:employee', array('(permission' => 0, '|:Created_by' => 'USER_ID'), array('access', 'login')); Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ALL', array('login' => 'USER_ID'), array('company_name', 'related_companies', 'access', 'login', 'group', 'permission')); Utils_RecordBrowserCommon::add_access('contact', 'edit', array('ALL', 'ACCESS:manager'), array('company_name' => 'USER_COMPANY'), array('login', 'company_name', 'related_companies')); Utils_RecordBrowserCommon::add_access('contact', 'edit', array('ACCESS:employee', 'ACCESS:manager'), array()); Utils_RecordBrowserCommon::add_access('contact', 'delete', 'ACCESS:employee', array(':Created_by' => 'USER_ID')); Utils_RecordBrowserCommon::add_access('contact', 'delete', array('ACCESS:employee', 'ACCESS:manager')); }
<?php defined("_VALID_ACCESS") || die('Direct access forbidden'); if (DB::GetOne('SELECT 1 FROM utils_attachment_field WHERE field=%s', array('Date'))) { Utils_RecordBrowserCommon::new_record_field('utils_attachment', array('name' => _M('Edited on'), 'type' => 'timestamp', 'extra' => false, 'visible' => true, 'required' => false, 'display_callback' => array('Utils_AttachmentCommon', 'display_date'), 'QFfield_callback' => array('Utils_AttachmentCommon', 'QFfield_date'), 'position' => 'Date')); DB::Execute('UPDATE utils_attachment_data_1 SET f_edited_on=f_date'); Utils_RecordBrowserCommon::delete_record_field('utils_attachment', 'Date'); Utils_RecordBrowserCommon::wipe_access('utils_attachment'); Utils_RecordBrowserCommon::add_access('utils_attachment', 'view', 'ACCESS:employee', array('(!permission' => 2, '|:Created_by' => 'USER_ID')); Utils_RecordBrowserCommon::add_access('utils_attachment', 'delete', 'ACCESS:employee', array(':Created_by' => 'USER_ID')); Utils_RecordBrowserCommon::add_access('utils_attachment', 'delete', array('ACCESS:employee', 'ACCESS:manager')); Utils_RecordBrowserCommon::add_access('utils_attachment', 'add', 'ACCESS:employee', array(), array('edited_on')); Utils_RecordBrowserCommon::add_access('utils_attachment', 'edit', 'ACCESS:employee', array('(permission' => 0, '|:Created_by' => 'USER_ID'), array('edited_on')); }
} } print 'Patients left: ' . count($perms) . '<br>'; foreach ($perms as $patient => $v) { print 'Patient ' . $patient; Utils_RecordBrowserCommon::update_record('contact', $patient, $v); print '... cleanup... '; DB::StartTrans(); foreach ($rm_acl[$patient] as $i) { DB::Execute('UPDATE cades_access_control_data_1 SET active=0 WHERE id=%d', array($i)); } DB::CompleteTrans(); print 'done<br>'; } } Utils_RecordBrowserCommon::wipe_access('contact'); Utils_RecordBrowserCommon::add_access('contact', 'view', 'ACCESS:employee', array('(!permission' => 2, '|:Created_by' => 'USER_ID'), array('birth_date', 'ssn', 'home_phone', 'home_address_1', 'home_address_2', 'home_city', 'home_country', 'home_zone', 'home_postal_code', 'view', 'edit', 'add', 'delete')); Utils_RecordBrowserCommon::add_access('contact', 'view', 'ALL', array('login' => 'USER_ID'), array('view', 'edit', 'add', 'delete')); Utils_RecordBrowserCommon::add_access('contact', 'view', array('ACCESS:employee', 'ACCESS:mrm'), array('(!permission' => 2, '|:Created_by' => 'USER_ID'), array('view', 'edit', 'add', 'delete')); Utils_RecordBrowserCommon::add_access('contact', 'add', array('ACCESS:employee', 'ACCESS:manager')); Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ACCESS:employee', array('(permission' => 0, '|:Created_by' => 'USER_ID', '!group' => array('patient', 'ex_patient')), array('access', 'login')); Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ALL', array('login' => 'USER_ID'), array('access', 'login')); Utils_RecordBrowserCommon::add_access('contact', 'edit', array('ACCESS:employee', 'ACCESS:mrm'), array()); Utils_RecordBrowserCommon::add_access('contact', 'delete', array('ACCESS:employee', 'ACCESS:mrm')); Utils_RecordBrowserCommon::add_access('contact', 'view', 'ALL', array('view' => 'USER'), array('view', 'edit', 'add', 'delete')); Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ALL', array('edit' => 'USER')); Utils_RecordBrowserCommon::add_access('contact', 'delete', 'ALL', array('delete' => 'USER')); Utils_RecordBrowserCommon::uninstall_recordset('cades_access_control'); Utils_CommonDataCommon::remove('CADES/AccessLevel'); Custom_CADES_AccessRestrictionsCommon::add_default_cades_permissions('cades_appointments'); Custom_CADES_AccessRestrictionsCommon::add_default_cades_permissions('cades_allergies');