/** Creates a file with all the user, user-role,user-profile, user-groups informations
* @param $userid -- user id:: Type integer
* @returns user_privileges_userid file under the user_privileges directory
*/
function createUserPrivilegesfile($userid)
{
global $root_directory;
$handle = @fopen($root_directory . 'user_privileges/user_privileges_' . $userid . '.php', "w+");
if ($handle) {
$newbuf = '';
$newbuf .= "<?php\n\n";
$newbuf .= "\n";
$newbuf .= "//This is the access privilege file\n";
$user_focus = new Users();
$user_focus->retrieve_entity_info($userid, "Users");
$userInfo = array();
$user_focus->column_fields["id"] = '';
$user_focus->id = $userid;
foreach ($user_focus->column_fields as $field => $value_iter) {
$userInfo[$field] = $user_focus->{$field};
}
if ($user_focus->is_admin == 'on') {
$newbuf .= "\$is_admin=true;\n";
$newbuf .= "\n";
$newbuf .= "\$user_info=" . constructSingleStringKeyValueArray($userInfo) . ";\n";
$newbuf .= "\n";
$newbuf .= "?>";
fputs($handle, $newbuf);
fclose($handle);
return;
} else {
$newbuf .= "\$is_admin=false;\n";
$newbuf .= "\n";
$globalPermissionArr = getCombinedUserGlobalPermissions($userid);
$tabsPermissionArr = getCombinedUserTabsPermissions($userid);
//$tabsPermissionArr=getCombinedUserTabsPermissions($userid);
$actionPermissionArr = getCombinedUserActionPermissions($userid);
$user_role = fetchUserRole($userid);
$user_role_info = getRoleInformation($user_role);
$user_role_parent = $user_role_info[$user_role][1];
$userGroupFocus = new GetUserGroups();
$userGroupFocus->getAllUserGroups($userid);
$subRoles = getRoleSubordinates($user_role);
$subRoleAndUsers = getSubordinateRoleAndUsers($user_role);
$def_org_share = getDefaultSharingAction();
$parentRoles = getParentRole($user_role);
$newbuf .= "\$current_user_roles='" . $user_role . "';\n";
$newbuf .= "\n";
$newbuf .= "\$current_user_parent_role_seq='" . $user_role_parent . "';\n";
$newbuf .= "\n";
$newbuf .= "\$current_user_profiles=" . constructSingleArray(getUserProfile($userid)) . ";\n";
$newbuf .= "\n";
$newbuf .= "\$profileGlobalPermission=" . constructArray($globalPermissionArr) . ";\n";
$newbuf .= "\n";
$newbuf .= "\$profileTabsPermission=" . constructArray($tabsPermissionArr) . ";\n";
$newbuf .= "\n";
$newbuf .= "\$profileActionPermission=" . constructTwoDimensionalArray($actionPermissionArr) . ";\n";
$newbuf .= "\n";
$newbuf .= "\$current_user_groups=" . constructSingleArray($userGroupFocus->user_groups) . ";\n";
$newbuf .= "\n";
$newbuf .= "\$subordinate_roles=" . constructSingleCharArray($subRoles) . ";\n";
$newbuf .= "\n";
$newbuf .= "\$parent_roles=" . constructSingleCharArray($parentRoles) . ";\n";
$newbuf .= "\n";
$newbuf .= "\$subordinate_roles_users=" . constructTwoDimensionalCharIntSingleArray($subRoleAndUsers) . ";\n";
$newbuf .= "\n";
$newbuf .= "\$user_info=" . constructSingleStringKeyValueArray($userInfo) . ";\n";
$newbuf .= "?>";
fputs($handle, $newbuf);
fclose($handle);
}
}
}
/** To retreive the subordinate vtiger_roles of the specified parent vtiger_role
* @param $roleid -- The Role Id:: Type varchar
* @returns subordinate vtiger_role array in the following format:
* $subordinateRoleArray=(roleid1,roleid2,.......,roleidn);
*/
function getRoleSubordinates($roleId)
{
$log = vglobal('log');
$log->debug("Entering getRoleSubordinates(" . $roleId . ") method ...");
// Look at cache first for information
$roleSubordinates = VTCacheUtils::lookupRoleSubordinates($roleId);
if ($roleSubordinates === false) {
$adb = PearDatabase::getInstance();
$roleDetails = getRoleInformation($roleId);
$roleParentSeq = $roleDetails['parentrole'];
$query = "select * from vtiger_role where parentrole like ? order by parentrole asc";
$result = $adb->pquery($query, array($roleParentSeq . "::%"));
$num_rows = $adb->num_rows($result);
$roleSubordinates = array();
for ($i = 0; $i < $num_rows; $i++) {
$roleid = $adb->query_result($result, $i, 'roleid');
$roleSubordinates[] = $roleid;
}
// Update cache for re-use
VTCacheUtils::updateRoleSubordinates($roleId, $roleSubordinates);
}
$log->debug("Exiting getRoleSubordinates method ...");
return $roleSubordinates;
}
function getUserAccessConditionsQuerySR($module, $current_user = false, $relatedRecord = false)
{
if ($current_user == false) {
$current_user = vglobal('current_user');
}
require 'user_privileges/user_privileges_' . $current_user->id . '.php';
require 'user_privileges/sharing_privileges_' . $current_user->id . '.php';
global $shared_owners;
$is_admin = is_admin($current_user);
$sharedParameter = $securityParameter = '';
$query = '';
$tabId = getTabid($module);
if ($relatedRecord) {
$role = getRoleInformation($current_user->roleid);
if ($role['listrelatedrecord'] != 0) {
$rparentRecord = Users_Privileges_Model::getParentRecord($relatedRecord, false, $role['listrelatedrecord']);
if ($rparentRecord) {
$relatedRecord = $rparentRecord;
}
$recordMetaData = Vtiger_Functions::getCRMRecordMetadata($relatedRecord);
$recordPermission = Users_Privileges_Model::isPermitted($recordMetaData['setype'], 'DetailView', $relatedRecord);
if (!$recordPermission) {
throw new AppException('LBL_PERMISSION_DENIED');
}
if ($recordMetaData['smownerid'] == $current_user->id) {
return '';
}
}
}
if ($is_admin == false && $profileGlobalPermission[1] == 1 && $profileGlobalPermission[2] == 1 && $defaultOrgSharingPermission[$tabId] == 3) {
$securityParameter = $this->getUserAccessConditionsQuery($module, $current_user);
$shownerid = array_merge([$current_user->id], $current_user_groups);
$sharedParameter .= 'vtiger_crmentity.crmid IN (SELECT DISTINCT crmid FROM u_yf_crmentity_showners WHERE userid IN (' . implode(',', $shownerid) . '))';
}
if ($shared_owners == true) {
if ($securityParameter != '') {
$query .= " AND ( ({$securityParameter}) OR ({$sharedParameter}) )";
} elseif ($sharedParameter != '') {
$query .= ' AND (' . $sharedParameter . ')';
}
} else {
$query .= $securityParameter;
}
return $query;
}
$userinfo = array_chunk($userinfo, 2);
//Check for Current User
global $current_user;
$current_role = fetchUserRole($current_user->id);
$return_data = array('profileinfo' => $profileinfo, 'userinfo' => $userinfo);
return $return_data;
}
if (isset($_REQUEST['roleid']) && $_REQUEST['roleid'] != '') {
$roleid = vtlib_purify($_REQUEST['roleid']);
$mode = vtlib_purify($_REQUEST['mode']);
$roleInfo = getRoleInformation($roleid);
$thisRoleDet = $roleInfo[$roleid];
$rolename = $thisRoleDet[0];
$parent = $thisRoleDet[3];
//retreiving the vtiger_profileid
$roleRelatedProfiles = getRoleRelatedProfiles($roleid);
}
$parentname = getRoleName($parent);
//Retreiving the Role Info
$roleInfoArr = getRoleInformation($roleid);
$rolename = $roleInfoArr[$roleid][0];
$smarty->assign("ROLE_NAME", $rolename);
$smarty->assign("ROLEID", $roleid);
$smarty->assign("THEME", $theme);
$smarty->assign("IMAGE_PATH", $image_path);
$smarty->assign("MOD", return_module_language($current_language, 'Settings'));
$smarty->assign("APP", $app_strings);
$smarty->assign("CMOD", $mod_strings);
$smarty->assign("ROLEINFO", getStdOutput($roleid));
$smarty->assign("PARENTNAME", $parentname);
$smarty->display("RoleDetailView.tpl");
* Portions created by vtiger are Copyright (C) vtiger.
* All Rights Reserved.
********************************************************************************/
require_once 'include/utils/utils.php';
global $adb;
global $theme;
$theme_path = "themes/" . $theme . "/";
$image_path = $theme_path . "images/";
$smarty = new vtigerCRM_Smarty();
$profDetails = getAllProfileInfo();
$smarty->assign("MOD", return_module_language($current_language, 'Settings'));
$smarty->assign("APP", $app_strings);
if (isset($_REQUEST['roleid']) && $_REQUEST['roleid'] != '') {
$roleid = vtlib_purify($_REQUEST['roleid']);
$mode = vtlib_purify($_REQUEST['mode']);
$roleInfo = getRoleInformation($roleid);
$thisRoleDet = $roleInfo[$roleid];
$rolename = $thisRoleDet[0];
$parent = $thisRoleDet[3];
//retreiving the vtiger_profileid
$roleRelatedProfiles = getRoleRelatedProfiles($roleid);
} elseif (isset($_REQUEST['parent']) && $_REQUEST['parent'] != '') {
$mode = 'create';
$parent = vtlib_purify($_REQUEST['parent']);
}
$smarty->assign("IMAGE_PATH", $image_path);
$smarty->assign("CMOD", $mod_strings);
$smarty->assign("THEME", $theme);
$parentname = getRoleName($parent);
$smarty->assign("RETURN_ACTION", vtlib_purify($_REQUEST['returnaction']));
$smarty->assign("ROLEID", $roleid);
/** Function to get the vtiger_role and subordinate user ids
* taken from vtiger 540
* @param $roleid -- RoleId :: Type varchar
* @returns $roleSubUserIds-- Role and Subordinates Related Users Array in the following format:
* $roleSubUserIds=Array($userId1,$userId2,........,$userIdn);
*/
function getRoleAndSubordinateUserIds($roleId)
{
global $adb;
$roleInfoArr = getRoleInformation($roleId);
$parentRole = $roleInfoArr[$roleId][1];
$query = "select vtiger_user2role.*,vtiger_users.user_name from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like ?";
$result = $adb->pquery($query, array($parentRole . "%"));
$num_rows = $adb->num_rows($result);
$roleRelatedUsers = array();
for ($i = 0; $i < $num_rows; $i++) {
$roleRelatedUsers[] = $adb->query_result($result, $i, 'userid');
}
return $roleRelatedUsers;
}
