public function getNonAdminAccessControlQuery($module, $user, $scope = '') { require 'user_privileges/user_privileges_' . $user->id . '.php'; require 'user_privileges/sharing_privileges_' . $user->id . '.php'; $query = ' '; $tabId = getTabid($module); if ($is_admin == false && $profileGlobalPermission[1] == 1 && $profileGlobalPermission[2] == 1 && $defaultOrgSharingPermission[$tabId] == 3) { $tableName = 'vt_tmp_u' . $user->id . '_t' . $tabId; $sharingRuleInfoVariable = $module . '_share_read_permission'; $sharingRuleInfo = ${$sharingRuleInfoVariable}; $sharedTabId = null; $this->setupTemporaryTable($tableName, $sharedTabId, $user, $current_user_parent_role_seq, $current_user_groups); $query = " INNER JOIN {$tableName} {$tableName}{$scope} ON ({$tableName}{$scope}.id = " . "vtiger_crmentity{$scope}.smownerid and {$tableName}{$scope}.shared=0) "; $sharedIds = getSharedCalendarId($user->id); if (!empty($sharedIds)) { $query .= "or ({$tableName}{$scope}.id = vtiger_crmentity{$scope}.smownerid AND " . "{$tableName}{$scope}.shared=1 and vtiger_activity.visibility = 'Public') "; } } return $query; }
function getSecListViewSecurityParameter($module) { global $log; $log->debug("Entering getListViewSecurityParameter(" . $module . ") method ..."); global $adb; global $current_user; $tabid = getTabid($module); global $current_user; if ($current_user) { require 'user_privileges/user_privileges_' . $current_user->id . '.php'; require 'user_privileges/sharing_privileges_' . $current_user->id . '.php'; } if ($module == 'Leads') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'Accounts') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'Contacts') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'Potentials') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or vtiger_potential.related_to in (select crmid from vtiger_crmentity where setype in ('Accounts', 'Contacts') and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid in (" . getTabid('Accounts') . ", " . getTabid('Contacts') . ") and relatedtabid=" . $tabid . ")) "; if (vtlib_isModuleActive("Accounts")) { "or vtiger_potential.related_to in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in (select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) "; } if (vtlib_isModuleActive("Contacts")) { "or vtiger_potential.related_to in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Contacts' and vtiger_groups.groupid in (select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Contacts') . " and relatedtabid=" . $tabid . ")) "; } $sec_query .= " or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'HelpDesk') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") "; if (vtlib_isModuleActive("Accounts")) { "or vtiger_troubletickets.parent_id in (select crmid from vtiger_crmentity where setype='Accounts' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) or vtiger_troubletickets.parent_id in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) "; } $sec_query .= " or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'Calendar') { require_once 'modules/Calendar/CalendarCommon.php'; $shared_ids = getSharedCalendarId($current_user->id); if (isset($shared_ids) && $shared_ids != '') { $condition = " or (vtiger_crmentity{$module}.smownerid in({$shared_ids}) and vtiger_activity.visibility = 'Public')"; } else { $condition = null; } $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) {$condition} or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%')"; if (sizeof($current_user_groups) > 0) { $sec_query .= " or ((vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ")))"; } $sec_query .= ")"; } elseif ($module == 'Quotes') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")"; //Adding crterial for vtiger_account related vtiger_quotes sharing if (vtlib_isModuleActive("Accounts")) { $sec_query .= " or vtiger_quotes.accountid in (select crmid from vtiger_crmentity where setype='Accounts' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) or vtiger_quotes.accountid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . "))"; } //Adding crterial for vtiger_potential related vtiger_quotes sharing if (vtlib_isModuleActive("Potentials")) { $sec_query .= " or vtiger_quotes.potentialid in (select crmid from vtiger_crmentity where setype='Potentials' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Potentials') . " and relatedtabid=" . $tabid . ")) or vtiger_quotes.potentialid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Potentials' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Potentials') . " and relatedtabid=" . $tabid . "))"; } //Adding crteria for group sharing $sec_query .= " or (("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) "; } elseif ($module == 'PurchaseOrder') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'SalesOrder') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")"; //Adding crterial for vtiger_account related so sharing if (vtlib_isModuleActive("Accounts")) { $sec_query .= " or vtiger_salesorder.accountid in (select crmid from vtiger_crmentity where setype='Accounts' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) or vtiger_salesorder.accountid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . "))"; } //Adding crterial for vtiger_potential related so sharing if (vtlib_isModuleActive("Potentials")) { $sec_query .= " or vtiger_salesorder.potentialid in (select crmid from vtiger_crmentity where setype='Potentials' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Potentials') . " and relatedtabid=" . $tabid . ")) or vtiger_salesorder.potentialid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Potentials' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Potentials') . " and relatedtabid=" . $tabid . "))"; } //Adding crterial for vtiger_quotes related so sharing if (vtlib_isModuleActive("Quotes")) { $sec_query .= " or vtiger_salesorder.quoteid in (select crmid from vtiger_crmentity where setype='Quotes' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Quotes') . " and relatedtabid=" . $tabid . ")) or vtiger_salesorder.quoteid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Quotes' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Quotes') . " and relatedtabid=" . $tabid . "))"; } //Adding crteria for group sharing $sec_query .= " or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'Invoice') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")"; //Adding crterial for vtiger_account related vtiger_invoice sharing if (vtlib_isModuleActive("Accounts")) { $sec_query .= " or vtiger_invoice.accountid in (select crmid from vtiger_crmentity where setype='Accounts' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . ")) or vtiger_invoice.accountid in (select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='Accounts' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('Accounts') . " and relatedtabid=" . $tabid . "))"; } //Adding crterial for vtiger_salesorder related vtiger_invoice sharing if (vtlib_isModuleActive("SalesOrder")) { $sec_query .= " or vtiger_invoice.salesorderid in (select crmid from vtiger_crmentity where setype='SalesOrder' and vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('SalesOrder') . " and relatedtabid=" . $tabid . ")) or vtiger_invoice.salesorderid in(select crmid from vtiger_crmentity inner join vtiger_groups on vtiger_groups.groupid=vtiger_crmentity.smownerid where setype='SalesOrder' and vtiger_groups.groupid in(select vtiger_tmp_read_group_rel_sharing_per.sharedgroupid from vtiger_tmp_read_group_rel_sharing_per where userid=" . $current_user->id . " and tabid=" . getTabid('SalesOrder') . " and relatedtabid=" . $tabid . "))"; } //Adding crteria for group sharing $sec_query .= " or (("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) "; } elseif ($module == 'Campaigns') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) "; } elseif ($module == 'Documents') { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) "; } else { $sec_query .= " and (vtiger_crmentity{$module}.smownerid in({$current_user->id}) or vtiger_crmentity{$module}.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity{$module}.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups{$module}.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups{$module}.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) "; } $log->debug("Exiting getListViewSecurityParameter method ..."); return $sec_query; }
function getListViewSecurityParameter($module) { $log = vglobal('log'); $log->debug("Entering getListViewSecurityParameter(" . $module . ") method ..."); $adb = PearDatabase::getInstance(); $tabid = getTabid($module); $current_user = vglobal('current_user'); if ($current_user) { require 'user_privileges/user_privileges_' . $current_user->id . '.php'; require 'user_privileges/sharing_privileges_' . $current_user->id . '.php'; } if ($module == 'Leads') { $sec_query .= " and (\n\t\t\t\t\t\tvtiger_crmentity.smownerid in({$current_user->id})\n\t\t\t\t\t\tor vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%')\n\t\t\t\t\t\tor vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")\n\t\t\t\t\t\tor ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'Accounts') { $sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) " . "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') " . "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'Contacts') { $sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) " . "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') " . "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'HelpDesk') { $sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") "; $sec_query .= " or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } elseif ($module == 'Emails') { $sec_query .= " and vtiger_crmentity.smownerid=" . $current_user->id . " "; } elseif ($module == 'Calendar') { require_once 'modules/Calendar/CalendarCommon.php'; $shared_ids = getSharedCalendarId($current_user->id); if (isset($shared_ids) && $shared_ids != '') { $condition = " or (vtiger_crmentity.smownerid in({$shared_ids}) and vtiger_activity.visibility = 'Public')"; } else { $condition = null; } $sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) {$condition} or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%')"; if (sizeof($current_user_groups) > 0) { $sec_query .= " or ((vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ")))"; } $sec_query .= ")"; } elseif ($module == 'Campaigns') { $sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) "; } elseif ($module == 'Documents') { $sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ") or (("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")))) "; } elseif ($module == 'Products') { $sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) " . "or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%') " . "or vtiger_crmentity.smownerid in(select shareduserid from vtiger_tmp_read_user_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . ")"; $sec_query .= " or ("; if (sizeof($current_user_groups) > 0) { $sec_query .= " vtiger_groups.groupid in (" . implode(",", $current_user_groups) . ") or "; } $sec_query .= " vtiger_groups.groupid in(select vtiger_tmp_read_group_sharing_per.sharedgroupid from vtiger_tmp_read_group_sharing_per where userid=" . $current_user->id . " and tabid=" . $tabid . "))) "; } else { $modObj = CRMEntity::getInstance($module); $sec_query = $modObj->getListViewSecurityParameter($module); } $log->debug("Exiting getListViewSecurityParameter method ..."); return $sec_query; }
/** * Function returns the list of privileges and permissions of the events that the current user can view the details of. * return string - query that is used as secondary parameter to fetch the events that the user can view and the schedule of the users */ function getCalendarViewSecurityParameter() { global $current_user; require 'user_privileges/user_privileges_' . $current_user->id . '.php'; require 'user_privileges/sharing_privileges_' . $current_user->id . '.php'; require_once 'modules/Calendar/CalendarCommon.php'; $shared_ids = getSharedCalendarId($current_user->id); if (isset($shared_ids) && $shared_ids != '') { $condition = " or (vtiger_crmentity.smownerid in({$shared_ids})) or (vtiger_crmentity.smownerid NOT LIKE ({$current_user->id}))"; } else { $condition = "or (vtiger_crmentity.smownerid NOT LIKE ({$current_user->id}))"; } $sec_query .= " and (vtiger_crmentity.smownerid in({$current_user->id}) {$condition} or vtiger_crmentity.smownerid in(select vtiger_user2role.userid from vtiger_user2role inner join vtiger_users on vtiger_users.id=vtiger_user2role.userid inner join vtiger_role on vtiger_role.roleid=vtiger_user2role.roleid where vtiger_role.parentrole like '" . $current_user_parent_role_seq . "::%')"; if (sizeof($current_user_groups) > 0) { $sec_query .= " or (vtiger_groups.groupid in (" . implode(",", $current_user_groups) . "))"; } $sec_query .= ")"; return $sec_query; }