public function allowAccess()
{
$access = $this->m_Access;
if (!$access) {
$access = $this->m_Access;
}
if ($access) {
return BizSystem::allowUserAccess($access);
}
return ALLOW;
}
protected function getSelectFrom()
{
$formobj = $this->getFormObj();
if (!BizSystem::allowUserAccess("data_assign.assign_to_other")) {
$groups = BizSystem::getUserProfile("groups");
if ($groups) {
$ids = implode(",", $groups);
$selectFrom = $this->m_SelectFrom . ",[Id] IN ({$ids})";
} else {
$selectFrom = $this->m_SelectFrom;
}
} else {
$selectFrom = $this->m_SelectFrom;
}
return Expression::evaluateExpression($selectFrom, $formobj);
}
public function SwitchSession()
{
if (!BizSystem::allowUserAccess('Session.Switch_Session')) {
if (!BizSystem::sessionContext()->getVar("_PREV_USER_PROFILE")) {
return;
}
}
$data = $this->readInputRecord();
$username = $data['username'];
if (!$username) {
return;
}
$serviceObj = BizSystem::getService(PROFILE_SERVICE);
if (method_exists($serviceObj, 'SwitchUserProfile')) {
$serviceObj->SwitchUserProfile($username);
}
BizSystem::clientProxy()->runClientScript("<script>window.location.reload();</script>");
}
protected function allowDisplay($user_id)
{
if (BizSystem::allowUserAccess("data_manage.manage")) {
return true;
}
//get user acl info
$actionRec = BizSystem::getObject("system.do.AclActionDO")->fetchOne("[module]='common' AND [resource]='data_assign' AND [action]='accept_other_assigned'");
$actionId = $actionRec['Id'];
if (!$actionId) {
//the system doesnt support accept_other_assigned feature then return true;
return true;
}
//get list of all roles which enabled this action
$roleList = BizSystem::getObject("system.do.AclRoleActionDO")->directFetch("[action_id]='{$actionId}' AND ([access_level]='1' OR [access_level]='2')");
foreach ($roleList as $roleRec) {
$roleId = $roleRec['role_id'];
//check if target user has this role
$AssocRecs = BizSystem::getObject("system.do.UserRoleDO")->directFetch("[role_id]='{$roleId}' AND [user_id]='{$user_id}'");
if ($AssocRecs->count()) {
return true;
}
}
//if we are in same group return true
//get user groups info
$user_id = (int) $user_id;
$groups = BizSystem::getUserProfile("groups");
$groupset = BizSystem::getObject("system.do.UserGroupDO")->directFetch("[user_id]='{$user_id}'");
foreach ($groupset as $groupRec) {
$user_group_id = $groupRec['group_id'];
foreach ($groups as $group_id) {
if ($group_id == $user_group_id) {
return true;
}
}
}
return false;
}
public function fetchData()
{
if ($this->m_ActiveRecord != null) {
return $this->m_ActiveRecord;
}
$prtForm = $this->m_ParentFormName;
$prtFormObj = BizSystem::GetObject($prtForm);
if (!$prtForm) {
return array();
}
$this->SetPrtRecordId($this->m_RecordId);
$recId = $this->m_ParentRecordId;
$dataObj = $prtFormObj->getDataObj();
$dataRec = $dataObj->fetchById($recId);
$user_id = BizSystem::GetUserProfile("Id");
$group_id = BizSystem::GetUserProfile("default_group");
$this->m_hasOwnerField = $this->hasOwnerField();
$result = array();
$result['Id'] = $dataRec['Id'];
$result['editable'] = 0;
$result['has_ref_data'] = 0;
if ($dataObj->m_ObjReferences->count()) {
$result['has_ref_data'] = 1;
}
if ($user_id == $dataRec['create_by']) {
$result['shared_data'] = 0;
$result['editable'] = 1;
} elseif ($this->m_hasOwnerField && $owner_id == $user_id) {
$result['shared_data'] = 0;
$result['editable'] = 1;
} elseif ($group_id == $dataRec['group_id']) {
$result['shared_data'] = 1;
} else {
$result['shared_data'] = 2;
}
if ($dataRec['name'] != '') {
$result['data_record'] = $dataRec['name'];
} elseif ($dataRec['subject'] != '') {
$result['data_record'] = $dataRec['subject'];
} elseif ($dataRec['title'] != '') {
$result['data_record'] = $dataRec['title'];
} elseif ($dataRec['display_name'] != '') {
$result['data_record'] = $dataRec['display_name'];
} else {
$result['data_record'] = $dataRec['Id'];
}
$this->m_DataRecordName = $result['data_record'];
if ($this->m_hasOwnerField) {
$owner_id = $dataRec['owner_id'];
$result['owner_id'] = $dataRec['owner_id'];
if ($dataRec['owner_id'] != $dataRec['create_by']) {
if ($dataRec['owner_id'] == $user_id) {
$result['shared_data'] = 3;
$result['editable'] = 1;
} elseif ($dataRec['create_by'] == $user_id) {
$result['shared_data'] = 4;
$result['editable'] = 1;
}
}
} else {
$owner_id = $dataRec['create_by'];
}
$result['data_record'] = str_replace("<br />", "", $result['data_record']);
$result['owner_perm'] = 3;
$result['create_by'] = $dataRec['create_by'];
$inputArr = $this->readInputRecord();
$result['group_id'] = $dataRec['group_id'];
$result['group_perm'] = isset($inputArr['group_perm']) ? $inputArr['group_perm'] : $dataRec['group_perm'];
$result['other_perm'] = isset($inputArr['other_perm']) ? $inputArr['other_perm'] : $dataRec['other_perm'];
$result['group_name'] = $this->_getGroupName($dataRec['group_id']);
$result['owner_name'] = $this->_getOwnerName($owner_id);
$result['creator_name'] = $this->_getOwnerName($dataRec['create_by']);
$result['hasOwnerField'] = (int) $this->m_hasOwnerField;
$result['form_title'] = $prtFormObj->m_Title;
$result['action_timestamp'] = date("Y-m-d H:i:s");
$result['refer_url'] = SITE_URL;
if ($result['editable'] == 0) {
$svcObj = BizSystem::GetService(DATAPERM_SERVICE);
$result['editable'] = (int) $svcObj->checkDataPerm($dataRec, 3, $dataObj);
}
if ($result['editable'] == 0) {
$result['has_ref_data'] = 0;
}
$this->m_RecordId = $result['Id'];
$this->m_ParentRecordId = $result['Id'];
//$this->setActiveRecord($result);
if (BizSystem::allowUserAccess("data_manage.manage")) {
$result['editable'] = 1;
$result['data_manage'] = 1;
} else {
$result['data_manage'] = 0;
}
return $result;
}
public function BuildSQLRule($dataObj, $type, $hasOwnerField = false, $alias = false)
{
if (BizSystem::allowUserAccess("data_manage.manage")) {
return " TRUE ";
}
$sql_where = null;
$user_id = BizSystem::GetUserProfile('Id');
$user_groups = BizSystem::GetUserProfile('groups');
if ($hasOwnerField) {
$sql_where = " ( ([create_by]='{$user_id}' OR [owner_id]='{$user_id}') ";
} else {
$sql_where = " ( [create_by]='{$user_id}' ";
}
if (GROUP_DATA_SHARE == 0) {
return $sql_where . " ) ";
}
switch ($type) {
default:
case 'select':
$perm_limit = ">=1";
break;
case 'update':
$perm_limit = ">=2";
break;
case 'delete':
$perm_limit = ">=3";
break;
}
if (count($user_groups)) {
$sql_where .= " OR ( [group_perm] {$perm_limit} AND (";
foreach ($user_groups as $group_id) {
$sql_where .= " [group_id] = '{$group_id}' OR ";
}
$sql_where .= " FALSE ) )";
}
$sql_where .= " OR [other_perm] {$perm_limit} ";
$aclDO = BizSystem::getObject("common.do.DataACLDO");
if ($aclDO && DATA_ACL) {
$acl_table = $aclDO->m_MainTable;
if ($type == 'select' || $alias == true) {
$record_table = "T0";
} else {
$record_table = $dataObj->m_MainTable;
}
$record_main_table = $dataObj->m_MainTable;
$record_id_field = $dataObj->getField("Id")->m_Column;
$sql_where .= " OR (\n\t\t\t\t\t\t\t\tSELECT COUNT(*) FROM `{$acl_table}` WHERE \t\t\t\t\t\t\t \n\t\t\t\t\t\t\t\t`{$acl_table}`.`user_id`='{$user_id}' AND\n\t\t\t\t\t\t\t\t`{$acl_table}`.`record_table` = '{$record_main_table}' AND\n\t\t\t\t\t\t\t\t`{$acl_table}`.`record_id` = `{$record_table}`.`{$record_id_field}`\n\t\t\t\t\t\t\t\t )";
}
$sql_where .= " )";
return $sql_where;
}
public function recordCount($sql)
{
$counter = 0;
$rs = $this->directFetch($sql);
foreach ($rs as $record) {
$access = $record['access'];
if (empty($access) || BizSystem::allowUserAccess($access)) {
$counter++;
}
}
return $counter;
}
