public function fetchData() { if ($this->m_ActiveRecord != null) { return $this->m_ActiveRecord; } $prtForm = $this->m_ParentFormName; $prtFormObj = BizSystem::GetObject($prtForm); if (!$prtForm) { return array(); } $this->SetPrtRecordId($this->m_RecordId); $recId = $this->m_ParentRecordId; $dataObj = $prtFormObj->getDataObj(); $dataRec = $dataObj->fetchById($recId); $user_id = BizSystem::GetUserProfile("Id"); $group_id = BizSystem::GetUserProfile("default_group"); $this->m_hasOwnerField = $this->hasOwnerField(); $result = array(); $result['Id'] = $dataRec['Id']; $result['editable'] = 0; $result['has_ref_data'] = 0; if ($dataObj->m_ObjReferences->count()) { $result['has_ref_data'] = 1; } if ($user_id == $dataRec['create_by']) { $result['shared_data'] = 0; $result['editable'] = 1; } elseif ($this->m_hasOwnerField && $owner_id == $user_id) { $result['shared_data'] = 0; $result['editable'] = 1; } elseif ($group_id == $dataRec['group_id']) { $result['shared_data'] = 1; } else { $result['shared_data'] = 2; } if ($dataRec['name'] != '') { $result['data_record'] = $dataRec['name']; } elseif ($dataRec['subject'] != '') { $result['data_record'] = $dataRec['subject']; } elseif ($dataRec['title'] != '') { $result['data_record'] = $dataRec['title']; } elseif ($dataRec['display_name'] != '') { $result['data_record'] = $dataRec['display_name']; } else { $result['data_record'] = $dataRec['Id']; } $this->m_DataRecordName = $result['data_record']; if ($this->m_hasOwnerField) { $owner_id = $dataRec['owner_id']; $result['owner_id'] = $dataRec['owner_id']; if ($dataRec['owner_id'] != $dataRec['create_by']) { if ($dataRec['owner_id'] == $user_id) { $result['shared_data'] = 3; $result['editable'] = 1; } elseif ($dataRec['create_by'] == $user_id) { $result['shared_data'] = 4; $result['editable'] = 1; } } } else { $owner_id = $dataRec['create_by']; } $result['data_record'] = str_replace("<br />", "", $result['data_record']); $result['owner_perm'] = 3; $result['create_by'] = $dataRec['create_by']; $inputArr = $this->readInputRecord(); $result['group_id'] = $dataRec['group_id']; $result['group_perm'] = isset($inputArr['group_perm']) ? $inputArr['group_perm'] : $dataRec['group_perm']; $result['other_perm'] = isset($inputArr['other_perm']) ? $inputArr['other_perm'] : $dataRec['other_perm']; $result['group_name'] = $this->_getGroupName($dataRec['group_id']); $result['owner_name'] = $this->_getOwnerName($owner_id); $result['creator_name'] = $this->_getOwnerName($dataRec['create_by']); $result['hasOwnerField'] = (int) $this->m_hasOwnerField; $result['form_title'] = $prtFormObj->m_Title; $result['action_timestamp'] = date("Y-m-d H:i:s"); $result['refer_url'] = SITE_URL; if ($result['editable'] == 0) { $svcObj = BizSystem::GetService(DATAPERM_SERVICE); $result['editable'] = (int) $svcObj->checkDataPerm($dataRec, 3, $dataObj); } if ($result['editable'] == 0) { $result['has_ref_data'] = 0; } $this->m_RecordId = $result['Id']; $this->m_ParentRecordId = $result['Id']; //$this->setActiveRecord($result); if (BizSystem::allowUserAccess("data_manage.manage")) { $result['editable'] = 1; $result['data_manage'] = 1; } else { $result['data_manage'] = 0; } return $result; }
public function canDisplayForm() { if ($this->getDataObj()->m_DataPermControl == 'Y') { switch (strtolower($this->m_FormType)) { default: case 'list': return true; break; case 'detail': $permCode = 1; break; case 'edit': $permCode = 2; break; } $svcObj = BizSystem::GetService(DATAPERM_SERVICE); $result = $svcObj->checkDataPerm($this->fetchData(), $permCode, $this->getDataObj()); if ($result == false) { return false; } } return true; }
public function buildDeleteSQLwithCondition($dataObj, $condition = null) { $sql = "DELETE FROM `" . $dataObj->m_MainTable . "`"; if ($condition) { $whereStr = $this->_convertSqlExpressionWithoutPrefix($dataObj, $condition); $sql .= " WHERE " . $whereStr; } // append DataPerm in the WHERE clause if ($dataObj->m_DataPermControl == 'Y') { $svcObj = BizSystem::GetService(DATAPERM_SERVICE); $hasOwnerField = $this->_hasOwnerField($dataObj); $dataPermSQLRule = $svcObj->buildSqlRule($dataObj, 'delete', $hasOwnerField); $sqlSearchRule = $this->_convertSqlExpressionWithoutPrefix($dataObj, $dataPermSQLRule); if ($whereStr != '') { $sql .= ' AND ' . $sqlSearchRule; } else { $sql .= $sqlSearchRule; } } return $sql; }
/** * Check if the current record can be deleted * * @return boolean */ public function canDeleteRecord($record = null) { if ($this->m_DataPermControl == 'Y') { $svcObj = BizSystem::GetService(DATAPERM_SERVICE); if (!$record) { $record = $this->getActiveRecord(); } $result = $svcObj->checkDataPerm($record, 3, $this); if ($result == false) { return false; } } $result = $this->canDeleteRecordCondition(); return $result; }