function vtws_query_related($query, $id, $relatedLabel, $user, $filterClause = null)
{
global $log, $adb;
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
// Extract related module name from query.
$relatedType = null;
if (preg_match("/FROM\\s+([^\\s]+)/i", $query, $m)) {
$relatedType = trim($m[1]);
}
// Check for presence of expected relation.
$found = false;
$relatedTypes = vtws_relatedtypes($entityName, $user);
foreach ($relatedTypes['information'] as $label => $information) {
if ($label == $relatedLabel && $information['name'] == $relatedType) {
$found = true;
break;
}
}
if (!$found) {
throw new WebServiceException(WebServiceErrorCode::$UNKOWNENTITY, "Relation specified is incorrect");
}
vtws_preserveGlobal('currentModule', $entityName);
// Fetch related record IDs - so we can further retrieve complete information using vtws_query
$relatedWebserviceObject = VtigerWebserviceObject::fromName($adb, $relatedType);
$relatedHandlerPath = $relatedWebserviceObject->getHandlerPath();
$relatedHandlerClass = $relatedWebserviceObject->getHandlerClass();
require_once $relatedHandlerPath;
$relatedHandler = new $relatedHandlerClass($relatedWebserviceObject, $user, $adb, $log);
$relatedIds = $handler->relatedIds($id, $relatedType, $relatedLabel, $relatedHandler);
// Initialize return value
$relatedRecords = array();
// Rewrite query and extract related records if there at least one.
if (!empty($relatedIds)) {
$relatedIdClause = "id IN ('" . implode("','", $relatedIds) . "')";
if (stripos($query, 'WHERE') == false) {
$query .= " WHERE " . $relatedIdClause;
} else {
$queryParts = explode('WHERE', $query);
$query = $queryParts[0] . " WHERE " . $relatedIdClause;
$query .= " AND " . $queryParts[1];
}
if (!empty($filterClause)) {
$query .= " " . $filterClause;
}
$query .= ";";
$relatedRecords = vtws_query($query, $user);
}
VTWS_PreserveGlobal::flush();
return $relatedRecords;
}
function vtws_retrieve($id, $user)
{
$adb = PearDatabase::getInstance();
$log = vglobal('log');
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
$types = vtws_listtypes(null, $user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
if ($meta->hasReadAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
$idComponents = vtws_getIdComponents($id);
if (!$meta->exists($idComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
$entity = $handler->retrieve($id);
VTWS_PreserveGlobal::flush();
return $entity;
}
function vtws_setrelation($relateThisId, $withTheseIds, $user)
{
global $log, $adb;
list($moduleId, $elementId) = vtws_getIdComponents($relateThisId);
$webserviceObject = VtigerWebserviceObject::fromId($adb, $moduleId);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$moduleName = $meta->getObjectEntityName($relateThisId);
$types = vtws_listtypes(null, $user);
if (!in_array($moduleName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
if ($moduleName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$UPDATE, $relateThisId)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
if (!$meta->exists($elementId)) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
if ($meta->hasWriteAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
vtws_internal_setrelation($elementId, $moduleName, $withTheseIds);
VTWS_PreserveGlobal::flush();
return true;
}
function vtws_update($element, $user)
{
global $log, $adb;
$idList = vtws_getIdComponents($element['id']);
$webserviceObject = VtigerWebserviceObject::fromId($adb, $idList[0]);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($element['id']);
$types = vtws_listtypes($user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$UPDATE, $element['id'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
if (!$meta->exists($idList[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
if ($meta->hasWriteAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
$referenceFields = $meta->getReferenceFieldDetails();
foreach ($referenceFields as $fieldName => $details) {
if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) {
$ids = vtws_getIdComponents($element[$fieldName]);
$elemTypeId = $ids[0];
$elemId = $ids[1];
$referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId);
if (!in_array($referenceObject->getEntityName(), $details)) {
throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}");
}
if (!in_array($referenceObject->getEntityName(), $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied " . $referenceObject->getEntityName());
}
} else {
if ($element[$fieldName] !== NULL) {
unset($element[$fieldName]);
}
}
}
$meta->hasMandatoryFields($element);
$ownerFields = $meta->getOwnerFields();
if (is_array($ownerFields) && sizeof($ownerFields) > 0) {
foreach ($ownerFields as $ownerField) {
if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user");
}
}
}
$entity = $handler->update($element);
VTWS_PreserveGlobal::flush();
return $entity;
}
function vtws_retrieve($id, $user)
{
global $log, $adb;
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
$types = vtws_listtypes(null, $user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
if ($meta->hasReadAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
$idComponents = vtws_getIdComponents($id);
if (!$meta->exists($idComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
$entity = $handler->retrieve($id);
//return product lines
if ($entityName == 'Quotes' || $entityName == 'PurchaseOrder' || $entityName == 'SalesOrder' || $entityName == 'Invoice') {
list($wsid, $recordid) = explode('x', $id);
$result = $adb->pquery('select * from vtiger_inventoryproductrel where id=?', array($recordid));
while ($row = $adb->getNextRow($result, false)) {
if ($row['discount_amount'] == NULL && $row['discount_percent'] == NULL) {
$discount = 0;
$discount_type = 0;
} else {
$discount = 1;
}
if ($row['discount_amount'] == NULL) {
$discount_amount = 0;
} else {
$discount_amount = $row['discount_amount'];
$discount_type = 'amount';
}
if ($row['discount_percent'] == NULL) {
$discount_percent = 0;
} else {
$discount_percent = $row['discount_percent'];
$discount_type = 'percentage';
}
$onlyPrd = array("productid" => $row['productid'], "comment" => $row['comment'], "qty" => $row['quantity'], "listprice" => $row['listprice'], 'discount' => $discount, "discount_type" => $discount_type, "discount_percentage" => $discount_percent, "discount_amount" => $discount_amount);
$entity['pdoInformation'][] = $onlyPrd;
}
}
VTWS_PreserveGlobal::flush();
return $entity;
}
function vtws_retrievedocattachment($all_ids, $returnfile, $user)
{
global $log, $adb;
$entities = array();
$docWSId = vtyiicpng_getWSEntityId('Documents');
$log->debug("Entering function vtws_retrievedocattachment");
$all_ids = "(" . str_replace($docWSId, '', $all_ids) . ")";
$query = "SELECT n.notesid, n.filename, n.filelocationtype\n FROM vtiger_notes n\n INNER JOIN vtiger_crmentity c ON c.crmid=n.notesid\n WHERE n.notesid in {$all_ids} and n.filelocationtype in ('I','E') and c.deleted=0";
$result = $adb->query($query);
$nr = $adb->num_rows($result);
for ($i = 0; $i < $nr; $i++) {
$id = $docWSId . $adb->query_result($result, $i, 'notesid');
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
$types = vtws_listtypes(null, $user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
if ($meta->hasReadAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object ({$id}) is denied");
}
$ids = vtws_getIdComponents($id);
if (!$meta->exists($ids[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Document Record you are trying to access is not found");
}
$document_id = $ids[1];
$filetype = $adb->query_result($result, $i, 'filelocationtype');
if ($filetype == 'E') {
$entity["recordid"] = $adb->query_result($result, $i, 'notesid');
$entity["filetype"] = $fileType;
$entity["filename"] = $adb->query_result($result, $i, 'filename');
$entity["filesize"] = 0;
$entity["attachment"] = base64_encode('');
} elseif ($filetype == 'I') {
$entity = vtws_retrievedocattachment_get_attachment($document_id, true, $returnfile);
}
$entities[$id] = $entity;
VTWS_PreserveGlobal::flush();
}
// end for ids
$log->debug("Leaving function vtws_retrievedocattachment");
return $entities;
}
function cbws_getrecordimageinfo($id, $user)
{
global $log, $adb, $site_URL;
$log->debug("Entering function cbws_getrecordimageinfo({$id})");
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
$types = vtws_listtypes(null, $user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
if ($meta->hasReadAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read entity is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
$idComponents = vtws_getIdComponents($id);
if (!$meta->exists($idComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
$ids = vtws_getIdComponents($id);
$pdoid = $ids[1];
$rdo = array();
$query = 'select vtiger_attachments.name, vtiger_attachments.type, vtiger_attachments.attachmentsid, vtiger_attachments.path
from vtiger_attachments
inner join vtiger_crmentity on vtiger_crmentity.crmid = vtiger_attachments.attachmentsid
inner join vtiger_seattachmentsrel on vtiger_attachments.attachmentsid=vtiger_seattachmentsrel.attachmentsid
where (vtiger_crmentity.setype LIKE "%Image" or vtiger_crmentity.setype LIKE "%Attachment")
and deleted=0 and vtiger_seattachmentsrel.crmid=?';
$result_image = $adb->pquery($query, array($pdoid));
$rdo['results'] = $adb->num_rows($result_image);
$rdo['images'] = array();
while ($img = $adb->fetch_array($result_image)) {
$imga = array();
$imga['name'] = $img['name'];
$imga['path'] = $img['path'];
$imga['fullpath'] = $site_URL . '/' . $img['path'] . $img['attachmentsid'] . '_' . $img['name'];
$imga['type'] = $img['type'];
$imga['id'] = $img['attachmentsid'];
$rdo['images'][] = $imga;
}
VTWS_PreserveGlobal::flush();
$log->debug("Leaving function cbws_getrecordimageinfo");
return $rdo;
}
function cbws_getproductimageinfo($id, $user)
{
global $log, $adb, $site_URL;
$log->debug("Entering function cbws_getproductimageinfo({$id})");
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
if ($entityName != 'Products') {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Entity ID must be a product");
}
$log->debug("Leaving function cbws_getproductimageinfo");
return cbws_getmoduleimageinfo($id, $user);
}
/**
* @author MAK
*/
function vtws_deleteUser($id, $newOwnerId, $user)
{
global $log, $adb;
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
$types = vtws_listtypes($user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied, EntityName = " . $entityName);
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$DELETE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
$idComponents = vtws_getIdComponents($id);
if (!$meta->exists($idComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found, idComponent = " . $idComponents);
}
if ($meta->hasWriteAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
$newIdComponents = vtws_getIdComponents($newOwnerId);
if (empty($newIdComponents[1])) {
//force the default user to be the default admin user.
//added cause eazybusiness team is sending this value empty
$newIdComponents[1] = 1;
}
vtws_transferOwnership($idComponents[1], $newIdComponents[1]);
//delete from user vtiger_table;
$sql = "delete from vtiger_users where id=?";
vtws_runQueryAsTransaction($sql, array($idComponents[1]), $result);
VTWS_PreserveGlobal::flush();
return array("status" => "successful");
}
function cbws_getpdfdata($id, $user)
{
global $log, $adb;
$log->debug("Entering function vtws_getpdfdata");
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
$types = vtws_listtypes(null, $user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
if ($meta->hasReadAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
$idComponents = vtws_getIdComponents($id);
if (!$meta->exists($idComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
$objectName = $webserviceObject->getEntityName();
if (!in_array($objectName, array('Invoice', 'Quotes', 'SalesOrder', 'PurchaseOrder'))) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Only Inventory modules support PDF Output.");
}
$ids = vtws_getIdComponents($id);
$document_id = $ids[1];
$entity = get_module_pdf($objectName, $document_id);
VTWS_PreserveGlobal::flush();
$log->debug("Leaving function vtws_getpdfdata");
return $entity;
}
/**
* @author MAK
*/
function vtws_deleteUser($id, $newOwnerId, $user)
{
$adb = PearDatabase::getInstance();
$log = vglobal('log');
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
$types = vtws_listtypes(null, $user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied, EntityName = " . $entityName);
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$DELETE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
$idComponents = vtws_getIdComponents($id);
if (!$meta->exists($idComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found, idComponent = " . $idComponents);
}
if ($meta->hasWriteAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
$newIdComponents = vtws_getIdComponents($newOwnerId);
if (empty($newIdComponents[1])) {
//force the default user to be the default admin user.
$newIdComponents[1] = 1;
}
$userObj = new Users();
$userObj->transformOwnerShipAndDelete($idComponents[1], $newIdComponents[1]);
VTWS_PreserveGlobal::flush();
return array("status" => "successful");
}
function vtws_addTicketFaqComment($id, $values, $user)
{
global $log, $adb, $current_user;
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
if ($entityName !== 'HelpDesk' and $entityName !== 'Faq') {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Invalid module specified. Must be HelpDesk or Faq");
}
if ($meta->hasReadAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
$idComponents = vtws_getIdComponents($id);
if (!$meta->exists($idComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
$comment = trim($values['comments']);
if (empty($comment)) {
throw new WebServiceException(WebServiceErrorCode::$MANDFIELDSMISSING, "Comment empty.");
}
$current_time = $adb->formatDate(date('Y-m-d H:i:s'), true);
if ($entityName == 'HelpDesk') {
if ($values['from_portal'] != 1) {
$ownertype = 'user';
if (!empty($user)) {
$ownerId = $user->id;
} elseif (!empty($current_user)) {
$ownerId = $current_user->id;
} else {
$ownerId = 1;
}
//get the user email
$result = $adb->pquery("SELECT email1 FROM vtiger_users WHERE id=?", array($ownerId));
$fromname = getUserFullName($ownerId);
} else {
$ownertype = 'customer';
$webserviceObject = VtigerWebserviceObject::fromId($adb, $values['parent_id']);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($values['parent_id']);
if ($entityName !== 'Contacts') {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Invalid owner module specified. Must be Contacts");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
$pidComponents = vtws_getIdComponents($values['parent_id']);
if (!$meta->exists($pidComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
$ownerId = $pidComponents[1];
//get the contact email id who creates the ticket from portal and use this email as from email id in email
$result = $adb->pquery("SELECT email FROM vtiger_contactdetails WHERE contactid=?", array($ownerId));
$ename = getEntityName('Contacts', $ownerId);
$fromname = $ename[$ownerId];
}
$sql = "insert into vtiger_ticketcomments values(?,?,?,?,?,?)";
$params = array('', $idComponents[1], $comment, $ownerId, $ownertype, $current_time);
//send mail to the assigned to user when customer add comment
$toresult = $adb->pquery("SELECT email1,first_name\n\t\t\t\t\tFROM vtiger_users\n\t\t\t\t\tINNER JOIN vtiger_crmentity on smownerid=id\n\t\t\t\t\tINNER JOIN vtiger_troubletickets on ticketid=crmid\n\t\t\t\t\tWHERE ticketid=?", array($idComponents[1]));
$to_email = $adb->query_result($toresult, 0, 0);
$ownerName = $adb->query_result($toresult, 0, 1);
$moduleName = 'HelpDesk';
$subject = getTranslatedString('LBL_RESPONDTO_TICKETID', $moduleName) . "##" . $idComponents[1] . "##" . getTranslatedString('LBL_CUSTOMER_PORTAL', $moduleName);
$contents = getTranslatedString('Dear', $moduleName) . " " . $ownerName . "," . "<br><br>" . getTranslatedString('LBL_CUSTOMER_COMMENTS', $moduleName) . "<br><br>\n\t\t\t\t\t<b>" . $comment . "</b><br><br>" . getTranslatedString('LBL_RESPOND', $moduleName) . "<br><br>" . getTranslatedString('LBL_REGARDS', $moduleName) . "<br>" . getTranslatedString('LBL_SUPPORT_ADMIN', $moduleName);
$from_email = $adb->query_result($result, 0, 0);
//send mail to assigned to user
$mail_status = send_mail('HelpDesk', $to_email, $fromname, $from_email, $subject, $contents);
} else {
$sql = "insert into vtiger_faqcomments values(?, ?, ?, ?)";
$params = array('', $idComponents[1], $comment, $current_time);
}
$adb->pquery($sql, $params);
VTWS_PreserveGlobal::flush();
return array('success' => true);
}
function vtws_getActorEntityNameById($entityId, $idList)
{
$db = PearDatabase::getInstance();
if (!is_array($idList) && count($idList) == 0) {
return array();
}
$nameList = array();
$webserviceObject = VtigerWebserviceObject::fromId($db, $entityId);
$query = "select * from vtiger_ws_entity_name where entity_id = ?";
$result = $db->pquery($query, array($entityId));
if (is_object($result)) {
$rowCount = $db->num_rows($result);
if ($rowCount > 0) {
$nameFields = $db->query_result($result, 0, 'name_fields');
$tableName = $db->query_result($result, 0, 'table_name');
$indexField = $db->query_result($result, 0, 'index_field');
if (!(strpos($nameFields, ',') === false)) {
$fieldList = explode(',', $nameFields);
$nameFields = "concat(";
$nameFields = $nameFields . implode(",' ',", $fieldList);
$nameFields = $nameFields . ")";
}
$query1 = "select {$nameFields} as entityname, {$indexField} from {$tableName} where " . "{$indexField} in (" . generateQuestionMarks($idList) . ")";
$params1 = array($idList);
$result = $db->pquery($query1, $params1);
if (is_object($result)) {
$rowCount = $db->num_rows($result);
for ($i = 0; $i < $rowCount; $i++) {
$id = $db->query_result($result, $i, $indexField);
$nameList[$id] = $db->query_result($result, $i, 'entityname');
}
return $nameList;
}
}
}
return array();
}
function vtws_create($elementType, $element, $user)
{
$types = vtws_listtypes(null, $user);
if (!in_array($elementType, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
global $log, $adb;
if (!empty($element['relations'])) {
$relations = $element['relations'];
unset($element['relations']);
}
// Cache the instance for re-use
if (!isset($vtws_create_cache[$elementType]['webserviceobject'])) {
$webserviceObject = VtigerWebserviceObject::fromName($adb, $elementType);
$vtws_create_cache[$elementType]['webserviceobject'] = $webserviceObject;
} else {
$webserviceObject = $vtws_create_cache[$elementType]['webserviceobject'];
}
// END
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
if ($meta->hasWriteAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
$referenceFields = $meta->getReferenceFieldDetails();
foreach ($referenceFields as $fieldName => $details) {
if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) {
$ids = vtws_getIdComponents($element[$fieldName]);
$elemTypeId = $ids[0];
$elemId = $ids[1];
$referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId);
if (!in_array($referenceObject->getEntityName(), $details)) {
throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}");
}
if ($referenceObject->getEntityName() == 'Users') {
if (!$meta->hasAssignPrivilege($element[$fieldName])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user");
}
}
if (!in_array($referenceObject->getEntityName(), $types['types']) && $referenceObject->getEntityName() != 'Users') {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied" . $referenceObject->getEntityName());
}
} else {
if ($element[$fieldName] !== NULL) {
unset($element[$fieldName]);
}
}
}
if ($meta->hasMandatoryFields($element)) {
$ownerFields = $meta->getOwnerFields();
if (is_array($ownerFields) && sizeof($ownerFields) > 0) {
foreach ($ownerFields as $ownerField) {
if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user");
}
}
}
// Product line support
if (($elementType == 'Quotes' || $elementType == 'PurchaseOrder' || $elementType == 'SalesOrder' || $elementType == 'Invoice') && is_array($element['pdoInformation'])) {
include 'include/Webservices/ProductLines.php';
} else {
$_REQUEST['action'] = $elementType . 'Ajax';
}
if ($elementType == 'HelpDesk') {
//Added to construct the update log for Ticket history
$colflds = $element;
list($void, $colflds['assigned_user_id']) = explode('x', $colflds['assigned_user_id']);
$grp_name = fetchGroupName($colflds['assigned_user_id']);
$assigntype = $grp_name != '' ? 'T' : 'U';
$updlog = HelpDesk::getUpdateLogCreateMessage($colflds, $grp_name, $assigntype);
$updlog = from_html($updlog, false);
}
$entity = $handler->create($elementType, $element);
if ($elementType == 'HelpDesk') {
list($wsid, $newrecid) = vtws_getIdComponents($entity['id']);
$adb->pquery('update vtiger_troubletickets set update_log=? where ticketid=?', array($updlog, $newrecid));
}
// Establish relations
if (!empty($relations)) {
list($wsid, $newrecid) = vtws_getIdComponents($entity['id']);
$modname = $meta->getEntityName();
vtws_internal_setrelation($newrecid, $modname, $relations);
}
VTWS_PreserveGlobal::flush();
return $entity;
} else {
return null;
}
}
public function translateTheReferenceFieldIdsToName($records,$module,$user){
$db = PearDatabase::getInstance();
global $current_user;
$current_user = $user;
$handler = vtws_getModuleHandlerFromName($module, $user);
$meta = $handler->getMeta();
$referenceFieldDetails = $meta->getReferenceFieldDetails();
foreach($referenceFieldDetails as $referenceFieldName=>$referenceModuleDetails){
$referenceFieldIds = array();
$referenceModuleIds = array();
$referenceIdsName = array();
foreach($records as $recordDetails){
$referenceWsId = $recordDetails[$referenceFieldName];
if(!empty ($referenceWsId)){
$referenceIdComp = vtws_getIdComponents($referenceWsId);
$webserviceObject = VtigerWebserviceObject::fromId($db, $referenceIdComp[0]);
$referenceModuleIds[$webserviceObject->getEntityName()][]= $referenceIdComp[1];
$referenceFieldIds[] =$referenceIdComp[1];
}
}
foreach($referenceModuleIds as $referenceModule=>$idLists){
$nameList = getEntityName($referenceModule, $idLists);
foreach($nameList as $key=>$value)
$referenceIdsName[$key] = $value;
}
$recordCount = count($records);
for($i=0;$i<$recordCount;$i++){
$record = $records[$i];
if(!empty($record[$referenceFieldName])){
$wsId = vtws_getIdComponents($record[$referenceFieldName]);
$record[$referenceFieldName] = decode_html($referenceIdsName[$wsId[1]]);
}
$records[$i]= $record;
}
}
return $records;
}
function vtws_update($element, $user)
{
global $log, $adb;
$idList = vtws_getIdComponents($element['id']);
$webserviceObject = VtigerWebserviceObject::fromId($adb, $idList[0]);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($element['id']);
$types = vtws_listtypes(null, $user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$UPDATE, $element['id'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
if (!$meta->exists($idList[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
if ($meta->hasWriteAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
$referenceFields = $meta->getReferenceFieldDetails();
foreach ($referenceFields as $fieldName => $details) {
if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) {
$ids = vtws_getIdComponents($element[$fieldName]);
$elemTypeId = $ids[0];
$elemId = $ids[1];
$referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId);
if (!in_array($referenceObject->getEntityName(), $details)) {
throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}");
}
if ($referenceObject->getEntityName() == 'Users') {
if (!$meta->hasAssignPrivilege($element[$fieldName])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user");
}
}
if (!in_array($referenceObject->getEntityName(), $types['types']) && $referenceObject->getEntityName() != 'Users') {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied " . $referenceObject->getEntityName());
}
} else {
if ($element[$fieldName] !== NULL) {
unset($element[$fieldName]);
}
}
}
$meta->hasMandatoryFields($element);
$ownerFields = $meta->getOwnerFields();
if (is_array($ownerFields) && sizeof($ownerFields) > 0) {
foreach ($ownerFields as $ownerField) {
if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user");
}
}
}
// Product line support
if (($entityName == 'Quotes' || $entityName == 'PurchaseOrder' || $entityName == 'SalesOrder' || $entityName == 'Invoice') && is_array($element['pdoInformation'])) {
include_once 'include/Webservices/ProductLines.php';
} else {
$_REQUEST['action'] = $entityName . 'Ajax';
}
if ($entityName == 'HelpDesk') {
//Added to construct the update log for Ticket history
$colflds = $element;
list($void, $colflds['assigned_user_id']) = explode('x', $colflds['assigned_user_id']);
$updlog = HelpDesk::getUpdateLogEditMessage($idList[1], $colflds);
$updlog = from_html($updlog, true);
}
$entity = $handler->update($element);
if ($entityName == 'HelpDesk') {
$adb->pquery('update vtiger_troubletickets set update_log=? where ticketid=?', array($updlog, $idList[1]));
}
VTWS_PreserveGlobal::flush();
return $entity;
}
function vtws_create($elementType, $element, $user)
{
$types = vtws_listtypes(null, $user);
if (!in_array($elementType, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied");
}
$adb = PearDatabase::getInstance();
$log = vglobal('log');
// Cache the instance for re-use
if (!isset($vtws_create_cache[$elementType]['webserviceobject'])) {
$webserviceObject = VtigerWebserviceObject::fromName($adb, $elementType);
$vtws_create_cache[$elementType]['webserviceobject'] = $webserviceObject;
} else {
$webserviceObject = $vtws_create_cache[$elementType]['webserviceobject'];
}
// END
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
if ($meta->hasWriteAccess() !== true) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied");
}
$referenceFields = $meta->getReferenceFieldDetails();
foreach ($referenceFields as $fieldName => $details) {
if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) {
$ids = vtws_getIdComponents($element[$fieldName]);
$elemTypeId = $ids[0];
$elemId = $ids[1];
$referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId);
if (!in_array($referenceObject->getEntityName(), $details)) {
throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}");
}
if ($referenceObject->getEntityName() == 'Users') {
if (!$meta->hasAssignPrivilege($element[$fieldName])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user");
}
}
if (!in_array($referenceObject->getEntityName(), $types['types']) && $referenceObject->getEntityName() != 'Users') {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied" . $referenceObject->getEntityName());
}
} else {
if ($element[$fieldName] !== NULL) {
unset($element[$fieldName]);
}
}
}
if ($meta->hasMandatoryFields($element)) {
$ownerFields = $meta->getOwnerFields();
if (is_array($ownerFields) && sizeof($ownerFields) > 0) {
foreach ($ownerFields as $ownerField) {
if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user");
}
}
}
$entity = $handler->create($elementType, $element);
VTWS_PreserveGlobal::flush();
return $entity;
} else {
return null;
}
}
function hasAssignPrivilege($webserviceId)
{
global $adb;
// administrator's have assign privilege
if (is_admin($this->user)) {
return true;
}
$idComponents = vtws_getIdComponents($webserviceId);
$userId = $idComponents[1];
$ownerTypeId = $idComponents[0];
if ($userId == null || $userId == '' || $ownerTypeId == null || $ownerTypeId == '') {
return false;
}
$webserviceObject = VtigerWebserviceObject::fromId($adb, $ownerTypeId);
if (strcasecmp($webserviceObject->getEntityName(), "Users") === 0) {
if ($userId == $this->user->id) {
return true;
}
if (!$this->assign) {
$this->retrieveUserHierarchy();
}
if (in_array($userId, array_keys($this->assignUsers))) {
return true;
} else {
return false;
}
} elseif (strcasecmp($webserviceObject->getEntityName(), "Groups") === 0) {
$tabId = $this->getTabId();
$groups = vtws_getUserAccessibleGroups($tabId, $this->user);
foreach ($groups as $group) {
if ($group['id'] == $userId) {
return true;
}
}
return false;
}
}
function __getRLQuery($id, $module, $relatedModule, $queryParameters, $user)
{
global $adb, $currentModule, $log, $current_user;
// Initialize required globals
$currentModule = $module;
// END
if (empty($queryParameters['productDiscriminator'])) {
$queryParameters['productDiscriminator'] = '';
}
if (empty($queryParameters['columns'])) {
$queryParameters['columns'] = '*';
}
$productDiscriminator = strtolower($queryParameters['productDiscriminator']);
// check modules
$webserviceObject = VtigerWebserviceObject::fromName($adb, $relatedModule);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$relatedModule = $meta->getEntityName();
if (!$meta->isModuleEntity()) {
throw new WebserviceException('INVALID_MODULE', "Given related module ({$relatedModule}) cannot be found");
}
$relatedModuleId = getTabid($relatedModule);
$webserviceObject = VtigerWebserviceObject::fromName($adb, $module);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$module = $meta->getEntityName();
if (!$meta->isModuleEntity()) {
throw new WebserviceException('INVALID_MODULE', "Given module ({$module}) cannot be found");
}
$moduleId = getTabid($module);
// check permission on module
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
$entityName = $meta->getObjectEntityName($id);
$types = vtws_listtypes(null, $user);
if (!in_array($entityName, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation on module ({$module}) is denied");
}
if ($entityName !== $webserviceObject->getEntityName()) {
throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect");
}
if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
$idComponents = vtws_getIdComponents($id);
if (!$meta->exists($idComponents[1])) {
throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found");
}
$crmid = $idComponents[1];
// check permission on related module and pickup meta data for further processing
$webserviceObject = VtigerWebserviceObject::fromName($adb, $relatedModule);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
$meta = $handler->getMeta();
if (!in_array($relatedModule, $types['types'])) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation on module ({$relatedModule}) is denied");
}
if (!$meta->hasReadAccess()) {
throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied");
}
// user has enough permission to start process
$query = '';
switch ($relatedModule) {
case 'ModComments':
$wsUserIdrs = $adb->query("select id from vtiger_ws_entity where name='Users'");
$wsUserId = $adb->query_result($wsUserIdrs, 0, 0) . 'x';
$wsContactIdrs = $adb->query("select id from vtiger_ws_entity where name='Contacts'");
$wsContactId = $adb->query_result($wsContactIdrs, 0, 0) . 'x';
switch ($module) {
case 'HelpDesk':
$query = "select\n\t\t\t\t\t\tconcat(case when (ownertype = 'user') then '{$wsUserId}' else '{$wsContactId}' end,ownerid) as creator,\n\t\t\t\t\t\tconcat(case when (ownertype = 'user') then '{$wsUserId}' else '{$wsContactId}' end,ownerid) as assigned_user_id,\n\t\t\t\t\t\t'TicketComments' as setype,\n\t\t\t\t\t\tcreatedtime,\n\t\t\t\t\t\tcreatedtime as modifiedtime,\n\t\t\t\t\t\t0 as id,\n\t\t\t\t\t\tcomments as commentcontent, \n\t\t\t\t\t\t'{$id}' as related_to, \n\t\t\t\t\t\t'' as parent_comments,\n\t\t\t\t\t\townertype,\n\t\t\t\t\t\tcase when (ownertype = 'user') then vtiger_users.user_name else vtiger_portalinfo.user_name end as owner_name \n\t\t\t\t\t from vtiger_ticketcomments\n\t\t\t\t\t left join vtiger_users on vtiger_users.id = ownerid\n\t\t\t\t\t left join vtiger_portalinfo on vtiger_portalinfo.id = ownerid\n\t\t\t\t\t where ticketid={$crmid}";
break;
case 'Faq':
$query = "select\n\t\t\t\t\t\t0 as creator,\n\t\t\t\t\t\t0 as assigned_user_id,\n\t\t\t\t\t\t'FaqComments' as setype,\n\t\t\t\t\t\tcreatedtime,\n\t\t\t\t\t\tcreatedtime as modifiedtime,\n\t\t\t\t\t\t0 as id,\n\t\t\t\t\t\tcomments as commentcontent, \n\t\t\t\t\t\t'{$id}' as related_to, \n\t\t\t\t\t\t'' as parent_comments\n\t\t\t\t\t from vtiger_faqcomments where faqid={$crmid}";
break;
default:
$entityInstance = CRMEntity::getInstance($relatedModule);
$queryCriteria = '';
$criteria = 'All';
// currently hard coded to all ** TODO **
switch ($criteria) {
// currently hard coded to all ** TODO **
case 'All':
$queryCriteria = '';
break;
case 'Last5':
$queryCriteria = sprintf(" ORDER BY %s.%s DESC LIMIT 5", $entityInstance->table_name, $entityInstance->table_index);
break;
case 'Mine':
$queryCriteria = ' AND vtiger_crmentity.smownerid=' . $current_user->id;
break;
}
$query = $entityInstance->getListQuery($moduleName, sprintf(" AND %s.related_to={$crmid}", $entityInstance->table_name));
$query .= $queryCriteria;
$qfields = __getRLQueryFields($meta, $queryParameters['columns']);
// Remove all the \n, \r and white spaces to keep the space between the words consistent.
$query = preg_replace("/[\n\r\\s]+/", " ", $query);
$query = "select {$qfields} " . substr($query, stripos($query, ' FROM '), strlen($query));
break;
}
// end switch ModComments
break;
default:
$relation_criteria = '';
switch ($relatedModule) {
case 'Products':
if ($module == 'Products') {
// Product Bundles
if (!empty($productDiscriminator) and $productDiscriminator == 'productparent') {
$relation_criteria = " and label like '%parent%'";
} else {
$relation_criteria = " and label like '%bundle%'";
// bundle by default
}
}
break;
case 'Calendar':
$relation_criteria = " and label like '%Activities%'";
// History not supported
//$relation_criteria = " and label like '%History%'";
break;
}
// special product relation with Q/SO/I/PO
if ($relatedModule == 'Products' and in_array($module, array('Invoice', 'Quotes', 'SalesOrder', 'PurchaseOrder'))) {
$query = 'select productid as id,sequence_no,quantity,listprice,discount_percent,discount_amount,comment,description,tax1,tax2,tax3 FROM vtiger_inventoryproductrel where id=' . $crmid;
} else {
$relationResult = $adb->pquery("SELECT * FROM vtiger_relatedlists WHERE tabid=? AND related_tabid=? {$relation_criteria}", array($moduleId, $relatedModuleId));
if (!$relationResult || !$adb->num_rows($relationResult)) {
throw new WebserviceException('MODULES_NOT_RELATED', "Cannot find relation between {$module} and {$relatedModule}");
}
if ($adb->num_rows($relationResult) > 1) {
throw new WebserviceException('MANY_RELATIONS', "More than one relation exists between {$module} and {$relatedModule}");
}
$relationInfo = $adb->fetch_array($relationResult);
$moduleInstance = CRMEntity::getInstance($module);
$params = array($crmid, $moduleId, $relatedModuleId);
$relationData = call_user_method_array($relationInfo['name'], $moduleInstance, $params);
$query = $relationData['query'];
// select the fields the user has access to and prepare query
$qfields = __getRLQueryFields($meta, $queryParameters['columns']);
// Remove all the \n, \r and white spaces to keep the space between the words consistent.
$query = preg_replace("/[\n\r\\s]+/", " ", $query);
$query = "select {$qfields} " . substr($query, stripos($query, ' FROM '), strlen($query));
// Append additional joins for some queries
$query = __getRLQueryFromJoins($query, $meta);
//Appending Access Control
if ($relatedModule != 'Faq' && $relatedModule != 'PriceBook' && $relatedModule != 'Vendors' && $relatedModule != 'Users') {
$secQuery = getNonAdminAccessControlQuery($relatedModule, $current_user);
if (strlen($secQuery) > 1) {
$query = appendFromClauseToQuery($query, $secQuery);
}
}
// This is for getting products related to Account/Contact through their Quote/SO/Invoice
if (($module == 'Accounts' or $module == 'Contacts') and ($relatedModule == 'Products' or $relatedModule == 'Services') and in_array($productDiscriminator, array('productlineinvoice', 'productlinesalesorder', 'productlinequote', 'productlineall', 'productlineinvoiceonly', 'productlinesalesorderonly', 'productlinequoteonly'))) {
// Here we add list of products contained in related invoice, so and quotes
$relatedField = $module == 'Accounts' ? 'accountid' : 'contactid';
$pstable = $meta->getEntityBaseTable();
$psfield = $meta->getIdColumn();
if (substr($productDiscriminator, -4) == 'only') {
$productDiscriminator = substr($productDiscriminator, 0, strlen($productDiscriminator) - 4);
$query = '';
}
if ($productDiscriminator == 'productlinequote' or $productDiscriminator == 'productlineall') {
$q = "select distinct {$qfields} from vtiger_quotes\n\t\t\t\t\t\tinner join vtiger_crmentity as crmq on crmq.crmid=vtiger_quotes.quoteid\n\t\t\t\t\t\tleft join vtiger_inventoryproductrel on vtiger_inventoryproductrel.id=vtiger_quotes.quoteid\n\t\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_inventoryproductrel.productid \n\t\t\t\t\t\tleft join {$pstable} on {$pstable}.{$psfield} = vtiger_inventoryproductrel.productid \n\t\t\t\t\t\twhere vtiger_inventoryproductrel.productid = {$pstable}.{$psfield} AND crmq.deleted=0\n\t\t\t\t\t\t and {$relatedField} = {$crmid}";
$query .= ($query == '' ? '' : ' UNION DISTINCT ') . $q;
}
if ($productDiscriminator == 'productlineinvoice' or $productDiscriminator == 'productlineall') {
$q = "select distinct {$qfields} from vtiger_invoice\n\t\t\t\t\t\tinner join vtiger_crmentity as crmi on crmi.crmid=vtiger_invoice.invoiceid\n\t\t\t\t\t\tleft join vtiger_inventoryproductrel on vtiger_inventoryproductrel.id=vtiger_invoice.invoiceid\n\t\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_inventoryproductrel.productid\n\t\t\t\t\t\tleft join {$pstable} on {$pstable}.{$psfield} = vtiger_inventoryproductrel.productid\n\t\t\t\t\t\twhere vtiger_inventoryproductrel.productid = {$pstable}.{$psfield} AND crmi.deleted=0\n\t\t\t\t\t\t and {$relatedField} = {$crmid}";
$query .= ($query == '' ? '' : ' UNION DISTINCT ') . $q;
}
if ($productDiscriminator == 'productlinesalesorder' or $productDiscriminator == 'productlineall') {
$q = "select distinct {$qfields} from vtiger_salesorder \n\t\t\t\t\tinner join vtiger_crmentity as crms on crms.crmid=vtiger_salesorder.salesorderid\n\t\t\t\t\tleft join vtiger_inventoryproductrel on vtiger_inventoryproductrel.id=vtiger_salesorder.salesorderid\n\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_inventoryproductrel.productid\n\t\t\t\t\tleft join {$pstable} on {$pstable}.{$psfield} = vtiger_inventoryproductrel.productid\n\t\t\t\t\twhere vtiger_inventoryproductrel.productid = {$pstable}.{$psfield} AND crms.deleted=0\n\t\t\t\t\tand {$relatedField} = {$crmid}";
$query .= ($query == '' ? '' : ' UNION DISTINCT ') . $q;
}
}
}
// q/so/i/po-product relation
break;
}
// end switch $relatedModule
// now we add order by if needed
if ($query != '' and !empty($queryParameters['orderby'])) {
$query .= ' order by ' . $queryParameters['orderby'];
}
// now we add limit and offset if needed
if ($query != '' and !empty($queryParameters['limit'])) {
$query .= ' limit ' . $queryParameters['limit'];
if (!empty($queryParameters['offset'])) {
$query .= ',' . $queryParameters['offset'];
}
}
return $query;
}
function vtws_getModuleHandlerFromId($id, $user)
{
global $adb, $log;
$webserviceObject = VtigerWebserviceObject::fromId($adb, $id);
$handlerPath = $webserviceObject->getHandlerPath();
$handlerClass = $webserviceObject->getHandlerClass();
require_once $handlerPath;
$handler = new $handlerClass($webserviceObject, $user, $adb, $log);
return $handler;
}
