public function execute()
{
// only allowed to global admin
if (!wa()->getUser()->getRights('webasyst', 'backend')) {
throw new waRightsException('Access denied');
}
if (!($group_id = (int) waRequest::get('id'))) {
throw new waException('Group id not specified.');
}
$gm = new waGroupModel();
$group = $gm->getById($group_id);
$right_model = new waContactRightsModel();
$fullAccess = $right_model->get(-$group_id, 'webasyst', 'backend');
$apps = wa()->getApps();
if (!$fullAccess) {
$appAccess = $right_model->getApps($group_id, 'backend');
}
$noAccess = true;
foreach ($apps as $app_id => &$app) {
$app['id'] = $app_id;
$app['customizable'] = isset($app['rights']) ? (bool) $app['rights'] : false;
$app['access'] = $fullAccess ? 2 : 0;
if (!$app['access'] && isset($appAccess[$app_id])) {
$app['access'] = $appAccess[$app_id];
}
$noAccess = $noAccess && !$app['access'];
}
unset($app);
$this->view->assign('apps', $apps);
$this->view->assign('group', $group);
$this->view->assign('noAccess', $noAccess);
$this->view->assign('fullAccess', $fullAccess);
}
/**
* Delete one or more contacts and fire event сontacts.delete
*
* @event contacts.delete
*
* @param int|array $id - contact id or array of contact ids
* @return bool
*/
public function delete($id, $send_event = true)
{
if ($send_event) {
// Fire @event contacts.delete allowing other applications to clean up their data
if (!is_array($id)) {
$id = array($id);
}
wa()->event(array('contacts', 'delete'), $id);
}
if (is_array($id)) {
$nid = array();
foreach ($id as $i) {
$nid[] = -(int) $i;
}
} else {
$nid = -(int) $id;
}
// Delete rights
$right_model = new waContactRightsModel();
$right_model->deleteByField('group_id', $nid);
// Delete settings
$setting_model = new waContactSettingsModel();
$setting_model->deleteByField('contact_id', $id);
// Delete emails
$contact_email_model = new waContactEmailsModel();
$contact_email_model->deleteByField('contact_id', $id);
// Delete from groups
$user_groups_model = new waUserGroupsModel();
$user_groups_model->deleteByField('contact_id', $id);
// Delete from contact lists
if (class_exists('contactsContactListsModel')) {
// @todo: Use plugin for contacts
$contact_lists_model = new contactsContactListsModel();
$contact_lists_model->deleteByField('contact_id', $id);
}
// Delete from contact rights
$contact_rights_model = new contactsRightsModel();
$contact_rights_model->deleteByField('group_id', $nid);
// Delete data
$contact_data_model = new waContactDataModel();
$contact_data_model->deleteByField('contact_id', $id);
$contact_data_text_model = new waContactDataTextModel();
$contact_data_text_model->deleteByField('contact_id', $id);
// Dalete from categories
$contact_categories_model = new waContactCategoriesModel();
$category_ids = array_keys($contact_categories_model->getByField('contact_id', $id, 'category_id'));
$contact_categories_model->deleteByField('contact_id', $id);
// update counters in wa_contact_category
$contact_category_model = new waContactCategoryModel();
$contact_category_model->recalcCounters($category_ids);
// // Delete contact from logs
// $login_log_model = new waLoginLogModel();
// $login_log_model->deleteByField('contact_id', $id);
// Clear references
$this->updateByField(array('company_contact_id' => $id), array('company_contact_id' => 0));
// Delete contact
return $this->deleteById($id);
}
public function execute()
{
// only allowed to global admin
if (!wa()->getUser()->getRights('webasyst', 'backend')) {
throw new waRightsException(_w('Access denied'));
}
$contact_id = waRequest::get('id');
$group_ids = null;
if ($contact_id > 0) {
$user_groups_model = new waUserGroupsModel();
$group_ids = $user_groups_model->getGroupIds($contact_id);
$group_ids[] = 0;
}
$app_id = waRequest::get('app');
$right_model = new waContactRightsModel();
$rights = $right_model->get($contact_id, $app_id, null, false);
$group_rights = null;
if ($group_ids) {
$group_rights = $right_model->get(array_map(wa_lambda('$a', 'return -$a;'), $group_ids), $app_id, null, false);
}
// Check custom rights items
$app_config = SystemConfig::getAppConfig($app_id);
$class_name = $app_config->getPrefix() . "RightConfig";
$file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php");
if (file_exists($file_path)) {
// Init app
waSystem::getInstance($app_id, $app_config, true);
include $file_path;
/**
* @var waRightConfig $right_config
*/
$right_config = new $class_name();
$rights += $right_config->getRights($contact_id);
if ($group_ids) {
$group_rights += $right_config->getRights(array_map(wa_lambda('$a', 'return -$a;'), $group_ids));
}
$this->view->assign('html', $right_config->getHTML($rights, $group_rights));
waSystem::setActive('contacts');
} else {
$this->view->assign('html', '');
}
if ($contact_id > 0) {
$this->view->assign('user', new waContact($contact_id));
} else {
$gm = new waGroupModel();
$this->view->assign('group', $gm->getById(-$contact_id));
}
$app = wa()->getAppInfo($app_id);
$app['id'] = $app_id;
$this->view->assign('app', $app);
$this->view->assign('rights', $rights);
$this->view->assign('group_rights', $group_rights);
}
/**
* Check blog rights for current or specified user
* @param int $blog_id null to check blog create
* @param bool|int $contact_id
* @param int $mode
* @throws waRightsException
* @internal param $blogRightConfig .RIGHT_READ_WRITE|int $mode
* @return int|null
*/
public static function checkRights($blog_id = null, $contact_id = true, $mode = blogRightConfig::RIGHT_READ_WRITE)
{
static $rights_model;
$rights = null;
if (!$rights_model) {
$rights_model = new waContactRightsModel();
}
if ($contact_id === true) {
$user = wa()->getUser();
if ($user->isAdmin('blog')) {
return blogRightConfig::RIGHT_FULL;
}
$contact_id = $user->getId();
} elseif ($contact_id) {
if ($rights_model->get($contact_id, 'blog', 'backend') > 2) {
return blogRightConfig::RIGHT_FULL;
}
}
if ($contact_id) {
//it's backend
if ($blog_id) {
if ($blog_id === true) {
$rights = $rights_model->get($contact_id, 'blog', blogRightConfig::RIGHT_ADD_BLOG);
if (!$rights) {
throw new waRightsException(_w('Access denied'), 403);
}
} else {
$rights = $rights_model->get($contact_id, 'blog', "blog.{$blog_id}");
if ($rights < $mode) {
throw new waRightsException(_w('Access denied'), 403);
}
}
} else {
$rights = max($rights_model->get($contact_id, 'blog'));
}
} else {
//it's frontend
if ($mode > blogRightConfig::RIGHT_READ) {
throw new waRightsException(_w('Access denied'), 403);
}
$blog_model = new blogBlogModel();
if (!$blog_id || !in_array($blog_id, array($blog_model->getAvailable(false, array(), $blog_id)))) {
throw new waRightsException(_w('Access denied'), 403);
}
return blogRightConfig::RIGHT_READ;
}
return $rights;
}
/**
* Delete one or more contacts and fire event сontacts.delete
*
* @event contacts.delete
*
* @param int|array $id - contact id or array of contact ids
* @return bool
*/
public function delete($id, $send_event = true)
{
if ($send_event) {
// Fire @event contacts.delete allowing other applications to clean up their data
wa()->event(array('contacts', 'delete'), $id);
}
if (is_array($id)) {
$nid = array();
foreach ($id as $i) {
$nid[] = -(int) $i;
}
} else {
$nid = -(int) $id;
}
// Delete rights
$right_model = new waContactRightsModel();
$right_model->deleteByField('group_id', $nid);
// Delete settings
$setting_model = new waContactSettingsModel();
$setting_model->deleteByField('contact_id', $id);
// Delete emails
$contact_email_model = new waContactEmailsModel();
$contact_email_model->deleteByField('contact_id', $id);
// Delete from groups
$user_groups_model = new waUserGroupsModel();
$user_groups_model->deleteByField('contact_id', $id);
// Delete from contact lists
if (class_exists('contactsContactListsModel')) {
// @todo: Use plugin for contacts
$contact_lists_model = new contactsContactListsModel();
$contact_lists_model->deleteByField('contact_id', $id);
}
// Delete from contact rights
$contact_rights_model = new contactsRightsModel();
$contact_rights_model->deleteByField('group_id', $nid);
// Delete data
$contact_data_model = new waContactDataModel();
$contact_data_model->deleteByField('contact_id', $id);
$contact_data_text_model = new waContactDataTextModel();
$contact_data_text_model->deleteByField('contact_id', $id);
// Delete contact from logs
$login_log_model = new waLoginLogModel();
$login_log_model->deleteByField('contact_id', $id);
// Delete contact
return $this->deleteById($id);
}
public function execute()
{
$this->view->assign('views', null);
$this->view->assign('settings', $this->getUser()->getSettings('contacts'));
$historyModel = new contactsHistoryModel();
$this->view->assign('history', $historyModel->get());
$cc = new contactsCollection();
$this->view->assign('totalContacts', $cc->count());
// only show categories available to current user
// $crm = new contactsRightsModel();
$wcrm = new waContactRightsModel();
$ccm = new waContactCategoryModel();
// $allowed = $crm->getAllowedCategories();
// $categories = array();
// if($allowed === true) {
// $categories = $ccm->getAll();
// } else if ($allowed) {
// foreach($ccm->getAll() as $cat) {
// if (isset($allowed[$cat['id']])) {
// $categories[] = $cat;
// }
// }
// }
$categories = $ccm->getAll();
$this->view->assign('categories', $categories);
// User views are only available to global admin
$r = new waContactRightsModel();
$this->view->assign('superadmin', FALSE);
$this->view->assign('admin', FALSE);
if (wa()->getUser()->getRights('webasyst', 'backend')) {
$this->view->assign('superadmin', TRUE);
$this->view->assign('admin', TRUE);
// $group_model = new waGroupModel();
// $this->view->assign('groups', $group_model->getAll());
$cc = new contactsCollection('/users/all/');
$this->view->assign('totalUsers', $cc->count());
} else {
if (wa()->getUser()->getRights('contacts', 'backend') >= 2) {
$this->view->assign('admin', TRUE);
}
}
// is user allowed to add contacts?
$this->view->assign('show_create', $wcrm->get(null, null, 'create'));
$event_params = array();
$this->view->assign('backend_sidebar', wa()->event('backend_sidebar', $event_params, array('top_li')));
}
public function execute()
{
// only allowed to global admin
if (!wa()->getUser()->getRights('webasyst', 'backend')) {
throw new waRightsException(_w('Access denied'));
}
$group = null;
$group_id = waRequest::get('id');
if ($group_id) {
$group_model = new waGroupModel();
$group = $group_model->getById($group_id);
}
// only allowed to global admin
$is_global_admin = wa()->getUser()->getRights('webasyst', 'backend');
$right_model = new waContactRightsModel();
$fullAccess = $right_model->get(-$group_id, 'webasyst', 'backend');
$apps = wa()->getApps();
if (!$fullAccess) {
$appAccess = $right_model->getApps($group_id, 'backend');
}
$noAccess = true;
foreach ($apps as $app_id => &$app) {
$app['id'] = $app_id;
$app['customizable'] = isset($app['rights']) ? (bool) $app['rights'] : false;
$app['access'] = $fullAccess ? 2 : 0;
if (!$app['access'] && isset($appAccess[$app_id])) {
$app['access'] = $appAccess[$app_id];
}
$noAccess = $noAccess && !$app['access'];
}
unset($app);
$user_groups = new waUserGroupsModel();
$users_count = $user_groups->countByField(array('group_id' => $group_id));
$this->view->assign('users_count', $users_count);
$this->view->assign('apps', $apps);
$this->view->assign('noAccess', $noAccess);
$this->view->assign('fullAccess', $fullAccess);
$this->view->assign('is_global_admin', $is_global_admin);
$this->view->assign('group', $group);
$this->view->assign('icons', waGroupModel::getIcons());
}
public static function revokeUser($id)
{
// wa_contact
$user = new waContact($id);
$user['is_user'] = 0;
$user['login'] = null;
$user['password'] = '';
$user->save();
// user groups
$ugm = new waUserGroupsModel();
$ugm->delete($id);
// Access rigths
$right_model = new waContactRightsModel();
$right_model->deleteByField('group_id', -$id);
// Custom application access rigths
foreach (wa()->getApps() as $aid => $app) {
if (isset($app['rights']) && $app['rights']) {
$app_config = SystemConfig::getAppConfig($aid);
$class_name = $app_config->getPrefix() . "RightConfig";
$file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php");
$right_config = null;
if (!file_exists($file_path)) {
continue;
}
waSystem::getInstance($aid, $app_config);
include_once $file_path;
/**
* @var waRightConfig $right_config
*/
$right_config = new $class_name();
$right_config->clearRights($id);
}
}
}
/** Using $this->id and $this->contact, if contact is a user,
* collect and load vars into $this->view specific to waUser. */
protected function getUserInfo()
{
$system = waSystem::getInstance();
$rm = new waContactRightsModel();
$ugm = new waUserGroupsModel();
$gm = new waGroupModel();
// Personal and group access rights
$groups = $ugm->getGroups($this->id);
$ownAccess = $rm->getApps(-$this->id, 'backend', FALSE, FALSE);
$groupAccess = $rm->getApps(array_keys($groups), 'backend', FALSE, FALSE);
if (!isset($ownAccess['webasyst'])) {
$ownAccess['webasyst'] = 0;
}
if (!isset($groupAccess['webasyst'])) {
$groupAccess['webasyst'] = 0;
}
// Build application list with personal and group access rights for each app
$apps = $system->getApps();
$noAccess = true;
$gNoAccess = true;
foreach ($apps as $app_id => &$app) {
$app['id'] = $app_id;
$app['customizable'] = isset($app['rights']) ? (bool) $app['rights'] : false;
$app['access'] = $ownAccess['webasyst'] ? 2 : 0;
if (!$app['access'] && isset($ownAccess[$app_id])) {
$app['access'] = $ownAccess[$app_id];
}
$app['gaccess'] = $groupAccess['webasyst'] ? 2 : 0;
if (!$app['gaccess'] && isset($groupAccess[$app_id])) {
$app['gaccess'] = $groupAccess[$app_id];
}
$noAccess = $noAccess && !$app['gaccess'] && !$app['access'];
$gNoAccess = $gNoAccess && !$app['gaccess'];
}
unset($app);
$this->view->assign('apps', $apps);
$this->view->assign('groups', $groups);
$this->view->assign('noAccess', $noAccess ? 1 : 0);
$this->view->assign('gNoAccess', $gNoAccess ? 1 : 0);
$this->view->assign('all_groups', $gm->getNames());
$this->view->assign('fullAccess', $ownAccess['webasyst']);
$this->view->assign('gFullAccess', $groupAccess['webasyst']);
$this->view->assign('access_to_contacts', $this->getUser()->getRights('contacts', 'backend'));
}
public function execute()
{
// only allowed to global admin
if (!wa()->getUser()->getRights('webasyst', 'backend')) {
throw new waRightsException('Access denied.');
}
$app_id = waRequest::post('app_id');
$name = waRequest::post('name');
$value = (int) waRequest::post('value');
$contact_id = waRequest::get('id');
if (!$name && !$value) {
$values = waRequest::post('app');
if (!is_array($values)) {
throw new waException('Bad values for access rights.');
}
} else {
$values = array($name => $value);
}
$right_model = new waContactRightsModel();
$is_admin = $right_model->get($contact_id, 'webasyst', 'backend', false);
if ($is_admin && $app_id != 'webasyst') {
throw new waException('Cannot change application rights for global admin.');
}
// If $contact_id used to have limited access and we're changing global admin privileges,
// then need to notify all applications to remove their custom access records.
if (!$is_admin && $app_id == 'webasyst' && $name == 'backend') {
foreach (wa()->getApps() as $aid => $app) {
try {
if (isset($app['rights']) && $app['rights']) {
$app_config = SystemConfig::getAppConfig($aid);
$class_name = $app_config->getPrefix() . "RightConfig";
$file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php");
$right_config = null;
if (!file_exists($file_path)) {
continue;
}
waSystem::getInstance($aid, $app_config);
include_once $file_path;
/**
* @var waRightConfig
*/
$right_config = new $class_name();
$right_config->clearRights($contact_id);
}
} catch (Exception $e) {
// silently ignore other applications errors
}
}
}
// Update $app_id access records
$app_config = SystemConfig::getAppConfig($app_id);
$class_name = $app_config->getPrefix() . "RightConfig";
$file_path = $app_config->getAppPath('lib/config/' . $class_name . ".class.php");
$right_config = null;
if (file_exists($file_path)) {
// Init app
waSystem::getInstance($app_id, $app_config);
include_once $file_path;
/**
* @var waRightConfig
*/
$right_config = new $class_name();
}
foreach ($values as $name => $value) {
if ($right_config && $right_config->setRights($contact_id, $name, $value)) {
// If we've got response from custom rights config, then no need to update main rights table
continue;
}
// Set default limited rights
if ($right_config && $name == 'backend' && $value == 1) {
/**
* @var $right_config waRightConfig
*/
foreach ($right_config->setDefaultRights($contact_id) as $n => $v) {
$right_model->save($contact_id, $app_id, $n, $v);
}
}
$right_model->save($contact_id, $app_id, $name, $value);
}
waSystem::setActive('contacts');
$this->response = true;
}
protected function deleteAction()
{
if ($this->sheet_model->deleteById($this->sheet_id)) {
$this->response['sheet_id'] = $this->sheet_id;
// Delete rights
$right_model = new waContactRightsModel();
$right_model->deleteByField(array('app_id' => wa()->getApp(), 'name' => 'sheet.' . $this->sheet_id));
$this->log('board_delete', 1);
} else {
$this->errors = _w("Not enough rights to work with current board");
}
}
/**
* Set right
*
* @param string $app_id
* @param string $name
* @param int $value
*
* @return bool - result
*/
public function setRight($app_id, $name, $value)
{
if (!$this->isAdmin($app_id)) {
$right_model = new waContactRightsModel();
return $right_model->insert(array('app_id' => $app_id, 'group_id' => -$this->id, 'name' => $name, 'value' => $value));
}
return true;
}
/** Save list using POST data from list settings form */
public function ListsaveAction()
{
$list = array('name' => waRequest::post('name', ''), 'color_class' => waRequest::post('color_class', 'c-yellow'), 'icon' => waRequest::post('icon', 'notebook'));
if (strlen($list['name']) <= 0) {
throw new waException('No name specified.');
}
$id = waRequest::post('id', 0, 'int');
$lm = new checklistsListModel();
if ($id) {
if ($this->getRights('list.' . $id) <= 1) {
throw new waRightsException('Access denied.');
}
$lm->updateById($id, $list);
} else {
if (!$this->getRights('add_list')) {
throw new waRightsException('Access denied.');
}
$lm->moveApart(0);
$id = $lm->insert($list);
// if user is not an admin then grant him full access on newly created list
$admin = wa()->getUser()->getRights('checklists', 'backend') > 1;
$rm = new waContactRightsModel();
if (!$admin) {
$rm->save(wa()->getUser()->getId(), 'checklists', 'list.' . $id, 2);
}
$this->log('list_create', 1);
}
$this->response = $id;
}
public function uninstall()
{
// check uninstall.php
$file = $this->getAppConfigPath('uninstall');
if (file_exists($file)) {
include $file;
}
$file_db = $this->getAppPath('lib/config/db.php');
if (file_exists($file_db)) {
$schema = (include $file_db);
$model = new waModel();
foreach ($schema as $table => $fields) {
$sql = "DROP TABLE IF EXISTS " . $table;
$model->exec($sql);
}
}
// Remove all app settings
$app_settings_model = new waAppSettingsModel();
$app_settings_model->del($this->application);
$contact_settings_model = new waContactSettingsModel();
$contact_settings_model->deleteByField('app_id', $this->application);
// Remove all rights to app
$contact_rights_model = new waContactRightsModel();
$contact_rights_model->deleteByField('app_id', $this->application);
// Remove logs
$log_model = new waLogModel();
$log_model->deleteByField('app_id', $this->application);
// Remove cache
waFiles::delete($this->getPath('cache') . '/apps/' . $this->application);
}
/**
* Sets access rights for a user.
* If a user has administrative access rights for the specified app, then an attempt to change his access rights
* configuration using this method is ignored.
*
* @param string $app_id Id of the app for which contact's access rights must be set
* @param string $name Access rights element id supported by specified app
* @param int $value Access rights value
* @return bool Whether access rights have been set successfully
*/
public function setRight($app_id, $name, $value)
{
if (!$this->isAdmin($app_id)) {
$right_model = new waContactRightsModel();
return $right_model->save($this->id, $app_id, $name, $value);
}
return true;
}
public function uninstall()
{
// check uninstall.php
$file = $this->path . '/lib/config/uninstall.php';
if (file_exists($file)) {
include $file;
}
$file_db = $this->path . '/lib/config/db.php';
if (file_exists($file_db)) {
$schema = (include $file_db);
$model = new waModel();
foreach ($schema as $table => $fields) {
$sql = "DROP TABLE IF EXISTS " . $table;
$model->exec($sql);
}
} else {
// check plugin.sql
$file_sql = $this->path . '/lib/config/plugin.sql';
if (file_exists($file_sql)) {
waAppConfig::executeSQL($file_sql, 2);
}
}
// Remove plugin settings
$app_settings_model = new waAppSettingsModel();
$sql = "DELETE FROM " . $app_settings_model->getTableName() . "\n WHERE app_id = s:app_id";
$app_settings_model->exec($sql, array('app_id' => $this->app_id . "." . $this->id));
if (!empty($this->info['rights'])) {
// Remove rights to plugin
$contact_rights_model = new waContactRightsModel();
$sql = "DELETE FROM " . $contact_rights_model->getTableName() . "\n WHERE app_id = s:app_id AND (\n name = '" . $contact_rights_model->escape('plugin.' . $this->id) . "' OR\n name LIKE '" . $contact_rights_model->escape('plugin.' . $this->id) . ".%'\n )";
$contact_rights_model->exec($sql, array('app_id' => $this->app_id));
}
// Remove cache of the appliaction
waFiles::delete(wa()->getAppCachePath('', $this->app_id));
}
public static function getAccessTabTitle(waContact $contact)
{
$rm = new waContactRightsModel();
$ugm = new waUserGroupsModel();
$gm = new waGroupModel();
// Personal and group access rights
$groups = $ugm->getGroups($contact['id']);
$ownAccess = $rm->getApps(-$contact['id'], 'backend', false, false);
$groupAccess = $rm->getApps(array_keys($groups), 'backend', false, false);
if (!isset($ownAccess['webasyst'])) {
$ownAccess['webasyst'] = 0;
}
if (!isset($groupAccess['webasyst'])) {
$groupAccess['webasyst'] = 0;
}
// Build application list with personal and group access rights for each app
$apps = wa()->getApps();
$noAccess = true;
$gNoAccess = true;
foreach ($apps as $app_id => &$app) {
$app['id'] = $app_id;
$app['customizable'] = isset($app['rights']) ? (bool) $app['rights'] : false;
$app['access'] = $ownAccess['webasyst'] ? 2 : 0;
if (!$app['access'] && isset($ownAccess[$app_id])) {
$app['access'] = $ownAccess[$app_id];
}
$app['gaccess'] = $groupAccess['webasyst'] ? 2 : 0;
if (!$app['gaccess'] && isset($groupAccess[$app_id])) {
$app['gaccess'] = $groupAccess[$app_id];
}
$noAccess = $noAccess && !$app['gaccess'] && !$app['access'];
$gNoAccess = $gNoAccess && !$app['gaccess'];
}
unset($app);
$html = _w('Access');
$html .= ' <i class="icon16 c-access-icon ';
if ($contact['is_user'] == -1) {
$html .= 'delete';
} else {
if (!$groupAccess['webasyst'] && !$ownAccess['webasyst'] && $noAccess) {
$html .= 'key-bw';
} else {
$html .= 'key';
}
}
$html .= '"></i>';
return $html;
}
<?php
$wcrm = new waContactRightsModel();
$wcrm->updateByField(array('app_id' => 'contacts', 'name' => 'category.all'), array('name' => 'edit'));
/**
* Get data for contacts in this collection.
* @param string|array $fields
* @param int $offset
* @param int $limit
* @return array [contact_id][field] = field value in appropriate field format
* @throws waException
*/
public function getContacts($fields = "id", $offset = 0, $limit = 50)
{
$sql = "SELECT " . $this->getFields($fields) . " " . $this->getSQL();
$sql .= $this->getGroupBy();
$sql .= $this->getHaving();
$sql .= $this->getOrderBy();
$sql .= " LIMIT " . ($offset ? $offset . ',' : '') . (int) $limit;
//header("X-SQL-". mt_rand() . ": ". str_replace("\n", " ", $sql));
$data = $this->getModel()->query($sql)->fetchAll('id');
$ids = array_keys($data);
//
// Load fields from other storages
//
if ($ids && $this->post_fields) {
// $fill[table][field] = null
// needed for all rows to always contain all apropriate keys
// in case when we're asked to load all fields from that table
$fill = array_fill_keys(array_keys($this->post_fields), array());
foreach (waContactFields::getAll('enabled') as $fid => $field) {
/**
* @var waContactField $field
*/
$fill[$field->getStorage(true)][$fid] = false;
}
foreach ($this->post_fields as $table => $fields) {
if ($table == '_internal') {
foreach ($fields as $f) {
/**
* @var $f string
*/
if ($f == 'photo_url' || substr($f, 0, 10) == 'photo_url_') {
if ($f == 'photo_url') {
$size = null;
} else {
$size = substr($f, 10);
}
$retina = isset($this->options['photo_url_2x']) ? $this->options['photo_url_2x'] : null;
foreach ($data as $id => &$v) {
$v[$f] = waContact::getPhotoUrl($id, $v['photo'], $size, $size, $v['is_company'] ? 'company' : 'person', $retina);
}
unset($v);
} else {
switch ($f) {
case '_online_status':
$llm = new waLoginLogModel();
$contact_ids_map = $llm->select('DISTINCT contact_id')->where('datetime_out IS NULL')->fetchAll('contact_id');
$timeout = waUser::getOption('online_timeout');
foreach ($data as &$v) {
if (isset($v['last_datetime']) && $v['last_datetime'] && $v['last_datetime'] != '0000-00-00 00:00:00') {
if (time() - strtotime($v['last_datetime']) < $timeout) {
if (isset($contact_ids_map[$v['id']])) {
$v['_online_status'] = 'online';
} else {
$v['_online_status'] = 'offline';
}
}
}
$v['_online_status'] = 'offline';
}
unset($v);
break;
case '_access':
$rm = new waContactRightsModel();
$accessStatus = $rm->getAccessStatus($ids);
foreach ($data as $id => &$v) {
if (!isset($accessStatus[$id])) {
$v['_access'] = '';
continue;
}
$v['_access'] = $accessStatus[$id];
}
unset($v);
break;
default:
throw new waException('Unknown internal field: ' . $f);
}
}
}
continue;
}
$data_fields = $fields;
foreach ($data_fields as $k => $field_id) {
$f = waContactFields::get($field_id);
if ($f && $f instanceof waContactCompositeField) {
unset($data_fields[$k]);
$data_fields = array_merge($data_fields, $f->getField());
}
}
$model = $this->getModel($table);
$post_data = $model->getData($ids, $data_fields);
foreach ($post_data as $contact_id => $contact_data) {
foreach ($contact_data as $field_id => $value) {
if (!($f = waContactFields::get($field_id))) {
continue;
}
if (!$f->isMulti()) {
$post_data[$contact_id][$field_id] = isset($value[0]['data']) ? $value[0]['data'] : (is_array($value[0]) ? $value[0]['value'] : $value[0]);
}
}
}
if ($fields) {
$fill[$table] = array_fill_keys($fields, '');
} else {
if (!isset($fill[$table])) {
$fill[$table] = array();
}
}
foreach ($data as $contact_id => $v) {
if (isset($post_data[$contact_id])) {
$data[$contact_id] += $post_data[$contact_id];
}
$data[$contact_id] += $fill[$table];
}
}
}
return $data;
}
public function hasBackendAccess($contact_id)
{
$ugm = new waUserGroupsModel();
$rm = new waContactRightsModel();
$ownAccess = $rm->getApps(-$contact_id, 'backend', FALSE, FALSE);
if (!isset($ownAccess['webasyst'])) {
$ownAccess['webasyst'] = 0;
}
$groups = $ugm->getGroups($contact_id);
$groupAccess = $rm->getApps(array_keys($groups), 'backend', FALSE, FALSE);
if (!isset($groupAccess['webasyst'])) {
$groupAccess['webasyst'] = 0;
}
$system = waSystem::getInstance();
$apps = $system->getApps();
$noAccess = true;
$gNoAccess = true;
foreach ($apps as $app_id => &$app) {
$app['id'] = $app_id;
$app['customizable'] = isset($app['rights']) ? (bool) $app['rights'] : false;
$app['access'] = $ownAccess['webasyst'] ? 2 : 0;
if (!$app['access'] && isset($ownAccess[$app_id])) {
$app['access'] = $ownAccess[$app_id];
}
$app['gaccess'] = $groupAccess['webasyst'] ? 2 : 0;
if (!$app['gaccess'] && isset($groupAccess[$app_id])) {
$app['gaccess'] = $groupAccess[$app_id];
}
$noAccess = $noAccess && !$app['gaccess'] && !$app['access'];
$gNoAccess = $gNoAccess && !$app['gaccess'];
}
unset($app);
return $ownAccess['webasyst'] || !$noAccess;
}
