예제 #1
0
/**
 * If current user have not permit to change field function replace default value
 *
 * @param SugarBean $focus
 */
function populateFromPostACL(SugarBean $focus)
{
    $insert = !isset($focus->id) || $focus->new_with_id;
    $isOwner = $focus->isOwner($GLOBALS['current_user']->id);
    // set up a default bean as per bug 46448, without bringing EditView into the mix
    // bug 58730
    require_once 'data/BeanFactory.php';
    $defaultBean = BeanFactory::getBean($focus->module_name);
    $defaultBean->fill_in_additional_detail_fields();
    $defaultBean->assigned_user_id = $GLOBALS['current_user']->id;
    foreach (array_keys($focus->field_defs) as $field) {
        $fieldAccess = ACLField::hasAccess($field, $focus->module_dir, $GLOBALS['current_user']->id, $isOwner);
        if (!in_array($fieldAccess, array(2, 4))) {
            if ($insert) {
                $focus->{$field} = $defaultBean->{$field};
            } else {
                unset($focus->{$field});
            }
        }
    }
}
예제 #2
0
 /**
  * @Deprecated
  */
 public function get_audit_list()
 {
     global $focus, $genericAssocFieldsArray, $moduleAssocFieldsArray, $current_user, $timedate, $app_strings;
     $audit_list = array();
     if (!empty($_REQUEST['record'])) {
         $result = $focus->retrieve($_REQUEST['record']);
         if ($result == null || !$focus->ACLAccess('', $focus->isOwner($current_user->id))) {
             sugar_die($app_strings['ERROR_NO_RECORD']);
         }
     }
     if ($focus->is_AuditEnabled()) {
         $order = ' order by ' . $focus->get_audit_table_name() . '.date_created desc';
         //order by contacts_audit.date_created desc
         $query = "SELECT " . $focus->get_audit_table_name() . ".*, users.user_name FROM " . $focus->get_audit_table_name() . ", users WHERE " . $focus->get_audit_table_name() . ".created_by = users.id AND " . $focus->get_audit_table_name() . ".parent_id = '{$focus->id}'" . $order;
         $result = $focus->db->query($query);
         // We have some data.
         require 'metadata/audit_templateMetaData.php';
         $fieldDefs = $dictionary['audit']['fields'];
         while (($row = $focus->db->fetchByAssoc($result)) != null) {
             if (!ACLField::hasAccess($row['field_name'], $focus->module_dir, $GLOBALS['current_user']->id, $focus->isOwner($GLOBALS['current_user']->id))) {
                 continue;
             }
             //If the team_set_id field has a log entry, we retrieve the list of teams to display
             if ($row['field_name'] == 'team_set_id') {
                 $row['field_name'] = 'team_name';
                 require_once 'modules/Teams/TeamSetManager.php';
                 $row['before_value_string'] = TeamSetManager::getCommaDelimitedTeams($row['before_value_string']);
                 $row['after_value_string'] = TeamSetManager::getCommaDelimitedTeams($row['after_value_string']);
             }
             $temp_list = array();
             foreach ($fieldDefs as $field) {
                 if (array_key_exists($field['name'], $row)) {
                     if (($field['name'] == 'before_value_string' || $field['name'] == 'after_value_string') && (array_key_exists($row['field_name'], $genericAssocFieldsArray) || !empty($moduleAssocFieldsArray[$focus->object_name]) && array_key_exists($row['field_name'], $moduleAssocFieldsArray[$focus->object_name]))) {
                         $temp_list[$field['name']] = Audit::getAssociatedFieldName($row['field_name'], $row[$field['name']]);
                     } else {
                         $temp_list[$field['name']] = $row[$field['name']];
                     }
                     if ($field['name'] == 'date_created') {
                         $date_created = '';
                         if (!empty($temp_list[$field['name']])) {
                             $date_created = $timedate->to_display_date_time($temp_list[$field['name']]);
                             $date_created = !empty($date_created) ? $date_created : $temp_list[$field['name']];
                         }
                         $temp_list[$field['name']] = $date_created;
                     }
                     if (($field['name'] == 'before_value_string' || $field['name'] == 'after_value_string') && ($row['data_type'] == "enum" || $row['data_type'] == "multienum")) {
                         global $app_list_strings;
                         $enum_keys = unencodeMultienum($temp_list[$field['name']]);
                         $enum_values = array();
                         foreach ($enum_keys as $enum_key) {
                             if (isset($focus->field_defs[$row['field_name']]['options'])) {
                                 $domain = $focus->field_defs[$row['field_name']]['options'];
                                 if (isset($app_list_strings[$domain][$enum_key])) {
                                     $enum_values[] = $app_list_strings[$domain][$enum_key];
                                 }
                             }
                         }
                         if (!empty($enum_values)) {
                             $temp_list[$field['name']] = implode(', ', $enum_values);
                         }
                         if ($temp_list['data_type'] === 'date') {
                             $temp_list[$field['name']] = $timedate->to_display_date($temp_list[$field['name']], false);
                         }
                     } elseif (($field['name'] == 'before_value_string' || $field['name'] == 'after_value_string') && $row['data_type'] == "datetimecombo") {
                         if (!empty($temp_list[$field['name']]) && $temp_list[$field['name']] != 'NULL') {
                             $temp_list[$field['name']] = $timedate->to_display_date_time($temp_list[$field['name']]);
                         } else {
                             $temp_list[$field['name']] = '';
                         }
                     } elseif ($field['name'] == 'field_name') {
                         global $mod_strings;
                         if (isset($focus->field_defs[$row['field_name']]['vname'])) {
                             $label = $focus->field_defs[$row['field_name']]['vname'];
                             $temp_list[$field['name']] = translate($label, $focus->module_dir);
                         }
                     }
                 }
             }
             $temp_list['created_by'] = $row['user_name'];
             $audit_list[] = $temp_list;
         }
     }
     return $audit_list;
 }
예제 #3
0
 /**
  * Check access to fields
  * @param string $module
  * @param string $action
  * @param array $context
  */
 protected function fieldACL($module, $action, $context)
 {
     $bean = isset($context['bean']) ? $context['bean'] : null;
     $is_owner = false;
     if (!empty($context['owner_override'])) {
         $is_owner = $context['owner_override'];
     } else {
         if ($bean) {
             // non-ACL bean - access granted
             if (!$bean->bean_implements('ACL')) {
                 return true;
             }
             $is_owner = $bean->isOwner($this->getUserID($context));
         }
     }
     if (!empty($context["user"])) {
         $user = $context["user"];
     } else {
         $user = $this->getUserID($context);
     }
     if (!$user) {
         return true;
     }
     $field_access = ACLField::hasAccess($context['field'], $module, $user, $is_owner);
     switch ($action) {
         case 'access':
             return $field_access > 0;
         case 'read':
         case 'detail':
         case 'list':
             $access = 1;
             break;
         case 'write':
         case 'edit':
             $access = 3;
             break;
         default:
             $access = 4;
     }
     return $field_access == 4 || $field_access == $access;
 }
예제 #4
0
 /**
  * Used by the dependency manager to pre-load all the related fields required
  * to load an entire view.
  */
 public function action_getRelatedValues()
 {
     /** @var LoggerManager */
     global $log;
     $ret = array();
     if (empty($_REQUEST['tmodule']) || empty($_REQUEST['fields'])) {
         return;
     }
     $fields = json_decode(html_entity_decode($_REQUEST['fields']), true);
     if (!is_array($fields)) {
         $log->fatal('"fields" is not a valid JSON string');
         $this->display($ret);
         return;
     }
     $module = $_REQUEST['tmodule'];
     $id = empty($_REQUEST['record_id']) ? null : $_REQUEST['record_id'];
     $focus = BeanFactory::retrieveBean($module, $id);
     if (!$focus) {
         $log->fatal('Unable to load bean');
         $this->display($ret);
         return;
     }
     foreach ($fields as $rfDef) {
         if (!isset($rfDef['link'], $rfDef['type'])) {
             $log->fatal('At least one of "link" and "type" attributes is not specified');
             continue;
         }
         $link = $rfDef['link'];
         $type = $rfDef['type'];
         if (!isset($ret[$link])) {
             $ret[$link] = array();
         }
         if (empty($ret[$link][$type])) {
             $ret[$link][$type] = array();
         }
         switch ($type) {
             //The Related function is used for pulling a sing field from a related record
             case "related":
                 if (!isset($rfDef['relate'])) {
                     $log->fatal('"relate" attribute of related expression is not specified');
                     break;
                 }
                 //Default it to a blank value
                 $ret[$link]['related'][$rfDef['relate']] = "";
                 //If we have neither a focus id nor a related record id, we can't retrieve anything
                 if (!empty($id) || !empty($rfDef['relId'])) {
                     $relBean = null;
                     if (empty($rfDef['relId']) || empty($rfDef['relModule'])) {
                         //If the relationship is invalid, just move onto another field
                         if (!$focus->load_relationship($link)) {
                             break;
                         }
                         $beans = $focus->{$link}->getBeans(array("enforce_teams" => true));
                         //No related beans means no value
                         if (empty($beans)) {
                             break;
                         }
                         //Grab the first bean on the list
                         reset($beans);
                         $relBean = current($beans);
                     } else {
                         $relBean = BeanFactory::getBean($rfDef['relModule'], $rfDef['relId']);
                     }
                     //If we found a bean and the current user has access to the related field, grab a value from it
                     if (!empty($relBean) && ACLField::hasAccess($rfDef['relate'], $relBean->module_dir, $GLOBALS['current_user']->id, true)) {
                         $validFields = FormulaHelper::cleanFields($relBean->field_defs, false, true, true);
                         if (isset($validFields[$rfDef['relate']])) {
                             $ret[$link]['relId'] = $relBean->id;
                             $ret[$link]['related'][$rfDef['relate']] = FormulaHelper::getFieldValue($relBean, $rfDef['relate']);
                         }
                     }
                 }
                 break;
             case "count":
                 if (!empty($id) && $focus->load_relationship($link)) {
                     $ret[$link][$type] = count($focus->{$link}->get());
                 } else {
                     $ret[$link][$type] = 0;
                 }
                 break;
             case "rollupSum":
             case "rollupAve":
             case "rollupMin":
             case "rollupMax":
                 //If we are going to calculate one rollup, calculate all the rollups since there is so little cost
                 if (!isset($rfDef['relate'])) {
                     $log->fatal('"relate" attribute of rollup expression is not specified');
                     break;
                 }
                 $rField = $rfDef['relate'];
                 if (!empty($id) && $focus->load_relationship($link)) {
                     $relBeans = $focus->{$link}->getBeans(array("enforce_teams" => true));
                     $sum = 0;
                     $count = 0;
                     $min = false;
                     $max = false;
                     if (!empty($relBeans)) {
                         //Check if the related record vardef has banned this field from formulas
                         $relBean = reset($relBeans);
                         $validFields = FormulaHelper::cleanFields($relBean->field_defs, false, true, true);
                         if (!isset($validFields[$rField])) {
                             break;
                         }
                     }
                     foreach ($relBeans as $bean) {
                         if (isset($bean->{$rField}) && is_numeric($bean->{$rField}) && ACLField::hasAccess($rField, $bean->module_dir, $GLOBALS['current_user']->id, true)) {
                             $count++;
                             $sum += floatval($bean->{$rField});
                             if ($min === false || $bean->{$rField} < $min) {
                                 $min = floatval($bean->{$rField});
                             }
                             if ($max === false || $bean->{$rField} > $max) {
                                 $max = floatval($bean->{$rField});
                             }
                         }
                     }
                     if ($type == "rollupSum") {
                         $ret[$link][$type][$rField] = $sum;
                     }
                     if ($type == "rollupAve") {
                         $ret[$link][$type][$rField] = $count == 0 ? 0 : $sum / $count;
                     }
                     if ($type == "rollupMin") {
                         $ret[$link][$type][$rField] = $min;
                     }
                     if ($type == "rollupMax") {
                         $ret[$link][$type][$rField] = $max;
                     }
                 } else {
                     $ret[$link][$type][$rField] = 0;
                 }
                 break;
         }
     }
     $this->display($ret);
 }
예제 #5
0
 /**
  * Used by the dependency manager to pre-load all the related fields required
  * to load an entire view.
  */
 public function getRelatedValues($api, $args)
 {
     if (empty($args['module']) || empty($args['fields'])) {
         return;
     }
     $fields = json_decode(html_entity_decode($args['fields']), true);
     $focus = $this->loadBean($api, $args);
     $ret = array();
     foreach ($fields as $rfDef) {
         if (!isset($rfDef['link']) || !isset($rfDef['type'])) {
             continue;
         }
         $link = $rfDef['link'];
         $type = $rfDef['type'];
         $rField = '';
         if (!isset($ret[$link])) {
             $ret[$link] = array();
         }
         if (empty($ret[$link][$type])) {
             $ret[$link][$type] = array();
         }
         // count formulas don't have a relate attribute
         if (isset($rfDef['relate'])) {
             $rField = $rfDef['relate'];
         }
         switch ($type) {
             //The Related function is used for pulling a sing field from a related record
             case "related":
                 //Default it to a blank value
                 $ret[$link]['related'][$rfDef['relate']] = "";
                 //If we have neither a focus id nor a related record id, we can't retrieve anything
                 $relBean = null;
                 if (empty($rfDef['relId']) || empty($rfDef['relModule'])) {
                     //If the relationship is invalid, just move onto another field
                     if (!$focus->load_relationship($link)) {
                         break;
                     }
                     $beans = $focus->{$link}->getBeans(array("enforce_teams" => true));
                     //No related beans means no value
                     if (empty($beans)) {
                         break;
                     }
                     //Grab the first bean on the list
                     reset($beans);
                     $relBean = current($beans);
                 } else {
                     $relBean = BeanFactory::getBean($rfDef['relModule'], $rfDef['relId']);
                 }
                 //If we found a bean and the current user has access to the related field, grab a value from it
                 if (!empty($relBean) && ACLField::hasAccess($rfDef['relate'], $relBean->module_dir, $GLOBALS['current_user']->id, true)) {
                     $validFields = FormulaHelper::cleanFields($relBean->field_defs, false, true, true);
                     if (isset($validFields[$rfDef['relate']])) {
                         $ret[$link]['relId'] = $relBean->id;
                         $ret[$link]['related'][$rfDef['relate']] = FormulaHelper::getFieldValue($relBean, $rfDef['relate']);
                     }
                 }
                 break;
             case "count":
                 if ($focus->load_relationship($link)) {
                     $ret[$link][$type] = count($focus->{$link}->get());
                 } else {
                     $ret[$link][$type] = 0;
                 }
                 break;
             case "rollupSum":
             case "rollupAve":
             case "rollupMin":
             case "rollupMax":
                 //If we are going to calculate one rollup, calculate all the rollups since there is so little cost
                 if ($focus->load_relationship($link)) {
                     $relBeans = $focus->{$link}->getBeans(array("enforce_teams" => true));
                     $sum = 0;
                     $count = 0;
                     $min = false;
                     $max = false;
                     if (!empty($relBeans)) {
                         //Check if the related record vardef has banned this field from formulas
                         $relBean = reset($relBeans);
                         $validFields = FormulaHelper::cleanFields($relBean->field_defs, false, true, true);
                         if (!isset($validFields[$rField])) {
                             $ret[$link][$type][$rField] = 0;
                             break;
                         }
                     }
                     foreach ($relBeans as $bean) {
                         if (isset($bean->{$rField}) && is_numeric($bean->{$rField}) && ACLField::hasAccess($rField, $bean->module_dir, $GLOBALS['current_user']->id, true)) {
                             $count++;
                             $sum += floatval($bean->{$rField});
                             if ($min === false || $bean->{$rField} < $min) {
                                 $min = floatval($bean->{$rField});
                             }
                             if ($max === false || $bean->{$rField} > $max) {
                                 $max = floatval($bean->{$rField});
                             }
                         }
                     }
                     if ($type == "rollupSum") {
                         $ret[$link][$type][$rField] = $sum;
                     }
                     if ($type == "rollupAve") {
                         $ret[$link][$type][$rField] = $count == 0 ? 0 : $sum / $count;
                     }
                     if ($type == "rollupMin") {
                         $ret[$link][$type][$rField] = $min;
                     }
                     if ($type == "rollupMax") {
                         $ret[$link][$type][$rField] = $max;
                     }
                 } else {
                     $ret[$link][$type][$rField] = 0;
                 }
                 break;
             case "rollupCurrencySum":
                 $ret[$link][$type][$rField] = 0;
                 if ($focus->load_relationship($link)) {
                     $toRate = isset($focus->base_rate) ? $focus->base_rate : null;
                     $relBeans = $focus->{$link}->getBeans(array("enforce_teams" => true));
                     $sum = 0;
                     foreach ($relBeans as $bean) {
                         if (!empty($bean->{$rField}) && is_numeric($bean->{$rField}) && ACLField::hasAccess($rField, $bean->module_dir, $GLOBALS['current_user']->id, true)) {
                             $sum = SugarMath::init($sum)->add(SugarCurrency::convertWithRate($bean->{$rField}, $bean->base_rate, $toRate))->result();
                         }
                     }
                     $ret[$link][$type][$rField] = $sum;
                 }
                 break;
         }
     }
     return $ret;
 }