예제 #1
0
 * Section 5 of the GNU Affero General Public License version 3.
 * 
 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
 * these Appropriate Legal Notices must retain the display of the "Powered by
 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
 * technical reasons, the Appropriate Legal Notices must display the words
 * "Powered by SugarCRM".
 ********************************************************************************/
$role = new ACLRole();
if (isset($_REQUEST['record'])) {
    $role->id = $_POST['record'];
}
if (!empty($_REQUEST['name'])) {
    $role->name = $_POST['name'];
    $role->description = $_POST['description'];
    $role->save();
    //if duplicate
    if (isset($_REQUEST['isduplicate']) && !empty($_REQUEST['isduplicate'])) {
        //duplicate actions
        $role_actions = $role->getRoleActions($_REQUEST['isduplicate']);
        foreach ($role_actions as $module) {
            foreach ($module as $type) {
                foreach ($type as $act) {
                    $role->setAction($role->id, $act['id'], $act['aclaccess']);
                }
            }
        }
    }
} else {
    ob_clean();
    $flc_module = 'All';
예제 #2
0
function addDefaultRoles($defaultRoles = array())
{
    global $db;
    foreach ($defaultRoles as $roleName => $role) {
        $ACLField = new ACLField();
        $role1 = new ACLRole();
        $role1->name = $roleName;
        $role1->description = $roleName . " Role";
        $role1_id = $role1->save();
        foreach ($role as $category => $actions) {
            foreach ($actions as $name => $access_override) {
                if ($name == 'fields') {
                    foreach ($access_override as $field_id => $access) {
                        $ACLField->setAccessControl($category, $role1_id, $field_id, $access);
                    }
                } else {
                    $queryACL = "SELECT id FROM acl_actions where category='{$category}' and name='{$name}'";
                    $result = $db->query($queryACL);
                    $actionId = $db->fetchByAssoc($result);
                    if (isset($actionId['id']) && !empty($actionId['id'])) {
                        $role1->setAction($role1_id, $actionId['id'], $access_override);
                    }
                }
            }
        }
    }
}
echo 'Some one made a mistake and added delete access on Contacts<br>';
$aclrole->setAction($aclrole->id, $action_results['Contacts']['delete']['id'], ACL_ALLOW_ALL);
$action_results = ACLAction::getUserActions('will_id', true);
echo 'Actions Peon role for will<br>';
foreach ($action_results as $category_name => $category) {
    foreach ($category as $action_name => $action) {
        _pp($category_name . ':' . $action_name . ':' . acl_translate($action['access']));
    }
}
echo 'Will is a bad peon user<br>';
echo 'Create a role for Bad Peon Users<br>';
$aclrole = new ACLRole();
$aclrole->name = 'Bad Peon User';
$aclrole->description = 'The Bad Peon Role For All Bad Peons';
$aclrole->user_id = 'will_id';
$aclrole->save();
echo 'No Bad Peon user should have access to contacts <br>';
foreach ($action_results['Contacts'] as $action) {
    $aclrole->setAction($aclrole->id, $action['id'], ACL_ALLOW_NONE);
}
$action_results = ACLAction::getUserActions('will_id', true);
echo 'Actions Peon role for will<br>';
foreach ($action_results as $category_name => $category) {
    foreach ($category as $action_name => $action) {
        _pp($category_name . ':' . $action_name . ':' . acl_translate($action['access']));
    }
}
echo 'PRINTING THE ACTIONS for a role <br>';
$role_actions = ACLRole::getRoleActions($aclrole->id);
_pp($role_actions);
echo 'PRINTING THE SESSION CACHE FOR ACL <br>';