* Section 5 of the GNU Affero General Public License version 3. * * In accordance with Section 7(b) of the GNU Affero General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by * SugarCRM" logo. If the display of the logo is not reasonably feasible for * technical reasons, the Appropriate Legal Notices must display the words * "Powered by SugarCRM". ********************************************************************************/ $role = new ACLRole(); if (isset($_REQUEST['record'])) { $role->id = $_POST['record']; } if (!empty($_REQUEST['name'])) { $role->name = $_POST['name']; $role->description = $_POST['description']; $role->save(); //if duplicate if (isset($_REQUEST['isduplicate']) && !empty($_REQUEST['isduplicate'])) { //duplicate actions $role_actions = $role->getRoleActions($_REQUEST['isduplicate']); foreach ($role_actions as $module) { foreach ($module as $type) { foreach ($type as $act) { $role->setAction($role->id, $act['id'], $act['aclaccess']); } } } } } else { ob_clean(); $flc_module = 'All';
function addDefaultRoles($defaultRoles = array()) { global $db; foreach ($defaultRoles as $roleName => $role) { $ACLField = new ACLField(); $role1 = new ACLRole(); $role1->name = $roleName; $role1->description = $roleName . " Role"; $role1_id = $role1->save(); foreach ($role as $category => $actions) { foreach ($actions as $name => $access_override) { if ($name == 'fields') { foreach ($access_override as $field_id => $access) { $ACLField->setAccessControl($category, $role1_id, $field_id, $access); } } else { $queryACL = "SELECT id FROM acl_actions where category='{$category}' and name='{$name}'"; $result = $db->query($queryACL); $actionId = $db->fetchByAssoc($result); if (isset($actionId['id']) && !empty($actionId['id'])) { $role1->setAction($role1_id, $actionId['id'], $access_override); } } } } } }
echo 'Some one made a mistake and added delete access on Contacts<br>'; $aclrole->setAction($aclrole->id, $action_results['Contacts']['delete']['id'], ACL_ALLOW_ALL); $action_results = ACLAction::getUserActions('will_id', true); echo 'Actions Peon role for will<br>'; foreach ($action_results as $category_name => $category) { foreach ($category as $action_name => $action) { _pp($category_name . ':' . $action_name . ':' . acl_translate($action['access'])); } } echo 'Will is a bad peon user<br>'; echo 'Create a role for Bad Peon Users<br>'; $aclrole = new ACLRole(); $aclrole->name = 'Bad Peon User'; $aclrole->description = 'The Bad Peon Role For All Bad Peons'; $aclrole->user_id = 'will_id'; $aclrole->save(); echo 'No Bad Peon user should have access to contacts <br>'; foreach ($action_results['Contacts'] as $action) { $aclrole->setAction($aclrole->id, $action['id'], ACL_ALLOW_NONE); } $action_results = ACLAction::getUserActions('will_id', true); echo 'Actions Peon role for will<br>'; foreach ($action_results as $category_name => $category) { foreach ($category as $action_name => $action) { _pp($category_name . ':' . $action_name . ':' . acl_translate($action['access'])); } } echo 'PRINTING THE ACTIONS for a role <br>'; $role_actions = ACLRole::getRoleActions($aclrole->id); _pp($role_actions); echo 'PRINTING THE SESSION CACHE FOR ACL <br>';