* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* SugarCRM" logo. If the display of the logo is not reasonably feasible for
* technical reasons, the Appropriate Legal Notices must display the words
* "Powered by SugarCRM".
********************************************************************************/
$role = new ACLRole();
if (isset($_REQUEST['record'])) {
$role->id = $_POST['record'];
}
if (!empty($_REQUEST['name'])) {
$role->name = $_POST['name'];
$role->description = $_POST['description'];
$role->save();
//if duplicate
if (isset($_REQUEST['isduplicate']) && !empty($_REQUEST['isduplicate'])) {
//duplicate actions
$role_actions = $role->getRoleActions($_REQUEST['isduplicate']);
foreach ($role_actions as $module) {
foreach ($module as $type) {
foreach ($type as $act) {
$role->setAction($role->id, $act['id'], $act['aclaccess']);
}
}
}
}
} else {
ob_clean();
$flc_module = 'All';
function addDefaultRoles($defaultRoles = array())
{
global $db;
foreach ($defaultRoles as $roleName => $role) {
$ACLField = new ACLField();
$role1 = new ACLRole();
$role1->name = $roleName;
$role1->description = $roleName . " Role";
$role1_id = $role1->save();
foreach ($role as $category => $actions) {
foreach ($actions as $name => $access_override) {
if ($name == 'fields') {
foreach ($access_override as $field_id => $access) {
$ACLField->setAccessControl($category, $role1_id, $field_id, $access);
}
} else {
$queryACL = "SELECT id FROM acl_actions where category='{$category}' and name='{$name}'";
$result = $db->query($queryACL);
$actionId = $db->fetchByAssoc($result);
if (isset($actionId['id']) && !empty($actionId['id'])) {
$role1->setAction($role1_id, $actionId['id'], $access_override);
}
}
}
}
}
}
echo 'Some one made a mistake and added delete access on Contacts<br>';
$aclrole->setAction($aclrole->id, $action_results['Contacts']['delete']['id'], ACL_ALLOW_ALL);
$action_results = ACLAction::getUserActions('will_id', true);
echo 'Actions Peon role for will<br>';
foreach ($action_results as $category_name => $category) {
foreach ($category as $action_name => $action) {
_pp($category_name . ':' . $action_name . ':' . acl_translate($action['access']));
}
}
echo 'Will is a bad peon user<br>';
echo 'Create a role for Bad Peon Users<br>';
$aclrole = new ACLRole();
$aclrole->name = 'Bad Peon User';
$aclrole->description = 'The Bad Peon Role For All Bad Peons';
$aclrole->user_id = 'will_id';
$aclrole->save();
echo 'No Bad Peon user should have access to contacts <br>';
foreach ($action_results['Contacts'] as $action) {
$aclrole->setAction($aclrole->id, $action['id'], ACL_ALLOW_NONE);
}
$action_results = ACLAction::getUserActions('will_id', true);
echo 'Actions Peon role for will<br>';
foreach ($action_results as $category_name => $category) {
foreach ($category as $action_name => $action) {
_pp($category_name . ':' . $action_name . ':' . acl_translate($action['access']));
}
}
echo 'PRINTING THE ACTIONS for a role <br>';
$role_actions = ACLRole::getRoleActions($aclrole->id);
_pp($role_actions);
echo 'PRINTING THE SESSION CACHE FOR ACL <br>';
