public function checkPermission(Vtiger_Request $request) { $currentUserModel = Users_Record_Model::getCurrentUserModel(); $record = $request->get('record'); if (!AppConfig::security('SHOW_MY_PREFERENCES')) { throw new NoPermittedToRecordException('LBL_PERMISSION_DENIED'); } if ($currentUserModel->isAdminUser() == true || $currentUserModel->get('id') == $record) { return true; } else { throw new NoPermittedToRecordException('LBL_PERMISSION_DENIED'); } }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); $currentUserModel = Users_Record_Model::getCurrentUserModel(); $record = $request->get('record'); if (!AppConfig::security('SHOW_MY_PREFERENCES')) { throw new NoPermittedToRecordException('LBL_PERMISSION_DENIED'); } if (!empty($record) && $currentUserModel->get('id') != $record) { $recordModel = Vtiger_Record_Model::getInstanceById($record, $moduleName); if ($recordModel->get('status') != 'Active') { throw new NoPermittedToRecordException('LBL_PERMISSION_DENIED'); } } if ($currentUserModel->isAdminUser() == true || $currentUserModel->get('id') == $record) { return true; } else { throw new NoPermittedToRecordException('LBL_PERMISSION_DENIED'); } }
public static function load($key, $config) { switch ($key) { case 'debug': self::$debug = $config; break; case 'developer': self::$developer = $config; break; case 'security': self::$security = $config; break; case 'securityKeys': self::$securityKeys = $config; break; case 'performance': self::$performance = $config; break; case 'relation': self::$relation = $config; break; } }
/** * Function to get the list of Header Links * @return <Array> - List of Vtiger_Link_Model instances */ public function getHeaderLinks(Vtiger_Request $request) { $userModel = Users_Record_Model::getCurrentUserModel(); $headerLinks = []; if ($userModel->isAdminUser()) { if ($request->get('parent') != 'Settings') { $headerLinks[] = ['linktype' => 'HEADERLINK', 'linklabel' => 'LBL_SYSTEM_SETTINGS', 'linkurl' => 'index.php?module=Vtiger&parent=Settings&view=Index', 'glyphicon' => 'glyphicon glyphicon-cog']; } else { $headerLinks[] = ['linktype' => 'HEADERLINK', 'linklabel' => 'LBL_USER_PANEL', 'linkurl' => 'index.php', 'glyphicon' => 'glyphicon glyphicon-user']; } } //TODO To remove in the future if (AppConfig::security('SHOW_MY_PREFERENCES')) { $headerLinks[] = ['linktype' => 'HEADERLINK', 'linklabel' => 'LBL_MY_PREFERENCES', 'linkurl' => $userModel->getPreferenceDetailViewUrl(), 'glyphicon' => 'glyphicon glyphicon-tasks']; } $headerLinks[] = ['linktype' => 'HEADERLINK', 'linklabel' => 'LBL_SIGN_OUT', 'linkurl' => 'index.php?module=Users&parent=Settings&action=Logout', 'glyphicon' => 'glyphicon glyphicon-off']; if (Users_Module_Model::getSwitchUsers()) { $headerLinks[] = ['linktype' => 'HEADERLINK', 'linklabel' => 'SwitchUsers', 'linkurl' => '', 'glyphicon' => 'glyphicon glyphicon-transfer', 'nocaret' => true, 'linkdata' => ['url' => $userModel->getSwitchUsersUrl()], 'linkclass' => 'showModal']; } $headerLinkInstances = []; foreach ($headerLinks as $headerLink) { $headerLinkInstance = Vtiger_Link_Model::getInstanceFromValues($headerLink); if (isset($headerLink['childlinks'])) { foreach ($headerLink['childlinks'] as $childLink) { $headerLinkInstance->addChildLink(Vtiger_Link_Model::getInstanceFromValues($childLink)); } } $headerLinkInstances[] = $headerLinkInstance; } $headerLinks = Vtiger_Link_Model::getAllByType(Vtiger_Link::IGNORE_MODULE, ['HEADERLINK']); foreach ($headerLinks as $headerType => $headerLinks) { foreach ($headerLinks as $headerLink) { $headerLinkInstances[] = Vtiger_Link_Model::getInstanceFromLinkObject($headerLink); } } return $headerLinkInstances; }
public static function run($request) { $instance = new self(); if (isset($_REQUEST['user_name']) && isset($_REQUEST['emailId'])) { if (AppConfig::security('RESET_LOGIN_PASSWORD')) { $instance->requestForgotPassword($request); } else { die(vtranslate('LBL_PERMISSION_DENIED')); } } else { $instance->changePassword($request); } }