function vtws_create($elementType, $element, $user) { $types = vtws_listtypes(null, $user); if (!in_array($elementType, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } global $log, $adb; if (!empty($element['relations'])) { $relations = $element['relations']; unset($element['relations']); } // Cache the instance for re-use if (!isset($vtws_create_cache[$elementType]['webserviceobject'])) { $webserviceObject = VtigerWebserviceObject::fromName($adb, $elementType); $vtws_create_cache[$elementType]['webserviceobject'] = $webserviceObject; } else { $webserviceObject = $vtws_create_cache[$elementType]['webserviceobject']; } // END $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); if ($meta->hasWriteAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } $referenceFields = $meta->getReferenceFieldDetails(); foreach ($referenceFields as $fieldName => $details) { if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) { $ids = vtws_getIdComponents($element[$fieldName]); $elemTypeId = $ids[0]; $elemId = $ids[1]; $referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId); if (!in_array($referenceObject->getEntityName(), $details)) { throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}"); } if ($referenceObject->getEntityName() == 'Users') { if (!$meta->hasAssignPrivilege($element[$fieldName])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } if (!in_array($referenceObject->getEntityName(), $types['types']) && $referenceObject->getEntityName() != 'Users') { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied" . $referenceObject->getEntityName()); } } else { if ($element[$fieldName] !== NULL) { unset($element[$fieldName]); } } } if ($meta->hasMandatoryFields($element)) { $ownerFields = $meta->getOwnerFields(); if (is_array($ownerFields) && sizeof($ownerFields) > 0) { foreach ($ownerFields as $ownerField) { if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } } // Product line support if (($elementType == 'Quotes' || $elementType == 'PurchaseOrder' || $elementType == 'SalesOrder' || $elementType == 'Invoice') && is_array($element['pdoInformation'])) { include 'include/Webservices/ProductLines.php'; } else { $_REQUEST['action'] = $elementType . 'Ajax'; } if ($elementType == 'HelpDesk') { //Added to construct the update log for Ticket history $colflds = $element; list($void, $colflds['assigned_user_id']) = explode('x', $colflds['assigned_user_id']); $grp_name = fetchGroupName($colflds['assigned_user_id']); $assigntype = $grp_name != '' ? 'T' : 'U'; $updlog = HelpDesk::getUpdateLogCreateMessage($colflds, $grp_name, $assigntype); $updlog = from_html($updlog, false); } $entity = $handler->create($elementType, $element); if ($elementType == 'HelpDesk') { list($wsid, $newrecid) = vtws_getIdComponents($entity['id']); $adb->pquery('update vtiger_troubletickets set update_log=? where ticketid=?', array($updlog, $newrecid)); } // Establish relations if (!empty($relations)) { list($wsid, $newrecid) = vtws_getIdComponents($entity['id']); $modname = $meta->getEntityName(); vtws_internal_setrelation($newrecid, $modname, $relations); } VTWS_PreserveGlobal::flush(); return $entity; } else { return null; } }