/** * Test asserts that fetched row has more priority then property * * @group 60442 * @return void */ public function testIsOwner() { $bean = new SugarBean(); $bean->id = create_guid(); $bean->fetched_row['assigned_user_id'] = 1; $bean->assigned_user_id = 2; $this->assertTrue($bean->isOwner(1), 'Incorrect ownership'); }
/** * If current user have not permit to change field function replace default value * * @param SugarBean $focus */ function populateFromPostACL(SugarBean $focus) { $insert = !isset($focus->id) || $focus->new_with_id; $isOwner = $focus->isOwner($GLOBALS['current_user']->id); // set up a default bean as per bug 46448, without bringing EditView into the mix // bug 58730 require_once 'data/BeanFactory.php'; $defaultBean = BeanFactory::getBean($focus->module_name); $defaultBean->fill_in_additional_detail_fields(); $defaultBean->assigned_user_id = $GLOBALS['current_user']->id; foreach (array_keys($focus->field_defs) as $field) { $fieldAccess = ACLField::hasAccess($field, $focus->module_dir, $GLOBALS['current_user']->id, $isOwner); if (!in_array($fieldAccess, array(2, 4))) { if ($insert) { $focus->{$field} = $defaultBean->{$field}; } else { unset($focus->{$field}); } } } }
/** * Populating bean from $_POST * * @param string $prefix of name of fields * @param SugarBean $focus bean * @param bool $skipRetrieve do not retrieve data of bean * @param bool $checkACL do not update fields if they are forbidden for current user * @return SugarBean */ function populateFromPost($prefix, &$focus, $skipRetrieve = false, $checkACL = false) { global $current_user; if (!empty($_REQUEST[$prefix . 'record']) && !$skipRetrieve) { $focus->retrieve($_REQUEST[$prefix . 'record']); } if (!empty($_POST['assigned_user_id']) && $focus->assigned_user_id != $_POST['assigned_user_id'] && $_POST['assigned_user_id'] != $current_user->id) { $GLOBALS['check_notify'] = true; } require_once 'include/SugarFields/SugarFieldHandler.php'; $sfh = new SugarFieldHandler(); $isOwner = $focus->isOwner($current_user->id); $relatedFields = array(); foreach ($focus->field_defs as $field => $def) { if (empty($def['type']) || $def['type'] != 'relate') { continue; } if (empty($def['source']) || $def['source'] != 'non-db') { continue; } if (empty($def['id_name']) || $def['id_name'] == $field) { continue; } $relatedFields[$def['id_name']] = $field; } foreach ($focus->field_defs as $field => $def) { if ($field == 'id' && !empty($focus->id)) { // Don't try and overwrite the ID continue; } $type = !empty($def['custom_type']) ? $def['custom_type'] : $def['type']; $sf = $sfh->getSugarField($type); if ($sf != null) { $sf->save($focus, $_POST, $field, $def, $prefix); } else { $GLOBALS['log']->fatal("Field '{$field}' does not have a SugarField handler"); } /* if(isset($_POST[$prefix.$field])) { if(is_array($_POST[$prefix.$field]) && !empty($focus->field_defs[$field]['isMultiSelect'])) { if($_POST[$prefix.$field][0] === '' && !empty($_POST[$prefix.$field][1]) ) { unset($_POST[$prefix.$field][0]); } $_POST[$prefix.$field] = encodeMultienumValue($_POST[$prefix.$field]); } $focus->$field = $_POST[$prefix.$field]; /* * overrides the passed value for booleans. * this will be fully deprecated when the change to binary booleans is complete. / if(isset($focus->field_defs[$prefix.$field]) && $focus->field_defs[$prefix.$field]['type'] == 'bool' && isset($focus->field_defs[$prefix.$field]['options'])) { $opts = explode("|", $focus->field_defs[$prefix.$field]['options']); $bool = $_POST[$prefix.$field]; if(is_int($bool) || ($bool === "0" || $bool === "1" || $bool === "2")) { // 1=on, 2=off $selection = ($_POST[$prefix.$field] == "0") ? 1 : 0; } elseif(is_bool($_POST[$prefix.$field])) { // true=on, false=off $selection = ($_POST[$prefix.$field]) ? 0 : 1; } $focus->$field = $opts[$selection]; } } else if(!empty($focus->field_defs[$field]['isMultiSelect']) && !isset($_POST[$prefix.$field]) && isset($_POST[$prefix.$field . '_multiselect'])) { $focus->$field = ''; } */ } foreach ($focus->additional_column_fields as $field) { if (isset($_POST[$prefix . $field])) { $value = $_POST[$prefix . $field]; $focus->{$field} = $value; } } return $focus; }
/** * This method gets the Audit log and formats it specifically for the API. * @param type SugarBean $bean * @return array */ public function getAuditLog(SugarBean $bean) { global $timedate; if (!$bean->is_AuditEnabled()) { return array(); } $auditTable = $bean->get_audit_table_name(); $query = "SELECT {$auditTable}.*, users.user_name AS created_by_username\n FROM {$auditTable}, users\n WHERE {$auditTable}.created_by = users.id AND {$auditTable}.parent_id = '{$bean->id}'\n ORDER BY {$auditTable}.date_created DESC"; $db = DBManagerFactory::getInstance(); $results = $db->query($query); if (empty($results)) { return array(); } $fieldDefs = $this->fieldDefs; $return = array(); while ($row = $db->fetchByAssoc($results)) { if (!ACLField::hasAccess($row['field_name'], $bean->module_dir, $GLOBALS['current_user']->id, $bean->isOwner($GLOBALS['current_user']->id))) { continue; } //convert date $dateCreated = $timedate->fromDbType($db->fromConvert($row['date_created'], 'datetime'), "datetime"); $row['date_created'] = $timedate->asIso($dateCreated); //If the team_set_id field has a log entry, we retrieve the list of teams to display if ($row['field_name'] == 'team_set_id') { $return[] = $this->handleTeamSetField($row); continue; } // look for opportunities to relate ids to name values. if (!empty($this->genericAssocFieldsArray[$row['field_name']]) || !empty($this->moduleAssocFieldsArray[$bean->object_name][$row['field_name']])) { foreach ($fieldDefs as $field) { if (in_array($field['name'], array('before_value_string', 'after_value_string'))) { $row[$field['name']] = $this->getAssociatedFieldName($row['field_name'], $row[$field['name']]); } } } $row = $this->formatRowForApi($row); $fieldName = $row['field_name']; $fieldType = $db->getFieldType($bean->field_defs[$row['field_name']]); switch ($fieldType) { case 'date': case 'time': case 'datetime': $row['before'] = $this->formatDateTime($row['before'], $fieldType); $row['after'] = $this->formatDateTime($row['after'], $fieldType); break; case 'enum': case 'multienum': $row['before'] = explode(',', str_replace('^', '', $row['before'])); $row['after'] = explode(',', str_replace('^', '', $row['after'])); break; case 'relate': case 'link': // get the other side if (isset($bean->field_defs[$fieldName]['module'])) { $module = $bean->field_defs[$fieldName]['module']; $otherSideBeanBefore = BeanFactory::getBean($module, $row['before']); $otherSideBeanAfter = BeanFactory::getBean($module, $row['after']); if ($otherSideBeanBefore instanceof SugarBean) { $row['before'] = $otherSideBeanBefore->get_summary_text(); } if ($otherSideBeanAfter instanceof SugarBean) { $row['after'] = $otherSideBeanAfter->get_summary_text(); } } break; } $return[] = $row; } return $return; }