public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); if (!Users_Privileges_Model::isPermitted($moduleName, 'Save')) { throw new AppException(vtranslate($moduleName) . ' ' . vtranslate('LBL_NOT_ACCESSIBLE')); } }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); if (!Users_Privileges_Model::isPermitted($moduleName, 'EditView')) { throw new AppException('LBL_PERMISSION_DENIED'); } }
public function process(Vtiger_Request $request) { $moduleName = $request->getModule(); $moduleModel = Vtiger_Module_Model::getInstance($moduleName); if ($request->get('selected_ids') == 'all' && $request->get('mode') == 'FindDuplicates') { $recordIds = Vtiger_FindDuplicate_Model::getMassDeleteRecords($request); } else { $recordIds = $this->getRecordsListFromRequest($request); } foreach ($recordIds as $recordId) { if (Users_Privileges_Model::isPermitted($moduleName, 'Delete', $recordId)) { $recordModel = Vtiger_Record_Model::getInstanceById($recordId, $moduleModel); $recordModel->delete(); } else { $permission = 'No'; } } if ($permission === 'No') { throw new AppException(vtranslate('LBL_PERMISSION_DENIED')); } $cvId = $request->get('viewname'); $response = new Vtiger_Response(); $response->setResult(array('viewname' => $cvId, 'module' => $moduleName)); $response->emit(); }
public function process(Vtiger_Request $request) { $moduleName = $request->getModule(); $documentIdsList = $this->getRecordsListFromRequest($request); $folderId = $request->get('folderid'); if (!empty($documentIdsList)) { foreach ($documentIdsList as $documentId) { $documentModel = Vtiger_Record_Model::getInstanceById($documentId, $moduleName); if (Users_Privileges_Model::isPermitted($moduleName, 'EditView', $documentId)) { $documentModel->set('folderid', $folderId); $documentModel->set('mode', 'edit'); $documentModel->save(); } else { $documentsMoveDenied[] = $documentModel->getName(); } } } if (empty($documentsMoveDenied)) { $result = array('success' => true, 'message' => vtranslate('LBL_DOCUMENTS_MOVED_SUCCESSFULLY', $moduleName)); } else { $result = array('success' => false, 'message' => vtranslate('LBL_DENIED_DOCUMENTS', $moduleName), 'LBL_RECORDS_LIST' => $documentsMoveDenied); } $response = new Vtiger_Response(); $response->setResult($result); $response->emit(); }
function process(Vtiger_Request $request) { $moduleName = $request->getModule(); $moduleModel = Vtiger_Module_Model::getInstance($moduleName); $records = $request->get('records'); $primaryRecord = $request->get('primaryRecord'); $primaryRecordModel = Vtiger_Record_Model::getInstanceById($primaryRecord, $moduleName); $fields = $moduleModel->getFields(); foreach ($fields as $field) { $fieldValue = $request->get($field->getName()); if ($field->isEditable()) { $primaryRecordModel->set($field->getName(), $fieldValue); } } $primaryRecordModel->set('mode', 'edit'); $primaryRecordModel->save(); $deleteRecords = array_diff($records, array($primaryRecord)); foreach ($deleteRecords as $deleteRecord) { $recordPermission = Users_Privileges_Model::isPermitted($moduleName, 'Delete', $deleteRecord); if ($recordPermission) { $primaryRecordModel->transferRelationInfoOfRecords(array($deleteRecord)); $record = Vtiger_Record_Model::getInstanceById($deleteRecord); $record->delete(); } } $response = new Vtiger_Response(); $response->setResult(true); $response->emit(); }
/** * Function to get the module is permitted to specific action * @param <String> $actionName * @return <boolean> */ public function isPermitted($actionName) { if ($actionName === 'EditView') { return false; } return Users_Privileges_Model::isPermitted($this->getName(), $actionName); }
public function searchRecord($searchValue, $searchModule, $potentialId) { $db = PearDatabase::getInstance(); $potentialId = intval($potentialId); if ($searchModule == 'Products') { $sql = "SELECT\n\t\t\t\t\t\tcrm.*,\n\t\t\t\t\t\tprod.*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t`vtiger_products` prod\n\t\t\t\t\t\tINNER JOIN `vtiger_crmentity` crm\n\t\t\t\t\t\t\tON crm.`crmid` = prod.`productid`\n\t\t\t\t\t\tINNER JOIN `vtiger_seproductsrel` prodrel\n\t\t\t\t\t\t\tON prod.`productid` = prodrel.`productid`\n\t\t\t\t\t\t\tAND prodrel.`setype` = 'Potentials'\n\t\t\t\t\tWHERE prod.`productname` LIKE '%{$searchValue}%'\n\t\t\t\t\t\tAND crm.`setype` = 'Products'\n\t\t\t\t\t\tAND crm.`deleted` = 0\n\t\t\t\t\t\tAND prodrel.`crmid` = '{$potentialId}';"; } else { $sql = "SELECT\n\t\t\t\t\t\tcrm.*,\n\t\t\t\t\t\tserv.*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t`vtiger_service` serv\n\t\t\t\t\t\tINNER JOIN `vtiger_crmentity` crm\n\t\t\t\t\t\t\tON crm.`crmid` = serv.`serviceid`\n\t\t\t\t\t\tINNER JOIN `vtiger_crmentityrel` crmrel\n\t\t\t\t\t\t\tON serv.`serviceid` = crmrel.`relcrmid`\n\t\t\t\t\t\t\tAND crmrel.`module` = 'Potentials'\n\t\t\t\t\tWHERE serv.`servicename` LIKE '%{$searchValue}%'\n\t\t\t\t\t\tAND crm.`setype` = 'Services'\n\t\t\t\t\t\tAND crm.`deleted` = 0\n\t\t\t\t\t\tAND crmrel.`crmid` = '{$potentialId}';"; } $result = $db->pquery($sql, array()); $noOfRows = $db->num_rows($result); $moduleModels = array(); $matchingRecords = array(); for ($i = 0; $i < $noOfRows; ++$i) { $row = $db->query_result_rowdata($result, $i); if (Users_Privileges_Model::isPermitted($row['setype'], 'DetailView', $row['crmid'])) { $row['id'] = $row['crmid']; $moduleName = $row['setype']; if (!array_key_exists($moduleName, $moduleModels)) { $moduleModels[$moduleName] = Vtiger_Module_Model::getInstance($moduleName); } $moduleModel = $moduleModels[$moduleName]; $modelClassName = Vtiger_Loader::getComponentClassName('Model', 'Record', $moduleName); $recordInstance = new $modelClassName(); $matchingRecords[$moduleName][$row['id']] = $recordInstance->setData($row)->setModuleFromInstance($moduleModel); } } return $matchingRecords; }
public function checkPermission(Vtiger_Request $request) { $recordPermission = Users_Privileges_Model::isPermitted('Faq', 'EditView'); if (!$recordPermission) { throw new NoPermittedException('LBL_PERMISSION_DENIED'); } }
/** * Function to get the detail view links (links and widgets) * @param <array> $linkParams - parameters which will be used to calicaulate the params * @return <array> - array of link models in the format as below * array('linktype'=>list of link models); */ public function getDetailViewLinks($linkParams) { $linkModelList = Vtiger_DetailView_Model::getDetailViewLinks($linkParams); $recordModel = $this->getRecord(); $moduleModel = $this->getModule(); $moduleName = $moduleModel->getName(); $recordId = $recordModel->getId(); //TODO: update the database so that these separate handlings are not required $index = 0; foreach ($linkModelList['DETAILVIEW'] as $link) { if ($link->linklabel == 'View History' || $link->linklabel == 'Send SMS') { unset($linkModelList['DETAILVIEW'][$index]); } else { if ($link->linklabel == 'LBL_SHOW_ACCOUNT_HIERARCHY') { $link->linklabel = 'LBL_SHOW_ACCOUNT_HIERARCHY'; $linkURL = 'index.php?module=Accounts&view=AccountHierarchy&record=' . $recordId; $link->linkurl = 'javascript:Accounts_Detail_Js.triggerAccountHierarchy("' . $linkURL . '");'; unset($linkModelList['DETAILVIEW'][$index]); $linkModelList['DETAILVIEW'][$index] = $link; } } $index++; } if (Users_Privileges_Model::isPermitted($moduleModel->getName(), 'ConvertLead', $recordModel->getId()) && Users_Privileges_Model::isPermitted($moduleModel->getName(), 'EditView', $recordModel->getId())) { $convert = !Leads_Module_Model::checkIfAllowedToConvert($recordModel->get('leadstatus')) ? 'hide' : ''; $basicActionLink = array('linktype' => 'DETAILVIEWBASIC', 'linklabel' => '', 'linkclass' => 'btn-info btn-convertLead ' . $convert, 'linkhint' => vtranslate('LBL_CONVERT_LEAD', $moduleName), 'linkurl' => 'javascript:Leads_Detail_Js.convertLead("' . $recordModel->getConvertLeadUrl() . '",this);', 'linkicon' => 'glyphicon glyphicon-transfer'); $linkModelList['DETAILVIEWBASIC'][] = Vtiger_Link_Model::getInstanceFromValues($basicActionLink); } return $linkModelList; }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); if (!Users_Privileges_Model::isPermitted($moduleName, 'DetailView', $request->get('record'))) { throw new NoPermittedToRecordException(vtranslate('LBL_PERMISSION_DENIED', $moduleName)); } }
function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); if (!Users_Privileges_Model::isPermitted($moduleName, $actionName)) { throw new AppException(vtranslate('LBL_PERMISSION_DENIED')); } }
/** * Overrided to remove Edit button, Duplicate button * To remove related links */ public function getDetailViewLinks($linkParams) { $linkTypes = array('DETAILVIEWBASIC', 'DETAILVIEW'); $moduleModel = $this->getModule(); $recordModel = $this->getRecord(); $moduleName = $moduleModel->getName(); $recordId = $recordModel->getId(); $detailViewLink = array(); $linkModelListDetails = Vtiger_Link_Model::getAllByType($moduleModel->getId(), $linkTypes, $linkParams); //Mark all detail view basic links as detail view links. //Since ui will be look ugly if you need many basic links $detailViewBasiclinks = $linkModelListDetails['DETAILVIEWBASIC']; unset($linkModelListDetails['DETAILVIEWBASIC']); if (Users_Privileges_Model::isPermitted($moduleName, 'Delete', $recordId)) { $deletelinkModel = array('linktype' => 'DETAILVIEW', 'linklabel' => sprintf("%s %s", getTranslatedString('LBL_DELETE', $moduleName), vtranslate('SINGLE_' . $moduleName, $moduleName)), 'linkurl' => 'javascript:Vtiger_Detail_Js.deleteRecord("' . $recordModel->getDeleteUrl() . '")', 'linkicon' => ''); $linkModelList['DETAILVIEW'][] = Vtiger_Link_Model::getInstanceFromValues($deletelinkModel); } if (!empty($detailViewBasiclinks)) { foreach ($detailViewBasiclinks as $linkModel) { // Remove view history, needed in vtiger5 to see history but not in vtiger6 if ($linkModel->linklabel == 'View History') { continue; } $linkModelList['DETAILVIEW'][] = $linkModel; } } $widgets = $this->getWidgets(); foreach ($widgets as $widgetLinkModel) { $linkModelList['DETAILVIEWWIDGET'][] = $widgetLinkModel; } return $linkModelList; }
/** * Function to get the list of listview links for the module * @param <Array> $linkParams * @return <Array> - Associate array of Link Type to List of Vtiger_Link_Model instances */ public function getListViewLinks($linkParams) { $currentUserModel = Users_Record_Model::getCurrentUserModel(); $moduleModel = $this->getModule(); $linkTypes = array('LISTVIEWBASIC', 'LISTVIEW', 'LISTVIEWSETTING'); $links = Vtiger_Link_Model::getAllByType($moduleModel->getId(), $linkTypes, $linkParams); $createPermission = Users_Privileges_Model::isPermitted($moduleModel->getName(), 'EditView'); if ($createPermission) { $basicLinks = array(array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_ADD_RECORD', 'linkurl' => $moduleModel->getCreateRecordUrl(), 'linkicon' => ''), array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_ADD_FOLDER', 'linkurl' => 'javascript:Documents_List_Js.triggerAddFolder("' . $moduleModel->getAddFolderUrl() . '")', 'linkicon' => '')); foreach ($basicLinks as $basicLink) { $links['LISTVIEWBASIC'][] = Vtiger_Link_Model::getInstanceFromValues($basicLink); } } $exportPermission = Users_Privileges_Model::isPermitted($moduleModel->getName(), 'Export'); if ($exportPermission) { $advancedLink = array('linktype' => 'LISTVIEW', 'linklabel' => 'LBL_EXPORT', 'linkurl' => 'javascript:Vtiger_List_Js.triggerExportAction("' . $moduleModel->getExportUrl() . '")', 'linkicon' => ''); $links['LISTVIEW'][] = Vtiger_Link_Model::getInstanceFromValues($advancedLink); } if ($currentUserModel->isAdminUser()) { $settingsLinks = $this->getSettingLinks(); foreach ($settingsLinks as $settingsLink) { $links['LISTVIEWSETTING'][] = Vtiger_Link_Model::getInstanceFromValues($settingsLink); } } return $links; }
/** * Function to get the list of listview links for the module * @param <Array> $linkParams * @return <Array> - Associate array of Link Type to List of Vtiger_Link_Model instances */ public function getListViewLinks($linkParams) { $currentUserModel = Users_Record_Model::getCurrentUserModel(); $moduleModel = $this->getModule(); $linkTypes = array('LISTVIEWBASIC', 'LISTVIEW', 'LISTVIEWSETTING'); $links = Vtiger_Link_Model::getAllByType($moduleModel->getId(), $linkTypes, $linkParams); $basicLinks = array(); $createPermission = Users_Privileges_Model::isPermitted($moduleModel->getName(), 'EditView'); if ($createPermission) { $basicLinks[] = array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_ADD_RECORD', 'linkurl' => $moduleModel->getCreateRecordUrl(), 'linkicon' => ''); } foreach ($basicLinks as $basicLink) { $links['LISTVIEWBASIC'][] = Vtiger_Link_Model::getInstanceFromValues($basicLink); } $advancedLinks = array(); foreach ($advancedLinks as $advancedLink) { $links['LISTVIEW'][] = Vtiger_Link_Model::getInstanceFromValues($advancedLink); } if ($currentUserModel->isAdminUser()) { $settingsLinks = $this->getSettingLinks(); foreach ($settingsLinks as $settingsLink) { $links['LISTVIEWSETTING'][] = Vtiger_Link_Model::getInstanceFromValues($settingsLink); } } return $links; }
/** * Overided to make editview=false for this module */ public function isPermitted($actionName) { if ($actionName == 'EditView' || $actionName == 'Edit') { return false; } else { return $this->isActive() && Users_Privileges_Model::isPermitted($this->getName(), $actionName); } }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); $record = $request->get('record'); if (!Users_Privileges_Model::isPermitted($moduleName, 'Save', $record)) { throw new NoPermittedToRecordException('LBL_NO_PERMISSIONS_FOR_THE_RECORD'); } }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); $record = $request->get('id'); if (!(Users_Privileges_Model::isPermitted($moduleName, 'EditView', $record) && Users_Privileges_Model::isPermitted($moduleName, 'Delete', $record))) { throw new NoPermittedException('LBL_PERMISSION_DENIED'); } }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); $record = $request->get('record'); if (!Users_Privileges_Model::isPermitted($moduleName, 'WorkflowTrigger', $record)) { throw new NoPermittedToRecordException('LBL_PERMISSION_DENIED'); } }
public function getBasicLinks() { $basicLinks = parent::getBasicLinks(); $createPermission = Users_Privileges_Model::isPermitted('Potentials', 'EditView'); if ($createPermission) { $basicLinks[] = array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_GENERATE_EXTENSION', 'linkurl' => 'javascript:Vtiger_List_Js.generatePotentials()', 'linkicon' => 'icon-star-empty', 'linkclass' => 'btn-success'); return $basicLinks; } }
public function checkPermission(Vtiger_Request $request) { global $log; $log->debug("Entering ./views/QuickCreateAjax.php::checkPermission"); $moduleName = $request->getModule(); if (!Users_Privileges_Model::isPermitted($moduleName, 'EditView')) { throw new AppException(vtranslate('LBL_PERMISSION_DENIED', $moduleName)); } }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); $record = $request->get('record'); $recordPermission = Users_Privileges_Model::isPermitted($moduleName, 'EditView', $record); if (!$recordPermission) { throw new AppException(vtranslate('LBL_PERMISSION_DENIED')); } }
public function checkPermission(Vtiger_Request $request) { $currentUserModel = Users_Record_Model::getCurrentUserModel(); $moduleName = $request->getModule(); $record = $request->get('record'); if (!empty($record) || !Users_Privileges_Model::isPermitted($moduleName, 'EditView')) { throw new AppException('LBL_PERMISSION_DENIED'); } }
function checkPermission(Vtiger_Request $request) { global $log; $log->debug("Entering ./views/DashBoard.php::checkPermission"); $moduleName = $request->getModule(); if (!Users_Privileges_Model::isPermitted($moduleName, $actionName)) { throw new AppException(vtranslate('LBL_PERMISSION_DENIED')); } }
function checkPermission(Vtiger_Request $request) { $srcModuleName = $request->get('srcModule'); $recordId = $request->get('record'); $recordPermission = Users_Privileges_Model::isPermitted($srcModuleName, 'DetailView', $recordId); if (!$recordPermission) { throw new NoPermittedToRecordException('LBL_NO_PERMISSIONS_FOR_THE_RECORD'); } return true; }
public function getBasicLinks() { $basicLinks = array(); $moduleModel = $this->getModule(); $createPermission = Users_Privileges_Model::isPermitted($moduleModel->getName(), 'EditView'); if ($createPermission) { $basicLinks[] = array('linktype' => 'LISTVIEWBASIC', 'linklabel' => 'LBL_CREATEMAIL', 'linkurl' => "javascript:window.location='index.php?module=OSSMail&view=compose'", 'linkicon' => ''); } return $basicLinks; }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); $record = $request->get('record'); $recordModel = Vtiger_Record_Model::getInstanceById($record, $moduleName); $currentUserModel = Users_Record_Model::getCurrentUserModel(); if (!Users_Privileges_Model::isPermitted($moduleName, 'Save', $record) || $recordModel->isAccountOwner() && $currentUserModel->get('id') != $recordModel->getId() && !$currentUserModel->isAdminUser()) { throw new AppException('LBL_PERMISSION_DENIED'); } }
function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); $recordId = $request->get('record'); $recordPermission = Users_Privileges_Model::isPermitted($moduleName, 'DetailView', $recordId); if (!$recordPermission) { throw new AppException('LBL_PERMISSION_DENIED'); } return true; }
public function checkPermission(Vtiger_Request $request) { global $log; $log->debug("Entering ./actions/DeleteImage.php::checkPermission"); $moduleName = $request->getModule(); $record = $request->get('id'); if (!(Users_Privileges_Model::isPermitted($moduleName, 'EditView', $record) && Users_Privileges_Model::isPermitted($moduleName, 'Delete', $record))) { throw new AppException('LBL_PERMISSION_DENIED'); } }
/** * Function to get the detail view links (links and widgets) * @param <array> $linkParams - parameters which will be used to calicaulate the params * @return <array> - array of link models in the format as below * array('linktype'=>list of link models); */ public function getDetailViewLinks($linkParams) { $linkModelList = parent::getDetailViewLinks($linkParams); $recordModel = $this->getRecord(); $moduleName = $recordModel->getmoduleName(); if (Users_Privileges_Model::isPermitted($moduleName, 'DetailView', $recordModel->getId())) { $sendEmailLink = array('linklabel' => '', 'linkurl' => 'javascript:Inventory_Detail_Js.sendEmailPDFClickHandler(\'' . $recordModel->getSendEmailPDFUrl() . '\')', 'linkicon' => 'icon-envelope', 'title' => vtranslate('LBL_SEND_MAIL_PDF', $moduleName)); $linkModelList['DETAILVIEW'][] = Vtiger_Link_Model::getInstanceFromValues($sendEmailLink); } return $linkModelList; }
public function checkPermission(Vtiger_Request $request) { $moduleName = $request->getModule(); $record = $request->get('record'); $recordPermission = Users_Privileges_Model::isPermitted($moduleName, 'EditView', $record); $lockEdit = Users_Privileges_Model::checkLockEdit($moduleName, $record); if (!$recordPermission || $lockEdit && $request->get('isDuplicate') != 'true') { throw new NoPermittedToRecordException('LBL_NO_PERMISSIONS_FOR_THE_RECORD'); } }