function vtws_query_related($query, $id, $relatedLabel, $user, $filterClause = null) { global $log, $adb; $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); // Extract related module name from query. $relatedType = null; if (preg_match("/FROM\\s+([^\\s]+)/i", $query, $m)) { $relatedType = trim($m[1]); } // Check for presence of expected relation. $found = false; $relatedTypes = vtws_relatedtypes($entityName, $user); foreach ($relatedTypes['information'] as $label => $information) { if ($label == $relatedLabel && $information['name'] == $relatedType) { $found = true; break; } } if (!$found) { throw new WebServiceException(WebServiceErrorCode::$UNKOWNENTITY, "Relation specified is incorrect"); } vtws_preserveGlobal('currentModule', $entityName); // Fetch related record IDs - so we can further retrieve complete information using vtws_query $relatedWebserviceObject = VtigerWebserviceObject::fromName($adb, $relatedType); $relatedHandlerPath = $relatedWebserviceObject->getHandlerPath(); $relatedHandlerClass = $relatedWebserviceObject->getHandlerClass(); require_once $relatedHandlerPath; $relatedHandler = new $relatedHandlerClass($relatedWebserviceObject, $user, $adb, $log); $relatedIds = $handler->relatedIds($id, $relatedType, $relatedLabel, $relatedHandler); // Initialize return value $relatedRecords = array(); // Rewrite query and extract related records if there at least one. if (!empty($relatedIds)) { $relatedIdClause = "id IN ('" . implode("','", $relatedIds) . "')"; if (stripos($query, 'WHERE') == false) { $query .= " WHERE " . $relatedIdClause; } else { $queryParts = explode('WHERE', $query); $query = $queryParts[0] . " WHERE " . $relatedIdClause; $query .= " AND " . $queryParts[1]; } if (!empty($filterClause)) { $query .= " " . $filterClause; } $query .= ";"; $relatedRecords = vtws_query($query, $user); } VTWS_PreserveGlobal::flush(); return $relatedRecords; }
function vtws_retrieve($id, $user) { $adb = PearDatabase::getInstance(); $log = vglobal('log'); $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); $types = vtws_listtypes(null, $user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } if ($meta->hasReadAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } $idComponents = vtws_getIdComponents($id); if (!$meta->exists($idComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } $entity = $handler->retrieve($id); VTWS_PreserveGlobal::flush(); return $entity; }
function vtws_setrelation($relateThisId, $withTheseIds, $user) { global $log, $adb; list($moduleId, $elementId) = vtws_getIdComponents($relateThisId); $webserviceObject = VtigerWebserviceObject::fromId($adb, $moduleId); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $moduleName = $meta->getObjectEntityName($relateThisId); $types = vtws_listtypes(null, $user); if (!in_array($moduleName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } if ($moduleName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$UPDATE, $relateThisId)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } if (!$meta->exists($elementId)) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } if ($meta->hasWriteAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } vtws_internal_setrelation($elementId, $moduleName, $withTheseIds); VTWS_PreserveGlobal::flush(); return true; }
function vtws_update($element, $user) { global $log, $adb; $idList = vtws_getIdComponents($element['id']); $webserviceObject = VtigerWebserviceObject::fromId($adb, $idList[0]); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($element['id']); $types = vtws_listtypes($user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$UPDATE, $element['id'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } if (!$meta->exists($idList[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } if ($meta->hasWriteAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } $referenceFields = $meta->getReferenceFieldDetails(); foreach ($referenceFields as $fieldName => $details) { if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) { $ids = vtws_getIdComponents($element[$fieldName]); $elemTypeId = $ids[0]; $elemId = $ids[1]; $referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId); if (!in_array($referenceObject->getEntityName(), $details)) { throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}"); } if (!in_array($referenceObject->getEntityName(), $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied " . $referenceObject->getEntityName()); } } else { if ($element[$fieldName] !== NULL) { unset($element[$fieldName]); } } } $meta->hasMandatoryFields($element); $ownerFields = $meta->getOwnerFields(); if (is_array($ownerFields) && sizeof($ownerFields) > 0) { foreach ($ownerFields as $ownerField) { if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } } $entity = $handler->update($element); VTWS_PreserveGlobal::flush(); return $entity; }
function vtws_retrieve($id, $user) { global $log, $adb; $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); $types = vtws_listtypes(null, $user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } if ($meta->hasReadAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } $idComponents = vtws_getIdComponents($id); if (!$meta->exists($idComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } $entity = $handler->retrieve($id); //return product lines if ($entityName == 'Quotes' || $entityName == 'PurchaseOrder' || $entityName == 'SalesOrder' || $entityName == 'Invoice') { list($wsid, $recordid) = explode('x', $id); $result = $adb->pquery('select * from vtiger_inventoryproductrel where id=?', array($recordid)); while ($row = $adb->getNextRow($result, false)) { if ($row['discount_amount'] == NULL && $row['discount_percent'] == NULL) { $discount = 0; $discount_type = 0; } else { $discount = 1; } if ($row['discount_amount'] == NULL) { $discount_amount = 0; } else { $discount_amount = $row['discount_amount']; $discount_type = 'amount'; } if ($row['discount_percent'] == NULL) { $discount_percent = 0; } else { $discount_percent = $row['discount_percent']; $discount_type = 'percentage'; } $onlyPrd = array("productid" => $row['productid'], "comment" => $row['comment'], "qty" => $row['quantity'], "listprice" => $row['listprice'], 'discount' => $discount, "discount_type" => $discount_type, "discount_percentage" => $discount_percent, "discount_amount" => $discount_amount); $entity['pdoInformation'][] = $onlyPrd; } } VTWS_PreserveGlobal::flush(); return $entity; }
function vtws_retrievedocattachment($all_ids, $returnfile, $user) { global $log, $adb; $entities = array(); $docWSId = vtyiicpng_getWSEntityId('Documents'); $log->debug("Entering function vtws_retrievedocattachment"); $all_ids = "(" . str_replace($docWSId, '', $all_ids) . ")"; $query = "SELECT n.notesid, n.filename, n.filelocationtype\n FROM vtiger_notes n\n INNER JOIN vtiger_crmentity c ON c.crmid=n.notesid\n WHERE n.notesid in {$all_ids} and n.filelocationtype in ('I','E') and c.deleted=0"; $result = $adb->query($query); $nr = $adb->num_rows($result); for ($i = 0; $i < $nr; $i++) { $id = $docWSId . $adb->query_result($result, $i, 'notesid'); $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); $types = vtws_listtypes(null, $user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } if ($meta->hasReadAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object ({$id}) is denied"); } $ids = vtws_getIdComponents($id); if (!$meta->exists($ids[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Document Record you are trying to access is not found"); } $document_id = $ids[1]; $filetype = $adb->query_result($result, $i, 'filelocationtype'); if ($filetype == 'E') { $entity["recordid"] = $adb->query_result($result, $i, 'notesid'); $entity["filetype"] = $fileType; $entity["filename"] = $adb->query_result($result, $i, 'filename'); $entity["filesize"] = 0; $entity["attachment"] = base64_encode(''); } elseif ($filetype == 'I') { $entity = vtws_retrievedocattachment_get_attachment($document_id, true, $returnfile); } $entities[$id] = $entity; VTWS_PreserveGlobal::flush(); } // end for ids $log->debug("Leaving function vtws_retrievedocattachment"); return $entities; }
function cbws_getrecordimageinfo($id, $user) { global $log, $adb, $site_URL; $log->debug("Entering function cbws_getrecordimageinfo({$id})"); $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); $types = vtws_listtypes(null, $user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } if ($meta->hasReadAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read entity is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } $idComponents = vtws_getIdComponents($id); if (!$meta->exists($idComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } $ids = vtws_getIdComponents($id); $pdoid = $ids[1]; $rdo = array(); $query = 'select vtiger_attachments.name, vtiger_attachments.type, vtiger_attachments.attachmentsid, vtiger_attachments.path from vtiger_attachments inner join vtiger_crmentity on vtiger_crmentity.crmid = vtiger_attachments.attachmentsid inner join vtiger_seattachmentsrel on vtiger_attachments.attachmentsid=vtiger_seattachmentsrel.attachmentsid where (vtiger_crmentity.setype LIKE "%Image" or vtiger_crmentity.setype LIKE "%Attachment") and deleted=0 and vtiger_seattachmentsrel.crmid=?'; $result_image = $adb->pquery($query, array($pdoid)); $rdo['results'] = $adb->num_rows($result_image); $rdo['images'] = array(); while ($img = $adb->fetch_array($result_image)) { $imga = array(); $imga['name'] = $img['name']; $imga['path'] = $img['path']; $imga['fullpath'] = $site_URL . '/' . $img['path'] . $img['attachmentsid'] . '_' . $img['name']; $imga['type'] = $img['type']; $imga['id'] = $img['attachmentsid']; $rdo['images'][] = $imga; } VTWS_PreserveGlobal::flush(); $log->debug("Leaving function cbws_getrecordimageinfo"); return $rdo; }
function cbws_getproductimageinfo($id, $user) { global $log, $adb, $site_URL; $log->debug("Entering function cbws_getproductimageinfo({$id})"); $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); if ($entityName != 'Products') { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Entity ID must be a product"); } $log->debug("Leaving function cbws_getproductimageinfo"); return cbws_getmoduleimageinfo($id, $user); }
/** * @author MAK */ function vtws_deleteUser($id, $newOwnerId, $user) { global $log, $adb; $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); $types = vtws_listtypes($user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied, EntityName = " . $entityName); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$DELETE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } $idComponents = vtws_getIdComponents($id); if (!$meta->exists($idComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found, idComponent = " . $idComponents); } if ($meta->hasWriteAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } $newIdComponents = vtws_getIdComponents($newOwnerId); if (empty($newIdComponents[1])) { //force the default user to be the default admin user. //added cause eazybusiness team is sending this value empty $newIdComponents[1] = 1; } vtws_transferOwnership($idComponents[1], $newIdComponents[1]); //delete from user vtiger_table; $sql = "delete from vtiger_users where id=?"; vtws_runQueryAsTransaction($sql, array($idComponents[1]), $result); VTWS_PreserveGlobal::flush(); return array("status" => "successful"); }
function cbws_getpdfdata($id, $user) { global $log, $adb; $log->debug("Entering function vtws_getpdfdata"); $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); $types = vtws_listtypes(null, $user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } if ($meta->hasReadAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } $idComponents = vtws_getIdComponents($id); if (!$meta->exists($idComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } $objectName = $webserviceObject->getEntityName(); if (!in_array($objectName, array('Invoice', 'Quotes', 'SalesOrder', 'PurchaseOrder'))) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Only Inventory modules support PDF Output."); } $ids = vtws_getIdComponents($id); $document_id = $ids[1]; $entity = get_module_pdf($objectName, $document_id); VTWS_PreserveGlobal::flush(); $log->debug("Leaving function vtws_getpdfdata"); return $entity; }
/** * @author MAK */ function vtws_deleteUser($id, $newOwnerId, $user) { $adb = PearDatabase::getInstance(); $log = vglobal('log'); $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); $types = vtws_listtypes(null, $user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied, EntityName = " . $entityName); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$DELETE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } $idComponents = vtws_getIdComponents($id); if (!$meta->exists($idComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found, idComponent = " . $idComponents); } if ($meta->hasWriteAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } $newIdComponents = vtws_getIdComponents($newOwnerId); if (empty($newIdComponents[1])) { //force the default user to be the default admin user. $newIdComponents[1] = 1; } $userObj = new Users(); $userObj->transformOwnerShipAndDelete($idComponents[1], $newIdComponents[1]); VTWS_PreserveGlobal::flush(); return array("status" => "successful"); }
function vtws_addTicketFaqComment($id, $values, $user) { global $log, $adb, $current_user; $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); if ($entityName !== 'HelpDesk' and $entityName !== 'Faq') { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Invalid module specified. Must be HelpDesk or Faq"); } if ($meta->hasReadAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } $idComponents = vtws_getIdComponents($id); if (!$meta->exists($idComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } $comment = trim($values['comments']); if (empty($comment)) { throw new WebServiceException(WebServiceErrorCode::$MANDFIELDSMISSING, "Comment empty."); } $current_time = $adb->formatDate(date('Y-m-d H:i:s'), true); if ($entityName == 'HelpDesk') { if ($values['from_portal'] != 1) { $ownertype = 'user'; if (!empty($user)) { $ownerId = $user->id; } elseif (!empty($current_user)) { $ownerId = $current_user->id; } else { $ownerId = 1; } //get the user email $result = $adb->pquery("SELECT email1 FROM vtiger_users WHERE id=?", array($ownerId)); $fromname = getUserFullName($ownerId); } else { $ownertype = 'customer'; $webserviceObject = VtigerWebserviceObject::fromId($adb, $values['parent_id']); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($values['parent_id']); if ($entityName !== 'Contacts') { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Invalid owner module specified. Must be Contacts"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } $pidComponents = vtws_getIdComponents($values['parent_id']); if (!$meta->exists($pidComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } $ownerId = $pidComponents[1]; //get the contact email id who creates the ticket from portal and use this email as from email id in email $result = $adb->pquery("SELECT email FROM vtiger_contactdetails WHERE contactid=?", array($ownerId)); $ename = getEntityName('Contacts', $ownerId); $fromname = $ename[$ownerId]; } $sql = "insert into vtiger_ticketcomments values(?,?,?,?,?,?)"; $params = array('', $idComponents[1], $comment, $ownerId, $ownertype, $current_time); //send mail to the assigned to user when customer add comment $toresult = $adb->pquery("SELECT email1,first_name\n\t\t\t\t\tFROM vtiger_users\n\t\t\t\t\tINNER JOIN vtiger_crmentity on smownerid=id\n\t\t\t\t\tINNER JOIN vtiger_troubletickets on ticketid=crmid\n\t\t\t\t\tWHERE ticketid=?", array($idComponents[1])); $to_email = $adb->query_result($toresult, 0, 0); $ownerName = $adb->query_result($toresult, 0, 1); $moduleName = 'HelpDesk'; $subject = getTranslatedString('LBL_RESPONDTO_TICKETID', $moduleName) . "##" . $idComponents[1] . "##" . getTranslatedString('LBL_CUSTOMER_PORTAL', $moduleName); $contents = getTranslatedString('Dear', $moduleName) . " " . $ownerName . "," . "<br><br>" . getTranslatedString('LBL_CUSTOMER_COMMENTS', $moduleName) . "<br><br>\n\t\t\t\t\t<b>" . $comment . "</b><br><br>" . getTranslatedString('LBL_RESPOND', $moduleName) . "<br><br>" . getTranslatedString('LBL_REGARDS', $moduleName) . "<br>" . getTranslatedString('LBL_SUPPORT_ADMIN', $moduleName); $from_email = $adb->query_result($result, 0, 0); //send mail to assigned to user $mail_status = send_mail('HelpDesk', $to_email, $fromname, $from_email, $subject, $contents); } else { $sql = "insert into vtiger_faqcomments values(?, ?, ?, ?)"; $params = array('', $idComponents[1], $comment, $current_time); } $adb->pquery($sql, $params); VTWS_PreserveGlobal::flush(); return array('success' => true); }
function vtws_getActorEntityNameById($entityId, $idList) { $db = PearDatabase::getInstance(); if (!is_array($idList) && count($idList) == 0) { return array(); } $nameList = array(); $webserviceObject = VtigerWebserviceObject::fromId($db, $entityId); $query = "select * from vtiger_ws_entity_name where entity_id = ?"; $result = $db->pquery($query, array($entityId)); if (is_object($result)) { $rowCount = $db->num_rows($result); if ($rowCount > 0) { $nameFields = $db->query_result($result, 0, 'name_fields'); $tableName = $db->query_result($result, 0, 'table_name'); $indexField = $db->query_result($result, 0, 'index_field'); if (!(strpos($nameFields, ',') === false)) { $fieldList = explode(',', $nameFields); $nameFields = "concat("; $nameFields = $nameFields . implode(",' ',", $fieldList); $nameFields = $nameFields . ")"; } $query1 = "select {$nameFields} as entityname, {$indexField} from {$tableName} where " . "{$indexField} in (" . generateQuestionMarks($idList) . ")"; $params1 = array($idList); $result = $db->pquery($query1, $params1); if (is_object($result)) { $rowCount = $db->num_rows($result); for ($i = 0; $i < $rowCount; $i++) { $id = $db->query_result($result, $i, $indexField); $nameList[$id] = $db->query_result($result, $i, 'entityname'); } return $nameList; } } } return array(); }
function vtws_create($elementType, $element, $user) { $types = vtws_listtypes(null, $user); if (!in_array($elementType, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } global $log, $adb; if (!empty($element['relations'])) { $relations = $element['relations']; unset($element['relations']); } // Cache the instance for re-use if (!isset($vtws_create_cache[$elementType]['webserviceobject'])) { $webserviceObject = VtigerWebserviceObject::fromName($adb, $elementType); $vtws_create_cache[$elementType]['webserviceobject'] = $webserviceObject; } else { $webserviceObject = $vtws_create_cache[$elementType]['webserviceobject']; } // END $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); if ($meta->hasWriteAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } $referenceFields = $meta->getReferenceFieldDetails(); foreach ($referenceFields as $fieldName => $details) { if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) { $ids = vtws_getIdComponents($element[$fieldName]); $elemTypeId = $ids[0]; $elemId = $ids[1]; $referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId); if (!in_array($referenceObject->getEntityName(), $details)) { throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}"); } if ($referenceObject->getEntityName() == 'Users') { if (!$meta->hasAssignPrivilege($element[$fieldName])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } if (!in_array($referenceObject->getEntityName(), $types['types']) && $referenceObject->getEntityName() != 'Users') { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied" . $referenceObject->getEntityName()); } } else { if ($element[$fieldName] !== NULL) { unset($element[$fieldName]); } } } if ($meta->hasMandatoryFields($element)) { $ownerFields = $meta->getOwnerFields(); if (is_array($ownerFields) && sizeof($ownerFields) > 0) { foreach ($ownerFields as $ownerField) { if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } } // Product line support if (($elementType == 'Quotes' || $elementType == 'PurchaseOrder' || $elementType == 'SalesOrder' || $elementType == 'Invoice') && is_array($element['pdoInformation'])) { include 'include/Webservices/ProductLines.php'; } else { $_REQUEST['action'] = $elementType . 'Ajax'; } if ($elementType == 'HelpDesk') { //Added to construct the update log for Ticket history $colflds = $element; list($void, $colflds['assigned_user_id']) = explode('x', $colflds['assigned_user_id']); $grp_name = fetchGroupName($colflds['assigned_user_id']); $assigntype = $grp_name != '' ? 'T' : 'U'; $updlog = HelpDesk::getUpdateLogCreateMessage($colflds, $grp_name, $assigntype); $updlog = from_html($updlog, false); } $entity = $handler->create($elementType, $element); if ($elementType == 'HelpDesk') { list($wsid, $newrecid) = vtws_getIdComponents($entity['id']); $adb->pquery('update vtiger_troubletickets set update_log=? where ticketid=?', array($updlog, $newrecid)); } // Establish relations if (!empty($relations)) { list($wsid, $newrecid) = vtws_getIdComponents($entity['id']); $modname = $meta->getEntityName(); vtws_internal_setrelation($newrecid, $modname, $relations); } VTWS_PreserveGlobal::flush(); return $entity; } else { return null; } }
public function translateTheReferenceFieldIdsToName($records,$module,$user){ $db = PearDatabase::getInstance(); global $current_user; $current_user = $user; $handler = vtws_getModuleHandlerFromName($module, $user); $meta = $handler->getMeta(); $referenceFieldDetails = $meta->getReferenceFieldDetails(); foreach($referenceFieldDetails as $referenceFieldName=>$referenceModuleDetails){ $referenceFieldIds = array(); $referenceModuleIds = array(); $referenceIdsName = array(); foreach($records as $recordDetails){ $referenceWsId = $recordDetails[$referenceFieldName]; if(!empty ($referenceWsId)){ $referenceIdComp = vtws_getIdComponents($referenceWsId); $webserviceObject = VtigerWebserviceObject::fromId($db, $referenceIdComp[0]); $referenceModuleIds[$webserviceObject->getEntityName()][]= $referenceIdComp[1]; $referenceFieldIds[] =$referenceIdComp[1]; } } foreach($referenceModuleIds as $referenceModule=>$idLists){ $nameList = getEntityName($referenceModule, $idLists); foreach($nameList as $key=>$value) $referenceIdsName[$key] = $value; } $recordCount = count($records); for($i=0;$i<$recordCount;$i++){ $record = $records[$i]; if(!empty($record[$referenceFieldName])){ $wsId = vtws_getIdComponents($record[$referenceFieldName]); $record[$referenceFieldName] = decode_html($referenceIdsName[$wsId[1]]); } $records[$i]= $record; } } return $records; }
function vtws_update($element, $user) { global $log, $adb; $idList = vtws_getIdComponents($element['id']); $webserviceObject = VtigerWebserviceObject::fromId($adb, $idList[0]); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($element['id']); $types = vtws_listtypes(null, $user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$UPDATE, $element['id'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } if (!$meta->exists($idList[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } if ($meta->hasWriteAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } $referenceFields = $meta->getReferenceFieldDetails(); foreach ($referenceFields as $fieldName => $details) { if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) { $ids = vtws_getIdComponents($element[$fieldName]); $elemTypeId = $ids[0]; $elemId = $ids[1]; $referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId); if (!in_array($referenceObject->getEntityName(), $details)) { throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}"); } if ($referenceObject->getEntityName() == 'Users') { if (!$meta->hasAssignPrivilege($element[$fieldName])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } if (!in_array($referenceObject->getEntityName(), $types['types']) && $referenceObject->getEntityName() != 'Users') { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied " . $referenceObject->getEntityName()); } } else { if ($element[$fieldName] !== NULL) { unset($element[$fieldName]); } } } $meta->hasMandatoryFields($element); $ownerFields = $meta->getOwnerFields(); if (is_array($ownerFields) && sizeof($ownerFields) > 0) { foreach ($ownerFields as $ownerField) { if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } } // Product line support if (($entityName == 'Quotes' || $entityName == 'PurchaseOrder' || $entityName == 'SalesOrder' || $entityName == 'Invoice') && is_array($element['pdoInformation'])) { include_once 'include/Webservices/ProductLines.php'; } else { $_REQUEST['action'] = $entityName . 'Ajax'; } if ($entityName == 'HelpDesk') { //Added to construct the update log for Ticket history $colflds = $element; list($void, $colflds['assigned_user_id']) = explode('x', $colflds['assigned_user_id']); $updlog = HelpDesk::getUpdateLogEditMessage($idList[1], $colflds); $updlog = from_html($updlog, true); } $entity = $handler->update($element); if ($entityName == 'HelpDesk') { $adb->pquery('update vtiger_troubletickets set update_log=? where ticketid=?', array($updlog, $idList[1])); } VTWS_PreserveGlobal::flush(); return $entity; }
function vtws_create($elementType, $element, $user) { $types = vtws_listtypes(null, $user); if (!in_array($elementType, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation is denied"); } $adb = PearDatabase::getInstance(); $log = vglobal('log'); // Cache the instance for re-use if (!isset($vtws_create_cache[$elementType]['webserviceobject'])) { $webserviceObject = VtigerWebserviceObject::fromName($adb, $elementType); $vtws_create_cache[$elementType]['webserviceobject'] = $webserviceObject; } else { $webserviceObject = $vtws_create_cache[$elementType]['webserviceobject']; } // END $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); if ($meta->hasWriteAccess() !== true) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to write is denied"); } $referenceFields = $meta->getReferenceFieldDetails(); foreach ($referenceFields as $fieldName => $details) { if (isset($element[$fieldName]) && strlen($element[$fieldName]) > 0) { $ids = vtws_getIdComponents($element[$fieldName]); $elemTypeId = $ids[0]; $elemId = $ids[1]; $referenceObject = VtigerWebserviceObject::fromId($adb, $elemTypeId); if (!in_array($referenceObject->getEntityName(), $details)) { throw new WebServiceException(WebServiceErrorCode::$REFERENCEINVALID, "Invalid reference specified for {$fieldName}"); } if ($referenceObject->getEntityName() == 'Users') { if (!$meta->hasAssignPrivilege($element[$fieldName])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } if (!in_array($referenceObject->getEntityName(), $types['types']) && $referenceObject->getEntityName() != 'Users') { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to access reference type is denied" . $referenceObject->getEntityName()); } } else { if ($element[$fieldName] !== NULL) { unset($element[$fieldName]); } } } if ($meta->hasMandatoryFields($element)) { $ownerFields = $meta->getOwnerFields(); if (is_array($ownerFields) && sizeof($ownerFields) > 0) { foreach ($ownerFields as $ownerField) { if (isset($element[$ownerField]) && $element[$ownerField] !== null && !$meta->hasAssignPrivilege($element[$ownerField])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Cannot assign record to the given user"); } } } $entity = $handler->create($elementType, $element); VTWS_PreserveGlobal::flush(); return $entity; } else { return null; } }
function hasAssignPrivilege($webserviceId) { global $adb; // administrator's have assign privilege if (is_admin($this->user)) { return true; } $idComponents = vtws_getIdComponents($webserviceId); $userId = $idComponents[1]; $ownerTypeId = $idComponents[0]; if ($userId == null || $userId == '' || $ownerTypeId == null || $ownerTypeId == '') { return false; } $webserviceObject = VtigerWebserviceObject::fromId($adb, $ownerTypeId); if (strcasecmp($webserviceObject->getEntityName(), "Users") === 0) { if ($userId == $this->user->id) { return true; } if (!$this->assign) { $this->retrieveUserHierarchy(); } if (in_array($userId, array_keys($this->assignUsers))) { return true; } else { return false; } } elseif (strcasecmp($webserviceObject->getEntityName(), "Groups") === 0) { $tabId = $this->getTabId(); $groups = vtws_getUserAccessibleGroups($tabId, $this->user); foreach ($groups as $group) { if ($group['id'] == $userId) { return true; } } return false; } }
function __getRLQuery($id, $module, $relatedModule, $queryParameters, $user) { global $adb, $currentModule, $log, $current_user; // Initialize required globals $currentModule = $module; // END if (empty($queryParameters['productDiscriminator'])) { $queryParameters['productDiscriminator'] = ''; } if (empty($queryParameters['columns'])) { $queryParameters['columns'] = '*'; } $productDiscriminator = strtolower($queryParameters['productDiscriminator']); // check modules $webserviceObject = VtigerWebserviceObject::fromName($adb, $relatedModule); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $relatedModule = $meta->getEntityName(); if (!$meta->isModuleEntity()) { throw new WebserviceException('INVALID_MODULE', "Given related module ({$relatedModule}) cannot be found"); } $relatedModuleId = getTabid($relatedModule); $webserviceObject = VtigerWebserviceObject::fromName($adb, $module); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $module = $meta->getEntityName(); if (!$meta->isModuleEntity()) { throw new WebserviceException('INVALID_MODULE', "Given module ({$module}) cannot be found"); } $moduleId = getTabid($module); // check permission on module $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); $entityName = $meta->getObjectEntityName($id); $types = vtws_listtypes(null, $user); if (!in_array($entityName, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation on module ({$module}) is denied"); } if ($entityName !== $webserviceObject->getEntityName()) { throw new WebServiceException(WebServiceErrorCode::$INVALIDID, "Id specified is incorrect"); } if (!$meta->hasPermission(EntityMeta::$RETRIEVE, $id)) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } $idComponents = vtws_getIdComponents($id); if (!$meta->exists($idComponents[1])) { throw new WebServiceException(WebServiceErrorCode::$RECORDNOTFOUND, "Record you are trying to access is not found"); } $crmid = $idComponents[1]; // check permission on related module and pickup meta data for further processing $webserviceObject = VtigerWebserviceObject::fromName($adb, $relatedModule); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); $meta = $handler->getMeta(); if (!in_array($relatedModule, $types['types'])) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to perform the operation on module ({$relatedModule}) is denied"); } if (!$meta->hasReadAccess()) { throw new WebServiceException(WebServiceErrorCode::$ACCESSDENIED, "Permission to read given object is denied"); } // user has enough permission to start process $query = ''; switch ($relatedModule) { case 'ModComments': $wsUserIdrs = $adb->query("select id from vtiger_ws_entity where name='Users'"); $wsUserId = $adb->query_result($wsUserIdrs, 0, 0) . 'x'; $wsContactIdrs = $adb->query("select id from vtiger_ws_entity where name='Contacts'"); $wsContactId = $adb->query_result($wsContactIdrs, 0, 0) . 'x'; switch ($module) { case 'HelpDesk': $query = "select\n\t\t\t\t\t\tconcat(case when (ownertype = 'user') then '{$wsUserId}' else '{$wsContactId}' end,ownerid) as creator,\n\t\t\t\t\t\tconcat(case when (ownertype = 'user') then '{$wsUserId}' else '{$wsContactId}' end,ownerid) as assigned_user_id,\n\t\t\t\t\t\t'TicketComments' as setype,\n\t\t\t\t\t\tcreatedtime,\n\t\t\t\t\t\tcreatedtime as modifiedtime,\n\t\t\t\t\t\t0 as id,\n\t\t\t\t\t\tcomments as commentcontent, \n\t\t\t\t\t\t'{$id}' as related_to, \n\t\t\t\t\t\t'' as parent_comments,\n\t\t\t\t\t\townertype,\n\t\t\t\t\t\tcase when (ownertype = 'user') then vtiger_users.user_name else vtiger_portalinfo.user_name end as owner_name \n\t\t\t\t\t from vtiger_ticketcomments\n\t\t\t\t\t left join vtiger_users on vtiger_users.id = ownerid\n\t\t\t\t\t left join vtiger_portalinfo on vtiger_portalinfo.id = ownerid\n\t\t\t\t\t where ticketid={$crmid}"; break; case 'Faq': $query = "select\n\t\t\t\t\t\t0 as creator,\n\t\t\t\t\t\t0 as assigned_user_id,\n\t\t\t\t\t\t'FaqComments' as setype,\n\t\t\t\t\t\tcreatedtime,\n\t\t\t\t\t\tcreatedtime as modifiedtime,\n\t\t\t\t\t\t0 as id,\n\t\t\t\t\t\tcomments as commentcontent, \n\t\t\t\t\t\t'{$id}' as related_to, \n\t\t\t\t\t\t'' as parent_comments\n\t\t\t\t\t from vtiger_faqcomments where faqid={$crmid}"; break; default: $entityInstance = CRMEntity::getInstance($relatedModule); $queryCriteria = ''; $criteria = 'All'; // currently hard coded to all ** TODO ** switch ($criteria) { // currently hard coded to all ** TODO ** case 'All': $queryCriteria = ''; break; case 'Last5': $queryCriteria = sprintf(" ORDER BY %s.%s DESC LIMIT 5", $entityInstance->table_name, $entityInstance->table_index); break; case 'Mine': $queryCriteria = ' AND vtiger_crmentity.smownerid=' . $current_user->id; break; } $query = $entityInstance->getListQuery($moduleName, sprintf(" AND %s.related_to={$crmid}", $entityInstance->table_name)); $query .= $queryCriteria; $qfields = __getRLQueryFields($meta, $queryParameters['columns']); // Remove all the \n, \r and white spaces to keep the space between the words consistent. $query = preg_replace("/[\n\r\\s]+/", " ", $query); $query = "select {$qfields} " . substr($query, stripos($query, ' FROM '), strlen($query)); break; } // end switch ModComments break; default: $relation_criteria = ''; switch ($relatedModule) { case 'Products': if ($module == 'Products') { // Product Bundles if (!empty($productDiscriminator) and $productDiscriminator == 'productparent') { $relation_criteria = " and label like '%parent%'"; } else { $relation_criteria = " and label like '%bundle%'"; // bundle by default } } break; case 'Calendar': $relation_criteria = " and label like '%Activities%'"; // History not supported //$relation_criteria = " and label like '%History%'"; break; } // special product relation with Q/SO/I/PO if ($relatedModule == 'Products' and in_array($module, array('Invoice', 'Quotes', 'SalesOrder', 'PurchaseOrder'))) { $query = 'select productid as id,sequence_no,quantity,listprice,discount_percent,discount_amount,comment,description,tax1,tax2,tax3 FROM vtiger_inventoryproductrel where id=' . $crmid; } else { $relationResult = $adb->pquery("SELECT * FROM vtiger_relatedlists WHERE tabid=? AND related_tabid=? {$relation_criteria}", array($moduleId, $relatedModuleId)); if (!$relationResult || !$adb->num_rows($relationResult)) { throw new WebserviceException('MODULES_NOT_RELATED', "Cannot find relation between {$module} and {$relatedModule}"); } if ($adb->num_rows($relationResult) > 1) { throw new WebserviceException('MANY_RELATIONS', "More than one relation exists between {$module} and {$relatedModule}"); } $relationInfo = $adb->fetch_array($relationResult); $moduleInstance = CRMEntity::getInstance($module); $params = array($crmid, $moduleId, $relatedModuleId); $relationData = call_user_method_array($relationInfo['name'], $moduleInstance, $params); $query = $relationData['query']; // select the fields the user has access to and prepare query $qfields = __getRLQueryFields($meta, $queryParameters['columns']); // Remove all the \n, \r and white spaces to keep the space between the words consistent. $query = preg_replace("/[\n\r\\s]+/", " ", $query); $query = "select {$qfields} " . substr($query, stripos($query, ' FROM '), strlen($query)); // Append additional joins for some queries $query = __getRLQueryFromJoins($query, $meta); //Appending Access Control if ($relatedModule != 'Faq' && $relatedModule != 'PriceBook' && $relatedModule != 'Vendors' && $relatedModule != 'Users') { $secQuery = getNonAdminAccessControlQuery($relatedModule, $current_user); if (strlen($secQuery) > 1) { $query = appendFromClauseToQuery($query, $secQuery); } } // This is for getting products related to Account/Contact through their Quote/SO/Invoice if (($module == 'Accounts' or $module == 'Contacts') and ($relatedModule == 'Products' or $relatedModule == 'Services') and in_array($productDiscriminator, array('productlineinvoice', 'productlinesalesorder', 'productlinequote', 'productlineall', 'productlineinvoiceonly', 'productlinesalesorderonly', 'productlinequoteonly'))) { // Here we add list of products contained in related invoice, so and quotes $relatedField = $module == 'Accounts' ? 'accountid' : 'contactid'; $pstable = $meta->getEntityBaseTable(); $psfield = $meta->getIdColumn(); if (substr($productDiscriminator, -4) == 'only') { $productDiscriminator = substr($productDiscriminator, 0, strlen($productDiscriminator) - 4); $query = ''; } if ($productDiscriminator == 'productlinequote' or $productDiscriminator == 'productlineall') { $q = "select distinct {$qfields} from vtiger_quotes\n\t\t\t\t\t\tinner join vtiger_crmentity as crmq on crmq.crmid=vtiger_quotes.quoteid\n\t\t\t\t\t\tleft join vtiger_inventoryproductrel on vtiger_inventoryproductrel.id=vtiger_quotes.quoteid\n\t\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_inventoryproductrel.productid \n\t\t\t\t\t\tleft join {$pstable} on {$pstable}.{$psfield} = vtiger_inventoryproductrel.productid \n\t\t\t\t\t\twhere vtiger_inventoryproductrel.productid = {$pstable}.{$psfield} AND crmq.deleted=0\n\t\t\t\t\t\t and {$relatedField} = {$crmid}"; $query .= ($query == '' ? '' : ' UNION DISTINCT ') . $q; } if ($productDiscriminator == 'productlineinvoice' or $productDiscriminator == 'productlineall') { $q = "select distinct {$qfields} from vtiger_invoice\n\t\t\t\t\t\tinner join vtiger_crmentity as crmi on crmi.crmid=vtiger_invoice.invoiceid\n\t\t\t\t\t\tleft join vtiger_inventoryproductrel on vtiger_inventoryproductrel.id=vtiger_invoice.invoiceid\n\t\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_inventoryproductrel.productid\n\t\t\t\t\t\tleft join {$pstable} on {$pstable}.{$psfield} = vtiger_inventoryproductrel.productid\n\t\t\t\t\t\twhere vtiger_inventoryproductrel.productid = {$pstable}.{$psfield} AND crmi.deleted=0\n\t\t\t\t\t\t and {$relatedField} = {$crmid}"; $query .= ($query == '' ? '' : ' UNION DISTINCT ') . $q; } if ($productDiscriminator == 'productlinesalesorder' or $productDiscriminator == 'productlineall') { $q = "select distinct {$qfields} from vtiger_salesorder \n\t\t\t\t\tinner join vtiger_crmentity as crms on crms.crmid=vtiger_salesorder.salesorderid\n\t\t\t\t\tleft join vtiger_inventoryproductrel on vtiger_inventoryproductrel.id=vtiger_salesorder.salesorderid\n\t\t\t\t\tinner join vtiger_crmentity on vtiger_crmentity.crmid=vtiger_inventoryproductrel.productid\n\t\t\t\t\tleft join {$pstable} on {$pstable}.{$psfield} = vtiger_inventoryproductrel.productid\n\t\t\t\t\twhere vtiger_inventoryproductrel.productid = {$pstable}.{$psfield} AND crms.deleted=0\n\t\t\t\t\tand {$relatedField} = {$crmid}"; $query .= ($query == '' ? '' : ' UNION DISTINCT ') . $q; } } } // q/so/i/po-product relation break; } // end switch $relatedModule // now we add order by if needed if ($query != '' and !empty($queryParameters['orderby'])) { $query .= ' order by ' . $queryParameters['orderby']; } // now we add limit and offset if needed if ($query != '' and !empty($queryParameters['limit'])) { $query .= ' limit ' . $queryParameters['limit']; if (!empty($queryParameters['offset'])) { $query .= ',' . $queryParameters['offset']; } } return $query; }
function vtws_getModuleHandlerFromId($id, $user) { global $adb, $log; $webserviceObject = VtigerWebserviceObject::fromId($adb, $id); $handlerPath = $webserviceObject->getHandlerPath(); $handlerClass = $webserviceObject->getHandlerClass(); require_once $handlerPath; $handler = new $handlerClass($webserviceObject, $user, $adb, $log); return $handler; }