public function execute() { // Only show categories available to current user $crm = new contactsRightsModel(); $cm = new waContactCategoryModel(); // List of categories user is allowed to add contacts to $categories = $cm->getAll('id'); $allowed = $crm->getAllowedCategories(); if ($allowed === true) { $allowed = $categories; } foreach ($categories as $id => &$cat) { if (!isset($allowed[$id]) || $cat['system_id']) { unset($categories[$id]); } $cat = $cat['name']; } unset($cat); // Set of catorories that are always checked and disabled in list $d = waRequest::get('disabled'); if (!is_array($d)) { $d = array($d); } $this->view->assign('categories', $categories); $this->view->assign('disabled', array_fill_keys($d, true)); }
function getOptions($id = null) { if (!$this->model) { $this->model = new waContactCategoryModel(); } if (!$this->categories) { $this->categories = $this->model->getALl('id'); } // Checklist options, category_id => name $options = array(); foreach ($this->categories as $id => $row) { $options[$id] = $row['name']; } // Admins are allowed to see everything, and person outside of contacts app can see a list of categories too if (wa()->getApp() != 'contacts' || wa()->getUser()->getRights('contacts', 'category.all')) { return $options; } // Only load categories available for current user $crm = new contactsRightsModel(); $allowed = $crm->getAllowedCategories(); foreach ($options as $id => $row) { if (!isset($allowed[$id])) { unset($options[$id]); } } return $options; }
public function save(waContact $contact, $fields) { if (!isset($fields['categories'])) { return TRUE; } if (empty($fields['categories'][0])) { $fields['categories'] = array(); } if (wa()->getApp() == 'contacts' && !wa()->getUser()->getRights('contacts', 'category.all')) { // only save categories available for current user to see, and do not change others $crm = new contactsRightsModel(); $cats = $this->getModel()->getContactCategories($contact->getId()); $allowed = $crm->getAllowedCategories(); $set = $fields['categories'] ? array_flip($fields['categories']) : array(); foreach ($allowed as $id => $cat) { if (isset($set[$id])) { $cats[$id] = true; } else { unset($cats[$id]); } } $fields['categories'] = array_keys($cats); } $this->getModel()->setContactCategories($contact->getId(), $fields['categories']); return TRUE; }
public function execute() { $ids = waRequest::post('id', array(), 'array_int'); if (!$ids) { $ids = (int) waRequest::get('id'); if (!$ids) { throw new Exception('No ids specified.'); } $ids = array($ids); } // do not try to delete self if (in_array($this->getUser()->getId(), $ids)) { die('<p>' . _w('You can not delete yourself.') . '</p><p>' . _w('Please eliminate yourself from deletion list.') . '</p>'); } // Only allow actions with contacts available for current user if (!$this->getRights('category.all')) { $crm = new contactsRightsModel(); $ccm = new waContactCategoriesModel(); $allowed = array_keys($crm->getAllowedCategories()); foreach ($ccm->getContactsCategories($ids) as $id => $cats) { if (!array_intersect($allowed, $cats)) { throw new waRightsException('Access denied'); } } } $superadmin = wa()->getUser()->getRights('webasyst', 'backend'); $result = wa()->event('links', $ids); $this->view->assign('apps', wa()->getApps()); $links = array(); foreach ($result as $app_id => $app_links) { foreach ($app_links as $contact_id => $contact_links) { if ($contact_links) { $links[$contact_id][$app_id] = $contact_links; } } } // Do not allow non-superadmin to remove users if (!$superadmin) { $um = new waUserModel(); $users = array_keys($um->getByField(array('id' => $ids, 'is_user' => 1), 'id')); foreach ($users as $user_id) { if (!isset($links[$user_id]['contacts'])) { $links[$user_id]['contacts'] = array(); } $links[$user_id]['contacts'][] = array('user', 1); } } $contact_model = new waContactModel(); $this->view->assign('ids', $superadmin ? $ids : array_diff($ids, array_keys($links))); $this->view->assign('contacts', $contact_model->getName(array_keys($links))); $this->view->assign('superadmin', $superadmin); $this->view->assign('all', count($ids)); $this->view->assign('links', $links); }
public function execute() { $superadmin = $this->getUser()->getRights('webasyst', 'backend'); $contacts = waRequest::post('id', array(), 'array_int'); // do not try to delete self if (in_array($this->getUser()->getId(), $contacts)) { throw new waRightsException('Access denied: attempt to delete own account.'); } // Only allow actions with contacts available for current user if (!$this->getRights('category.all')) { $crm = new contactsRightsModel(); $ccm = new waContactCategoriesModel(); $allowed = array_keys($crm->getAllowedCategories()); foreach ($ccm->getContactsCategories($contacts) as $id => $cats) { if (!array_intersect($allowed, $cats)) { throw new waRightsException('Access denied: no access to contact ' . $id); } } } // Deletion of contacts with links to other applications is only allowed to superadmins if (!$superadmin && ($links = wa()->event('links', $contacts))) { foreach ($links as $app_id => $l) { foreach ($l as $contact_id => $contact_links) { if ($contact_links) { throw new waRightsException('Access denied: only superadmin is allowed to delete contacts with links to other applications.'); } } } } // Are there users among $contacts? $um = new waUserModel(); $users = array_keys($um->getByField(array('id' => $contacts, 'is_user' => 1), 'id')); // deletion of users is only allowed to superadmins if (!$superadmin && $users) { throw new waRightsException('Access denied: only superadmin is allowed to delete users.'); } // Revoke user access before deletion foreach ($users as $user_id) { waUser::revokeUser($user_id); } // Bye bye... $contact_model = new waContactModel(); $contact_model->delete($contacts); // also throws a contacts.delete event $this->response['deleted'] = count($contacts); $this->response['message'] = sprintf(_w("%d contact has been deleted", "%d contacts have been deleted", $this->response['deleted']), $this->response['deleted']); $this->log('contact_delete', count($contacts)); }
public function execute() { $this->view->assign('views', null); $this->view->assign('settings', $this->getUser()->getSettings('contacts')); $historyModel = new contactsHistoryModel(); $this->view->assign('history', $historyModel->get()); $cc = new contactsCollection(); $this->view->assign('totalContacts', $cc->count()); // only show categories available to current user $crm = new contactsRightsModel(); $wcrm = new waContactRightsModel(); $ccm = new waContactCategoryModel(); $allowed = $crm->getAllowedCategories(); $categories = array(); if ($allowed === true) { $categories = $ccm->getAll(); } else { if ($allowed) { foreach ($ccm->getAll() as $cat) { if (isset($allowed[$cat['id']])) { $categories[] = $cat; } } } } $this->view->assign('categories', $categories); // User views are only available to global admin $r = new waContactRightsModel(); $this->view->assign('superadmin', FALSE); $this->view->assign('admin', FALSE); if (wa()->getUser()->getRights('webasyst', 'backend')) { $this->view->assign('superadmin', TRUE); $this->view->assign('admin', TRUE); $group_model = new waGroupModel(); $this->view->assign('groups', $group_model->getAll()); $cc = new contactsCollection('/users/all/'); $this->view->assign('totalUsers', $cc->count()); } else { if (wa()->getUser()->getRights('contacts', 'backend') >= 2) { $this->view->assign('admin', TRUE); } } // is user allowed to add contacts? $this->view->assign('show_create', $wcrm->get(null, null, 'create')); }
protected function checkAccess() { if ($this->getRights('category.all')) { return; } // Only allow actions with categories available for current user $crm = new contactsRightsModel(); $allowed = $crm->getAllowedCategories(); foreach (waRequest::post('categories', array(), 'array_int') as $id) { if (!isset($allowed[$id])) { throw new waRightsException('Access denied'); } } // Only allow actions with contacts available for current user $allowed = array_keys($allowed); $ccm = new waContactCategoriesModel(); foreach ($ccm->getContactsCategories(waRequest::post('contacts', array(), 'array_int')) as $id => $cats) { if (!array_intersect($allowed, $cats)) { throw new waRightsException('Access denied'); } } }