public static function get_user($user_id, $perms = true, $do_link = true, $basic_for_link = false) { //,$basic=false $cache_key_args = func_get_args(); $cache_key = self::_user_cache_key($user_id, $cache_key_args); $cache_timeout = module_config::c('cache_objects', 60); if ($cached_item = module_cache::get('user', $cache_key)) { return $cached_item; } $user = get_single("user", "user_id", $user_id); if ($do_link && $user && isset($user['linked_parent_user_id']) && $user['linked_parent_user_id'] && $user['linked_parent_user_id'] != $user['user_id']) { $user = self::get_user($user['linked_parent_user_id']); module_cache::put('user', $cache_key, $user, $cache_timeout); return $user; } if ($user) { if ($basic_for_link) { module_cache::put('user', $cache_key, $user, $cache_timeout); return $user; } // if this user is a linked contact to the current contact then we allow access. if (isset($user['linked_parent_user_id']) && $user['linked_parent_user_id'] == module_security::get_loggedin_id()) { // allow all access. } else { if (class_exists('module_customer', false)) { if ($user) { switch (module_user::get_user_data_access()) { case _USER_ACCESS_ME: if ($user['user_id'] != module_security::get_loggedin_id()) { if ($perms) { $user = false; } else { // eg for linking. $user['_perms'] = false; } } break; case _USER_ACCESS_CONTACTS: if (!$user['customer_id'] && !$user['vendor_id'] && $user['user_id'] != module_security::get_loggedin_id()) { // this user is not a customer contact, don't let them access it. if ($perms) { $user = false; } else { // eg for linking. $user['_perms'] = false; } } break; case _USER_ACCESS_ALL: default: // all user accounts. break; } } if ($user && $user['customer_id'] > 0) { switch (module_customer::get_customer_data_access()) { case _CUSTOMER_ACCESS_ALL: // all customers! so this means all jobs! break; case _CUSTOMER_ACCESS_ALL_COMPANY: case _CUSTOMER_ACCESS_CONTACTS: case _CUSTOMER_ACCESS_TASKS: case _CUSTOMER_ACCESS_STAFF: $valid_customer_ids = module_security::get_customer_restrictions(); $is_valid_user = isset($valid_customer_ids[$user['customer_id']]); if (!$is_valid_user) { if ($perms) { $user = false; } else { // eg for linking. $user['_perms'] = false; } } } } } if ($user && $user['vendor_id'] > 0) { switch (module_vendor::get_vendor_data_access()) { case _VENDOR_ACCESS_ALL: // all vendors! so this means all jobs! break; case _VENDOR_ACCESS_ALL_COMPANY: case _VENDOR_ACCESS_CONTACTS: $valid_vendor_check = module_vendor::get_vendor($user['vendor_id']); $is_valid_user = $valid_vendor_check && isset($valid_vendor_check['vendor_id']) && $valid_vendor_check['vendor_id'] == $user['vendor_id']; if (!$is_valid_user) { if ($perms) { $user = false; } else { // eg for linking. $user['_perms'] = false; } } } } } } if (!$user) { $user = array('user_id' => 'new', 'customer_id' => 0, 'vendor_id' => 0, 'name' => '', 'last_name' => '', 'email' => '', 'password' => '', 'phone' => '', 'mobile' => '', 'fax' => '', 'roles' => array(), 'language' => module_config::c('default_language', 'en'), 'company_ids' => array()); $use_master_key = self::get_contact_master_key(); if (isset($_REQUEST[$use_master_key])) { $user[$use_master_key] = $_REQUEST[$use_master_key]; } } else { $user['roles'] = get_multiple('user_role', array('user_id' => $user_id)); if (class_exists('module_company', false) && module_company::is_enabled()) { $user['company_ids'] = array(); foreach (module_company::get_companys_by_user($user['user_id']) as $company) { $user['company_ids'][$company['company_id']] = $company['name']; } } module_cache::put('user', $cache_key, $user, $cache_timeout); } return $user; }