/**
* Constructor for the bean, it performs following tasks:
*
* 1. Initalized a database connections
* 2. Load the vardefs for the module implemeting the class. cache the entries
* if needed
* 3. Setup row-level security preference
* All implementing classes must call this constructor using the parent::__construct()
*
*/
public function __construct()
{
// FIXME: this will be removed, needed for ensuring BeanFactory is always used
//$this->checkBacktrace();
global $dictionary, $current_user;
$this->db = DBManagerFactory::getInstance();
if (empty($this->module_name)) {
$this->module_name = $this->module_dir;
}
if (isset($this->disable_team_security)) {
$this->disable_row_level_security = $this->disable_team_security;
}
// Verify that current user is not null then do an ACL check. The current user check is to support installation.
if (!$this->disable_row_level_security && !empty($current_user->id) && (is_admin($current_user) || $this->bean_implements('ACL') && (ACLAction::getUserAccessLevel($current_user->id, $this->module_dir, 'access') == ACL_ALLOW_ENABLED && (ACLAction::getUserAccessLevel($current_user->id, $this->module_dir, 'admin') == ACL_ALLOW_ADMIN || ACLAction::getUserAccessLevel($current_user->id, $this->module_dir, 'admin') == ACL_ALLOW_ADMIN_DEV)))) {
$this->disable_row_level_security = true;
}
if (false == $this->disable_vardefs && (empty(self::$loadedDefs[$this->object_name]) || !empty($GLOBALS['reload_vardefs']))) {
$refresh = inDeveloperMode() || !empty($_SESSION['developerMode']);
if ($refresh && !empty(VardefManager::$inReload["{$this->module_dir}:{$this->object_name}"])) {
// if we're already reloading this vardef, no need to do it again
$refresh = false;
}
VardefManager::loadVardef($this->module_dir, $this->object_name, $refresh, array("bean" => $this));
// build $this->column_fields from the field_defs if they exist
if (!empty($dictionary[$this->object_name]['fields'])) {
foreach ($dictionary[$this->object_name]['fields'] as $key => $value_array) {
$column_fields[] = $key;
if (!empty($value_array['required']) && !empty($value_array['name'])) {
$this->required_fields[$value_array['name']] = 1;
}
}
$this->column_fields = $column_fields;
}
//setup custom fields
if (!isset($this->custom_fields) && empty($this->disable_custom_fields)) {
$this->setupCustomFields($this->module_dir);
}
//load up field_arrays from CacheHandler;
if (empty($this->list_fields)) {
$this->list_fields = $this->_loadCachedArray($this->module_dir, $this->object_name, 'list_fields');
}
if (empty($this->column_fields)) {
$this->column_fields = $this->_loadCachedArray($this->module_dir, $this->object_name, 'column_fields');
}
if (empty($this->required_fields)) {
$this->required_fields = $this->_loadCachedArray($this->module_dir, $this->object_name, 'required_fields');
}
if (isset($GLOBALS['dictionary'][$this->object_name]) && !$this->disable_vardefs) {
$this->field_name_map = $dictionary[$this->object_name]['fields'];
$this->field_defs = $dictionary[$this->object_name]['fields'];
if (isset($dictionary[$this->object_name]['name_format_map'])) {
$this->name_format_map = $dictionary[$this->object_name]['name_format_map'];
}
if (!empty($dictionary[$this->object_name]['optimistic_locking'])) {
$this->optimistic_lock = true;
}
if (isset($dictionary[$this->object_name]['importable'])) {
$this->importable = isTruthy($dictionary[$this->object_name]['importable']);
}
}
self::$loadedDefs[$this->object_name]['column_fields'] =& $this->column_fields;
self::$loadedDefs[$this->object_name]['list_fields'] =& $this->list_fields;
self::$loadedDefs[$this->object_name]['required_fields'] =& $this->required_fields;
self::$loadedDefs[$this->object_name]['field_name_map'] =& $this->field_name_map;
self::$loadedDefs[$this->object_name]['field_defs'] =& $this->field_defs;
self::$loadedDefs[$this->object_name]['name_format_map'] =& $this->name_format_map;
} else {
$this->column_fields =& self::$loadedDefs[$this->object_name]['column_fields'];
$this->list_fields =& self::$loadedDefs[$this->object_name]['list_fields'];
$this->required_fields =& self::$loadedDefs[$this->object_name]['required_fields'];
$this->field_name_map =& self::$loadedDefs[$this->object_name]['field_name_map'];
$this->field_defs =& self::$loadedDefs[$this->object_name]['field_defs'];
$this->name_format_map =& self::$loadedDefs[$this->object_name]['name_format_map'];
$this->added_custom_field_defs = true;
if (!isset($this->custom_fields) && empty($this->disable_custom_fields)) {
$this->setupCustomFields($this->module_dir, false);
}
if (!empty($dictionary[$this->object_name]['optimistic_locking'])) {
$this->optimistic_lock = true;
}
}
// Verify that current user is not null then do an ACL check. The current user check is to support installation.
if (!$this->disable_row_level_security && !empty($current_user->id) && !isset($this->disable_team_security) && !SugarACL::checkAccess($this->module_dir, 'team_security', array('bean' => $this))) {
// We can disable team security for this module
$this->disable_row_level_security = true;
}
if ($this->bean_implements('ACL')) {
$this->acl_fields = isset($dictionary[$this->object_name]['acl_fields']) && $dictionary[$this->object_name]['acl_fields'] === false ? false : true;
if (!empty($current_user->id)) {
ACLField::loadUserFields($this->module_dir, $this->object_name, $current_user->id);
}
$this->addVisibilityStrategy("ACLVisibility");
}
$this->populateDefaultValues();
if (isset($this->disable_team_security)) {
$this->disable_row_level_security = $this->disable_team_security;
}
}
/**
* returnFieldsWithAccess
*
* @param object $seed an instance of the bean we are checking acl's on
* @param array $select_fields array of fields being explicitly checked for access, empty array means check all
* @return array Array of the fields for this bean that passed the acl filter test
*/
function returnFieldsWithAccess($seed, $select_fields = array())
{
//can't do anything if there is no bean
if (empty($seed)) {
return $select_fields;
}
//if the select fields array is empty, then use all the fields for this bean
if (empty($select_fields)) {
$fields = $seed->field_name_map;
$select_fields = array_keys($fields);
}
//check to see if bean implements acl and this is not an admin so we can remove any restricted fields
if ($seed->bean_implements('ACL') && !empty($GLOBALS['current_user']) && !$GLOBALS['current_user']->is_admin) {
//lets load up any acl fields for this uer
ACLField::loadUserFields($seed->module_dir, $seed->object_name, $GLOBALS['current_user']->id);
//iterate through the select fields array and remove any restricted acl fields (less than 0)
foreach ($select_fields as $fieldnum => $fieldname) {
if (isset($_SESSION['ACL'][$GLOBALS['current_user']->id][$seed->module_dir]['fields'][$fieldname]) && $_SESSION['ACL'][$GLOBALS['current_user']->id][$seed->module_dir]['fields'][$fieldname] < 0) {
//this field has an acl restricting the user from accessing it, unset it
unset($select_fields[$fieldnum]);
}
}
}
return $select_fields;
}
