Exemplo n.º 1
0
 /**
  * Constructor for the bean, it performs following tasks:
  *
  * 1. Initalized a database connections
  * 2. Load the vardefs for the module implemeting the class. cache the entries
  *    if needed
  * 3. Setup row-level security preference
  * All implementing classes  must call this constructor using the parent::__construct()
  *
  */
 public function __construct()
 {
     // FIXME: this will be removed, needed for ensuring BeanFactory is always used
     //$this->checkBacktrace();
     global $dictionary, $current_user;
     $this->db = DBManagerFactory::getInstance();
     if (empty($this->module_name)) {
         $this->module_name = $this->module_dir;
     }
     if (isset($this->disable_team_security)) {
         $this->disable_row_level_security = $this->disable_team_security;
     }
     // Verify that current user is not null then do an ACL check.  The current user check is to support installation.
     if (!$this->disable_row_level_security && !empty($current_user->id) && (is_admin($current_user) || $this->bean_implements('ACL') && (ACLAction::getUserAccessLevel($current_user->id, $this->module_dir, 'access') == ACL_ALLOW_ENABLED && (ACLAction::getUserAccessLevel($current_user->id, $this->module_dir, 'admin') == ACL_ALLOW_ADMIN || ACLAction::getUserAccessLevel($current_user->id, $this->module_dir, 'admin') == ACL_ALLOW_ADMIN_DEV)))) {
         $this->disable_row_level_security = true;
     }
     if (false == $this->disable_vardefs && (empty(self::$loadedDefs[$this->object_name]) || !empty($GLOBALS['reload_vardefs']))) {
         $refresh = inDeveloperMode() || !empty($_SESSION['developerMode']);
         if ($refresh && !empty(VardefManager::$inReload["{$this->module_dir}:{$this->object_name}"])) {
             // if we're already reloading this vardef, no need to do it again
             $refresh = false;
         }
         VardefManager::loadVardef($this->module_dir, $this->object_name, $refresh, array("bean" => $this));
         // build $this->column_fields from the field_defs if they exist
         if (!empty($dictionary[$this->object_name]['fields'])) {
             foreach ($dictionary[$this->object_name]['fields'] as $key => $value_array) {
                 $column_fields[] = $key;
                 if (!empty($value_array['required']) && !empty($value_array['name'])) {
                     $this->required_fields[$value_array['name']] = 1;
                 }
             }
             $this->column_fields = $column_fields;
         }
         //setup custom fields
         if (!isset($this->custom_fields) && empty($this->disable_custom_fields)) {
             $this->setupCustomFields($this->module_dir);
         }
         //load up field_arrays from CacheHandler;
         if (empty($this->list_fields)) {
             $this->list_fields = $this->_loadCachedArray($this->module_dir, $this->object_name, 'list_fields');
         }
         if (empty($this->column_fields)) {
             $this->column_fields = $this->_loadCachedArray($this->module_dir, $this->object_name, 'column_fields');
         }
         if (empty($this->required_fields)) {
             $this->required_fields = $this->_loadCachedArray($this->module_dir, $this->object_name, 'required_fields');
         }
         if (isset($GLOBALS['dictionary'][$this->object_name]) && !$this->disable_vardefs) {
             $this->field_name_map = $dictionary[$this->object_name]['fields'];
             $this->field_defs = $dictionary[$this->object_name]['fields'];
             if (isset($dictionary[$this->object_name]['name_format_map'])) {
                 $this->name_format_map = $dictionary[$this->object_name]['name_format_map'];
             }
             if (!empty($dictionary[$this->object_name]['optimistic_locking'])) {
                 $this->optimistic_lock = true;
             }
             if (isset($dictionary[$this->object_name]['importable'])) {
                 $this->importable = isTruthy($dictionary[$this->object_name]['importable']);
             }
         }
         self::$loadedDefs[$this->object_name]['column_fields'] =& $this->column_fields;
         self::$loadedDefs[$this->object_name]['list_fields'] =& $this->list_fields;
         self::$loadedDefs[$this->object_name]['required_fields'] =& $this->required_fields;
         self::$loadedDefs[$this->object_name]['field_name_map'] =& $this->field_name_map;
         self::$loadedDefs[$this->object_name]['field_defs'] =& $this->field_defs;
         self::$loadedDefs[$this->object_name]['name_format_map'] =& $this->name_format_map;
     } else {
         $this->column_fields =& self::$loadedDefs[$this->object_name]['column_fields'];
         $this->list_fields =& self::$loadedDefs[$this->object_name]['list_fields'];
         $this->required_fields =& self::$loadedDefs[$this->object_name]['required_fields'];
         $this->field_name_map =& self::$loadedDefs[$this->object_name]['field_name_map'];
         $this->field_defs =& self::$loadedDefs[$this->object_name]['field_defs'];
         $this->name_format_map =& self::$loadedDefs[$this->object_name]['name_format_map'];
         $this->added_custom_field_defs = true;
         if (!isset($this->custom_fields) && empty($this->disable_custom_fields)) {
             $this->setupCustomFields($this->module_dir, false);
         }
         if (!empty($dictionary[$this->object_name]['optimistic_locking'])) {
             $this->optimistic_lock = true;
         }
     }
     // Verify that current user is not null then do an ACL check.  The current user check is to support installation.
     if (!$this->disable_row_level_security && !empty($current_user->id) && !isset($this->disable_team_security) && !SugarACL::checkAccess($this->module_dir, 'team_security', array('bean' => $this))) {
         // We can disable team security for this module
         $this->disable_row_level_security = true;
     }
     if ($this->bean_implements('ACL')) {
         $this->acl_fields = isset($dictionary[$this->object_name]['acl_fields']) && $dictionary[$this->object_name]['acl_fields'] === false ? false : true;
         if (!empty($current_user->id)) {
             ACLField::loadUserFields($this->module_dir, $this->object_name, $current_user->id);
         }
         $this->addVisibilityStrategy("ACLVisibility");
     }
     $this->populateDefaultValues();
     if (isset($this->disable_team_security)) {
         $this->disable_row_level_security = $this->disable_team_security;
     }
 }
Exemplo n.º 2
0
 /**
  * returnFieldsWithAccess
  *
  * @param object $seed an instance of the bean we are checking acl's on
  * @param array $select_fields array of fields being explicitly checked for access, empty array means check all
  * @return array Array of the fields for this bean that passed the acl filter test
  */
 function returnFieldsWithAccess($seed, $select_fields = array())
 {
     //can't do anything if there is no bean
     if (empty($seed)) {
         return $select_fields;
     }
     //if the select fields array is empty, then use all the fields for this bean
     if (empty($select_fields)) {
         $fields = $seed->field_name_map;
         $select_fields = array_keys($fields);
     }
     //check to see if bean implements acl and this is not an admin so we can remove any restricted fields
     if ($seed->bean_implements('ACL') && !empty($GLOBALS['current_user']) && !$GLOBALS['current_user']->is_admin) {
         //lets load up any acl fields for this uer
         ACLField::loadUserFields($seed->module_dir, $seed->object_name, $GLOBALS['current_user']->id);
         //iterate through the select fields array and remove any restricted acl fields (less than 0)
         foreach ($select_fields as $fieldnum => $fieldname) {
             if (isset($_SESSION['ACL'][$GLOBALS['current_user']->id][$seed->module_dir]['fields'][$fieldname]) && $_SESSION['ACL'][$GLOBALS['current_user']->id][$seed->module_dir]['fields'][$fieldname] < 0) {
                 //this field has an acl restricting the user from accessing it, unset it
                 unset($select_fields[$fieldnum]);
             }
         }
     }
     return $select_fields;
 }