/**
* Render form control
*
* @param string $control_name
* @return string
*/
function render($control_name)
{
$value = $this->getValue();
$dimensions = Dimensions::instance()->findAll();
$permission_group_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(), false);
$out = '';
foreach ($dimensions as $dim) {
/* @var $dim Dimension */
if ($dim->getOptions(1) && isset($dim->getOptions(1)->hidden) && $dim->getOptions(1)->hidden) {
continue;
}
if (!$dim->getDefinesPermissions() || !$dim->deniesAllForContact($permission_group_ids)) {
if (array_search($dim->getId(), $value) !== false) {
$checked = 1;
} else {
$checked = 0;
}
$out .= '<div class="dimension" >';
$out .= label_tag($dim->getName(), null, false, array('style' => 'display:inline;margin:10px;vertical-align:super;'));
$out .= checkbox_field($control_name . '[' . $dim->getId() . ']', $checked);
$out .= '</div >';
}
}
$out .= '<input type="hidden" name="' . $control_name . '[0]" value=" ">';
return $out;
}
static function userHasSystemPermission(Contact $user, $system_permission)
{
if ($user->isAdministrator()) {
return true;
}
if (array_var(self::$permission_cache, $user->getId())) {
if (array_key_exists($system_permission, self::$permission_cache[$user->getId()])) {
return array_var(self::$permission_cache[$user->getId()], $system_permission);
}
}
if (array_var(self::$permission_group_ids_cache, $user->getId())) {
$contact_pg_ids = self::$permission_group_ids_cache[$user->getId()];
} else {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false);
self::$permission_group_ids_cache[$user->getId()] = $contact_pg_ids;
}
$permission = self::findOne(array('conditions' => "`{$system_permission}` = 1 AND `permission_group_id` IN ({$contact_pg_ids})"));
if (!array_var(self::$permission_cache, $user->getId())) {
self::$permission_cache[$user->getId()] = array();
}
if (!array_key_exists($system_permission, self::$permission_cache[$user->getId()])) {
self::$permission_cache[$user->getId()][$system_permission] = !is_null($permission);
}
if (!is_null($permission)) {
return true;
}
return false;
}
/**
*
* @param array $permissions with the member and the changed_pgs
*/
function afterMemberPermissionChanged($permissions)
{
$member = array_var($permissions, 'member');
//get all users in the set of permissions groups
$permissionGroupIds = array();
foreach (array_var($permissions, 'changed_pgs') as $pg_id) {
$permissionGroupId = $pg_id;
if (!in_array($permissionGroupId, $permissionGroupIds)) {
$permissionGroupIds[] = $permissionGroupId;
}
}
if (count($permissionGroupIds) > 0) {
$usersIds = ContactPermissionGroups::getAllContactsIdsByPermissionGroupIds($permissionGroupIds);
foreach ($usersIds as $us_id) {
$user = Contacts::findById($us_id);
ContactMemberCaches::updateContactMemberCache($user, $member->getId());
}
} else {
//update this member for all user in cache
$contacts = Contacts::getAllUsers();
foreach ($contacts as $contact) {
ContactMemberCaches::updateContactMemberCache($contact, $member->getId());
}
}
}
private function loadPanels($options)
{
if (!$this->panels) {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(), false);
$this->panels = array();
$sql = "\r\n\t\t\t\tSELECT * FROM " . TABLE_PREFIX . "tab_panels \r\n\t\t\t\tWHERE \r\n\t\t\t\t\tenabled = 1 AND\t\t\t\t\t\r\n\t\t\t\t\t( \t\r\n\t\t\t\t\t\tplugin_id IS NULL OR plugin_id=0 OR\r\n\t\t\t\t\t\tplugin_id IN (SELECT id FROM " . TABLE_PREFIX . "plugins WHERE is_installed = 1 AND is_activated = 1) \r\n\t\t\t\t\t)\r\n\t\t\t\t\tAND id IN (SELECT tab_panel_id FROM " . TABLE_PREFIX . "tab_panel_permissions WHERE permission_group_id IN ({$contact_pg_ids}))\r\n\t\t\t\tORDER BY ordering ASC ";
$res = DB::execute($sql);
while ($row = $res->fetchRow()) {
$object = array("title" => lang($row['title']), "id" => $row['id'], "quickAddTitle" => lang($row['default_controller']), "refreshOnWorkspaceChange" => (bool) $row['refresh_on_context_change'], "defaultController" => $row['default_controller'], "defaultContent" => array("type" => "url", "data" => get_url($row['default_controller'], $row['default_action'])), "enabled" => $row['enabled'], "type" => $row['type'], "tabTip" => lang($row['title']));
if (config_option('show_tab_icons')) {
$object["iconCls"] = $row['icon_cls'];
}
if ($row['initial_controller'] && $row['initial_action']) {
$object["initialContent"] = array("type" => "url", "data" => get_url($row['initial_controller'], $row['initial_action']));
}
if ($row['id'] == 'more-panel' && config_option('getting_started_step') >= 99) {
$object['closable'] = true;
if (!user_config_option('settings_closed')) {
$this->panels[] = $object;
}
} else {
$this->panels[] = $object;
}
}
}
return $this->panels;
}
private function loadPanels($options) {
if (! $this->panels) {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(),false);
$this->panels = array();
$sql = "
SELECT * FROM " . TABLE_PREFIX . "tab_panels
WHERE
enabled = 1 AND
(
type = 'system' OR
plugin_id IN (SELECT id FROM ".TABLE_PREFIX."plugins WHERE is_installed = 1 AND is_activated = 1)
)
AND id IN (SELECT tab_panel_id FROM ".TABLE_PREFIX."tab_panel_permissions WHERE permission_group_id IN ($contact_pg_ids))
ORDER BY ordering ASC ";
$res = DB::execute ( $sql );
while ( $row = $res->fetchRow () ) {
$object = array (
"title" => lang($row ['title']),
"id" => $row ['id'],
"quickAddTitle" => lang ($row['default_controller']),
"refreshOnWorkspaceChange" => (bool) $row ['refresh_on_context_change'] ,
"defaultController" => $row['default_controller'] ,
"defaultContent" => array (
"type" => "url",
"data" => get_url ( $row ['default_controller'], $row ['default_action'] )
),
"enabled" => $row ['enabled'],
"type" => $row ['type'],
);
if (config_option('show_tab_icons')) {
$object["iconCls"] = $row ['icon_cls'];
}
if ( $row ['initial_controller'] && $row['initial_action'] ) {
$object["initialContent"] = array (
"type" => "url",
"data" => get_url ( $row ['initial_controller'], $row ['initial_action'] )
);
}
/*
if ( $row['title'] == "overview" ) {
$object["initialContent"] = array (
"type" => "url",
"data" => ROOT_URL
);
}*/
$this->panels [] = $object ;
}
}
return $this->panels;
}
function delete() {
// delete system permissions
SystemPermissions::delete("`permission_group_id` = ".$this->getId());
// delete member permissions
ContactMemberPermissions::delete("`permission_group_id` = ".$this->getId());
// delte dimension permissions
ContactDimensionPermissions::delete("`permission_group_id` = ".$this->getId());
// delete contact_permission_group entries
ContactPermissionGroups::delete("`permission_group_id` = ".$this->getId());
// delete tab panel permissions
TabPanelPermissions::delete("`permission_group_id` = ".$this->getId());
parent::delete();
}
function getActiveContextPermissions(Contact $contact, $object_type_id, $context, $dimension_members, $can_write = false, $can_delete = false)
{
if ($contact instanceof Contact && $contact->isAdministrator()) {
return $dimension_members;
}
$allowed_members = array();
$permission_group_ids = ContactPermissionGroups::getContextPermissionGroupIdsByContactCSV($contact->getId());
$perm_ids_array = explode(",", $permission_group_ids);
foreach ($perm_ids_array as $pid) {
foreach ($dimension_members as $member_id) {
//check if exists a context permission group for this object type id in this member
$contact_member_permission = self::findById(array('permission_group_id' => $pid, 'member_id' => $member_id, 'object_type_id' => $object_type_id));
if ($contact_member_permission instanceof ContactMemberPermission && (!$can_write || $contact_member_permission->getCanWrite() && !$can_delete || $contact_member_permission->getCanDelete())) {
$permission_contexts = PermissionContexts::findAll(array('`contact_id` = ' . $contact->getId(), 'permission_group_id' => $pid, 'member_id' => $member_id));
//check if the actual context applies to this permission group
if (!is_null($permission_contexts)) {
$dimensions = array();
$context_members = array();
foreach ($permission_contexts as $pc) {
$member = $pc->getMember();
$dimension_id = $member->getDimensionId();
if (!in_array($dimension_id, $dimensions)) {
$dimensions[] = $dimension_id;
$context_members[$dimension_id] = array();
}
$context_members[$dimension_id][] = $member;
}
$include = true;
foreach ($dimensions as $dim_id) {
$members_in_context = array();
foreach ($context_members[$dim_id] as $value) {
if (in_array($value, $context)) {
$members_in_context[] = $value;
}
}
if (count($members_in_context) == 0) {
$include = $include && false;
}
}
if ($include && count($dimensions) != 0) {
$allowed_members[] = $member_id;
}
}
}
}
}
return $allowed_members;
}
/**
* Render form control
*
* @param string $control_name
* @return string
*/
function render($control_name) {
$value = $this->getValue();
$dimensions = Dimensions::instance()->findAll();
$permission_group_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(),false);
$out = '' ;
foreach ($dimensions as $dim) { /* @var $dim Dimension */
if ( $dim->getOptions(1) && isset($dim->getOptions(1)->hidden) && $dim->getOptions(1)->hidden ) {
continue ;
}
if (!$dim->getDefinesPermissions() || !$dim->deniesAllForContact($permission_group_ids)) {
if (array_search($dim->getId(), $value) !== false ){
$checked = 1 ;
}else{
$checked = 0 ;
}
$out.='<div class="dimension" >';
$out.=label_tag($dim->getName());
$out.=checkbox_field($control_name.'['.$dim->getId().']',$checked );
$out.='</div >';
}
}
return $out ;
}
static function userHasSystemPermission(Contact $user, $system_permission)
{
if ($user instanceof Contact && $user->isAdministrator()) {
return true;
}
if (array_var(self::$permission_cache, $user->getId())) {
if (array_key_exists($system_permission, self::$permission_cache[$user->getId()])) {
return array_var(self::$permission_cache[$user->getId()], $system_permission);
}
}
if (array_var(self::$permission_group_ids_cache, $user->getId())) {
$contact_pg_ids = self::$permission_group_ids_cache[$user->getId()];
} else {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false);
self::$permission_group_ids_cache[$user->getId()] = $contact_pg_ids;
}
$permission = self::findOne(array('conditions' => "`{$system_permission}` = 1 AND `permission_group_id` IN ({$contact_pg_ids})"));
// check max system permission
$max_role_system_permissions = MaxSystemPermissions::findOne(array('conditions' => 'permission_group_id = ' . $user->getUserType()));
if ($max_role_system_permissions instanceof MaxSystemPermission) {
$max_val = $max_role_system_permissions->getColumnValue($system_permission);
if (!$max_val) {
$permission = null;
}
}
if (!array_var(self::$permission_cache, $user->getId())) {
self::$permission_cache[$user->getId()] = array();
}
if (!array_key_exists($system_permission, self::$permission_cache[$user->getId()])) {
self::$permission_cache[$user->getId()][$system_permission] = !is_null($permission);
}
if (!is_null($permission)) {
return true;
}
return false;
}
/**
* List groups
*
* @access public
* @param void
* @return null
*/
function groups()
{
if (!can_manage_security(logged_user())) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
$groups = PermissionGroups::getNonRolePermissionGroups();
$gr_lengths = array();
foreach ($groups as $gr) {
$count = ContactPermissionGroups::count("`permission_group_id` = " . $gr->getId());
$gr_lengths[$gr->getId()] = $count;
}
tpl_assign('gr_lengths', $gr_lengths);
tpl_assign('permission_groups', $groups);
}
function do_delete()
{
$id = $this->getId();
ContactAddresses::instance()->delete("`contact_id` = {$id}");
ContactImValues::instance()->delete("`contact_id` = {$id}");
ContactEmails::instance()->delete("`contact_id` = {$id}");
ContactTelephones::instance()->delete("`contact_id` = {$id}");
ContactWebpages::instance()->delete("`contact_id` = {$id}");
ContactConfigOptionValues::instance()->delete("`contact_id` = {$id}");
ContactPasswords::instance()->delete("`contact_id` = {$id}");
ObjectSubscriptions::instance()->delete("`contact_id` = {$id}");
ObjectReminders::instance()->delete("`contact_id` = {$id}");
ContactPermissionGroups::instance()->delete("`contact_id` = {$id}");
ContactMemberPermissions::instance()->delete("`permission_group_id` = " . $this->getPermissionGroupId());
ContactDimensionPermissions::instance()->delete("`permission_group_id` = " . $this->getPermissionGroupId());
SystemPermissions::instance()->delete("`permission_group_id` = " . $this->getPermissionGroupId());
TabPanelPermissions::instance()->delete("`permission_group_id` = " . $this->getPermissionGroupId());
$this->delete();
$ret = null;
Hook::fire("after_user_deleted", $this, $ret);
}
/**
* @deprecated
* @author Ignacio Vazquez - elpepe.uy@gmail.com
*/
static function _findAllowed()
{
//1. Find members where user can add tasks
//$sqlMembers = "
$sql = "\n\t\t\tSELECT distinct(id) AS id\n\t\t\tFROM " . TABLE_PREFIX . "object_members om\n\t\t\tINNER JOIN " . TABLE_PREFIX . "templates t ON t.object_id = om.object_id\n\t\t\tINNER JOIN " . TABLE_PREFIX . "objects o ON om.object_id = o.id\n\t\t\tWHERE\n\t\t\t member_id IN ( \n\t\t\t \tSELECT distinct(member_id) \n\t\t\t\t\tFROM " . TABLE_PREFIX . "contact_member_permissions o \n\t\t\t\t\tWHERE object_type_id = " . ProjectTasks::instance()->getObjectTypeId() . " \n\t\t\t\t\tAND permission_group_id IN ( " . ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId()) . " ) AND can_write= 1 \n\t\t\t\t)\n\t\t\t\tAND is_optimization = 0\n\t\t\tGROUP BY om.object_id\t\t\n\t\t";
$res = DB::execute($sql);
$tpls = array();
// Iterate on the results and make som filtering
while ($row = $res->fetchRow()) {
$tpl = COTemplates::instance()->findById($row['id']);
$tpls[] = $tpl;
}
return $tpls;
}
/**
* Return true is $user can access an $object. False otherwise.
*
* @param Contact $user
* @param array $members
* @param $object_type_id
* @return boolean
*/
function can_access(Contact $user, $members, $object_type_id, $access_level){
if($user->isAdministrator()){
return true;
}
$write = $access_level == ACCESS_LEVEL_WRITE;
$delete = $access_level == ACCESS_LEVEL_DELETE;
if (($user->isGuest() && $access_level!= ACCESS_LEVEL_READ) || !count($members)>0) return false;
try {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(),false);
$allow_all_cache = array();
$dimension_query_methods = array();
$dimension_permissions = array();
foreach($members as $k => $m){
if (!$m instanceof Member) {
unset($members[$k]);
continue;
}
$dimension = $m->getDimension();
if(!$dimension->getDefinesPermissions()){
continue;
}
$dimension_id = $dimension->getId();
if (!isset($dimension_permissions[$dimension_id])) {
$dimension_permissions[$dimension_id]=false;
}
if (!$dimension_permissions[$dimension_id]){
if ($m->canContainObject($object_type_id)){
if (!isset($dimension_query_methods[$dimension->getId()])) {
$dimension_query_methods[$dimension->getId()] = $dimension->getPermissionQueryMethod();
}
//dimension defines permissions and user has maximum level of permissions
if (isset($allow_all_cache[$dimension_id])) {
$allow_all = $allow_all_cache[$dimension_id];
} else {
$allow_all = $dimension->hasAllowAllForContact($contact_pg_ids);
$allow_all_cache[$dimension_id] = $allow_all;
}
if ($allow_all) {
$dimension_permissions[$dimension_id]=true;
}
//check individual members
if (!$dimension_permissions[$dimension_id] && ContactMemberPermissions::contactCanReadObjectTypeinMember($contact_pg_ids, $m->getId(), $object_type_id, $write, $delete, $user)){
$dimension_permissions[$dimension_id]=true;
}
} else {
unset($dimension_permissions[$dimension_id]);
}
}
}
$allowed = true;
// check that user has permissions in all mandatory query method dimensions
$mandatory_count = 0;
foreach ($dimension_query_methods as $dim_id => $qmethod) {
if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_MANDATORY) {
$mandatory_count++;
if (!array_var($dimension_permissions, $dim_id)) {
// if one of the members belong to a mandatory dimension and user does not have permissions on it then return false
return false;
}
}
}
// If no members in mandatory dimensions then check for not mandatory ones
if ($allowed && $mandatory_count == 0) {
foreach ($dimension_query_methods as $dim_id => $qmethod) {
if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_NOT_MANDATORY) {
if (array_var($dimension_permissions, $dim_id)) {
// if has permissions over any member of a non mandatory dimension then return true
return true;
} else {
$allowed = false;
}
}
}
}
if ($allowed && count($dimension_permissions)) {
return true;
}
// Si hasta aca tienen perm en todas las dim, return true. Si hay alguna que no tiene perm sigo
//Check Context Permissions
$member_ids = array();
foreach ($members as $member_obj) $member_ids[] = $member_obj->getId();
$allowed_members = ContactMemberPermissions::getActiveContextPermissions($user, $object_type_id, $members, $member_ids, $write, $delete);
$count=0;
foreach($members as $m){
$count++;
if (!in_array($m->getId(), $allowed_members)) return false;
else if ($count==count($members)) return true;
}
}
catch(Exception $e) {
tpl_assign('error', $e);
return false;
}
return false;
}
static function prepareDimensionConditions($context, $object_type_id)
{
//get contact's permission groups ids
$pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(), false);
$all_dim_in_all_conditions = "";
$dm_conditions = "";
$context_dimensions = array();
$selection_members = array();
// - stores the ids of all members selected in context
$selected_dimensions = array();
// - stores the ids of all dimensions selected in context
$properties = array();
//- stores associations between dimensions
$redefined_context = array();
// - if there are dimensions that are associated to another dimension in the context, we may need to redefine the context
foreach ($context as $selection) {
if ($selection instanceof Member) {
$selection_members[] = $selection;
}
}
$member_count = 0;
foreach ($context as $selection) {
if ($selection instanceof Member) {
// condiciones para filtrar por el miembro seleccionado
$member_count++;
$dimension = $selection->getDimension();
$dimension_id = $dimension->getId();
$selected_dimensions[] = $dimension;
$context_dimensions[$dimension_id]['allowed_members'] = array();
// - stores the ids of the members where we must search for objects
$context_dimensions[$dimension_id]['allowed_members'][] = $selection->getId();
$children = $selection->getAllChildrenInHierarchy();
foreach ($children as $child) {
$context_dimensions[$dimension_id]['allowed_members'][] = $child->getId();
}
if ($dimension->canContainObjects()) {
$allowed_members = $context_dimensions[$dimension_id]['allowed_members'];
$dm_conditions .= self::prepareQuery($dm_conditions, $dimension, $allowed_members, $object_type_id, $pg_ids, 'AND', $selection_members);
$redefined_context[] = $dimension_id;
} else {
//let's check if this dimension is property of another
$associated_dimensions_ids = $dimension->getAssociatedDimensions();
if (count($associated_dimensions_ids) > 0) {
foreach ($associated_dimensions_ids as $aid) {
$properties[$dimension_id][] = $aid;
}
}
}
} else {
// condiciones para cuando se selecciona "all" en todas las dimensiones visibles
$all_members = $selection->getAllMembers();
foreach ($all_members as $member) {
$context_dimensions[$selection->getId()]['allowed_members'][] = $member->getId();
}
//get all the content object type ids that can hang in the dimension
if ($selection->canContainObjects()) {
if (!isset($context_dimensions[$selection->getId()])) {
$context_dimensions[$selection->getId()] = array();
}
$allowed_members = array_var($context_dimensions[$selection->getId()], 'allowed_members', array());
$all_dim_in_all_conditions .= self::prepareQuery($all_dim_in_all_conditions, $selection, $allowed_members, $object_type_id, $pg_ids, 'OR', $selection_members, true);
}
}
}
// Si esta parado en 'all' de todas las dimensiones visibles aplico la condicion de que el objeto pertenezca a algun miembro de las dimensiones al cual yo tenga permisos
if ($member_count == 0) {
$dm_conditions .= $all_dim_in_all_conditions;
}
if (count($properties) > 0) {
foreach ($properties as $property => $values) {
foreach ($values as $dim_id) {
if (!in_array($dim_id, $redefined_context)) {
$redefined_context[] = $dim_id;
}
}
}
return self::prepareAssociationConditions($redefined_context, $context_dimensions, $properties, $object_type_id, $pg_ids, $selection_members);
}
$dimensions = Dimensions::findAll();
foreach ($dimensions as $dimension) {
if ($dimension->canContainObjects() && !in_array($dimension, $context) && !in_array($dimension, $selected_dimensions)) {
$member_ids = array();
$all_members = $dimension->getAllMembers();
foreach ($all_members as $member) {
$member_ids[] = $member->getId();
}
$dm_conditions .= self::prepareQuery($dm_conditions, $dimension, $member_ids, $object_type_id, $pg_ids, 'OR', $selection_members, true);
}
}
return $dm_conditions;
}
/**
* This function will return paginated result. Result is an array where first element is
* array of returned object and second populated pagination object that can be used for
* obtaining and rendering pagination data using various helpers.
*
* Items and pagination array vars are indexed with 0 for items and 1 for pagination
* because you can't use associative indexing with list() construct
*
* @access public
* @param array $arguments Query argumens (@see find()) Limit and offset are ignored!
* @param integer $items_per_page Number of items per page
* @param integer $current_page Current page number
* @return array
*/
function paginate($arguments = null, $items_per_page = 10, $current_page = 1)
{
if (isset($this) && instance_of($this, 'ContactPermissionGroups')) {
return parent::paginate($arguments, $items_per_page, $current_page);
} else {
return ContactPermissionGroups::instance()->paginate($arguments, $items_per_page, $current_page);
}
// if
}
/**
* Edit specific contact
*
* @access public
* @param void
* @return null
*/
function edit()
{
if (logged_user()->isGuest()) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
$this->setTemplate('edit_contact');
$contact = Contacts::findById(get_id());
if (!$contact instanceof Contact) {
flash_error(lang('contact dnx'));
ajx_current("empty");
return;
}
// if
if (!$contact->canEdit(logged_user())) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
// if
$im_types = ImTypes::findAll(array('order' => '`id`'));
// telephone types
$all_telephone_types = TelephoneTypes::getAllTelephoneTypesInfo();
tpl_assign('all_telephone_types', $all_telephone_types);
// address types
$all_address_types = AddressTypes::getAllAddressTypesInfo();
tpl_assign('all_address_types', $all_address_types);
// webpage types
$all_webpage_types = WebpageTypes::getAllWebpageTypesInfo();
tpl_assign('all_webpage_types', $all_webpage_types);
// email types
$all_email_types = EmailTypes::getAllEmailTypesInfo();
tpl_assign('all_email_types', $all_email_types);
$contact_data = array_var($_POST, 'contact');
// Populate form fields
if (!is_array($contact_data)) {
// set layout for modal form
if (array_var($_REQUEST, 'modal')) {
$this->setLayout("json");
tpl_assign('modal', true);
}
$contact_data = $this->get_contact_data_from_contact($contact);
if ($contact->isUser()) {
$_REQUEST['is_user'] = 1;
tpl_assign('user_type', $contact->getUserType());
}
if (is_array($im_types)) {
foreach ($im_types as $im_type) {
$contact_data['im_' . $im_type->getId()] = $contact->getImValue($im_type);
}
// foreach
}
// if
$null = null;
Hook::fire('before_edit_contact_form', array('object' => $contact), $null);
}
// if
tpl_assign('isEdit', array_var($_GET, 'isEdit', false));
tpl_assign('contact', $contact);
tpl_assign('contact_data', $contact_data);
tpl_assign('im_types', $im_types);
tpl_assign('active_tab', array_var($_REQUEST, 'active_tab'));
//Contact Submit
if (is_array(array_var($_POST, 'contact'))) {
foreach ($contact_data as $k => &$v) {
$v = remove_scripts($v);
}
try {
DB::beginWork();
$contact_data['email'] = trim($contact_data['email']);
$contact_data['contact_type'] = 'contact';
Contacts::validate($contact_data, get_id());
$newCompany = false;
if (array_var($contact_data, 'isNewCompany') == 'true' && is_array(array_var($_POST, 'company'))) {
$company_data = array_var($_POST, 'company');
$company_data['contact_type'] = 'company';
Contacts::validate($company_data);
$company = new Contact();
$company->setFromAttributes($company_data);
$company->setIsCompany(true);
$company->setObjectName();
$company->save();
// save phones, addresses and webpages
$this->save_phones_addresses_webpages($company_data, $company);
if ($company_data['email'] != "") {
$company->addEmail($company_data['email'], 'work', true);
}
$newCompany = true;
}
$contact_data['birthday'] = getDateValue($contact_data["birthday"]);
if (isset($contact_data['specify_username'])) {
if ($contact_data['user']['username'] != "") {
$contact_data['name'] = $contact_data['user']['username'];
} else {
$contact_data['name'] = $contact_data['first_name'] . " " . $contact_data['surname'];
}
} else {
$contact_data['name'] = $contact_data['first_name'] . " " . $contact_data['surname'];
}
$user_data = array_var($_POST, 'user');
if (is_array($user_data) && trim(array_var($user_data, 'username', '')) != "") {
$contact_data['username'] = trim(array_var($user_data, 'username', ''));
}
$contact->setFromAttributes($contact_data);
if ($newCompany) {
$contact->setCompanyId($company->getId());
}
$contact->setObjectName();
$contact->save();
// save phones, addresses and webpages
$this->save_phones_addresses_webpages($contact_data, $contact);
//Emails
$personal_email_type_id = EmailTypes::getEmailTypeId('personal');
$main_emails = $contact->getMainEmails();
$more_main_emails = array();
$main_mail = null;
foreach ($main_emails as $me) {
if ($main_mail == null) {
$main_mail = $me;
} else {
$more_main_emails[] = $me;
}
}
if ($main_mail) {
$main_mail->editEmailAddress($contact_data['email']);
} else {
if ($contact_data['email'] != "") {
$contact->addEmail($contact_data['email'], 'personal', true);
}
}
foreach ($more_main_emails as $mme) {
$mme->setIsMain(false);
$mme->save();
}
// save additional emails
$this->save_non_main_emails($contact_data, $contact);
// autodetect timezone
$autotimezone = array_var($contact_data, 'autodetect_time_zone', null);
if ($autotimezone !== null) {
set_user_config_option('autodetect_time_zone', $autotimezone, $contact->getId());
}
// IM values
$contact->clearImValues();
foreach ($im_types as $im_type) {
$value = trim(array_var($contact_data, 'im_' . $im_type->getId()));
if ($value != '') {
$contact_im_value = new ContactImValue();
$contact_im_value->setContactId($contact->getId());
$contact_im_value->setImTypeId($im_type->getId());
$contact_im_value->setValue($value);
$contact_im_value->setIsMain(array_var($contact_data, 'default_im') == $im_type->getId());
$contact_im_value->save();
}
// if
}
// foreach
$member_ids = json_decode(array_var($_POST, 'members'));
$object_controller = new ObjectController();
if (!is_null($member_ids)) {
$object_controller->add_to_members($contact, $member_ids);
}
$no_perm_members_ids = json_decode(array_var($_POST, 'no_perm_members'));
if (count($no_perm_members_ids)) {
$object_controller->add_to_members($contact, $no_perm_members_ids);
}
if ($newCompany) {
$object_controller->add_to_members($company, $member_ids);
}
$object_controller->link_to_new_object($contact);
$object_controller->add_subscribers($contact);
$object_controller->add_custom_properties($contact);
// User settings
$user = array_var(array_var($_POST, 'contact'), 'user');
if ($user && $contact->canUpdatePermissions(logged_user())) {
$user_type_changed = false;
if (array_var($user, 'type')) {
$user_type_changed = $contact->getUserType() != array_var($user, 'type');
$contact->setUserType(array_var($user, 'type'));
$contact->save();
}
if ($user_type_changed) {
$this->cut_max_user_permissions($contact);
}
// update user groups
if (isset($_REQUEST['user_groups'])) {
$insert_values = "";
$group_ids = explode(',', $_REQUEST['user_groups']);
foreach ($group_ids as $gid) {
if (trim($gid) == "" || !is_numeric($gid)) {
continue;
}
$insert_values .= ($insert_values == "" ? "" : ",") . "(" . $contact->getId() . ", {$gid})";
}
ContactPermissionGroups::instance()->delete("contact_id=" . $contact->getId() . " AND permission_group_id <> " . $contact->getPermissionGroupId());
if ($insert_values != "") {
DB::execute("INSERT INTO " . TABLE_PREFIX . "contact_permission_groups VALUES {$insert_values} ON DUPLICATE KEY UPDATE contact_id=contact_id;");
}
ContactMemberCaches::updateContactMemberCacheAllMembers($contact);
}
}
$null = null;
Hook::fire('after_edit_contact', $contact, $null);
DB::commit();
// save user permissions
if ($user && $contact->canUpdatePermissions(logged_user())) {
save_user_permissions_background(logged_user(), $contact->getPermissionGroupId(), $contact->isGuest());
}
if (array_var($contact_data, 'isNewCompany') == 'true' && is_array(array_var($_POST, 'company'))) {
ApplicationLogs::createLog($company, ApplicationLogs::ACTION_ADD);
}
ApplicationLogs::createLog($contact, ApplicationLogs::ACTION_EDIT);
flash_success(lang('success edit contact', $contact->getObjectName()));
ajx_current("back");
if (array_var($_REQUEST, 'modal')) {
evt_add("reload current panel");
}
} catch (Exception $e) {
DB::rollback();
flash_error($e->getMessage());
ajx_current("empty");
}
// try
}
// if
}
/**
*
*
*/
function list_dimension_members($member_id, $context_dimension_id, $object_type_id, $allowed_member_type_ids)
{
if ($member_id != 0) {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(), false);
$member = members::findById($member_id);
$dimension = Dimensions::getDimensionById($context_dimension_id);
if ($object_type_id != null) {
$dimension_object_type_contents = $dimension->getObjectTypeContent($object_type_id);
foreach ($dimension_object_type_contents as $dotc) {
$dot_id = $dotc->getDimensionObjectTypeId();
if (is_null($allowed_member_type_ids) || in_array($dot_id, $allowed_member_type_ids)) {
$allowed_object_type_ids[] = $dot_id;
}
}
}
if ($dimension instanceof Dimension && $member instanceof Member) {
if (!$dimension->getDefinesPermissions() || $dimension->hasAllowAllForContact($contact_pg_ids)) {
$dimension_members = $dimension->getAllMembers(false, "parent_member_id, name", true);
} else {
if ($dimension->hasCheckForContact($contact_pg_ids)) {
$member_list = $dimension->getAllMembers(false, "parent_member_id, name", true);
$allowed_members = array();
foreach ($member_list as $dim_member) {
if (ContactMemberPermissions::instance()->contactCanReadMemberAll($contact_pg_ids, $dim_member->getId(), logged_user())) {
$allowed_members[] = $dim_member;
}
}
$dimension_members = $allowed_members;
}
}
$members_to_retrieve = array();
$association_ids = DimensionMemberAssociations::getAllAssociationIds($member->getDimensionId(), $context_dimension_id);
if (count($association_ids) > 0) {
$associated_members_ids_csv = '';
foreach ($association_ids as $id) {
$association = DimensionMemberAssociations::findById($id);
$children = $member->getAllChildrenInHierarchy();
if ($association->getDimensionId() == $context_dimension_id) {
$new_csv = MemberPropertyMembers::getAllMemberIds($id, $member_id);
$associated_members_ids_csv .= $new_csv != '' ? $new_csv . "," : '';
foreach ($children as $child) {
$new_csv = MemberPropertyMembers::getAllMemberIds($id, $child->getId());
$associated_members_ids_csv .= $new_csv != '' ? $new_csv . "," : '';
}
} else {
$new_csv = MemberPropertyMembers::getAllPropertyMemberIds($id, $member_id) . ",";
$associated_members_ids_csv .= $new_csv != '' ? $new_csv . "," : '';
foreach ($children as $child) {
$new_csv = MemberPropertyMembers::getAllPropertyMemberIds($id, $child->getId());
$associated_members_ids_csv .= $new_csv != '' ? $new_csv . "," : '';
}
}
}
$associated_members_ids = explode(',', $associated_members_ids_csv);
$associated_members_ids = array_unique($associated_members_ids);
}
if (isset($associated_members_ids) && count($associated_members_ids) > 0) {
foreach ($associated_members_ids as $id) {
$associated_member = Members::findById($id);
if (in_array($associated_member, $dimension_members)) {
$context_hierarchy_members = $associated_member->getAllParentMembersInHierarchy(true);
foreach ($context_hierarchy_members as $context_member) {
if (!in_array($context_member, $members_to_retrieve) && in_array($context_member, $dimension_members)) {
$members_to_retrieve[$context_member->getName()] = $context_member;
}
}
}
}
// alphabetical order
$members_to_retrieve = array_ksort($members_to_retrieve);
} else {
$members_to_retrieve[] = $dimension_members;
}
$membersset = array();
foreach ($members_to_retrieve as $m) {
$membersset[$m->getId()] = true;
}
$members = array();
// Todo adapt this code to call "buildMemberList" - (performance and code improvement)
foreach ($members_to_retrieve as $m) {
if ($m->getArchivedById() > 0) {
continue;
}
if ($object_type_id != null) {
$selectable = in_array($m->getObjectTypeId(), $allowed_object_type_ids) ? true : false;
}
$tempParent = $m->getParentMemberId();
$x = $m;
while ($x instanceof Member && !isset($membersset[$tempParent])) {
$tempParent = $x->getParentMemberId();
$x = $x->getParentMember();
}
if (!$x instanceof Member) {
$tempParent = 0;
}
if ($dot = DimensionObjectTypes::instance()->findOne(array("conditions" => "\n\t\t\t\t\t\tdimension_id = " . $dimension->getId() . " AND\n\t\t\t\t\t\tobject_type_id = " . $m->getObjectTypeId()))) {
$memberOptions = $dot->getOptions(true);
} else {
$memberOptions = '';
}
/* @var $m Member */
$member = array("id" => $m->getId(), "name" => clean($m->getName()), "parent" => $tempParent, "realParent" => $m->getParentMemberId(), "object_id" => $m->getObjectId(), "options" => $memberOptions, "depth" => $m->getDepth(), "iconCls" => $m->getIconClass(), "selectable" => isset($selectable) ? $selectable : false, "dimension_id" => $m->getDimensionId(), "object_type_id" => $m->getObjectTypeId(), "allow_childs" => $m->allowChilds());
if ($oid = $m->getObjectId()) {
if ($obj = Objects::instance()->findObject($m->getObjectId())) {
$editUrl = $obj->getEditUrl();
}
}
// Member Actions
if (can_manage_dimension_members(logged_user())) {
if ($oid = $m->getObjectId()) {
if ($obj = Objects::instance()->findObject($m->getObjectId())) {
$editUrl = $obj->getEditUrl();
}
} else {
$editUrl = get_url('member', 'edit', array('id' => $m->getId()));
}
$member['actions'] = array(array('url' => $editUrl, 'text' => '', 'iconCls' => 'ico-edit'));
}
$members[] = $member;
}
return $members;
}
return null;
} else {
$members = $this->initial_list_dimension_members($context_dimension_id, $object_type_id, $allowed_member_type_ids);
return $members;
}
}
function get_user_dimensions_ids(){
//All dimensions
$all_dimensions = Dimensions::findAll();
$dimensions_to_show = array();
foreach ($all_dimensions as $dim){
if (!$dim->getDefinesPermissions()){
$dimensions_to_show [$dim->getId()] = $dim->getId();
}
else{
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(),false);
/*if dimension does not deny everything for each contact's PG, show it*/
if (!$dim->deniesAllForContact($contact_pg_ids)){
$dimensions_to_show [$dim->getId()] = $dim->getId();
}
}
}
return $dimensions_to_show;
}
/**
* Return true is $user can access an $object. False otherwise.
*
* @param Contact $user
* @param array $members
* @param $object_type_id
* @return boolean
*/
function can_access(Contact $user, $members, $object_type_id, $access_level)
{
if ($user->isAdministrator()) {
return true;
}
$write = $access_level == ACCESS_LEVEL_WRITE;
$delete = $access_level == ACCESS_LEVEL_DELETE;
if ($user->isGuest() && $access_level != ACCESS_LEVEL_READ || !count($members) > 0) {
return false;
}
try {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false);
$allow_all_cache = array();
$dimension_permissions = array();
foreach ($members as $k => $m) {
if (!$m instanceof Member) {
unset($members[$k]);
continue;
}
$dimension = $m->getDimension();
if (!$dimension->getDefinesPermissions()) {
continue;
}
$dimension_id = $dimension->getId();
if (!isset($dimension_permissions[$dimension_id])) {
$dimension_permissions[$dimension_id] = false;
}
if (!$dimension_permissions[$dimension_id]) {
if ($m->canContainObject($object_type_id)) {
//dimension defines permissions and user has maximum level of permissions
if (isset($allow_all_cache[$dimension_id])) {
$allow_all = $allow_all_cache[$dimension_id];
} else {
$allow_all = $dimension->hasAllowAllForContact($contact_pg_ids);
$allow_all_cache[$dimension_id] = $allow_all;
}
if ($allow_all) {
$dimension_permissions[$dimension_id] = true;
}
//check individual members
if (!$dimension_permissions[$dimension_id] && ContactMemberPermissions::contactCanReadObjectTypeinMember($contact_pg_ids, $m->getId(), $object_type_id, $write, $delete, $user)) {
$dimension_permissions[$dimension_id] = true;
}
} else {
unset($dimension_permissions[$dimension_id]);
}
}
}
$allowed = true;
foreach ($dimension_permissions as $perm) {
if (!$perm) {
$allowed = false;
} else {
return true;
// if user has permission in one of the object's members then can access = true
}
}
if ($allowed && count($dimension_permissions)) {
return true;
}
// Si hasta aca tienen perm en todas las dim, return true. Si hay alguna que no tiene perm sigo
//Check Context Permissions
$member_ids = array();
foreach ($members as $member_obj) {
$member_ids[] = $member_obj->getId();
}
$allowed_members = ContactMemberPermissions::getActiveContextPermissions($user, $object_type_id, $members, $member_ids, $write, $delete);
$count = 0;
foreach ($members as $m) {
$count++;
if (!in_array($m->getId(), $allowed_members)) {
return false;
} else {
if ($count == count($members)) {
return true;
}
}
}
} catch (Exception $e) {
tpl_assign('error', $e);
return false;
}
return false;
}
/**
* Edit group
*
* @param void
* @return null
*/
function edit()
{
$this->setTemplate('add');
if (!can_manage_security(logged_user())) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
// if
$group = PermissionGroups::findById(get_id());
if (!$group instanceof PermissionGroup) {
flash_error(lang('group dnx'));
$this->redirectTo('administration', 'groups');
}
// if
$group_data = array_var($_POST, 'group');
if (!is_array($group_data)) {
$pg_id = $group->getId();
$parameters = permission_form_parameters($pg_id);
// Module Permissions
$module_permissions = TabPanelPermissions::findAll(array("conditions" => "`permission_group_id` = {$pg_id}"));
$module_permissions_info = array();
foreach ($module_permissions as $mp) {
$module_permissions_info[$mp->getTabPanelId()] = 1;
}
$all_modules = TabPanels::findAll(array("conditions" => "`enabled` = 1", "order" => "ordering"));
$all_modules_info = array();
foreach ($all_modules as $module) {
$all_modules_info[] = array('id' => $module->getId(), 'name' => lang($module->getTitle()), 'ot' => $module->getObjectTypeId());
}
// System Permissions
$system_permissions = SystemPermissions::findById($pg_id);
tpl_assign('module_permissions_info', $module_permissions_info);
tpl_assign('all_modules_info', $all_modules_info);
tpl_assign('system_permissions', $system_permissions);
tpl_assign('permission_parameters', $parameters);
// users
$group_users = array();
$cpgs = ContactPermissionGroups::findAll(array("conditions" => "`permission_group_id` = {$pg_id}"));
foreach ($cpgs as $cpg) {
$group_users[] = $cpg->getContactId();
}
tpl_assign('groupUserIds', $group_users);
tpl_assign('users', Contacts::getAllUsers());
tpl_assign('pg_id', $group->getId());
tpl_assign('group', $group);
tpl_assign('group_data', array('name' => $group->getName()));
add_page_action(lang('delete'), "javascript:if(confirm(lang('confirm delete group'))) og.openLink('" . $group->getDeleteUrl() . "');", 'ico-trash', null, null, true);
} else {
try {
$group->setFromAttributes($group_data);
DB::beginWork();
$group->save();
// set permissions
$pg_id = $group->getId();
//save_permissions($pg_id);
$gr_users = $group->getUsers();
$gr_users_ids = array();
if ($post_users = array_var($_POST, 'user')) {
foreach ($post_users as $user_id => $val) {
if ($val == '1' && is_numeric($user_id)) {
$gr_users_ids[] = $user_id;
}
}
}
foreach ($gr_users as $us) {
if (!in_array($us->getId(), $gr_users_ids)) {
$gr_users_ids[] = $us->getId();
}
}
// save users
ContactPermissionGroups::delete("`permission_group_id` = {$pg_id}");
if ($users = array_var($_POST, 'user')) {
foreach ($users as $user_id => $val) {
if ($val == '1' && is_numeric($user_id) && Contacts::findById($user_id) instanceof Contact) {
$cpg = new ContactPermissionGroup();
$cpg->setPermissionGroupId($pg_id);
$cpg->setContactId($user_id);
$cpg->save();
}
}
}
//ApplicationLogs::createLog($group, ApplicationLogs::ACTION_EDIT);
DB::commit();
flash_success(lang('success edit group', $group->getName()));
ajx_current("back");
} catch (Exception $e) {
DB::rollback();
tpl_assign('error', $e);
return;
}
try {
save_user_permissions_background(logged_user(), $pg_id, false, $gr_users_ids);
} catch (Exception $e) {
tpl_assign('error', $e);
}
}
}
?>
</button>
<div class="clear"></div>
</div>
</div>
<?php
}
?>
<?php
$groups = PermissionGroups::getNonRolePermissionGroups();
$gr_lengths = array();
foreach ($groups as $gr) {
$count = ContactPermissionGroups::count("`permission_group_id` = " . $gr->getId());
$gr_lengths[$gr->getId()] = $count;
}
?>
<div class="user-groups-section">
<h1><?php
echo lang('groups');
?>
</h1>
<div class="section-description desc"><?php
echo lang('groups desc', '<br />');
?>
</div>
<div class="section-content section3">
<ul>
<?php
/**
* Return manager instance
*
* @access protected
* @param void
* @return ContactPermissionGroups
*/
function manager() {
if(!($this->manager instanceof ContactPermissionGroups)) $this->manager = ContactPermissionGroups::instance();
return $this->manager;
} // manager
/**
* Returns all the members to be displayed in the panel that corresponds to the dimension for which the id is received by
* parameter.
* It is called when the application is first loaded.
* @todo: return only the members that are going to be retrieved
* @todo: add a function to retrieve the rest of the members - dimension_members - and make it more efficient
* @todo: add a funciton to retrieve a specific set of members
* @todo: check where this function is called
* @todo: check (and fix) that the system doesn't use the left-panel navigation tree to get member's data
*
*/
function initial_list_dimension_members($dimension_id, $object_type_id, $allowed_member_type_ids = null, $return_all_members = false, $extra_conditions = "", $limit = null, $return_member_objects = false, $order = null, $return_only_members_name = false, $filter_by_members = array(), $access_level = ACCESS_LEVEL_READ, $use_member_cache = false)
{
$allowed_member_types = array();
$item_object = null;
if (logged_user()->isAdministrator()) {
$return_all_members = true;
}
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(), false);
$dimension = Dimensions::getDimensionById($dimension_id);
if ($object_type_id != null) {
$dimension_object_type_contents = $dimension->getObjectTypeContent($object_type_id);
foreach ($dimension_object_type_contents as $dotc) {
$dot_id = $dotc->getDimensionObjectTypeId();
if (is_null($allowed_member_type_ids) || in_array($dot_id, $allowed_member_type_ids)) {
$allowed_member_types[] = $dot_id;
}
}
$object_type = ObjectTypes::findById($object_type_id);
if ($object_type instanceof ObjectType && $object_type->getType() == 'dimension_object') {
eval('$ot_manager = ' . $object_type->getHandlerClass() . '::instance();');
if (isset($ot_manager)) {
eval('$item_object = new ' . $ot_manager->getItemClass() . '();');
}
}
}
$extra_conditions .= " AND archived_by_id=0";
if ($dimension instanceof Dimension) {
if (count($allowed_member_types) > 0) {
$extra_conditions = " AND object_type_id IN (" . implode(",", $allowed_member_types) . ")" . $extra_conditions;
}
$parent = 0;
if (is_null($order)) {
$order = "parent_member_id, name";
}
if (!$dimension->getDefinesPermissions() || $dimension->hasAllowAllForContact($contact_pg_ids) || $return_all_members) {
$all_members = $dimension->getAllMembers(false, $order, true, $extra_conditions, $limit);
} else {
if ($dimension->hasCheckForContact($contact_pg_ids)) {
if ($use_member_cache) {
//use the contact member cache
$params = array("dimension" => $dimension, "contact_id" => logged_user()->getId(), "parent_member_id" => 0, "start" => $limit['offset'], "limit" => $limit['limit'], "extra_condition" => $extra_conditions, "order" => '`name`', "order_dir" => 'ASC');
$all_members = ContactMemberCaches::getAllMembersWithCachedParentId($params);
} else {
$member_list = $dimension->getAllMembers(false, $order, true, $extra_conditions, $limit);
$allowed_members = array();
foreach ($member_list as $dim_member) {
if (ContactMemberPermissions::instance()->contactCanAccessMemberAll($contact_pg_ids, $dim_member->getId(), logged_user(), $access_level)) {
$allowed_members[] = $dim_member;
}
}
$all_members = $allowed_members;
}
}
}
if (!isset($all_members)) {
$all_members = array();
}
$tmp_array = array();
foreach ($filter_by_members as $filter_id) {
if ($filter_id) {
$tmp_array[] = $filter_id;
}
}
$filter_by_members = $tmp_array;
$all_members = $this->apply_association_filters($dimension, $all_members, $filter_by_members);
if ($return_member_objects) {
return $all_members;
} else {
return $this->buildMemberList($all_members, $dimension, $allowed_member_type_ids, $allowed_member_types, $item_object, $object_type_id, $return_only_members_name);
}
}
return null;
}
static function prepareDimensionConditions($context)
{
//get contact's permission groups ids
$pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId(), false);
$dm_conditions = "";
$context_dimensions = array();
$selection_members = array();
// - stores the ids of all members selected in context
$selected_dimensions = array();
// - stores the ids of all dimensions selected in context
$properties = array();
//- stores associations between dimensions
$redefined_context = array();
// - if there are dimensions that are associated to another dimension in the context, we may need to redefine the context
foreach ($context as $selection) {
if ($selection instanceof Member) {
$selection_members[] = $selection;
}
}
foreach ($context as $selection) {
if ($selection instanceof Member) {
$dimension = $selection->getDimension();
$dimension_id = $dimension->getId();
$selected_dimensions[] = $dimension;
$context_dimensions[$dimension_id]['allowed_members'] = array();
// - stores the ids of the members where we must search for objects
$context_dimensions[$dimension_id]['object_types'] = array();
// - stores the ids of those content object types that we must search for
//first get all the object types of the member that is selected and its children
$member_object_types = array();
$member_object_types[] = $selection->getObjectTypeId();
$context_dimensions[$dimension_id]['allowed_members'][] = $selection->getId();
$children = $selection->getAllChildrenInHierarchy();
foreach ($children as $child) {
$context_dimensions[$dimension_id]['allowed_members'][] = $child->getId();
if (!in_array($child->getObjectTypeId(), $member_object_types)) {
$member_object_types[] = $child->getObjectTypeId();
}
}
//now let's check which content object type ids can hang from the object types that correspond to these members in this dimension
foreach ($member_object_types as $object_type) {
$content_object_types = DimensionObjectTypeContents::getContentObjectTypeIds($dimension_id, $object_type);
foreach ($content_object_types as $co_type) {
if (!in_array($co_type, $context_dimensions[$dimension_id]['object_types'])) {
$context_dimensions[$dimension_id]['object_types'][] = $co_type;
}
}
}
if ($dimension->canContainObjects()) {
$allowed_members = $context_dimensions[$dimension_id]['allowed_members'];
$object_types = $context_dimensions[$dimension_id]['object_types'];
$dm_conditions .= self::prepareQuery($dm_conditions, $dimension, $allowed_members, $object_types, $pg_ids, 'AND', $selection_members);
$redefined_context[] = $dimension_id;
} else {
//let's check if this dimension is property of another
$associated_dimensions_ids = $dimension->getAssociatedDimensions();
if (count($associated_dimensions_ids) > 0) {
foreach ($associated_dimensions_ids as $aid) {
$properties[$dimension_id][] = $aid;
}
}
}
} else {
$all_members = $selection->getAllMembers();
foreach ($all_members as $member) {
if (!isset($context_dimensions[$selection->getId()]['allowed_members'])) {
$context_dimensions[$selection->getId()]['allowed_members'] = array();
}
$context_dimensions[$selection->getId()]['allowed_members'][] = $member->getId();
}
//get all the content object type ids that can hang in the dimension
$context_dimensions[$selection->getId()]['object_types'] = DimensionObjectTypeContents::getContentObjectTypeIds($selection->getId());
if ($selection->canContainObjects()) {
$allowed_members = array_var($context_dimensions[$selection->getId()], 'allowed_members', array());
$object_types = array_var($context_dimensions[$selection->getId()], 'object_types', array());
$dm_conditions .= self::prepareQuery($dm_conditions, $selection, $allowed_members, $object_types, $pg_ids, 'OR', $selection_members, true);
}
}
}
if (count($properties) > 0) {
foreach ($properties as $property => $values) {
foreach ($values as $dim_id) {
if (!in_array($dim_id, $redefined_context)) {
$redefined_context[] = $dim_id;
}
}
}
return self::prepareAssociationConditions($redefined_context, $context_dimensions, $properties, $pg_ids, $selection_members);
}
$dimensions = Dimensions::findAll();
foreach ($dimensions as $dimension) {
if ($dimension->canContainObjects() && !in_array($dimension, $context) && !in_array($dimension, $selected_dimensions)) {
$member_ids = array();
$all_members = $dimension->getAllMembers();
foreach ($all_members as $member) {
$member_ids[] = $member->getId();
}
$object_types = DimensionObjectTypeContents::getContentObjectTypeIds($dimension->getId());
$dm_conditions .= self::prepareQuery($dm_conditions, $dimension, $member_ids, $object_types, $pg_ids, 'OR', $selection_members, true);
}
}
return $dm_conditions;
}
/**
* Returns a list of emails according to the requested parameters
*
* @param string $tag
* @param array $attributes
* @param Project $project
* @return array
*/
function getEmails($account_id = null, $state = null, $read_filter = "", $classif_filter = "", $context = null, $start = null, $limit = null, $order_by = 'received_date', $dir = 'ASC', $join_params = null, $archived = false) {
$mailTablePrefix = "e";
if (!$limit) $limit = user_config_option('mails_per_page') ? user_config_option('mails_per_page') : config_option('files_per_page');
$accountConditions = "";
// Check for accounts
$accountConditions = '';
if (isset($account_id) && $account_id > 0) { //Single account
$accountConditions = " AND $mailTablePrefix.account_id = " . DB::escape($account_id);
} else {
// show emails from other accounts
$macs = MailAccountContacts::instance()->getByContact(logged_user());
$acc_ids = array(0);
foreach ($macs as $mac) $acc_ids[] = $mac->getAccountId();
// permission conditions
$pgs = ContactPermissionGroups::getPermissionGroupIdsByContactCSV(logged_user()->getId());
if (trim($pgs == '')) $pgs = '0';
$perm_sql = "(SELECT count(*) FROM ".TABLE_PREFIX."sharing_table st WHERE st.object_id = $mailTablePrefix.object_id AND st.group_id IN ($pgs)) > 0";
// show mails for all visible accounts and classified mails where logged_user has permissions
$accountConditions = " AND ($mailTablePrefix.account_id IN (" . implode(",", $acc_ids) . ") OR $perm_sql)";
}
// Check for unclassified emails
$classified = '';
if ($classif_filter != '' && $classif_filter != 'all') {
$classified = "AND " . ($classif_filter == 'unclassified' ? "NOT " : "");
$classified .= "o.id IN (SELECT object_id FROM ".TABLE_PREFIX."object_members)";
}
// Check for draft, junk, etc. emails
if ($state == "draft") {
$stateConditions = " $mailTablePrefix.state = '2'";
} else if ($state == "sent") {
$stateConditions = " $mailTablePrefix.state IN ('1','3','5')";
} else if ($state == "received") {
$stateConditions = " $mailTablePrefix.state IN ('0','5')";
} else if ($state == "junk") {
$stateConditions = " $mailTablePrefix.state = '4'";
} else if ($state == "outbox") {
$stateConditions = " $mailTablePrefix.state >= 200";
} else {
$stateConditions = "";
}
// Check read emails
if ($read_filter != "" && $read_filter != "all") {
if ($read_filter == "unread") {
$read = "AND NOT ";
$subread = "AND NOT mc.";
} else {
$read = "AND ";
$subread = "AND mc.";
}
$read2 = "id IN (SELECT rel_object_id FROM " . TABLE_PREFIX . "read_objects t WHERE contact_id = " . logged_user()->getId() . " AND t.is_read = '1')";
$read .= $read2;
$subread .= $read2;
} else {
$read = "";
$subread = "";
}
// Conversations not allowed yet
//if (user_config_option('show_emails_as_conversations')) {
// $state_conv_cond_1 = $state != 'received' ? " $stateConditions AND " : " m.state <> '2' AND ";
// $state_conv_cond_2 = $state != 'received' ? " AND (mc.state = '1' OR mc.state = '3' OR mc.state = '5') " : " AND mc.state <> '2' ";
// $archived_by_id = $archived ? "AND o.archived_by_id != 0" : "AND o.archived_by_id = 0";
// $trashed_by_id = "AND o.trashed_by_id = 0";
// $conversation_cond = "AND IF(m.conversation_id = 0, $stateConditions, $state_conv_cond_1 NOT EXISTS (SELECT * FROM ".TABLE_PREFIX."mail_contents mc WHERE m.conversation_id = mc.conversation_id AND m.account_id = mc.account_id AND m.received_date < mc.received_date $archived_by_id AND mc.is_deleted = 0 $trashed_by_id $subread $state_conv_cond_2))";
// $box_cond = "AND IF(EXISTS(SELECT * FROM ".TABLE_PREFIX."mail_contents mc WHERE m.conversation_id = mc.conversation_id AND m.object_id <> o.id AND m.account_id = mc.account_id $archived_by_id AND mc.is_deleted = 0 $trashed_by_id AND $stateConditions), TRUE, $stateConditions)";
//} else {
$conversation_cond = "";
$box_cond = "AND $stateConditions";
//}
/*return self::findByContext(array('limit' => $limit, 'offset' => $start, 'order' => "$order_by $dir",
'extra_conditions' => "$accountConditions $classified $read $conversation_cond $box_cond")); */
return self::instance()->listing(array(
'limit' => $limit,
'start' => $start,
'order' => $order_by,
'order_dir' => $dir,
'extra_conditions' => "$accountConditions $classified $read $conversation_cond $box_cond",
//'count_results' => false,
'join_params' => $join_params
));
}
/**
* Return true is $user can access an $object. False otherwise.
*
* @param Contact $user
* @param array $members
* @param $object_type_id
* @return boolean
*/
function can_access(Contact $user, $members, $object_type_id, $access_level, $allow_super_admin = true)
{
if ($allow_super_admin && $user->isAdministrator()) {
return true;
}
$write = $access_level == ACCESS_LEVEL_WRITE;
$delete = $access_level == ACCESS_LEVEL_DELETE;
if ($user->isGuest() && $access_level != ACCESS_LEVEL_READ) {
return false;
}
try {
$contact_pg_ids = ContactPermissionGroups::getPermissionGroupIdsByContactCSV($user->getId(), false);
$allow_all_cache = array();
$dimension_query_methods = array();
// if no manageable member then check if user has permissions wihout classifying
$manageable_members = array();
foreach ($members as $mem) {
if ($mem instanceof Member && $mem->getDimension()->getIsManageable() && $mem->getDimension()->getDefinesPermissions()) {
$manageable_members[] = $mem->getId();
}
}
if (count($manageable_members) == 0) {
$return = false;
if (config_option('let_users_create_objects_in_root') && $contact_pg_ids != "" && ($user->isAdminGroup() || $user->isExecutive() || $user->isManager())) {
$cond = $delete ? 'AND can_delete = 1' : ($write ? 'AND can_write = 1' : '');
$cmp = ContactMemberPermissions::findOne(array('conditions' => "member_id=0 AND object_type_id={$object_type_id} AND permission_group_id IN ({$contact_pg_ids}) {$cond}"));
$return = $cmp instanceof ContactMemberPermission;
}
return $return;
}
$max_role_ot_perm = MaxRoleObjectTypePermissions::instance()->findOne(array('conditions' => "object_type_id='{$object_type_id}' AND role_id = '" . $user->getUserType() . "'"));
$enabled_dimensions = config_option('enabled_dimensions');
$dimension_permissions = array();
foreach ($members as $k => $m) {
if (!$m instanceof Member) {
unset($members[$k]);
continue;
}
$dimension = $m->getDimension();
if (!$dimension->getDefinesPermissions() || !in_array($dimension->getId(), $enabled_dimensions)) {
continue;
}
$dimension_id = $dimension->getId();
if (!isset($dimension_permissions[$dimension_id])) {
$dimension_permissions[$dimension_id] = false;
}
if (!$dimension_permissions[$dimension_id]) {
if ($m->canContainObject($object_type_id)) {
if (!isset($dimension_query_methods[$dimension->getId()])) {
$dimension_query_methods[$dimension->getId()] = $dimension->getPermissionQueryMethod();
}
//dimension defines permissions and user has maximum level of permissions
if (isset($allow_all_cache[$dimension_id])) {
$allow_all = $allow_all_cache[$dimension_id];
} else {
$allow_all = $dimension->hasAllowAllForContact($contact_pg_ids);
$allow_all_cache[$dimension_id] = $allow_all;
}
if ($allow_all) {
$dimension_permissions[$dimension_id] = true;
}
//check individual members
if (!$dimension_permissions[$dimension_id] && ContactMemberPermissions::contactCanReadObjectTypeinMember($contact_pg_ids, $m->getId(), $object_type_id, $write, $delete, $user)) {
if ($max_role_ot_perm) {
if ($access_level == ACCESS_LEVEL_DELETE && $max_role_ot_perm->getCanDelete() || $access_level == ACCESS_LEVEL_WRITE && $max_role_ot_perm->getCanWrite() || $access_level == ACCESS_LEVEL_READ) {
$dimension_permissions[$dimension_id] = true;
}
}
}
} else {
unset($dimension_permissions[$dimension_id]);
}
}
}
$allowed = true;
// check that user has permissions in all mandatory query method dimensions
$mandatory_count = 0;
foreach ($dimension_query_methods as $dim_id => $qmethod) {
if (!in_array($dim_id, $enabled_dimensions)) {
continue;
}
if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_MANDATORY) {
$mandatory_count++;
if (!array_var($dimension_permissions, $dim_id)) {
// if one of the members belong to a mandatory dimension and user does not have permissions on it then return false
return false;
}
}
}
// If no members in mandatory dimensions then check for not mandatory ones
if ($allowed && $mandatory_count == 0) {
foreach ($dimension_query_methods as $dim_id => $qmethod) {
if ($qmethod == DIMENSION_PERMISSION_QUERY_METHOD_NOT_MANDATORY) {
if (array_var($dimension_permissions, $dim_id)) {
// if has permissions over any member of a non mandatory dimension then return true
return true;
} else {
$allowed = false;
}
}
}
}
if ($allowed && count($dimension_permissions)) {
return true;
}
// Si hasta aca tienen perm en todas las dim, return true. Si hay alguna que no tiene perm sigo
//Check Context Permissions
$member_ids = array();
foreach ($members as $member_obj) {
$member_ids[] = $member_obj->getId();
}
$allowed_members = ContactMemberPermissions::getActiveContextPermissions($user, $object_type_id, $members, $member_ids, $write, $delete);
$count = 0;
foreach ($members as $m) {
$count++;
if (!in_array($m->getId(), $allowed_members)) {
return false;
} else {
if ($count == count($members)) {
return true;
}
}
}
} catch (Exception $e) {
tpl_assign('error', $e);
return false;
}
return false;
}
