/**
* Run the check Access for this custom ACL helper.
*
* @param string $module
* @param string $view
* @param array $context
* @return bool
*/
public function checkAccess($module, $view, $context)
{
if ($module != 'ForecastWorksheets') {
return false;
}
if ($view == 'team_security') {
// Let the other modules decide
return true;
}
// Let's make it a little easier on ourselves and fix up the actions nice and quickly
$view = SugarACLStrategy::fixUpActionName($view);
$bean = $this->getForecastByBean();
$current_user = $this->getCurrentUser($context);
if (empty($view) || empty($current_user->id)) {
return true;
}
if ($view == 'field') {
// Opp Bean, Amount Field = Likely Case on worksheet
if ($bean instanceof Opportunity && $context['field'] == 'likely_case') {
$context['field'] = 'amount';
}
// always set the bean to the context
$context['bean'] = $bean;
// make sure the user has access to the field
return $bean->ACLFieldAccess($context['field'], $context['action'], $context);
}
return true;
}
/**
* Check access a current user has on Users and Employees
* @param string $module
* @param string $view
* @param array $context
* @return bool|void
*/
public function checkAccess($module, $view, $context)
{
if ($view == 'team_security') {
// Let the other modules decide
return true;
}
// Let's make it a little easier on ourselves and fix up the actions nice and quickly
$view = SugarACLStrategy::fixUpActionName($view);
if ($view == 'field') {
$context['action'] = SugarACLStrategy::fixUpActionName($context['action']);
}
// Other fields can only be edited when you create a record.
if (!empty($context['bean']) && !empty($context['bean']->id) && $view == 'field' && $context['action'] == 'edit' && isset($this->create_only_fields[$context['field']])) {
return false;
}
// We can create without further restrictions
if ((empty($context['bean']) || empty($context['bean']->id) || $context['bean']->new_with_id == true) && $view == 'edit' || $view == 'field' && $context['action'] == 'edit') {
return true;
}
// Some c_keys are special, they can't edit them, but if they really want to delete them we will allow it
if (isset($context['bean']) && is_a($context['bean'], 'SugarBean')) {
if ($view == 'edit' || isset($context['action']) && $context['action'] == 'edit') {
if ($context['bean']->c_key == 'sugar' || $context['bean']->c_key == 'support_portal') {
return false;
}
}
}
return true;
}
/**
* Check access a current user has on Users and Employees
* @param string $module
* @param string $view
* @param array $context
* @return bool|void
*/
public function checkAccess($module, $view, $context)
{
if ($module != 'Users' && $module != 'Employees') {
// how'd you get here...
return false;
}
if ($view == 'team_security') {
// Let the other modules decide
return true;
}
$current_user = $this->getCurrentUser($context);
$bean = self::loadBean($module, $context);
$myself = $this->myselfCheck($bean, $current_user);
// Let's make it a little easier on ourselves and fix up the actions nice and quickly
$view = SugarACLStrategy::fixUpActionName($view);
if ($view == 'field') {
$context['action'] = SugarACLStrategy::fixUpActionName($context['action']);
}
// even an admin can't delete themselves
if ($myself) {
if ($view == 'delete') {
// Here's the obvious way to disable yourself
return false;
}
if ($view == 'field' && ($context['action'] == 'edit' || $context['action'] == 'massupdate' || $context['action'] == 'delete') && ($context['field'] == 'employee_status' || $context['field'] == 'status')) {
// This is another way to disable yourself
return false;
}
}
if ($current_user->isAdminForModule($module)) {
return true;
}
if (empty($view) || empty($current_user->id)) {
return true;
}
// We can edit ourself
if ($myself && $view == 'edit') {
return true;
}
if (!$myself && $view == 'field' && !empty($this->no_access_fields[$context['field']])) {
// This isn't us, these aren't fields we should be poking around in.
return false;
}
if (!empty($this->view_checks[$view])) {
if ($view == 'field' && ($context['action'] == 'edit' || $context['action'] == 'massupdate' || $context['action'] == 'delete') && !empty($this->no_edit_fields[$context['field']])) {
return false;
}
return true;
}
return false;
}
/**
* Check access a current user has on Users and Employees
* @param string $module
* @param string $view
* @param array $context
* @return bool|void
*/
public function checkAccess($module, $view, $context)
{
if ($view == 'team_security') {
// Let the other modules decide
return true;
}
// Let's make it a little easier on ourselves and fix up the actions nice and quickly
$view = SugarACLStrategy::fixUpActionName($view);
if ($view == 'field') {
$context['action'] = SugarACLStrategy::fixUpActionName($context['action']);
}
// Some fields can only be edited when you create a record.
if (!empty($context['bean']) && !empty($context['bean']->id) && $view == 'field' && $context['action'] == 'edit' && isset($this->create_only_fields[$context['field']])) {
return false;
}
return true;
}
/**
* Check recurring source to determine edit
* @param string $module
* @param string $view
* @param array $context
* @return bool|void
*/
public function checkAccess($module, $view, $context)
{
$bean = self::loadBean($module, $context);
// if there is no bean we have nothing to check
if ($bean === false) {
return true;
}
// if the recurring source is Sugar allow modifications
if (in_array($view, self::$syncingViews) && !empty($bean->recurring_source) && !empty($bean->fetched_row['recurring_source']) && $bean->recurring_source == 'Sugar' && $bean->recurring_source == $bean->fetched_row['recurring_source']) {
return true;
}
$view = SugarACLStrategy::fixUpActionName($view);
if (in_array($view, self::$syncingViews) && isset($_SESSION['platform']) && isset(self::$platformSourceMap[$_SESSION['platform']]) && !empty($bean->recurring_source) && !empty($bean->fetched_row['recurring_source']) && $bean->fetched_row['recurring_source'] != self::$platformSourceMap[$_SESSION['platform']] && $bean->recurring_source != self::$platformSourceMap[$_SESSION['platform']]) {
return false;
}
return true;
}
public function getFieldListAccess($module, $field_list, $context)
{
$user = $this->getCurrentUser($context);
if (empty($user) || empty($user->id) || is_admin($user)) {
return array();
}
if (!ACLField::hasACLs($user->id, $module)) {
return array();
}
return parent::getFieldListAccess($module, $field_list, $context);
}
