function process()
{
$GLOBALS['log']->info(get_class($this) . ":");
global $current_user;
$access = get_admin_modules_for_user($current_user);
if (is_admin($current_user) || is_admin_for_any_module($current_user) && !isset($_REQUEST['view_module']) && (isset($_REQUEST['action']) && $_REQUEST['action'] != 'package') || isset($_REQUEST['view_module']) && (in_array($_REQUEST['view_module'], $access) || empty($_REQUEST['view_module'])) || isset($_REQUEST['type']) && ($_REQUEST['type'] == 'dropdowns' && is_admin_for_any_module($current_user) || $_REQUEST['type'] == 'studio' && displayStudioForCurrentUser() == true)) {
$this->hasAccess = true;
} else {
$this->hasAccess = false;
}
parent::process();
}
function isModuleAdmin($access)
{
global $current_user;
//Global admins have full access
if (is_admin($current_user)) {
return true;
}
$module = "";
if (!empty($_REQUEST['targetModule'])) {
$module = $_REQUEST['targetModule'];
}
if (!empty($_REQUEST['tmodule'])) {
$module = $_REQUEST['tmodule'];
}
//If the user is an admin of some module, and no module was set, assume they have access.
if (is_admin_for_any_module($current_user) && empty($module) && (isset($_REQUEST['action']) && $_REQUEST['action'] != 'package')) {
return true;
}
//If the module was set, check that the user has access
if (!empty($module) && in_array($module, $access)) {
return true;
}
}
<?php
global $current_user;
if (!is_admin($current_user) && !is_admin_for_any_module($current_user)) {
sugar_die("Unauthorized access to administration.");
}
//***********************//
//***AlineaSol Premium***//
//***********************//
$returnedPremiumHtml = asol_ReportsUtils::managePremiumFeature("reportFieldsManagement", "reportFunctions.php", "getReportFieldsManagementPanel", null);
$returnedHtml = $returnedPremiumHtml !== false ? $returnedPremiumHtml : '';
//***********************//
//***AlineaSol Premium***//
//***********************//
echo $returnedHtml;
die('Not A Valid Entry Point');
}
/*
* Your installation or use of this SugarCRM file is subject to the applicable
* terms available at
* http://support.sugarcrm.com/06_Customer_Center/10_Master_Subscription_Agreements/.
* If you do not agree to all of the applicable terms or do not have the
* authority to bind the entity as an authorized representative, then do not
* install or use this SugarCRM file.
*
* Copyright (C) SugarCRM Inc. All rights reserved.
*/
global $current_user, $beanFiles;
set_time_limit(3600);
$db = DBManagerFactory::getInstance();
if (is_admin($current_user) || isset($from_sync_client) || is_admin_for_any_module($current_user)) {
isset($_REQUEST['execute']) ? $execute = $_REQUEST['execute'] : ($execute = false);
$export = false;
if (sizeof($_POST) && isset($_POST['raction'])) {
if (isset($_POST['raction']) && strtolower($_POST['raction']) == "export") {
//jc - output buffering is being used. if we do not clean the output buffer
//the contents of the buffer up to the length of the repair statement(s)
//will be saved in the file...
ob_clean();
header("Content-Disposition: attachment; filename=repairSugarDB.sql");
header("Content-Type: text/sql; charset={$app_strings['LBL_CHARSET']}");
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . TimeDate::httpTime());
header("Cache-Control: post-check=0, pre-check=0", false);
header("Content-Length: " . strlen($_POST['sql']));
//jc:7347 - for whatever reason, html_entity_decode is choking on converting
public function repairDatabaseSelectModules()
{
global $current_user, $mod_strings, $dictionary;
set_time_limit(3600);
include 'include/modules.php';
//bug 15661
$db = DBManagerFactory::getInstance();
if (is_admin($current_user) || is_admin_for_any_module($current_user)) {
$export = false;
if ($this->show_output) {
echo getClassicModuleTitle($mod_strings['LBL_REPAIR_DATABASE'], array($mod_strings['LBL_REPAIR_DATABASE']), false);
}
if ($this->show_output) {
echo "<h1 id=\"rdloading\">{$mod_strings['LBL_REPAIR_DATABASE_PROCESSING']}</h1>";
ob_flush();
}
$sql = '';
if ($this->module_list && !in_array($mod_strings['LBL_ALL_MODULES'], $this->module_list)) {
$repair_related_modules = array_keys($dictionary);
//repair DB
$dm = inDeveloperMode();
$GLOBALS['sugar_config']['developerMode'] = true;
foreach ($this->module_list as $bean_name) {
if (isset($beanFiles[$bean_name]) && file_exists($beanFiles[$bean_name])) {
require_once $beanFiles[$bean_name];
$GLOBALS['reload_vardefs'] = true;
$focus = new $bean_name();
#30273
if ($focus->disable_vardefs == false) {
include 'modules/' . $focus->module_dir . '/vardefs.php';
if ($this->show_output) {
print_r("<p>" . $mod_strings['LBL_REPAIR_DB_FOR'] . ' ' . $bean_name . "</p>");
}
$sql .= $db->repairTable($focus, $this->execute);
}
}
}
$GLOBALS['sugar_config']['developerMode'] = $dm;
if ($this->show_output) {
echo "<script type=\"text/javascript\">document.getElementById('rdloading').style.display = \"none\";</script>";
}
if (isset($sql) && !empty($sql)) {
$qry_str = "";
foreach (explode("\n", $sql) as $line) {
if (!empty($line) && substr($line, -2) != "*/") {
$line .= ";";
}
$qry_str .= $line . "\n";
}
if ($this->show_output) {
echo "<h3>{$mod_strings['LBL_REPAIR_DATABASE_DIFFERENCES']}</h3>";
echo "<p>{$mod_strings['LBL_REPAIR_DATABASE_TEXT']}</p>";
echo "<form method=\"post\" action=\"index.php?module=Administration&action=repairDatabase\">";
echo "<textarea name=\"sql\" rows=\"24\" cols=\"150\" id=\"repairsql\">{$qry_str}</textarea>";
echo "<br /><input type=\"submit\" value=\"" . $mod_strings['LBL_REPAIR_DATABASE_EXECUTE'] . "\" name=\"raction\" /> <input type=\"submit\" name=\"raction\" value=\"" . $mod_strings['LBL_REPAIR_DATABASE_EXPORT'] . "\" />";
}
} else {
if ($this->show_output) {
echo "<h3>{$mod_strings['LBL_REPAIR_DATABASE_SYNCED']}</h3>";
}
}
}
} else {
sugar_die($GLOBALS['app_strings']['ERR_NOT_ADMIN']);
}
}
/**
* Handles everything related to authorization.
*/
function handleAccessControl()
{
if (is_admin($GLOBALS['current_user']) || is_admin_for_any_module($GLOBALS['current_user'])) {
return;
}
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == "RetrieveEmail") {
return;
}
if (!is_admin($GLOBALS['current_user']) && !empty($GLOBALS['adminOnlyList'][$this->controller->module]) && !empty($GLOBALS['adminOnlyList'][$this->controller->module]['all']) && (empty($GLOBALS['adminOnlyList'][$this->controller->module][$this->controller->action]) || $GLOBALS['adminOnlyList'][$this->controller->module][$this->controller->action] != 'allow')) {
$this->controller->hasAccess = false;
return;
}
if (!empty($GLOBALS['current_user']) && empty($GLOBALS['modListHeader'])) {
$GLOBALS['modListHeader'] = query_module_access_list($GLOBALS['current_user']);
}
if (in_array($this->controller->module, $GLOBALS['modInvisList']) && (in_array('Activities', $GLOBALS['moduleList']) && in_array('Calendar', $GLOBALS['moduleList']) && in_array($this->controller->module, $GLOBALS['modInvisListActivities']))) {
$this->controller->hasAccess = false;
return;
}
}
session_destroy();
include 'modules/Users/Logout.php';
}
global $mod_strings;
global $app_list_strings;
global $app_strings;
// Unimplemented until jscalendar language files are fixed
// global $current_language;
// global $default_language;
// global $cal_codes;
$focus = BeanFactory::getBean('WorkFlow');
if (isset($_REQUEST['record']) && isset($_REQUEST['record'])) {
$focus->retrieve($_REQUEST['record']);
}
$access = get_workflow_admin_modules_for_user($current_user);
if (!is_admin($current_user) && !is_admin_for_any_module($current_user) || !empty($focus->base_module) && empty($access[$focus->base_module])) {
sugar_die("Unauthorized access to WorkFlow.");
}
$old_workflow_id = $focus->id;
if (isset($_REQUEST['isDuplicate']) && $_REQUEST['isDuplicate'] == 'true') {
$focus->id = "";
}
$params = array();
$params[] = "<a href='index.php?module=WorkFlow&action=index'>{$mod_strings['LBL_MODULE_NAME']}</a>";
if (empty($focus->id)) {
$params[] = $GLOBALS['app_strings']['LBL_CREATE_BUTTON_LABEL'];
} else {
$params[] = "<a href='index.php?module=WorkFlow&action=DetailView&record={$focus->id}'>{$focus->name}</a>";
$params[] = $GLOBALS['app_strings']['LBL_EDIT_BUTTON_LABEL'];
}
echo getClassicModuleTitle("WorkFlow", $params, true);
/**
* Handles everything related to authorization.
*/
function handleAccessControl()
{
if (is_admin($GLOBALS['current_user']) || is_admin_for_any_module($GLOBALS['current_user'])) {
return;
}
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == "RetrieveEmail") {
return;
}
if (!is_admin($GLOBALS['current_user']) && !empty($GLOBALS['adminOnlyList'][$this->controller->module]) && !empty($GLOBALS['adminOnlyList'][$this->controller->module]['all']) && (empty($GLOBALS['adminOnlyList'][$this->controller->module][$this->controller->action]) || $GLOBALS['adminOnlyList'][$this->controller->module][$this->controller->action] != 'allow')) {
$this->controller->hasAccess = false;
return;
}
// Bug 20916 - Special case for check ACL access rights for Subpanel QuickCreates
if (isset($_POST['action']) && $_POST['action'] == 'SubpanelCreates') {
$actual_module = $_POST['target_module'];
if (!empty($GLOBALS['modListHeader']) && !in_array($actual_module, $GLOBALS['modListHeader'])) {
$this->controller->hasAccess = false;
}
return;
}
if (!empty($GLOBALS['current_user']) && empty($GLOBALS['modListHeader'])) {
$GLOBALS['modListHeader'] = query_module_access_list($GLOBALS['current_user']);
}
if (in_array($this->controller->module, $GLOBALS['modInvisList']) && (in_array('Activities', $GLOBALS['moduleList']) && in_array('Calendar', $GLOBALS['moduleList']) && in_array($this->controller->module, $GLOBALS['modInvisListActivities']))) {
$this->controller->hasAccess = false;
return;
}
}
}
$xtpl->assign("BODY", $focus->body);
$xtpl->assign("BODY_HTML", from_html($focus->body_html));
$xtpl->assign("DATE_MODIFIED", $focus->date_modified);
$xtpl->assign("DATE_ENTERED", $focus->date_entered);
if ($focus->published == 'on') {
$xtpl->assign("PUBLISHED", "CHECKED");
}
///////////////////////////////////////////////////////////////////////////////
//// NOTES (attachements, etc.)
///////////////////////////////////////////////////////////////////////////////
$attachments = '';
$note = BeanFactory::getBean('Notes');
$notes_list = $note->get_full_list("notes.name", "notes.parent_id=" . $GLOBALS['db']->quoted($focus->id), true);
if (!empty($notes_list)) {
for ($i = 0; $i < count($notes_list); $i++) {
$the_note = $notes_list[$i];
$attachments .= "<a href=\"index.php?entryPoint=download&id={$the_note->id}&type=Notes\">" . $the_note->name . "</a><br />";
}
}
$xtpl->assign("ATTACHMENTS", $attachments);
global $current_user;
if ((is_admin($current_user) || is_admin_for_any_module($current_user)) && $_REQUEST['module'] != 'DynamicLayout' && !empty($_SESSION['editinplace'])) {
$xtpl->assign("ADMIN_EDIT", "<a href='index.php?action=index&module=DynamicLayout&from_action=" . $_REQUEST['action'] . "&from_module=" . $_REQUEST['module'] . "&record=" . $_REQUEST['record'] . "'>" . SugarThemeRegistry::current()->getImage("EditLayout", "border='0' align='bottom'", null, null, '.gif', $mod_strings['LBL_EDITLAYOUT']) . "</a>");
}
$xtpl->assign("DESCRIPTION", $focus->description);
$detailView->processListNavigation($xtpl, "EMAIL_TEMPLATE", $offset);
// adding custom fields:
require_once 'modules/DynamicFields/templates/Files/DetailView.php';
$xtpl->parse("main");
$xtpl->out("main");
