function display()
{
require_once 'modules/ACLRoles/ACLRole.php';
//Get the current user's role
$objACLRole = new ACLRole();
$roles = $objACLRole->getUserRoles($GLOBALS['current_user']->id);
//check if they are in the Admin or Admin Manager's role
if (in_array('Admin', $roles) || in_array('Branch Manager - Delhi', $roles)) {
$this->ev->ss->assign('ReadOnly', '');
} else {
//If not pass in a variable with the value readonly
$this->ev->ss->assign('ReadOnly', 'readonly');
}
//Call the parent display function
parent::display();
}
public function testgetUserRoles()
{
error_reporting(E_ERROR | E_PARSE);
$aclRole = new ACLRole();
//test with default/true getAsNameArray param value
$result = $aclRole->getUserRoles('1');
$this->assertTrue(is_array($result));
//test with flase getAsNameArray param value
$result = $aclRole->getUserRoles('1', false);
$this->assertTrue(is_array($result));
}
/**
* Returns object storage containing available roles as keys
* and flags indicating if there is role specific metadata as value
*
* @param callable $callback Callback that checks if there is role specific metadata
* @return SplObjectStorage
*/
public static function getRoles($callback = null)
{
global $current_user;
$roles = new SplObjectStorage();
//Only super user should have access to all roles
$allRoles = $current_user->isAdmin() ? ACLRole::getAllRoles() : ACLRole::getUserRoles($current_user->id, false);
foreach ($allRoles as $role) {
if (in_array($role->name, static::$hiddenRoles)) {
continue;
}
$roles[$role] = $callback ? $callback(array('role' => $role->id)) : null;
}
return $roles;
}
//***AlineaSol Premium***//
//***********************//
$hasPremiumFeatures = asol_ReportsUtils::managePremiumFeature("managePremiumFeature", "reportFunctions.php", "hasPremiumFeatures", null);
//***********************//
//***AlineaSol Premium***//
//***********************//
//****************************//
//***Display Edition Screen***//
//****************************//
//Calculate SubSelectQueries Scope
$mySQLcheckInsecurity = false;
if ($mySQLinsecurityScope === 1 && !$current_user->is_admin || $mySQLinsecurityScope === 2) {
$mySQLcheckInsecurity = true;
} else {
if ($mySQLinsecurityScope === 3 && !$current_user->is_admin) {
$userRoles = $_SESSION['asolUserRoles'] = isset($_SESSION['asolUserRoles']) && !empty($_SESSION['asolUserRoles']) ? $_SESSION['asolUserRoles'] : ACLRole::getUserRoles($current_user->id);
foreach ($userRoles as $userRole) {
if (!in_array($userRole, $sugar_config["asolReportsMySQLinsecuritySubSelectRoles"])) {
$mySQLcheckInsecurity = true;
break;
}
}
}
}
//Calculate SubSelectQueries Scope
$PHPcheckInsecurity = $current_user->is_admin ? false : true;
//Get predefined color palette schemas for Nvd3 charts
$predefinedColorPaletteSchemas = isset($sugar_config['asolReportsNvd3ChartPredefinedColorPaletteSchemas']) ? $sugar_config['asolReportsNvd3ChartPredefinedColorPaletteSchemas'] : array();
$predefinedColorPaletteSchemasJson = htmlentities(json_encode($predefinedColorPaletteSchemas));
//Get predefined color palette schemas for Nvd3 charts
//Set configuration flags
/**
* The Quick edit for case updates which appears under update stream
* Also includes the javascript for AJAX update
*
* @return string - the html to be displayed and javascript
*/
function quick_edit_case_updates($case)
{
global $action, $app_strings, $mod_strings;
//on DetailView only
if ($action != 'DetailView') {
return;
}
//current record id
$record = $_GET['record'];
//Get Users roles
require_once 'modules/ACLRoles/ACLRole.php';
$user = $GLOBALS['current_user'];
$id = $user->id;
$acl = new ACLRole();
$roles = $acl->getUserRoles($id);
//Return if user cannot edit cases
if (in_array("no edit cases", $roles) || $roles === "no edit cases") {
return;
}
$internalChecked = '';
if (isset($case->internal) && $case->internal) {
$internalChecked = "checked='checked'";
}
$internal = $mod_strings['LBL_AOP_INTERNAL'];
$saveBtn = $app_strings['LBL_SAVE_BUTTON_LABEL'];
$saveTitle = $app_strings['LBL_SAVE_BUTTON_TITLE'];
$html = <<<EOD
<form id='case_updates' enctype="multipart/form-data">
<textarea id="update_text" name="update_text" cols="80" rows="4"></textarea>
<input id='internal' type='checkbox' name='internal' tabindex=0 title='' value='1' {$internalChecked} > {$internal}</input>
</br>
<input type='button' value='{$saveBtn}' onclick="caseUpdates('{$record}')" title="{$saveTitle}" name="button"> </input>
</br>
</form>
EOD;
return $html;
}
/**
* Returns all the user data to be sent in the REST API call for a normal
* `/me` call.
*
* This data is dependent on the platform used. Each own platform has a
* different data set to be sent in the response.
*
* @param string $platform The platform of the request.
* @param array $options A list of options like `category` to retrieve the
* basic user info. Will use `global` if no `category` is supplied.
* @return array The user's data to be used in a `/me` request.
*/
protected function getUserData($platform, array $options)
{
$current_user = $this->getUserBean();
// Get the basics
$category = isset($options['category']) ? $options['category'] : 'global';
$user_data = $this->getBasicUserInfo($platform, $category);
// Fill in the rest
$user_data['type'] = self::TYPE_USER;
if ($current_user->isAdmin()) {
$user_data['type'] = self::TYPE_ADMIN;
}
$user_data['show_wizard'] = $this->shouldShowWizard($category);
$user_data['id'] = $current_user->id;
$current_user->_create_proper_name_field();
$user_data['full_name'] = $current_user->full_name;
$user_data['user_name'] = $current_user->user_name;
$user_data['roles'] = ACLRole::getUserRoles($current_user->id);
$user_data = $this->setExpiredPassword($user_data);
$user_data['picture'] = $current_user->picture;
$user_data['acl'] = $this->getAcls($platform);
$user_data['is_manager'] = User::isManager($current_user->id);
$user_data['is_top_level_manager'] = false;
$user_data['reports_to_id'] = $current_user->reports_to_id;
$user_data['reports_to_name'] = $current_user->reports_to_name;
if ($user_data['is_manager']) {
$user_data['is_top_level_manager'] = User::isTopLevelManager($current_user->id);
}
// Address information
$user_data['address_street'] = $current_user->address_street;
$user_data['address_city'] = $current_user->address_city;
$user_data['address_state'] = $current_user->address_state;
$user_data['address_country'] = $current_user->address_country;
$user_data['address_postalcode'] = $current_user->address_postalcode;
require_once 'modules/Teams/TeamSetManager.php';
$teams = $current_user->get_my_teams();
$my_teams = array();
foreach ($teams as $id => $name) {
$my_teams[] = array('id' => $id, 'name' => $name);
}
$user_data['my_teams'] = $my_teams;
$defaultTeams = TeamSetManager::getTeamsFromSet($current_user->team_set_id);
foreach ($defaultTeams as $id => $team) {
$defaultTeams[$id]['primary'] = false;
if ($team['id'] == $current_user->team_id) {
$defaultTeams[$id]['primary'] = true;
}
}
$user_data['preferences']['default_teams'] = $defaultTeams;
// Send back a hash of this data for use by the client
$user_data['_hash'] = $current_user->getUserMDHash();
return array('current_user' => $user_data);
}
/**
* Returns user's ACL roles
*
* @param User $user
* @return ACLRole[]
*/
protected function getUserRoles(User $user)
{
return ACLRole::getUserRoles($user->id, false);
}
/**
* The Quick edit for case updates which appears under update stream
* Also includes the javascript for AJAX update
*
* @return string - the html to be displayed and javascript
*/
function quick_edit_case_updates()
{
global $action;
//on DetailView only
if ($action != 'DetailView') {
return;
}
//current record id
$record = $_GET['record'];
//Get Users roles
require_once 'modules/ACLRoles/ACLRole.php';
$user = $GLOBALS['current_user'];
$id = $user->id;
$acl = new ACLRole();
$roles = $acl->getUserRoles($id);
//Return if user cannot edit cases
if (in_array("no edit cases", $roles) || $roles === "no edit cases") {
return;
}
$html = <<<EOD
<form id='case_updates' enctype="multipart/form-data">
<textarea id="update_text" name="update_text" cols="80" rows="4"></textarea>
<input id='internal' type='checkbox' name='internal' tabindex=0 title='' value='1'> Internal</input>
</br>
<input type='button' value='Save' onclick="caseUpdates('{$record}')" title="Save" name="button"> </input>
</br>
</form>
EOD;
return $html;
}
//set cookies
if (isset($_SESSION['authenticated_user_id'])) {
setCookie('ck_login_id_20', $_SESSION['authenticated_user_id'], time() + 86400 * 90);
}
if (isset($_SESSION['authenticated_user_theme'])) {
setCookie('ck_login_theme_20', $_SESSION['authenticated_user_theme'], time() + 86400 * 90);
}
if (isset($_SESSION['authenticated_user_theme_color'])) {
setCookie('ck_login_theme_color_20', $_SESSION['authenticated_user_theme_color'], time() + 86400 * 90);
}
if (isset($_SESSION['authenticated_user_theme_font'])) {
setCookie('ck_login_theme_font_20', $_SESSION['authenticated_user_theme_font'], time() + 86400 * 90);
}
if (isset($_SESSION['authenticated_user_language'])) {
setCookie('ck_login_language_20', $_SESSION['authenticated_user_language'], time() + 86400 * 90);
}
require_once 'modules/ACLRoles/ACLRole.php';
$objACLRole = new ACLRole();
$roles = $objACLRole->getUserRoles($GLOBALS['current_user']->id);
if (in_array('Lawyer', $roles)) {
print "<h2>You do not have permissions to access this function.</h2>";
exit;
}
chdir($current_directory);
$_POST = $post;
$_GET = $get;
/*foreach(array_keys($GLOBALS) as $key) {
if (!in_array($key, array('_GET', '_POST', '_COOKIE', '_FILES', '_SERVER', '_REQUEST', 'GLOBALS'))) {
unset($GLOBALS[$key]);
}
}*/
/**
* The Quick edit for case updates which appears under update stream
* Also includes the javascript for AJAX update
*
* @return string - the html to be displayed and javascript
*/
function quick_edit_case_updates()
{
//current record id
$record = $_GET['record'];
//Get Users roles
require_once 'modules/ACLRoles/ACLRole.php';
$user = $GLOBALS['current_user'];
$id = $user->id;
$acl = new ACLRole();
$roles = $acl->getUserRoles($id);
//Return if user cannot edit cases
if (in_array("no edit cases", $roles) || $roles === "no edit cases") {
return;
}
//Javascript for Asynchronous update
$javascript = <<<A
<script>
function caseUpdates(){
loadingMessgPanl = new YAHOO.widget.SimpleDialog('loading', {
width: '200px',
close: true,
modal: true,
visible: true,
fixedcenter: true,
constraintoviewport: true,
draggable: false
});
loadingMessgPanl.setHeader(SUGAR.language.get('app_strings', 'LBL_EMAIL_PERFORMING_TASK'));
loadingMessgPanl.setBody(SUGAR.language.get('app_strings', 'LBL_EMAIL_ONE_MOMENT'));
loadingMessgPanl.render(document.body);
loadingMessgPanl.show();
var update_data = document.getElementById('update_text').value;
var checkbox = document.getElementById('internal').checked;
var internal = "";
if(checkbox){
internal=1;
}
//Post parameters
var params =
"record={$record}&module=Cases&return_module=Cases&action=Save&return_id={$record}&return_action=DetailView&relate_to=Cases&relate_id={$record}&offset=1&update_text="
+ update_data + "&internal=" + internal;
var xmlhttp = new XMLHttpRequest();
xmlhttp.open("POST", "index.php", true);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.setRequestHeader("Content-length", params.length);
xmlhttp.setRequestHeader("Connection", "close");
//When button is clicked
xmlhttp.onreadystatechange = function() {
if(xmlhttp.readyState == 4 && xmlhttp.status == 200) {
showSubPanel('history', null, true);
//Reload the case updates stream and history panels
\t\t \$("#LBL_AOP_CASE_UPDATES").load("index.php?module=Cases&action=DetailView&record={$record}" + " #LBL_AOP_CASE_UPDATES", function(){
//Collapse all except newest update
\$('.caseUpdateImage').attr("src",showUpdateImage);
\$('.caseUpdate').slideUp('fast');
var id = \$('.caseUpdate').last().attr('id');
if(id){
toggleCaseUpdate(id.replace('caseUpdate',''));
}
loadingMessgPanl.hide();
}
);
\t}
}
xmlhttp.send(params);
}
</script>
A;
$html = <<<EOD
<form id='case_updates' enctype="multipart/form-data">
<textarea id="update_text" name="update_text" cols="80" rows="4"></textarea>
<input id='internal' type='checkbox' name='internal' tabindex=0 title='' value='1'> Internal</input>
</br>
<input type='button' value='Save' onclick="caseUpdates()" title="Save" name="button"> </input>
</br>
</form>
EOD;
return $javascript . $html;
}