/**
* Only allow access to users with the user admin setting
*
* @param string $module
* @param string $view
* @param array $context
*
* @return bool|void
*/
public function checkAccess($module, $action, $context)
{
$action = $this->fixUpActionName($action);
if ($action == "field") {
return true;
}
if (!empty($this->parentLink)) {
$linkName = $this->parentLink;
$bean = SugarACL::loadBean($module, $context);
$bean->load_relationship($linkName);
if (empty($bean->{$linkName})) {
throw new SugarException("Invalid link {$linkName} for parent ACL");
}
if ($bean->{$linkName}->getType() == "many") {
throw new SugarException("Cannot serch for owners through multi-link {$linkName}");
}
$parentModule = $bean->{$linkName}->getRelatedModuleName();
if (!empty($this->parentModule) && $parentModule != $this->parentModule) {
throw new SugarException("Cannot search for owners through link with incorrect module {$parentModule}");
}
if (in_array($action, self::$requiresOwnerCheck)) {
//Check ACL's that require a parent such as edit/detail
$parentIds = $bean->{$linkName}->get();
if (is_array($parentIds) && !empty($parentIds)) {
$parentId = $parentIds[0];
$parentBean = BeanFactory::getBean($parentModule, $parentId);
//The parent failed to retrieve, you probably don't have access
if (empty($parentBean->id)) {
return false;
}
$context['bean'] = $parentBean;
return $parentBean->ACLAccess($action, $context);
}
} else {
//Fall here for ACL's like list that don't require a parent to check
//Don't pass the context since the bean won't match the module.
//We also can't check owner at this level since we don't have the bean so owner_override must be true
unset($context['bean']);
$context['owner_override'] = true;
return SugarACL::checkAccess($parentModule, $action, $context);
}
}
return true;
}
