示例#1
0
 /**
  * function to generate the where condition for the user.
  * While displaying data in the list view data may appear from lower level users in the hierarchy.
  * For each user when the condition is to be generated, first get the subordinate user if any
  * And then generate the condition. Each table (entity - contacts,leads,potentials etc) will have 
  * iduser representing who is owner of the record.
  * @param string $entity_table_name
  * @param integer $idmodule
  * @param boolean $subordinate_users_data
  * @param integer $iduser
  * @see modules/User/User.class.php
  */
 public function get_user_where_condition($entity_table_name, $idmodule, $subordinate_users_data = true, $iduser = '')
 {
     if ($iduser == '') {
         $iduser = $_SESSION["do_user"]->iduser;
     }
     $module_data_share_permissions = $_SESSION["do_user"]->get_module_data_share_permissions();
     $where = '';
     //if($idmodule == 7 ) return " where 1=1 ";
     if ($subordinate_users_data === true) {
         if ($module_data_share_permissions[$idmodule] == 5) {
             return " AND `" . $entity_table_name . "`.`iduser` = " . $iduser;
         }
         if ($_SESSION["do_user"]->is_admin == 1) {
             return "";
         }
     }
     if ($module_data_share_permissions[$idmodule] == 1 || $module_data_share_permissions[$idmodule] == 2 || $module_data_share_permissions[$idmodule] == 3) {
         // if the datashare permission is public then display all
         $where = '';
     } elseif ($module_data_share_permissions[$idmodule] == 5) {
         $where = " AND `" . $entity_table_name . "`.`iduser` = " . $iduser;
     } else {
         if ($_SESSION["do_user"]->iduser > 0) {
             $subordinate_users = $_SESSION["do_user"]->get_subordinate_users();
             $user_to_groups = $_SESSION["do_user"]->get_user_associated_to_groups();
         } else {
             $do_user = new User();
             $do_group_user_rel = new GroupUserRelation();
             $subordinate_users = $do_user->get_subordinate_users_by_iduser($iduser);
             $user_to_groups = $do_group_user_rel->get_groups_by_user($iduser, $subordinate_users);
         }
         $group_qry = false;
         if (is_array($user_to_groups) && count($user_to_groups) > 0) {
             $do_module = new Module();
             $do_module->getId($idmodule);
             $module_name = $do_module->name;
             $entity_object = new $module_name();
             if ($entity_object->module_group_rel_table != '') {
                 $group_qry = true;
             }
         }
         if (is_array($subordinate_users) && count($subordinate_users) > 0 && $subordinate_users_data === true) {
             $unique_subordinate_users = array_unique($subordinate_users);
             $comma_seperated_subordinate_users = implode(",", $unique_subordinate_users);
             if ($group_qry === true) {
                 $where = " \n\t\t\t\t\tAND \n\t\t\t\t\t(\n\t\t\t\t\t\t( " . $entity_table_name . ".iduser = "******" \n\t\t\t\t\t\t\tOR " . $entity_table_name . ".iduser IN (" . $comma_seperated_subordinate_users . ") \n\t\t\t\t\t\t)\n\t\t\t\t\t\tOR (" . $entity_object->module_group_rel_table . ".idgroup in (" . implode(",", $user_to_groups) . ") )\n\t\t\t\t\t)";
             } else {
                 $where = " AND ( " . $entity_table_name . ".iduser = "******" OR " . $entity_table_name . ".iduser IN (" . $comma_seperated_subordinate_users . ") )";
             }
         } else {
             if ($group_qry === true) {
                 $where = " AND ( " . $entity_table_name . ".iduser = "******" OR " . $entity_object->module_group_rel_table . ".idgroup in (" . implode(",", $user_to_groups) . ") )";
             } else {
                 $where = " AND " . $entity_table_name . ".iduser = " . $iduser;
             }
         }
     }
     return $where;
 }
示例#2
0
 /**
  * function to set the different privileges for the CRM
  * the privileges are all defined on the profile so loading all the different privileges
  * sets the data in the form of an arrray in the persistent user object so that the data is
  * available across the CRM in the current session.
  * NOTE : any change in the profile permissions would require the user to logout so that on next 
  * login the new privileges are loaded again and become available for the current session.
  * This idea is to ignore same set of queries again and again for each time the privileges are checked
  * @see User::eventLogin()
  */
 protected function set_user_crm_privileges()
 {
     $do_roles = new Roles();
     //Get the role details of the user
     $role_id = $this->idrole;
     $this->set_user_role_info($do_roles->get_role_detail($role_id));
     // Set the groups to which the user is associated
     $do_group_user_rel = new GroupUserRelation();
     $this->set_user_associated_to_groups($do_group_user_rel->get_groups_by_user($_SESSION["do_user"]->iduser, array(), true));
     // Now lets find the profile and actual permissions set in the profile
     $do_profile = new Profile();
     $do_role_profile_rel = new RoleProfileRelation();
     $do_module_standard_permission = new ModuleStandardPermission();
     $do_role_profile_rel->get_pofiles_related_to_role($role_id);
     $module_permissions = array();
     $module_standard_permissions_per_profile_array = array();
     if ($do_role_profile_rel->getNumRows() > 0) {
         $associated_profiles = array();
         while ($do_role_profile_rel->next()) {
             $associated_profiles[] = $do_role_profile_rel->idprofile;
         }
         // Loading the active modules for the CRM available. The object "do_module" is persistent and is instantiated in module.php
         if (!is_object($_SESSION["do_module"])) {
             $do_module = new Module();
             $do_module->sessionPersistent("do_module", "logout.php", TTL);
             $_SESSION["do_module"]->load_active_modules();
         }
         $active_modules = $_SESSION["do_module"]->get_active_modules_for_crm();
         // variables to hold the permissions when user is associated with multiple roles
         $profile_standard_permission_rel_previous = array();
         $profile_module_rel_previous = array();
         foreach ($associated_profiles as $idprofile) {
             // Getting all the module standard permissions vailable to the profile
             $profile_standard_permission_rel = $do_profile->get_all_module_standard_permissions($idprofile);
             // Getting if the module is permitted for the profile
             $profile_module_rel = $do_profile->get_all_module_permissions($idprofile);
             foreach ($active_modules as $module => $idmodule) {
                 if (array_key_exists($profile_module_rel[$idmodule], $profile_module_rel)) {
                     if (count($profile_module_rel_previous) > 0 && array_key_exists($profile_module_rel_previous[$idmodule], $profile_module_rel_previous)) {
                         if ($profile_module_rel_previous[$idmodule] > $module_permissions[$idmodule]["module_permission"]) {
                             $module_permissions[$idmodule]["module_permission"] = $profile_module_rel_previous[$idmodule];
                         } else {
                             $module_permissions[$idmodule]["module_permission"] = $profile_module_rel[$idmodule];
                         }
                     } else {
                         $module_permissions[$idmodule]["module_permission"] = $profile_module_rel[$idmodule];
                     }
                     $profile_module_rel_previous[$idmodule] = $profile_module_rel[$idmodule];
                 }
                 // Loading the module standard permissions
                 $do_module_standard_permission->get_module_standard_permissions($idmodule);
                 if ($do_module_standard_permission->getNumRows() > 0) {
                     while ($do_module_standard_permission->next()) {
                         if (array_key_exists($profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission], $profile_standard_permission_rel)) {
                             if (count($profile_standard_permission_rel_previous) > 0 && array_key_exists($profile_standard_permission_rel_previous[$idmodule][$do_module_standard_permission->idstandard_permission], $profile_standard_permission_rel_previous)) {
                                 if ($profile_standard_permission_rel_previous[$idmodule][$do_module_standard_permission->idstandard_permission] > $profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission]) {
                                     $module_standard_permissions_per_profile_array[$idmodule][$do_module_standard_permission->idstandard_permission] = $profile_standard_permission_rel_previous[$idmodule][$do_module_standard_permission->idstandard_permission];
                                 } else {
                                     $module_standard_permissions_per_profile_array[$idmodule][$do_module_standard_permission->idstandard_permission] = $profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission];
                                 }
                             } else {
                                 $module_standard_permissions_per_profile_array[$idmodule][$do_module_standard_permission->idstandard_permission] = $profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission];
                             }
                             $profile_standard_permission_rel_previous[$idmodule][$do_module_standard_permission->idstandard_permission] = $profile_standard_permission_rel[$idmodule][$do_module_standard_permission->idstandard_permission];
                         }
                     }
                 } else {
                     $module_standard_permissions_per_profile_array[$idmodule][2] = 1;
                 }
             }
         }
         foreach ($module_standard_permissions_per_profile_array as $idmodule => $standard_permissions) {
             $module_permissions[$idmodule]["standard_permissions"] = $standard_permissions;
         }
     }
     $this->set_user_module_privileges($module_permissions);
 }
示例#3
0
 /**
  * function to get all the users including the lookup user and groups associated via hierarchy
  * @param integer $iduser
  * @param boolean $ignore_current_user
  * @param string $key , returned array key default pk primary_key
  */
 public function get_users_and_groups($iduser, $ignore_current_user = false, $key = 'pk')
 {
     $users_array = array();
     $groups_array = array();
     if ($iduser == 0) {
         $iduser = $_SESSION["do_user"]->iduser;
     }
     $users = $this->get_userids($iduser, $ignore_current_user);
     $do_group_user_rel = new GroupUserRelation();
     $groups = $do_group_user_rel->get_groups_by_user($iduser, array(), true);
     if (is_array($users) && count($users) > 0) {
         $qry = "\n\t\t\tselect `iduser`,`user_name`,`firstname`,`lastname`\n\t\t\tfrom user \n\t\t\twhere `iduser` in (" . implode(",", $users) . ")\n\t\t\t";
         $stmt = $this->getDbConnection()->executeQuery($qry);
         if ($stmt->rowCount() > 0) {
             while ($data = $stmt->fetch()) {
                 if ($key == 'pk') {
                     $users_array[$data["iduser"]] = array("firstname" => $data["firstname"], "lastname" => $data["lastname"], "user_name" => $data["user_name"]);
                 } else {
                     $users_array[$data["user_name"]] = array("firstname" => $data["firstname"], "lastname" => $data["lastname"], "iduser" => $data["iduser"]);
                 }
             }
         }
     }
     if (is_array($groups) && count($groups) > 0) {
         $qry = "select `idgroup`,`group_name` from `group`\n\t\t\twhere `idgroup` in (" . implode(",", $groups) . ")\n\t\t\t";
         $stmt = $this->getDbConnection()->executeQuery($qry);
         if ($stmt->rowCount() > 0) {
             while ($data = $stmt->fetch()) {
                 if ($key == 'pk') {
                     $groups_array[$data["idgroup"]] = array("group_name" => $data["group_name"]);
                 } else {
                     $groups_array[$data["group_name"]] = array("idgroup" => $data["idgroup"]);
                 }
             }
         }
     }
     return array("users" => $users_array, "groups" => $groups_array);
 }