public static function install_permissions()
{
Utils_RecordBrowserCommon::wipe_access('company');
Utils_RecordBrowserCommon::add_access('company', 'print', 'SUPERADMIN');
Utils_RecordBrowserCommon::add_access('company', 'export', 'SUPERADMIN');
Utils_RecordBrowserCommon::add_access('company', 'view', 'ACCESS:employee', array('(!permission' => 2, '|:Created_by' => 'USER_ID'));
Utils_RecordBrowserCommon::add_access('company', 'view', 'ALL', array('id' => 'USER_COMPANY'));
Utils_RecordBrowserCommon::add_access('company', 'add', 'ACCESS:employee');
Utils_RecordBrowserCommon::add_access('company', 'edit', 'ACCESS:employee', array('(permission' => 0, '|:Created_by' => 'USER_ID'));
Utils_RecordBrowserCommon::add_access('company', 'edit', array('ALL', 'ACCESS:manager'), array('id' => 'USER_COMPANY'), array('group', 'permission'));
Utils_RecordBrowserCommon::add_access('company', 'edit', array('ACCESS:employee', 'ACCESS:manager'), array());
Utils_RecordBrowserCommon::add_access('company', 'delete', 'ACCESS:employee', array(':Created_by' => 'USER_ID'));
Utils_RecordBrowserCommon::add_access('company', 'delete', array('ACCESS:employee', 'ACCESS:manager'));
Utils_RecordBrowserCommon::wipe_access('contact');
Utils_RecordBrowserCommon::add_access('contact', 'print', 'SUPERADMIN');
Utils_RecordBrowserCommon::add_access('contact', 'export', 'SUPERADMIN');
Utils_RecordBrowserCommon::add_access('contact', 'view', 'ACCESS:employee', array('(!permission' => 2, '|:Created_by' => 'USER_ID'));
Utils_RecordBrowserCommon::add_access('contact', 'view', 'ALL', array('login' => 'USER_ID'));
Utils_RecordBrowserCommon::add_access('contact', 'add', 'ACCESS:employee');
Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ACCESS:employee', array('(permission' => 0, '|:Created_by' => 'USER_ID'), array('access', 'login'));
Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ALL', array('login' => 'USER_ID'), array('company_name', 'related_companies', 'access', 'login', 'group', 'permission'));
Utils_RecordBrowserCommon::add_access('contact', 'edit', array('ALL', 'ACCESS:manager'), array('company_name' => 'USER_COMPANY'), array('login', 'company_name', 'related_companies'));
Utils_RecordBrowserCommon::add_access('contact', 'edit', array('ACCESS:employee', 'ACCESS:manager'), array());
Utils_RecordBrowserCommon::add_access('contact', 'delete', 'ACCESS:employee', array(':Created_by' => 'USER_ID'));
Utils_RecordBrowserCommon::add_access('contact', 'delete', array('ACCESS:employee', 'ACCESS:manager'));
}
<?php
defined("_VALID_ACCESS") || die('Direct access forbidden');
if (DB::GetOne('SELECT 1 FROM utils_attachment_field WHERE field=%s', array('Date'))) {
Utils_RecordBrowserCommon::new_record_field('utils_attachment', array('name' => _M('Edited on'), 'type' => 'timestamp', 'extra' => false, 'visible' => true, 'required' => false, 'display_callback' => array('Utils_AttachmentCommon', 'display_date'), 'QFfield_callback' => array('Utils_AttachmentCommon', 'QFfield_date'), 'position' => 'Date'));
DB::Execute('UPDATE utils_attachment_data_1 SET f_edited_on=f_date');
Utils_RecordBrowserCommon::delete_record_field('utils_attachment', 'Date');
Utils_RecordBrowserCommon::wipe_access('utils_attachment');
Utils_RecordBrowserCommon::add_access('utils_attachment', 'view', 'ACCESS:employee', array('(!permission' => 2, '|:Created_by' => 'USER_ID'));
Utils_RecordBrowserCommon::add_access('utils_attachment', 'delete', 'ACCESS:employee', array(':Created_by' => 'USER_ID'));
Utils_RecordBrowserCommon::add_access('utils_attachment', 'delete', array('ACCESS:employee', 'ACCESS:manager'));
Utils_RecordBrowserCommon::add_access('utils_attachment', 'add', 'ACCESS:employee', array(), array('edited_on'));
Utils_RecordBrowserCommon::add_access('utils_attachment', 'edit', 'ACCESS:employee', array('(permission' => 0, '|:Created_by' => 'USER_ID'), array('edited_on'));
}
}
}
print 'Patients left: ' . count($perms) . '<br>';
foreach ($perms as $patient => $v) {
print 'Patient ' . $patient;
Utils_RecordBrowserCommon::update_record('contact', $patient, $v);
print '... cleanup... ';
DB::StartTrans();
foreach ($rm_acl[$patient] as $i) {
DB::Execute('UPDATE cades_access_control_data_1 SET active=0 WHERE id=%d', array($i));
}
DB::CompleteTrans();
print 'done<br>';
}
}
Utils_RecordBrowserCommon::wipe_access('contact');
Utils_RecordBrowserCommon::add_access('contact', 'view', 'ACCESS:employee', array('(!permission' => 2, '|:Created_by' => 'USER_ID'), array('birth_date', 'ssn', 'home_phone', 'home_address_1', 'home_address_2', 'home_city', 'home_country', 'home_zone', 'home_postal_code', 'view', 'edit', 'add', 'delete'));
Utils_RecordBrowserCommon::add_access('contact', 'view', 'ALL', array('login' => 'USER_ID'), array('view', 'edit', 'add', 'delete'));
Utils_RecordBrowserCommon::add_access('contact', 'view', array('ACCESS:employee', 'ACCESS:mrm'), array('(!permission' => 2, '|:Created_by' => 'USER_ID'), array('view', 'edit', 'add', 'delete'));
Utils_RecordBrowserCommon::add_access('contact', 'add', array('ACCESS:employee', 'ACCESS:manager'));
Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ACCESS:employee', array('(permission' => 0, '|:Created_by' => 'USER_ID', '!group' => array('patient', 'ex_patient')), array('access', 'login'));
Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ALL', array('login' => 'USER_ID'), array('access', 'login'));
Utils_RecordBrowserCommon::add_access('contact', 'edit', array('ACCESS:employee', 'ACCESS:mrm'), array());
Utils_RecordBrowserCommon::add_access('contact', 'delete', array('ACCESS:employee', 'ACCESS:mrm'));
Utils_RecordBrowserCommon::add_access('contact', 'view', 'ALL', array('view' => 'USER'), array('view', 'edit', 'add', 'delete'));
Utils_RecordBrowserCommon::add_access('contact', 'edit', 'ALL', array('edit' => 'USER'));
Utils_RecordBrowserCommon::add_access('contact', 'delete', 'ALL', array('delete' => 'USER'));
Utils_RecordBrowserCommon::uninstall_recordset('cades_access_control');
Utils_CommonDataCommon::remove('CADES/AccessLevel');
Custom_CADES_AccessRestrictionsCommon::add_default_cades_permissions('cades_appointments');
Custom_CADES_AccessRestrictionsCommon::add_default_cades_permissions('cades_allergies');
