public function save(waContact $contact, $fields)
{
if (!isset($fields['categories'])) {
return TRUE;
}
if (empty($fields['categories'][0])) {
$fields['categories'] = array();
}
if (wa()->getApp() == 'contacts' && !wa()->getUser()->getRights('contacts', 'category.all')) {
// only save categories available for current user to see, and do not change others
$crm = new contactsRightsModel();
$cats = $this->getModel()->getContactCategories($contact->getId());
$allowed = $crm->getAllowedCategories();
$set = $fields['categories'] ? array_flip($fields['categories']) : array();
foreach ($allowed as $id => $cat) {
if (isset($set[$id])) {
$cats[$id] = true;
} else {
unset($cats[$id]);
}
}
$fields['categories'] = array_keys($cats);
}
$this->getModel()->setContactCategories($contact->getId(), $fields['categories']);
return TRUE;
}
function getOptions($id = null)
{
if (!$this->model) {
$this->model = new waContactCategoryModel();
}
if (!$this->categories) {
$this->categories = $this->model->getALl('id');
}
// Checklist options, category_id => name
$options = array();
foreach ($this->categories as $id => $row) {
$options[$id] = $row['name'];
}
// Admins are allowed to see everything, and person outside of contacts app can see a list of categories too
if (wa()->getApp() != 'contacts' || wa()->getUser()->getRights('contacts', 'category.all')) {
return $options;
}
// Only load categories available for current user
$crm = new contactsRightsModel();
$allowed = $crm->getAllowedCategories();
foreach ($options as $id => $row) {
if (!isset($allowed[$id])) {
unset($options[$id]);
}
}
return $options;
}
public function execute()
{
// Only show categories available to current user
$crm = new contactsRightsModel();
$cm = new waContactCategoryModel();
// List of categories user is allowed to add contacts to
$categories = $cm->getAll('id');
$allowed = $crm->getAllowedCategories();
if ($allowed === true) {
$allowed = $categories;
}
foreach ($categories as $id => &$cat) {
if (!isset($allowed[$id]) || $cat['system_id']) {
unset($categories[$id]);
}
$cat = $cat['name'];
}
unset($cat);
// Set of catorories that are always checked and disabled in list
$d = waRequest::get('disabled');
if (!is_array($d)) {
$d = array($d);
}
$this->view->assign('categories', $categories);
$this->view->assign('disabled', array_fill_keys($d, true));
}
public function execute()
{
$system = wa();
$datetime = $system->getDateTime();
if (!($this->id = (int) waRequest::get('id'))) {
throw new waException('No id specified.');
}
$user = $this->getUser()->getRights('contacts', 'backend');
$admin = $user >= 2;
$ownProfile = $this->id == wa()->getUser()->getId();
$cr = new contactsRightsModel();
if (!$cr->getRight(null, $this->id)) {
if ($user && $ownProfile) {
$this->view->assign('readonly', true);
} else {
throw new waRightsException('Access denied.');
}
}
$this->getContactInfo();
$this->getUserInfo();
// free or premium app?
$this->view->assign('versionFull', $this->getConfig()->getInfo('edition') === 'full');
// collect data from other applications to show in tabs (for premium app only)
if ($this->getConfig()->getInfo('edition') === 'full') {
$links = array();
foreach (wa()->event('profile.tab', $this->id) as $app_id => $one_or_more_links) {
if (!isset($one_or_more_links['html'])) {
$i = '';
foreach ($one_or_more_links as $link) {
$key = isset($link['id']) ? $link['id'] : $app_id . $i;
$links[$key] = $link;
$i++;
}
} else {
$key = isset($one_or_more_links['id']) ? $one_or_more_links['id'] : $app_id;
$links[$key] = $one_or_more_links;
}
}
$this->view->assign('links', $links);
}
// tab to open by default
$this->view->assign('tab', waRequest::get('tab'));
$this->view->assign('admin', $admin);
$this->view->assign('superadmin', $admin && $this->getUser()->getRights('webasyst', 'backend'));
$this->view->assign('current_user_id', wa()->getUser()->getId());
$this->view->assign('limitedCategories', $admin || $this->getRights('category.all') ? 0 : 1);
// Update history
if (($name = $this->contact->get('name')) || $name === '0') {
$name = trim($this->contact->get('title') . ' ' . $name);
$history = new contactsHistoryModel();
$history->save('/contact/' . $this->id, $name);
}
// Update history in user's browser
$historyModel = new contactsHistoryModel();
$this->view->assign('history', $historyModel->get());
$this->view->assign('wa_view', $this->view);
}
public function execute()
{
$ids = waRequest::post('id', array(), 'array_int');
if (!$ids) {
$ids = (int) waRequest::get('id');
if (!$ids) {
throw new Exception('No ids specified.');
}
$ids = array($ids);
}
// do not try to delete self
if (in_array($this->getUser()->getId(), $ids)) {
die('<p>' . _w('You can not delete yourself.') . '</p><p>' . _w('Please eliminate yourself from deletion list.') . '</p>');
}
// Only allow actions with contacts available for current user
if (!$this->getRights('category.all')) {
$crm = new contactsRightsModel();
$ccm = new waContactCategoriesModel();
$allowed = array_keys($crm->getAllowedCategories());
foreach ($ccm->getContactsCategories($ids) as $id => $cats) {
if (!array_intersect($allowed, $cats)) {
throw new waRightsException('Access denied');
}
}
}
$superadmin = wa()->getUser()->getRights('webasyst', 'backend');
$result = wa()->event('links', $ids);
$this->view->assign('apps', wa()->getApps());
$links = array();
foreach ($result as $app_id => $app_links) {
foreach ($app_links as $contact_id => $contact_links) {
if ($contact_links) {
$links[$contact_id][$app_id] = $contact_links;
}
}
}
// Do not allow non-superadmin to remove users
if (!$superadmin) {
$um = new waUserModel();
$users = array_keys($um->getByField(array('id' => $ids, 'is_user' => 1), 'id'));
foreach ($users as $user_id) {
if (!isset($links[$user_id]['contacts'])) {
$links[$user_id]['contacts'] = array();
}
$links[$user_id]['contacts'][] = array('user', 1);
}
}
$contact_model = new waContactModel();
$this->view->assign('ids', $superadmin ? $ids : array_diff($ids, array_keys($links)));
$this->view->assign('contacts', $contact_model->getName(array_keys($links)));
$this->view->assign('superadmin', $superadmin);
$this->view->assign('all', count($ids));
$this->view->assign('links', $links);
}
public function execute()
{
$superadmin = $this->getUser()->getRights('webasyst', 'backend');
$contacts = waRequest::post('id', array(), 'array_int');
// do not try to delete self
if (in_array($this->getUser()->getId(), $contacts)) {
throw new waRightsException('Access denied: attempt to delete own account.');
}
$this->getRights();
$crm = new contactsRightsModel();
$contacts = $crm->getAllowedContactsIds($contacts);
if (!$contacts) {
throw new waRightsException('Access denied: no access to contacts ');
}
// Deletion of contacts with links to other applications is only allowed to superadmins
if (!$superadmin && ($links = wa()->event('links', $contacts))) {
foreach ($links as $app_id => $l) {
foreach ($l as $contact_id => $contact_links) {
if ($contact_links) {
throw new waRightsException('Access denied: only superadmin is allowed to delete contacts with links to other applications.');
}
}
}
}
// Are there users among $contacts?
$um = new waUserModel();
$users = array_keys($um->getByField(array('id' => $contacts, 'is_user' => 1), 'id'));
// deletion of users is only allowed to superadmins
if (!$superadmin && $users) {
throw new waRightsException('Access denied: only superadmin is allowed to delete users.');
}
// Revoke user access before deletion
foreach ($users as $user_id) {
waUser::revokeUser($user_id);
}
$contact_model = new waContactModel();
$cnt = count($contacts);
if ($cnt > 30) {
$log_params = $cnt;
} else {
// contact names
$log_params = $contact_model->getName($contacts);
}
$history_model = new contactsHistoryModel();
foreach ($contacts as $contact_id) {
$history_model->deleteByField(array('type' => 'add', 'hash' => '/contact/' . $contact_id));
}
// Bye bye...
$contact_model->delete($contacts);
// also throws a contacts.delete event
$this->response['deleted'] = $cnt;
$this->response['message'] = sprintf(_w("%d contact has been deleted", "%d contacts have been deleted", $this->response['deleted']), $this->response['deleted']);
$this->logAction('contact_delete', $log_params);
}
public function execute()
{
$superadmin = $this->getUser()->getRights('webasyst', 'backend');
$contacts = waRequest::post('id', array(), 'array_int');
// do not try to delete self
if (in_array($this->getUser()->getId(), $contacts)) {
throw new waRightsException('Access denied: attempt to delete own account.');
}
// Only allow actions with contacts available for current user
if (!$this->getRights('category.all')) {
$crm = new contactsRightsModel();
$ccm = new waContactCategoriesModel();
$allowed = array_keys($crm->getAllowedCategories());
foreach ($ccm->getContactsCategories($contacts) as $id => $cats) {
if (!array_intersect($allowed, $cats)) {
throw new waRightsException('Access denied: no access to contact ' . $id);
}
}
}
// Deletion of contacts with links to other applications is only allowed to superadmins
if (!$superadmin && ($links = wa()->event('links', $contacts))) {
foreach ($links as $app_id => $l) {
foreach ($l as $contact_id => $contact_links) {
if ($contact_links) {
throw new waRightsException('Access denied: only superadmin is allowed to delete contacts with links to other applications.');
}
}
}
}
// Are there users among $contacts?
$um = new waUserModel();
$users = array_keys($um->getByField(array('id' => $contacts, 'is_user' => 1), 'id'));
// deletion of users is only allowed to superadmins
if (!$superadmin && $users) {
throw new waRightsException('Access denied: only superadmin is allowed to delete users.');
}
// Revoke user access before deletion
foreach ($users as $user_id) {
waUser::revokeUser($user_id);
}
// Bye bye...
$contact_model = new waContactModel();
$contact_model->delete($contacts);
// also throws a contacts.delete event
$this->response['deleted'] = count($contacts);
$this->response['message'] = sprintf(_w("%d contact has been deleted", "%d contacts have been deleted", $this->response['deleted']), $this->response['deleted']);
$this->log('contact_delete', count($contacts));
}
public function execute()
{
$this->view->assign('views', null);
$this->view->assign('settings', $this->getUser()->getSettings('contacts'));
$historyModel = new contactsHistoryModel();
$this->view->assign('history', $historyModel->get());
$cc = new contactsCollection();
$this->view->assign('totalContacts', $cc->count());
// only show categories available to current user
$crm = new contactsRightsModel();
$wcrm = new waContactRightsModel();
$ccm = new waContactCategoryModel();
$allowed = $crm->getAllowedCategories();
$categories = array();
if ($allowed === true) {
$categories = $ccm->getAll();
} else {
if ($allowed) {
foreach ($ccm->getAll() as $cat) {
if (isset($allowed[$cat['id']])) {
$categories[] = $cat;
}
}
}
}
$this->view->assign('categories', $categories);
// User views are only available to global admin
$r = new waContactRightsModel();
$this->view->assign('superadmin', FALSE);
$this->view->assign('admin', FALSE);
if (wa()->getUser()->getRights('webasyst', 'backend')) {
$this->view->assign('superadmin', TRUE);
$this->view->assign('admin', TRUE);
$group_model = new waGroupModel();
$this->view->assign('groups', $group_model->getAll());
$cc = new contactsCollection('/users/all/');
$this->view->assign('totalUsers', $cc->count());
} else {
if (wa()->getUser()->getRights('contacts', 'backend') >= 2) {
$this->view->assign('admin', TRUE);
}
}
// is user allowed to add contacts?
$this->view->assign('show_create', $wcrm->get(null, null, 'create'));
}
protected function checkAccess()
{
if ($this->getRights('category.all')) {
return;
}
// Only allow actions with categories available for current user
$crm = new contactsRightsModel();
$allowed = $crm->getAllowedCategories();
foreach (waRequest::post('categories', array(), 'array_int') as $id) {
if (!isset($allowed[$id])) {
throw new waRightsException('Access denied');
}
}
// Only allow actions with contacts available for current user
$allowed = array_keys($allowed);
$ccm = new waContactCategoriesModel();
foreach ($ccm->getContactsCategories(waRequest::post('contacts', array(), 'array_int')) as $id => $cats) {
if (!array_intersect($allowed, $cats)) {
throw new waRightsException('Access denied');
}
}
}
function wa_header()
{
$system = waSystem::getInstance();
if ($system->getEnv() == 'frontend') {
return '';
}
$root_url = $system->getRootUrl();
$backend_url = $system->getConfig()->getBackendUrl(true);
$user = $system->getUser();
$apps = $user->getApps();
$current_app = $system->getApp();
$app_settings_model = new waAppSettingsModel();
$apps_html = '';
$applist_class = '';
$counts = wa()->getStorage()->read('apps-count');
if (is_array($counts)) {
$applist_class .= ' counts-cached';
}
foreach ($apps as $app_id => $app) {
if (isset($app['img'])) {
$img = '<img ' . (!empty($app['icon'][96]) ? 'data-src2="' . $root_url . $app['icon'][96] . '"' : '') . ' src="' . $root_url . $app['img'] . '" alt="">';
} else {
$img = '';
}
$count = '';
$app_url = $backend_url . $app_id . '/';
if ($counts && isset($counts[$app_id])) {
if (is_array($counts[$app_id])) {
$app_url = $counts[$app_id]['url'];
$n = $counts[$app_id]['count'];
} else {
$n = $counts[$app_id];
}
if ($n) {
$count = '<span class="indicator">' . $n . '</span>';
}
}
$apps_html .= '<li id="wa-app-' . $app_id . '"' . ($app_id == $current_app ? ' class="selected"' : '') . '><a href="' . $app_url . '">' . $img . ' ' . $app['name'] . $count . '</a></li>';
}
$announcement_model = new waAnnouncementModel();
$announcements = array();
if ($current_app != 'webasyst') {
$data = $announcement_model->getByApps($user->getId(), array_keys($apps), $user['create_datetime']);
foreach ($data as $row) {
// show no more than 1 message per application
if (isset($announcements[$row['app_id']]) && count($announcements[$row['app_id']]) >= 1) {
continue;
}
$announcements[$row['app_id']][] = $row['text'] . ' <span class="hint">' . waDateTime::format('humandatetime', $row['datetime']) . '</span>';
}
}
$announcements_html = '';
foreach ($announcements as $app_id => $texts) {
$announcements_html .= '<a href="#" rel="' . $app_id . '" class="wa-announcement-close" title="close">×</a><p>';
$announcements_html .= implode('<br />', $texts);
$announcements_html .= '</p>';
}
if ($announcements_html) {
$announcements_html = '<div id="wa-announcement">' . $announcements_html . '</div>';
}
$logout = _ws('logout');
$userpic = '<img width="32" height="32" src="' . $user->getPhoto(32) . '" alt="">';
$username = htmlspecialchars(waContactNameField::formatName($user), ENT_QUOTES, 'utf-8');
// If the user has access to contacts app then show a link to his profile
if (wa()->appExists('contacts')) {
require_once wa()->getConfig()->getAppsPath('contacts', 'lib/models/contactsRights.model.php');
try {
$cr = new contactsRightsModel();
} catch (waDbException $e) {
wa('contacts');
$cr = new contactsRightsModel();
}
if ($user->getRights('contacts', 'backend') && $cr->getRight(null, $user['id'])) {
$userpic = '<a href="' . $backend_url . 'contacts/#/contact/' . $user['id'] . '">' . $userpic . '</a>';
$username = '******' . $backend_url . 'contacts/#/contact/' . $user['id'] . '" id="wa-my-username">' . $username . '</a>';
} else {
$userpic = '<a href="' . $backend_url . '?module=profile">' . $userpic . '</a>';
$username = '******' . $backend_url . '?module=profile" id="wa-my-username">' . $username . '</a>';
}
}
$more = _ws('more');
if ($applist_class) {
$applist_class = ' class="' . trim($applist_class) . '"';
}
$company_name = htmlspecialchars($app_settings_model->get('webasyst', 'name', 'Webasyst'), ENT_QUOTES, 'utf-8');
$company_url = $app_settings_model->get('webasyst', 'url', $system->getRootUrl(true));
$version = wa()->getVersion();
$strings = array('customize' => _ws('Customize dashboard'), 'done' => _ws('Done editing'), 'date' => _ws(waDateTime::date('l')) . ', ' . trim(str_replace(date('Y'), '', waDateTime::format('humandate')), ' ,/'));
$html = <<<HTML
<script type="text/javascript">var backend_url = "{$backend_url}";</script>
{$announcements_html}
<div id="wa-header">
<div id="wa-account">
HTML;
if (wa()->getApp() == 'webasyst') {
$html .= <<<HTML
<h3>{$company_name} <a href="{$company_url}" class="wa-frontend-link" target="_blank"><i class="icon16 new-window"></i></a></h3>
<a class="inline-link" id="show-dashboard-editable-mode" href="{$backend_url}"><b><i>{$strings['customize']}</i></b></a>
<input id="close-dashboard-editable-mode" type="button" value="{$strings['done']}" style="display: none;">
HTML;
} else {
$html .= <<<HTML
<a href="{$backend_url}" class="wa-dashboard-link"><h3>{$company_name}</h3>
<span class="gray">{$strings['date']}</span></a>
HTML;
}
$html .= <<<HTML
</div>
<div id="wa-usercorner">
<div class="profile image32px">
<div class="image">
{$userpic}
</div>
<div class="details">
{$username}
<p class="status"></p>
<a class="hint" href="{$backend_url}?action=logout">{$logout}</a>
</div>
</div>
</div>
<div id="wa-applist" {$applist_class}>
<ul>
{$apps_html}
<li>
<a href="#" id="wa-moreapps"></a>
</li>
</ul>
HTML;
if (wa()->getApp() == 'webasyst') {
$html .= '<div class="d-dashboard-header-content">
<div class="d-dashboards-list-wrapper" id="d-dashboards-list-wrapper"></div>
<div class="d-dashboard-link-wrapper" id="d-dashboard-link-wrapper"><i class="icon10 lock-bw"></i> ' . _w('Only you can see this dashboard.') . '</div>
</div>';
}
$html .= <<<HTML
</div>
</div>
<script id="wa-header-js" type="text/javascript" src="{$root_url}wa-content/js/jquery-wa/wa.header.js?v{$version}"></script>
HTML;
return $html;
}
public function execute()
{
$system = wa();
$datetime = $system->getDateTime();
$user = $this->getUser()->getRights('contacts', 'backend');
$admin = $user >= 2;
$cr = new contactsRightsModel();
if (!empty($this->params['limited_own_profile'])) {
$this->id = wa()->getUser()->getId();
$this->view->assign('limited_own_profile', true);
$this->view->assign('save_url', '?module=profile&action=save');
$this->view->assign('password_save_url', '?module=profile&action=password');
$this->view->assign('save_geocoords_url', '?module=profile&action=saveGeocoords');
$this->view->assign('photo_upload_url', '?module=profile&action=tmpimage');
$this->view->assign('photo_editor_url', '?module=profile&action=photo');
$this->view->assign('photo_editor_uploaded_url', '?module=profile&action=photo&uploaded=1');
} else {
$this->id = (int) waRequest::get('id');
if (empty($this->id)) {
throw new waException('No id specified.');
}
$r = $cr->getRight(null, $this->id);
//var_dump($r );exit;
if (!$r) {
throw new waRightsException(_w('Access denied'));
} else {
$this->view->assign('readonly', $r === 'read');
}
}
$exists = $this->getContactInfo();
if ($exists) {
$this->getUserInfo();
$this->view->assign('last_view_context', $this->getLastViewContext());
// collect data from other applications to show in tabs
if (empty($this->params['limited_own_profile'])) {
$links = array();
foreach (wa()->event('profile.tab', $this->id) as $app_id => $one_or_more_links) {
if (!isset($one_or_more_links['html'])) {
$i = '';
foreach ($one_or_more_links as $link) {
$key = isset($link['id']) ? $link['id'] : $app_id . $i;
$links[$key] = $link;
$i++;
}
} else {
$key = isset($one_or_more_links['id']) ? $one_or_more_links['id'] : $app_id;
$links[$key] = $one_or_more_links;
}
}
$this->view->assign('links', $links);
}
// tab to open by default
$this->view->assign('tab', waRequest::get('tab'));
$this->view->assign('admin', $admin);
$this->view->assign('superadmin', $admin && $this->getUser()->getRights('webasyst', 'backend'));
$this->view->assign('current_user_id', wa()->getUser()->getId());
$this->view->assign('can_edit', $cr->getRight(null, $this->id));
// Update history
if (empty($this->params['limited_own_profile'])) {
$name = $this->contact->get('name');
if ($name || $name === '0') {
$history = new contactsHistoryModel();
$history->save('/contact/' . $this->id, $name);
}
// Update history in user's browser
$historyModel = new contactsHistoryModel();
$this->view->assign('history', $historyModel->get());
}
$this->view->assign('wa_view', $this->view);
$this->view->assign('access_disable_msg', contactsHelper::getAccessDisableMsg($this->contact));
$this->view->assign('my_url', wa()->getRootUrl(true) . 'my/');
$this->view->assign('backend_url', wa()->getRootUrl(true) . wa()->getConfig()->getBackendUrl(false) . '/');
$this->view->assign('static_url', wa()->getAppStaticUrl('contacts'));
}
$this->view->assign('exists', $exists);
if ($this->getRequest()->request('standalone')) {
/**
* Include plugins js and css
* @event backend_assets
* @return array[string]string $return[%plugin_id%]
*/
$this->view->assign('backend_assets', wa()->event('backend_assets'));
}
$auth = wa()->getAuthConfig();
$this->view->assign('personal_portal_available', !empty($auth['app']));
/*
* @event backend_contact_info
* @return array[string]array $return[%plugin_id%] array of html output
* @return array[string][string]string $return[%plugin_id%]['after_header'] html output
* @return array[string][string]string $return[%plugin_id%]['header'] html output
* @return array[string][string]string $return[%plugin_id%]['before_header'] html output
* @return array[string][string]string $return[%plugin_id%]['before_top'] html output
* @return array[string][string]string $return[%plugin_id%]['top'] html output
* @return array[string][string]string $return[%plugin_id%]['after_top'] html output
* @return array[string][string]string $return[%plugin_id%]['photo'] html output
*/
$backend_contact_info_params = array('contact_id' => $this->id);
$this->view->assign('backend_contact_info', wa()->event('backend_contact_info', $backend_contact_info_params));
}
public function clearRights($contact_id)
{
self::$model->deleteByField(array('group_id' => -$contact_id));
}
/**
* Delete one or more contacts and fire event сontacts.delete
*
* @event contacts.delete
*
* @param int|array $id - contact id or array of contact ids
* @return bool
*/
public function delete($id, $send_event = true)
{
if ($send_event) {
// Fire @event contacts.delete allowing other applications to clean up their data
if (!is_array($id)) {
$id = array($id);
}
wa()->event(array('contacts', 'delete'), $id);
}
if (is_array($id)) {
$nid = array();
foreach ($id as $i) {
$nid[] = -(int) $i;
}
} else {
$nid = -(int) $id;
}
// Delete rights
$right_model = new waContactRightsModel();
$right_model->deleteByField('group_id', $nid);
// Delete settings
$setting_model = new waContactSettingsModel();
$setting_model->deleteByField('contact_id', $id);
// Delete emails
$contact_email_model = new waContactEmailsModel();
$contact_email_model->deleteByField('contact_id', $id);
// Delete from groups
$user_groups_model = new waUserGroupsModel();
$user_groups_model->deleteByField('contact_id', $id);
// Delete from contact lists
if (class_exists('contactsContactListsModel')) {
// @todo: Use plugin for contacts
$contact_lists_model = new contactsContactListsModel();
$contact_lists_model->deleteByField('contact_id', $id);
}
// Delete from contact rights
$contact_rights_model = new contactsRightsModel();
$contact_rights_model->deleteByField('group_id', $nid);
// Delete data
$contact_data_model = new waContactDataModel();
$contact_data_model->deleteByField('contact_id', $id);
$contact_data_text_model = new waContactDataTextModel();
$contact_data_text_model->deleteByField('contact_id', $id);
// // Delete contact from logs
// $login_log_model = new waLoginLogModel();
// $login_log_model->deleteByField('contact_id', $id);
// Clear references
$this->updateByField(array('company_contact_id' => $id), array('company_contact_id' => 0));
// Delete contact
return $this->deleteById($id);
}
public function execute()
{
$this->id = (int) waRequest::post('id');
// Check access
if (!$this->id) {
if (!$this->getRights('create')) {
throw new waRightsException('Access denied.');
}
} else {
$cr = new contactsRightsModel();
if ($cr->getRight(null, $this->id) != 'write') {
throw new waRightsException('Access denied.');
}
}
$this->type = waRequest::post('type');
$this->contact = new waContact($this->id);
if ($this->type == 'company') {
$this->contact['is_company'] = 1;
}
$data = json_decode(waRequest::post('data'), true);
if (!$this->id && !isset($data['create_method'])) {
$data['create_method'] = 'add';
}
$oldLocale = $this->getUser()->getLocale();
// get old data for logging
if ($this->id) {
$old_data = array();
foreach ($data as $field_id => $field_value) {
$old_data[$field_id] = $this->contact->get($field_id);
}
}
$response = array();
if (!($errors = $this->contact->save($data, true))) {
if ($this->id) {
$new_data = array();
foreach ($data as $field_id => $field_value) {
if (!isset($errors[$field_id])) {
$response[$field_id] = $this->contact->get($field_id, 'js');
$new_data[$field_id] = $this->contact->get($field_id);
}
}
if (empty($errors)) {
$this->logContactEdit($old_data, $new_data);
}
$response['name'] = $this->contact->get('name', 'js');
$response['top'] = contactsHelper::getTop($this->contact);
$response['id'] = $this->contact->getId();
} else {
$response = array('id' => $this->contact->getId());
$response['address'] = $this->contact->get('address', 'js');
$this->logAction('contact_add', null, $this->contact->getId());
}
// Update recently added menu item
$name = waContactNameField::formatName($this->contact);
if ($name || $name === '0') {
$history = new contactsHistoryModel();
$history->save('/contact/' . $this->contact->getId(), $name, $this->id ? null : 'add');
$history = $history->get();
// to update history in user's browser
}
}
// Reload page with new language if user just changed it in own profile
if ($this->contact->getId() == $this->getUser()->getId() && $oldLocale != $this->contact->getLocale()) {
$response['reload'] = true;
}
$this->response = array('errors' => $errors, 'data' => $response);
if (isset($history)) {
$this->response['history'] = $history;
}
}
/**
* Verifies current user's access rights to contact with specified id.
*
* @param int|null $contact_id Contact id. If not specified, access rights to all contacts are verified.
* @return bool
*/
public static function getContactRights($contact_id = null)
{
$rights = false;
if (wa()->appExists('contacts')) {
if ($contact_id) {
wa('contacts');
$contact_rights = new contactsRightsModel();
if ($contact_rights->getRight(null, $contact_id)) {
$rights = true;
}
} else {
$rights = wa()->getUser()->getRights('contacts');
$rights = $rights && !empty($rights['backend']);
}
}
return $rights;
}
function wa_header()
{
$system = waSystem::getInstance();
if ($system->getEnv() == 'frontend') {
return '';
}
$root_url = $system->getRootUrl();
$backend_url = $system->getConfig()->getBackendUrl(true);
$user = $system->getUser();
$apps = $user->getApps();
$current_app = $system->getApp();
$app_settings_model = new waAppSettingsModel();
$apps_html = '';
$applist_class = '';
$counts = wa()->getStorage()->read('apps-count');
if (is_array($counts)) {
$applist_class .= ' counts-cached';
}
foreach ($apps as $app_id => $app) {
if (isset($app['img'])) {
$img = '<img ' . (!empty($app['icon'][96]) ? 'data-src2="' . $root_url . $app['icon'][96] . '"' : '') . ' src="' . $root_url . $app['img'] . '" alt="">';
} else {
$img = '';
}
$count = '';
$app_url = $backend_url . $app_id . '/';
if ($counts && isset($counts[$app_id])) {
if (is_array($counts[$app_id])) {
$app_url = $counts[$app_id]['url'];
$n = $counts[$app_id]['count'];
} else {
$n = $counts[$app_id];
}
if ($n) {
$count = '<span class="indicator">' . $n . '</span>';
}
}
$apps_html .= '<li id="wa-app-' . $app_id . '"' . ($app_id == $current_app ? ' class="selected"' : '') . '><a href="' . $app_url . '">' . $img . ' ' . $app['name'] . $count . '</a></li>';
}
if ($system->getRequest()->isMobile(false)) {
$top_url = '<a href="' . $backend_url . '?mobile=1">mobile version</a>';
} else {
$url = $app_settings_model->get('webasyst', 'url', $system->getRootUrl(true));
$url_info = @parse_url($url);
if ($url_info) {
$url_name = '';
if (empty($url_info['scheme'])) {
$url = 'http://' . $url;
}
if (isset($url_info['host'])) {
$url_name .= $url_info['host'];
}
if (isset($url_info['path'])) {
if ($url_info['path'] == '/' && !isset($url_info['query'])) {
} else {
$url_name .= $url_info['path'];
}
}
if (isset($url_info['query'])) {
$url_name .= '?' . $url_info['query'];
}
} else {
$url = $url_name = $system->getRootUrl(true);
}
$top_url = '<a target="_blank" href="' . $url . '">' . $url_name . '</a>';
}
$announcement_model = new waAnnouncementModel();
$data = $announcement_model->getByApps($user->getId(), array_keys($apps), $user['create_datetime']);
$announcements = array();
foreach ($data as $row) {
// show no more than 1 message per application
if (isset($announcements[$row['app_id']]) && count($announcements[$row['app_id']]) >= 1) {
continue;
}
$announcements[$row['app_id']][] = $row['text'] . ' <span class="hint">' . waDateTime::format('humandatetime', $row['datetime']) . '</span>';
}
$announcements_html = '';
foreach ($announcements as $app_id => $texts) {
$announcements_html .= '<a href="#" rel="' . $app_id . '" class="wa-announcement-close inline-link" title="close"><b><i>' . _ws('Close') . '</i></b></a><p>';
$announcements_html .= implode('<br />', $texts);
$announcements_html .= '</p>';
}
if ($announcements_html) {
$announcements_html = '<div id="wa-announcement">' . $announcements_html . '</div>';
}
$logout = _ws('logout');
$userpic = '<img width="32" height="32" src="' . $user->getPhoto(32) . '" alt="">';
$username = htmlspecialchars(waContactNameField::formatName($user), ENT_QUOTES, 'utf-8');
// If the user has access to contacts app then show a link to his profile
if (wa()->appExists('contacts')) {
require_once wa()->getConfig()->getAppsPath('contacts', 'lib/models/contactsRights.model.php');
try {
$cr = new contactsRightsModel();
} catch (waDbException $e) {
wa('contacts');
$cr = new contactsRightsModel();
}
if ($user->getRights('contacts', 'backend') && $cr->getRight(null, $user['id'])) {
$userpic = '<a href="' . $backend_url . 'contacts/#/contact/' . $user['id'] . '">' . $userpic . '</a>';
$username = '******' . $backend_url . 'contacts/#/contact/' . $user['id'] . '" id="wa-my-username">' . $username . '</a>';
} else {
$userpic = '<a href="' . $backend_url . '?module=profile">' . $userpic . '</a>';
$username = '******' . $backend_url . '?module=profile" id="wa-my-username">' . $username . '</a>';
}
}
$more = _ws('more');
if ($applist_class) {
$applist_class = ' class="' . trim($applist_class) . '"';
}
$company_name = htmlspecialchars($app_settings_model->get('webasyst', 'name', 'Webasyst'), ENT_QUOTES, 'utf-8');
$version = wa()->getVersion();
$html = <<<HTML
<script type="text/javascript">var backend_url = "{$backend_url}";</script>
{$announcements_html}
<div id="wa-header">
<div id="wa-account">
<h3>{$company_name}</h3>
{$top_url}
</div>
<div id="wa-usercorner">
<div class="profile image32px">
<div class="image">
{$userpic}
</div>
<div class="details">
{$username}
<p class="status"></p>
<a class="hint" href="{$backend_url}?action=logout">{$logout}</a>
</div>
</div>
</div>
<div id="wa-applist" {$applist_class}>
<ul>
{$apps_html}
<li>
<a href="#" id="wa-moreapps"></a>
</li>
</ul>
</div>
</div>
<script id="wa-header-js" type="text/javascript" src="{$root_url}wa-content/js/jquery-wa/wa.header.js?v{$version}"></script>
HTML;
return $html;
}
public function execute()
{
$this->id = (int) waRequest::post('id');
// Check access
if (!$this->id) {
if (!$this->getRights('create')) {
throw new waRightsException('Access denied.');
}
} else {
$cr = new contactsRightsModel();
if ($cr->getRight(null, $this->id) != 'write') {
throw new waRightsException('Access denied.');
}
}
$this->type = waRequest::post('type');
$this->contact = new waContact($this->id);
if ($this->type == 'company') {
$this->contact['is_company'] = 1;
}
$data = json_decode(waRequest::post('data'), true);
if (!$this->id && !isset($data['create_method'])) {
$data['create_method'] = 'add';
}
$oldLocale = $this->getUser()->getLocale();
$response = array();
if (!($errors = $this->contact->save($data, true))) {
if ($this->id) {
foreach ($data as $field_id => $field_value) {
if (!isset($errors[$field_id])) {
$response[$field_id] = $this->contact->get($field_id, 'js');
}
}
$response['name'] = $this->contact->get('name', 'js');
$fields = array('email', 'phone', 'im');
$top = array();
foreach ($fields as $f) {
if ($v = $this->contact->get($f, 'top,html')) {
$top[] = array('id' => $f, 'name' => waContactFields::get($f)->getName(), 'value' => is_array($v) ? implode(', ', $v) : $v);
}
}
$response['top'] = $top;
} else {
$response = array('id' => $this->contact->getId());
$this->log('contact_add', 1);
}
// Update recently added menu item
if (($name = $this->contact->get('name')) || $name === '0') {
$name = trim($this->contact->get('title') . ' ' . $name);
$history = new contactsHistoryModel();
$history->save('/contact/' . $this->contact->getId(), $name, $this->id ? null : 'add');
$history = $history->get();
// to update history in user's browser
}
}
// Reload page with new language if user just changed it in own profile
if ($this->contact->getId() == $this->getUser()->getId() && $oldLocale != $this->contact->getLocale()) {
$response['reload'] = TRUE;
}
$this->response = array('errors' => $errors, 'data' => $response);
if (isset($history)) {
$this->response['history'] = $history;
}
}