Skip to content
Snippets Groups Projects
VtigerCRMObjectMeta.php 16.7 KiB
Newer Older
Prasad's avatar
Prasad committed
<?php
/*+***********************************************************************************
 * The contents of this file are subject to the vtiger CRM Public License Version 1.0
 * ("License"); You may not use this file except in compliance with the License
 * The Original Code is:  vtiger CRM Open Source
 * The Initial Developer of the Original Code is vtiger.
 * Portions created by vtiger are Copyright (C) vtiger.
 * All Rights Reserved.
 *************************************************************************************/

class VtigerCRMObjectMeta extends EntityMeta {
	
	private $tabId;
	
	private $meta;
	private $assign;
	private $hasAccess;
	private $hasReadAccess;
	private $hasCreateAccess;
	private $hasWriteAccess;//Edit Access
Prasad's avatar
Prasad committed
	private $hasDeleteAccess;
	private $assignUsers;
	private $allowDuplicates;
Prasad's avatar
Prasad committed
	
	function __construct($webserviceObject,$user)
	{
Prasad's avatar
Prasad committed
		
		parent::__construct($webserviceObject,$user);
		
		$this->columnTableMapping = null;
		$this->fieldColumnMapping = null;
		$this->userAccessibleColumns = null;
		$this->mandatoryFields = null;
		$this->emailFields = null;
		$this->referenceFieldDetails = null;
		$this->ownerFields = null;
		$this->moduleFields = array();
		$this->hasAccess = false;
		$this->hasReadAccess = false;
		$this->hasCreateAccess = false;
Prasad's avatar
Prasad committed
		$this->hasWriteAccess = false;
		$this->hasDeleteAccess = false;
		$this->allowDuplicates = null;
Prasad's avatar
Prasad committed
		$instance = vtws_getModuleInstance($this->webserviceObject);
		$this->idColumn = $instance->tab_name_index[$instance->table_name];
		$this->baseTable = $instance->table_name;
		$this->tableList = $instance->tab_name;
		$this->tableIndexList = $instance->tab_name_index;
		if(in_array('vtiger_crmentity',$instance->tab_name)){
			$this->defaultTableList = array('vtiger_crmentity');
		}else{
			$this->defaultTableList = array();
		}
		$this->tabId = null;
	}
	function VtigerCRMObjectMeta($webserviceObject,$user){
		// PHP4-style constructor.
		// This will NOT be invoked, unless a sub-class that extends `foo` calls it.
		// In that case, call the new-style constructor to keep compatibility.
		self::__construct($webserviceObject,$user);
	}
Prasad's avatar
Prasad committed

	/**
	 * returns tabid of the current object.
	 * @return Integer 
	 */
	public function getTabId(){
		if($this->tabId == null){
			$this->tabId = getTabid($this->objectName);
		}
		return $this->tabId;
	}

	/**
	 * returns tabid that can be consumed for database lookup purpose generally, events and
	 * calendar are treated as the same module
	 * @return Integer
	 */
	public function getEffectiveTabId() {
		return getTabid($this->getTabName());
	}

	public function getTabName(){
		if($this->objectName == 'Events'){
			return 'Calendar';
		}
		return $this->objectName;
	}
	
	private function computeAccess(){
		
		global $adb;
		
		$active = vtlib_isModuleActive($this->getTabName());
		if($active == false){
			$this->hasAccess = false;
			$this->hasReadAccess = false;
			$this->hasCreateAccess = false;
Prasad's avatar
Prasad committed
			$this->hasWriteAccess = false;
			$this->hasDeleteAccess = false;
			return;
		}
		
		require('user_privileges/user_privileges_'.$this->user->id.'.php');
		if($is_admin == true || $profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] == 0){
			$this->hasAccess = true;
			$this->hasReadAccess = true;
			$this->hasCreateAccess = true;
Prasad's avatar
Prasad committed
			$this->hasWriteAccess = true;
			$this->hasDeleteAccess = true;
		}else{
			
			//TODO get oer sort out the preference among profile2tab and profile2globalpermissions.
			//TODO check whether create/edit seperate controls required for web sevices?
			$profileList = getCurrentUserProfileList();
			
			$sql = "select * from vtiger_profile2globalpermissions where profileid in (".generateQuestionMarks($profileList).");";
			$result = $adb->pquery($sql,array($profileList));
			
			$noofrows = $adb->num_rows($result);
			//globalactionid=1 is view all action.
			//globalactionid=2 is edit all action.
			for($i=0; $i<$noofrows; $i++){
				$permission = $adb->query_result($result,$i,"globalactionpermission");
				$globalactionid = $adb->query_result($result,$i,"globalactionid");
				if($permission != 1 || $permission != "1"){
					$this->hasAccess = true;
					if($globalactionid == 2 || $globalactionid == "2"){
						$this->hasCreateAccess = true;
Prasad's avatar
Prasad committed
						$this->hasWriteAccess = true;
						$this->hasDeleteAccess = true;
					}else{
						$this->hasReadAccess = true;
					}
				}
			}
			
Prasad's avatar
Prasad committed
			$sql = 'select * from vtiger_profile2tab where profileid in ('.generateQuestionMarks($profileList).') and tabid = ? and permissions = ?';
			$result = $adb->pquery($sql,array($profileList,$this->getTabId(),0));
Prasad's avatar
Prasad committed
			$standardDefined = false;
Prasad's avatar
Prasad committed
			$permission = $adb->num_rows($result);
			if ($permission > 0) {
				$this->hasAccess = true;
			} else {
Prasad's avatar
Prasad committed
				$this->hasAccess = false;
				return;
			}
			
			//operation=2 is delete operation.
			//operation=0 or 1 is create/edit operation. precise 0 create and 1 edit.
			//operation=3 index or popup. //ignored for websevices.
			//operation=4 is view operation.
			$sql = "select * from vtiger_profile2standardpermissions where profileid in (".generateQuestionMarks($profileList).") and tabid=?";
			$result = $adb->pquery($sql,array($profileList,$this->getTabId()));
			
			$noofrows = $adb->num_rows($result);
			for($i=0; $i<$noofrows; $i++){
				$standardDefined = true;
				$permission = $adb->query_result($result,$i,"permissions");
				$operation = $adb->query_result($result,$i,"Operation");
				if(!$operation){
					$operation = $adb->query_result($result,$i,"operation");
				}
				
				if($permission != 1 || $permission != "1"){
					$this->hasAccess = true;
					if($operation == 0 || $operation == "0"){
						$this->hasWriteAccess = true;
					}else if($operation == 1 || $operation == "1"){
						$this->hasWriteAccess = true;
					}else if($operation == 2 || $operation == "2"){
						$this->hasDeleteAccess = true;
					}else if($operation == 4 || $operation == "4"){
						$this->hasReadAccess = true;
					}else if($operation == 7 || $operation == "7"){
						$this->hasCreateAccess = true;
Prasad's avatar
Prasad committed
					}
				}
			}
			if(!$standardDefined){
				$this->hasReadAccess = true;
				$this->hasCreateAccess = true;
Prasad's avatar
Prasad committed
				$this->hasWriteAccess = true;
				$this->hasDeleteAccess = true;
			}
			
		}
	}
	
	function hasAccess(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return $this->hasAccess;
	}
	
	function hasWriteAccess(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return $this->hasWriteAccess;
	}
Prasad's avatar
Prasad committed
	
	function hasCreateAccess() {
		if(!$this->meta) {
			$this->retrieveMeta();
		}
		return $this->hasCreateAccess;
	}

Prasad's avatar
Prasad committed
	function hasReadAccess(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return $this->hasReadAccess;
	}
	
	function hasDeleteAccess(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return $this->hasDeleteAccess;
	}
	
	function hasPermission($operation,$webserviceId){
		
		$idComponents = vtws_getIdComponents($webserviceId);
		$id=$idComponents ? array_pop($idComponents):null;
		if ($id) {
			$permitted = isPermitted($this->getTabName(),$operation,$id);
			if(strcmp($permitted,"yes")===0){
				return true;
			}
Prasad's avatar
Prasad committed
		}
		return false;
	}
	
	function hasAssignPrivilege($webserviceId){
		global $adb;

		// administrator's have assign privilege
		if(is_admin($this->user)) return true;
		
		$idComponents = vtws_getIdComponents($webserviceId);
		$userId=$idComponents[1];
		$ownerTypeId = $idComponents[0];
		
		if($userId == null || $userId =='' || $ownerTypeId == null || $ownerTypeId ==''){
			return false;
		}
		$webserviceObject = VtigerWebserviceObject::fromId($adb,$ownerTypeId);
		if(strcasecmp($webserviceObject->getEntityName(),"Users")===0){
			if($userId == $this->user->id){
				return true;
			}
			if(!$this->assign){
				$this->retrieveUserHierarchy();
			}
			if(in_array($userId,array_keys($this->assignUsers))){
				return true;
			}else{
				return false;
			}
		}elseif(strcasecmp($webserviceObject->getEntityName(),"Groups") === 0){
			$tabId = $this->getTabId();
			$groups = vtws_getUserAccessibleGroups($tabId, $this->user);
			foreach ($groups as $group) {
				if($group['id'] == $userId){
					return true;
				}
			}
			return false;
		}
		
	}
	
	function getUserAccessibleColumns(){
		
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return parent::getUserAccessibleColumns();
	}
	
	public function getModuleFields() {
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return parent::getModuleFields();
	}

	function getColumnTableMapping(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return parent::getColumnTableMapping();
	}
	
	function getFieldColumnMapping(){
		
		if(!$this->meta){
			$this->retrieveMeta();
		}
		if($this->fieldColumnMapping === null){
			$this->fieldColumnMapping =  array();
Prasad's avatar
Prasad committed
			foreach ($this->moduleFields as $fieldName => $webserviceField) {
				if ($this->getEntityName() == "Emails") {
					if (strcasecmp($webserviceField->getFieldDataType(), 'file') !== 0) {
						$this->fieldColumnMapping[$fieldName] = $webserviceField->getColumnName();
					}
				} else if($this->getEntityName() == "Users") {
					$restrictedFields = array('user_password', 'confirm_password', 'accesskey');
					if(!in_array($fieldName, $restrictedFields)) {
						$this->fieldColumnMapping[$fieldName] = $webserviceField->getColumnName();
					}	
Prasad's avatar
Prasad committed
				} else {
Prasad's avatar
Prasad committed
					$this->fieldColumnMapping[$fieldName] = $webserviceField->getColumnName();
				}
			}
			$this->fieldColumnMapping['id'] = $this->idColumn;
		}
		return $this->fieldColumnMapping;
	}
	
	function getMandatoryFields(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return parent::getMandatoryFields();
	}
	
	function getReferenceFieldDetails(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return parent::getReferenceFieldDetails();
	}
	
	function getOwnerFields(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return parent::getOwnerFields();
	}
	
	function getEntityName(){
		return $this->objectName;
	}
	
	function getEntityId(){
		return $this->objectId;
	}
	
	function getEmailFields(){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		return parent::getEmailFields();
	}
	
	function getFieldIdFromFieldName($fieldName){
		if(!$this->meta){
			$this->retrieveMeta();
		}
		
		if(isset($this->moduleFields[$fieldName])){
			$webserviceField = $this->moduleFields[$fieldName];
			return $webserviceField->getFieldId();
		}
		return null;
	}
	
	function retrieveMeta(){
		
		require_once('modules/CustomView/CustomView.php');
		$current_user = vtws_preserveGlobal('current_user',$this->user);
Prasad's avatar
Prasad committed
		$theme = vtws_preserveGlobal('theme', isset($this->user->theme) ? $this->user->theme : "");
Prasad's avatar
Prasad committed
		$default_language = VTWS_PreserveGlobal::getGlobal('default_language');
		global $current_language;
		if(empty($current_language)) $current_language = $default_language;
		$current_language = vtws_preserveGlobal('current_language',$current_language);
		
		$this->computeAccess();
		
		$cv = new CustomView();
		$module_info = $cv->getCustomViewModuleInfo($this->getTabName());
		$blockArray = array();
		foreach($cv->module_list[$this->getTabName()] as $label=>$blockList){
			$blockArray = array_merge($blockArray,explode(',',$blockList));
		}
		$this->retrieveMetaForBlock($blockArray);
		
		$this->meta = true;
		VTWS_PreserveGlobal::flush();
	}
	
	private function retrieveUserHierarchy(){
		
		$heirarchyUsers = get_user_array(false,"ACTIVE",$this->user->id);
		$groupUsers = vtws_getUsersInTheSameGroup($this->user->id);
		$this->assignUsers = $heirarchyUsers + $groupUsers;
Prasad's avatar
Prasad committed
		$this->assign = true;
	}
	
	private function retrieveMetaForBlock($block){
		
		global $adb;
		
		$tabid = $this->getTabId();
		require('user_privileges/user_privileges_'.$this->user->id.'.php');
		if($is_admin == true || $profileGlobalPermission[1] == 0 || $profileGlobalPermission[2] ==0){
Prasad's avatar
Prasad committed
			$sql = "select *, '0' as readonly from vtiger_field where tabid =? and block in (".generateQuestionMarks($block).") and displaytype in (1,2,3,4,5,6)";
Prasad's avatar
Prasad committed
			$params = array($tabid, $block);	
		}else{
			$profileList = getCurrentUserProfileList();
			
			if (php7_count($profileList) > 0) {
Prasad's avatar
Prasad committed
				$sql = "SELECT vtiger_field.*, vtiger_profile2field.readonly
						FROM vtiger_field
						INNER JOIN vtiger_profile2field
						ON vtiger_profile2field.fieldid = vtiger_field.fieldid
						INNER JOIN vtiger_def_org_field
						ON vtiger_def_org_field.fieldid = vtiger_field.fieldid
						WHERE vtiger_field.tabid =? AND vtiger_profile2field.visible = 0 
						AND vtiger_profile2field.profileid IN (". generateQuestionMarks($profileList) .")
						AND vtiger_def_org_field.visible = 0 and vtiger_field.block in (".generateQuestionMarks($block).") and vtiger_field.displaytype in (1,2,3,4,5,6) and vtiger_field.presence in (0,2) group by columnname";
Prasad's avatar
Prasad committed
				$params = array($tabid, $profileList, $block);
			} else {
				$sql = "SELECT vtiger_field.*, vtiger_profile2field.readonly
						FROM vtiger_field
						INNER JOIN vtiger_profile2field
						ON vtiger_profile2field.fieldid = vtiger_field.fieldid
						INNER JOIN vtiger_def_org_field
						ON vtiger_def_org_field.fieldid = vtiger_field.fieldid
						WHERE vtiger_field.tabid=? 
						AND vtiger_profile2field.visible = 0 
						AND vtiger_def_org_field.visible = 0 and vtiger_field.block in (".generateQuestionMarks($block).") and vtiger_field.displaytype in (1,2,3,4,5,6) and vtiger_field.presence in (0,2) group by columnname";
Prasad's avatar
Prasad committed
				$params = array($tabid, $block);
			}
		}

		// Bulk Save Mode: Group by is not required!?
		if(CRMEntity::isBulkSaveMode()) {
			$sql = preg_replace("/group by [^ ]*/", " ", $sql);
		}
		// END
		
		$result = $adb->pquery($sql,$params);
		
		$noofrows = $adb->num_rows($result);
		$referenceArray = array();
		$knownFieldArray = array();
		for($i=0; $i<$noofrows; $i++){
			$webserviceField = WebserviceField::fromQueryResult($adb,$result,$i);
			$this->moduleFields[$webserviceField->getFieldName()] = $webserviceField;
		}
	}
	
	function getObjectEntityName($webserviceId){
		global $adb;
		
		$idComponents = vtws_getIdComponents($webserviceId);
		$id=$idComponents[1];
		
		$seType = null;
		if($this->objectName == 'Users'){
			$sql = "select user_name from vtiger_users where id=? and deleted=0";
			$result = $adb->pquery($sql , array($id));
			if($result != null && isset($result)){
				if($adb->num_rows($result)>0){
					$seType = 'Users';
				}
			}
		}else{
			$sql = "select setype from vtiger_crmentity where crmid=? and deleted=0";
			$result = $adb->pquery($sql , array($id));
			if($result != null && isset($result)){
				if($adb->num_rows($result)>0){
					$seType = $adb->query_result($result,0,"setype");
					if($seType == "Calendar"){
						$seType = vtws_getCalendarEntityType($id);
					}
				}
			}
		}
		
		return $seType;
	}
	
	function exists($recordId){
		global $adb;
		
		// Caching user existence value for optimizing repeated reads.
		// 
		// NOTE: We are not caching the record existence 
		// to ensure only latest state from DB is sent.
		static $user_exists_cache = array();
		
		$exists = false;
		$sql = '';
		if($this->objectName == 'Users'){
			if (array_key_exists($recordId, $user_exists_cache)) {
				$exists = true;
			} else {
				$sql = "select 1 from vtiger_users where id=? and deleted=0 and status='Active'";
			}
			
		}else{
			$sql = "select 1 from vtiger_crmentity where crmid=? and deleted=0 and setype='".
				$this->getTabName()."'";
		}
		
		if ($sql) {
			$result = $adb->pquery($sql , array($recordId));
			if($result != null && isset($result)){
				if($adb->num_rows($result)>0){
					$exists = true;
				}
			}
			// Cache the value for further lookup.
			if ($this->objectName == 'Users') {
				$user_exists_cache[$recordId] = $exists;
			}
		}
		
		return $exists;
	}
	
	public function getNameFields(){
		global $adb;
		
		$data = getEntityFieldNames(getTabModuleName($this->getEffectiveTabId()));
		$fieldNames = '';
		if ($data) {
			$fieldNames = $data['fieldname'];
			if (is_array($fieldNames)) {
				$fieldNames = implode(',', $fieldNames);
			}
		}
		return $fieldNames;
	}
	
	public function getName($webserviceId){
		
		$idComponents = vtws_getIdComponents($webserviceId);
		$id=$idComponents[1];
		
		$nameList = getEntityName($this->getTabName(),array($id));
		return $nameList[$id];
	}
	
	public function getEntityAccessControlQuery(){
		$accessControlQuery = '';
		$instance = vtws_getModuleInstance($this->webserviceObject);
		if($this->getTabName() != 'Users') {
			$accessControlQuery = $instance->getNonAdminAccessControlQuery($this->getTabName(),
					$this->user);
		}
		return $accessControlQuery;
	}

	public function getJoinClause($tableName) {
		$instance = vtws_getModuleInstance($this->webserviceObject);
		return $instance->getJoinClause($tableName);
	}
	
	public function isModuleEntity() {
		return true;
	}

		if (is_null($this->allowDuplicates) || $this->allowDuplicates === null) {
			$this->allowDuplicates = vtws_isDuplicatesAllowed($this->webserviceObject);
		}
		return $this->allowDuplicates;
	}

Prasad's avatar
Prasad committed
}