getPermissionObject()->Check( 'permission', 'enabled' ) || !( $this->getPermissionObject()->Check( 'permission', 'view' ) || $this->getPermissionObject()->Check( 'permission', 'view_own' ) || $this->getPermissionObject()->Check( 'permission', 'view_child' ) ) ) ) { $name = 'list_columns'; } return parent::getOptions( $name, $parent ); } /** * Get default PermissionControl data for creating new PermissionControles. * @return array */ function getPermissionControlDefaultData() { $company_obj = $this->getCurrentCompanyObject(); Debug::Text( 'Getting PermissionControl default data...', __FILE__, __LINE__, __METHOD__, 10 ); $data = [ 'company_id' => $company_obj->getId(), ]; return $this->returnHandler( $data ); } /** * Get all available permissions that can be used. * @return array */ function getPermissionOptions() { Debug::Text( 'Getting Permission Options...', __FILE__, __LINE__, __METHOD__, 10 ); $product_edition = $this->getCurrentCompanyObject()->getProductEdition(); $retval = []; $pf = TTnew( 'PermissionFactory' ); /** @var PermissionFactory $pf */ $sections = $pf->getOptions( 'section' ); $names = $pf->getOptions( 'name' ); //No point in sorting on the server, as we have to add sort prefixes and Flex has to sort them again anyways. if ( is_array( $names ) ) { foreach ( $names as $section => $permission_arr ) { if ( ( $pf->isIgnore( $section, null, $product_edition ) == false ) ) { foreach ( $permission_arr as $name => $display_name ) { if ( $pf->isIgnore( $section, $name, $product_edition ) == false ) { if ( isset( $sections[$section] ) ) { $full_display_name = $sections[$section] . ' -> ' . $display_name; $retval[$section][$name] = $full_display_name; } } } } } } return $retval; } /** * Get PermissionControl data for one or more PermissionControls. * @param array $data filter data * @param bool $disable_paging * @return array */ function getPermissionControl( $data = null, $disable_paging = false ) { $data = $this->initializeFilterAndPager( $data, $disable_paging ); if ( !$this->getPermissionObject()->Check( 'permission', 'enabled' ) || !( $this->getPermissionObject()->Check( 'permission', 'view' ) || $this->getPermissionObject()->Check( 'permission', 'view_own' ) || $this->getPermissionObject()->Check( 'permission', 'view_child' ) ) ) { //Rather then permission denied, restrict to just 'list_view' columns. //return $this->getPermissionObject()->PermissionDenied(); $data['filter_columns'] = $this->handlePermissionFilterColumns( ( isset( $data['filter_columns'] ) ) ? $data['filter_columns'] : null, Misc::trimSortPrefix( $this->getOptions( 'list_columns' ) ) ); } $data['filter_data']['permission_children_ids'] = $this->getPermissionObject()->getPermissionChildren( 'permission', 'view' ); $data['filter_data']['level'] = $this->getPermissionObject()->getLevel(); //Make sure we only display permissions below the current users level. Debug::Text( 'Using Permission Level <= ' . $data['filter_data']['level'], __FILE__, __LINE__, __METHOD__, 10 ); //When creating new companies, we need to be able to get the permission groups before we can login as that company, //So allow a different company_id to be specified in those cases. if ( $this->getPermissionObject()->Check( 'company', 'view' ) == false ) { if ( $this->getPermissionObject()->Check( 'company', 'view_child' ) ) { $data['filter_data']['company_id'] = $this->getCurrentCompanyObject()->getId(); } if ( $this->getPermissionObject()->Check( 'company', 'view_own' ) ) { $data['filter_data']['company_id'] = $this->getCurrentCompanyObject()->getId(); } } if ( !isset( $data['filter_data']['company_id'] ) ) { $data['filter_data']['company_id'] = $this->getCurrentCompanyObject()->getId(); } $utlf = TTnew( 'PermissionControlListFactory' ); /** @var PermissionControlListFactory $utlf */ $utlf->getAPISearchByCompanyIdAndArrayCriteria( $data['filter_data']['company_id'], $data['filter_data'], $data['filter_items_per_page'], $data['filter_page'], null, $data['filter_sort'] ); Debug::Text( 'Record Count: ' . $utlf->getRecordCount(), __FILE__, __LINE__, __METHOD__, 10 ); if ( $utlf->getRecordCount() > 0 ) { $this->setPagerObject( $utlf ); $retarr = []; foreach ( $utlf as $ut_obj ) { $retarr[] = $ut_obj->getObjectAsArray( $data['filter_columns'] ); } return $this->returnHandler( $retarr ); } return $this->returnHandler( true ); //No records returned. } /** * Export data to csv * @param string $format file format (csv) * @param array $data filter data * @param bool $disable_paging * @return array */ function exportPermissionControl( $format = 'csv', $data = null, $disable_paging = true ) { $result = $this->stripReturnHandler( $this->getPermissionControl( $data, $disable_paging ) ); return $this->exportRecords( $format, 'export_permission', $result, ( ( isset( $data['filter_columns'] ) ) ? $data['filter_columns'] : null ) ); } /** * Get only the fields that are common across all records in the search criteria. Used for Mass Editing of records. * @param array $data filter data * @return array */ function getCommonPermissionControlData( $data ) { return Misc::arrayIntersectByRow( $this->stripReturnHandler( $this->getPermissionControl( $data, true ) ) ); } /** * Validate PermissionControl data for one or more PermissionControles. * @param array $data PermissionControl data * @return array */ function validatePermissionControl( $data ) { return $this->setPermissionControl( $data, true ); } /** * Set PermissionControl data for one or more PermissionControles. * @param array $data PermissionControl data * @param bool $validate_only * @param bool $ignore_warning * @return array|bool */ function setPermissionControl( $data, $validate_only = false, $ignore_warning = true ) { $validate_only = (bool)$validate_only; $ignore_warning = (bool)$ignore_warning; if ( !is_array( $data ) ) { return $this->returnHandler( false ); } if ( $this->getPermissionObject()->checkAuthenticationType( 700 ) == false ) { //700=HTTP Auth with username/password return $this->getPermissionObject()->AuthenticationTypeDenied(); } if ( !$this->getPermissionObject()->Check( 'permission', 'enabled' ) || !( $this->getPermissionObject()->Check( 'permission', 'edit' ) || $this->getPermissionObject()->Check( 'permission', 'edit_own' ) || $this->getPermissionObject()->Check( 'permission', 'edit_child' ) || $this->getPermissionObject()->Check( 'permission', 'add' ) ) ) { return $this->getPermissionObject()->PermissionDenied(); } if ( $validate_only == true ) { Debug::Text( 'Validating Only!', __FILE__, __LINE__, __METHOD__, 10 ); } [ $data, $total_records ] = $this->convertToMultipleRecords( $data ); Debug::Text( 'Received data for: ' . $total_records . ' PermissionControls', __FILE__, __LINE__, __METHOD__, 10 ); Debug::Arr( $data, 'Data: ', __FILE__, __LINE__, __METHOD__, 10 ); $validator_stats = [ 'total_records' => $total_records, 'valid_records' => 0 ]; $validator = $save_result = []; $key = false; if ( is_array( $data ) && $total_records > 0 ) { foreach ( $data as $key => $row ) { $primary_validator = new Validator(); $lf = TTnew( 'PermissionControlListFactory' ); /** @var PermissionControlListFactory $lf */ $lf->StartTransaction(); if ( isset( $row['id'] ) && $row['id'] != '' ) { //Modifying existing object. //Get PermissionControl object, so we can only modify just changed data for specific records if needed. $lf->getByIdAndCompanyId( $row['id'], $this->getCurrentCompanyObject()->getId() ); if ( $lf->getRecordCount() == 1 ) { //Object exists, check edit permissions if ( $validate_only == true || ( $this->getPermissionObject()->Check( 'permission', 'edit' ) || ( $this->getPermissionObject()->Check( 'permission', 'edit_own' ) && $this->getPermissionObject()->isOwner( $lf->getCurrent()->getCreatedBy(), $lf->getCurrent()->getID() ) === true ) ) ) { Debug::Text( 'Row Exists, getting current data for ID: ' . $row['id'], __FILE__, __LINE__, __METHOD__, 10 ); $lf = $lf->getCurrent(); $row = array_merge( $lf->getObjectAsArray(), $row ); } else { $primary_validator->isTrue( 'permission', false, TTi18n::gettext( 'Edit permission denied' ) ); } } else { //Object doesn't exist. $primary_validator->isTrue( 'id', false, TTi18n::gettext( 'Edit permission denied, record does not exist' ) ); } } else { //Adding new object, check ADD permissions. $primary_validator->isTrue( 'permission', $this->getPermissionObject()->Check( 'permission', 'add' ), TTi18n::gettext( 'Add permission denied' ) ); //Because this class has sub-classes that depend on it, when adding a new record we need to make sure the ID is set first, //so the sub-classes can depend on it. We also need to call Save( TRUE, TRUE ) to force a lookup on isNew() $row['id'] = $lf->getNextInsertId(); } Debug::Arr( $row, 'Data: ', __FILE__, __LINE__, __METHOD__, 10 ); if ( $validate_only == true ) { $lf->Validator->setValidateOnly( $validate_only ); } $is_valid = $primary_validator->isValid(); if ( $is_valid == true ) { //Check to see if all permission checks passed before trying to save data. Debug::Text( 'Setting object data...', __FILE__, __LINE__, __METHOD__, 10 ); //Force Company ID to current company. $row['company_id'] = $this->getCurrentCompanyObject()->getId(); $lf->setObjectFromArray( $row ); $is_valid = $lf->isValid( $ignore_warning ); if ( $is_valid == true ) { Debug::Text( 'Saving data...', __FILE__, __LINE__, __METHOD__, 10 ); if ( $validate_only == true ) { $save_result[$key] = true; } else { $save_result[$key] = $lf->Save( true, true ); } $validator_stats['valid_records']++; } } if ( $is_valid == false ) { Debug::Text( 'Data is Invalid...', __FILE__, __LINE__, __METHOD__, 10 ); $lf->FailTransaction(); //Just rollback this single record, continue on to the rest. $validator[$key] = $this->setValidationArray( [ $primary_validator, $lf ] ); } else if ( $validate_only == true ) { $lf->FailTransaction(); } $lf->CommitTransaction(); } return $this->handleRecordValidationResults( $validator, $validator_stats, $key, $save_result ); } return $this->returnHandler( false ); } /** * Delete one or more PermissionControls. * @param array $data PermissionControl data * @return array|bool */ function deletePermissionControl( $data ) { if ( !is_array( $data ) ) { $data = [ $data ]; } if ( !is_array( $data ) ) { return $this->returnHandler( false ); } if ( !$this->getPermissionObject()->Check( 'permission', 'enabled' ) || !( $this->getPermissionObject()->Check( 'permission', 'delete' ) || $this->getPermissionObject()->Check( 'permission', 'delete_own' ) || $this->getPermissionObject()->Check( 'permission', 'delete_child' ) ) ) { return $this->getPermissionObject()->PermissionDenied(); } Debug::Text( 'Received data for: ' . count( $data ) . ' PermissionControls', __FILE__, __LINE__, __METHOD__, 10 ); Debug::Arr( $data, 'Data: ', __FILE__, __LINE__, __METHOD__, 10 ); $total_records = count( $data ); $validator = $save_result = []; $key = false; $validator_stats = [ 'total_records' => $total_records, 'valid_records' => 0 ]; if ( is_array( $data ) && $total_records > 0 ) { foreach ( $data as $key => $id ) { $primary_validator = new Validator(); $lf = TTnew( 'PermissionControlListFactory' ); /** @var PermissionControlListFactory $lf */ $lf->StartTransaction(); if ( $id != '' ) { //Modifying existing object. //Get PermissionControl object, so we can only modify just changed data for specific records if needed. $lf->getByIdAndCompanyId( $id, $this->getCurrentCompanyObject()->getId() ); if ( $lf->getRecordCount() == 1 ) { //Object exists, check edit permissions if ( $this->getPermissionObject()->Check( 'permission', 'delete' ) || ( $this->getPermissionObject()->Check( 'permission', 'delete_own' ) && $this->getPermissionObject()->isOwner( $lf->getCurrent()->getCreatedBy(), $lf->getCurrent()->getID() ) === true ) ) { Debug::Text( 'Record Exists, deleting record ID: ' . $id, __FILE__, __LINE__, __METHOD__, 10 ); $lf = $lf->getCurrent(); } else { $primary_validator->isTrue( 'permission', false, TTi18n::gettext( 'Delete permission denied' ) ); } } else { //Object doesn't exist. $primary_validator->isTrue( 'id', false, TTi18n::gettext( 'Delete permission denied, record does not exist' ) ); } } else { $primary_validator->isTrue( 'id', false, TTi18n::gettext( 'Delete permission denied, record does not exist' ) ); } //Debug::Arr($lf, 'AData: ', __FILE__, __LINE__, __METHOD__, 10); $is_valid = $primary_validator->isValid(); if ( $is_valid == true ) { //Check to see if all permission checks passed before trying to save data. Debug::Text( 'Attempting to delete record...', __FILE__, __LINE__, __METHOD__, 10 ); $lf->setDeleted( true ); $is_valid = $lf->isValid(); if ( $is_valid == true ) { Debug::Text( 'Record Deleted...', __FILE__, __LINE__, __METHOD__, 10 ); $save_result[$key] = $lf->Save(); $validator_stats['valid_records']++; } } if ( $is_valid == false ) { Debug::Text( 'Data is Invalid...', __FILE__, __LINE__, __METHOD__, 10 ); $lf->FailTransaction(); //Just rollback this single record, continue on to the rest. $validator[$key] = $this->setValidationArray( [ $primary_validator, $lf ] ); } $lf->CommitTransaction(); } return $this->handleRecordValidationResults( $validator, $validator_stats, $key, $save_result ); } return $this->returnHandler( false ); } /** * Copy one or more PermissionControles. * @param array $data PermissionControl IDs * @return array */ function copyPermissionControl( $data ) { if ( !is_array( $data ) ) { $data = [ $data ]; } if ( !is_array( $data ) ) { return $this->returnHandler( false ); } Debug::Text( 'Received data for: ' . count( $data ) . ' PermissionControls', __FILE__, __LINE__, __METHOD__, 10 ); Debug::Arr( $data, 'Data: ', __FILE__, __LINE__, __METHOD__, 10 ); $src_rows = $this->stripReturnHandler( $this->getPermissionControl( [ 'filter_data' => [ 'id' => $data ] ], true ) ); if ( is_array( $src_rows ) && count( $src_rows ) > 0 ) { Debug::Arr( $src_rows, 'SRC Rows: ', __FILE__, __LINE__, __METHOD__, 10 ); foreach ( $src_rows as $key => $row ) { unset( $src_rows[$key]['id'], $src_rows[$key]['user'] ); //Clear fields that can't be copied, don't copy users either. $src_rows[$key]['name'] = Misc::generateCopyName( $row['name'] ); //Generate unique name } //Debug::Arr($src_rows, 'bSRC Rows: ', __FILE__, __LINE__, __METHOD__, 10); return $this->setPermissionControl( $src_rows ); //Save copied rows } return $this->returnHandler( false ); } } ?>