2 if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
3 /*********************************************************************************
4 * SugarCRM Community Edition is a customer relationship management program developed by
5 * SugarCRM, Inc. Copyright (C) 2004-2011 SugarCRM Inc.
7 * This program is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU Affero General Public License version 3 as published by the
9 * Free Software Foundation with the addition of the following permission added
10 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
11 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
12 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
14 * This program is distributed in the hope that it will be useful, but WITHOUT
15 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
16 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
19 * You should have received a copy of the GNU Affero General Public License along with
20 * this program; if not, see http://www.gnu.org/licenses or write to the Free
21 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
24 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
25 * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
27 * The interactive user interfaces in modified source and object code versions
28 * of this program must display Appropriate Legal Notices, as required under
29 * Section 5 of the GNU Affero General Public License version 3.
31 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
32 * these Appropriate Legal Notices must retain the display of the "Powered by
33 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
34 * technical reasons, the Appropriate Legal Notices must display the words
35 * "Powered by SugarCRM".
36 ********************************************************************************/
38 $portal_modules = array('Contacts', 'Accounts', 'Notes');
39 $portal_modules[] = 'Cases';
40 $portal_modules[] = 'Bugs';
51 function get_bugs_in_contacts($in, $orderBy = '', $where='')
53 //bail if the in is empty
54 if(empty($in) || $in =='()' || $in =="('')")return;
55 // First, get the list of IDs.
57 $query = "SELECT bug_id as id from contacts_bugs where contact_id IN $in AND deleted=0";
59 $query .= ' ORDER BY ' . $orderBy;
62 $sugar = new Contact();
63 set_module_in($sugar->build_related_in($query), 'Bugs');
66 function get_bugs_in_accounts($in, $orderBy = '', $where='')
68 //bail if the in is empty
69 if(empty($in) || $in =='()' || $in =="('')")return;
70 // First, get the list of IDs.
72 $query = "SELECT bug_id as id from accounts_bugs where account_id IN $in AND deleted=0";
74 $query .= ' ORDER BY ' . $orderBy;
77 $sugar = new Account();
79 set_module_in($sugar->build_related_in($query), 'Bugs');
86 function get_cases_in_contacts($in, $orderBy = '')
88 //bail if the in is empty
89 if(empty($in) || $in =='()' || $in =="('')")return;
90 // First, get the list of IDs.
92 $query = "SELECT case_id as id from contacts_cases where contact_id IN $in AND deleted=0";
94 $query .= ' ORDER BY ' . $orderBy;
97 $sugar = new Contact();
98 set_module_in($sugar->build_related_in($query), 'Cases');
101 function get_cases_in_accounts($in, $orderBy = '')
103 if(empty($_SESSION['viewable']['Accounts'])){
106 //bail if the in is empty
107 if(empty($in) || $in =='()' || $in =="('')")return;
108 // First, get the list of IDs.
109 $query = "SELECT id from cases where account_id IN $in AND deleted=0";
110 if(!empty($orderBy)){
111 $query .= ' ORDER BY ' . $orderBy;
114 $sugar = new Account();
115 set_module_in($sugar->build_related_in($query), 'Cases');
125 function get_notes_in_contacts($in, $orderBy = '')
127 //bail if the in is empty
128 if(empty($in) || $in =='()' || $in =="('')")return;
129 // First, get the list of IDs.
130 $query = "SELECT id from notes where contact_id IN $in AND deleted=0 AND portal_flag=1";
131 if(!empty($orderBy)){
132 $query .= ' ORDER BY ' . $orderBy;
135 $contact = new Contact();
137 return $contact->build_related_list($query, $note);
140 function get_notes_in_module($in, $module, $orderBy = '')
142 //bail if the in is empty
143 if(empty($in) || $in =='()' || $in =="('')")return;
144 // First, get the list of IDs.
145 $query = "SELECT id from notes where parent_id IN $in AND parent_type='$module' AND deleted=0 AND portal_flag = 1";
146 if(!empty($orderBy)){
147 $query .= ' ORDER BY ' . $orderBy;
149 global $beanList, $beanFiles;
151 if(!empty($beanList[$module])){
152 $class_name = $beanList[$module];
153 require_once($beanFiles[$class_name]);
154 $sugar = new $class_name();
160 return $sugar->build_related_list($query, $note);
163 function get_related_in_module($in, $module, $rel_module, $orderBy = '', $row_offset = 0, $limit= -1)
165 global $beanList, $beanFiles;
166 if(!empty($beanList[$rel_module])){
167 $class_name = $beanList[$rel_module];
168 require_once($beanFiles[$class_name]);
169 $rel = new $class_name();
174 //bail if the in is empty
175 if(empty($in) || $in =='()' || $in =="('')")return;
177 // First, get the list of IDs.
178 if ($module == 'KBDocuments' || $module == 'DocumentRevisions') {
179 $query = "SELECT dr.* from document_revisions dr
180 inner join kbdocument_revisions kr on kr.document_revision_id = dr.id AND kr.kbdocument_id IN ($in)
181 AND dr.file_mime_type is not null";
183 $query = "SELECT id from $rel->table_name where parent_id IN $in AND parent_type='$module' AND deleted=0 AND portal_flag = 1";
186 if(!empty($orderBy)){
187 $query .= ' ORDER BY ' . $orderBy;
190 if(!empty($beanList[$module])){
191 $class_name = $beanList[$module];
192 require_once($beanFiles[$class_name]);
193 $sugar = new $class_name();
199 $count_query = $sugar->create_list_count_query($query);
200 if(!empty($count_query))
202 // We have a count query. Run it and get the results.
203 $result = $sugar->db->query($count_query, true, "Error running count query for $sugar->object_name List: ");
204 $assoc = $sugar->db->fetchByAssoc($result);
205 if(!empty($assoc['c']))
207 $rows_found = $assoc['c'];
210 $list = $sugar->build_related_list($query, $rel, $row_offset, $limit);
211 $list['result_count'] = $rows_found;
215 function get_accounts_from_contact($contact_id, $orderBy = '')
217 // First, get the list of IDs.
218 $query = "SELECT account_id as id from accounts_contacts where contact_id='$contact_id' AND deleted=0";
219 if(!empty($orderBy)){
220 $query .= ' ORDER BY ' . $orderBy;
222 $sugar = new Contact();
223 set_module_in($sugar->build_related_in($query), 'Accounts');
226 function get_contacts_from_account($account_id, $orderBy = '')
228 // First, get the list of IDs.
229 $query = "SELECT contact_id as id from accounts_contacts where account_id='$account_id' AND deleted=0";
230 if(!empty($orderBy)){
231 $query .= ' ORDER BY ' . $orderBy;
233 $sugar = new Account();
234 set_module_in($sugar->build_related_in($query), 'Contacts');
237 function get_related_list($in, $template, $where, $order_by, $row_offset = 0, $limit = ""){
240 //if $in is empty then pass in a query to get the list of related list
241 if(empty($in) || $in =='()' || $in =="('')"){
243 //build the query to pass into the template list function
244 $q = 'select id from '.$template->table_name.' where deleted = 0 ';
245 //add where statement if it is not empty
247 $q .= ' and '.$where;
251 return $template->build_related_list_where($q, $template, $where, $in, $order_by, $limit, $row_offset);
255 function build_relationship_tree($contact){
256 global $sugar_config;
257 $contact->retrieve($contact->id);
259 get_accounts_from_contact($contact->id);
261 set_module_in(array('list'=>array($contact->id), 'in'=> "('$contact->id')"), 'Contacts');
263 $accounts = $_SESSION['viewable']['Accounts'];
264 foreach($accounts as $id){
265 if(!isset($sugar_config['portal_view']) || $sugar_config['portal_view'] != 'single_user'){
266 get_contacts_from_account($id);
271 function get_contacts_in(){
272 return $_SESSION['viewable']['contacts_in'];
275 function get_accounts_in(){
276 return $_SESSION['viewable']['accounts_in'];
279 function get_module_in($module_name){
280 if(!isset($_SESSION['viewable'][$module_name])){
284 $mod_in = "('" . join("','", array_keys($_SESSION['viewable'][$module_name])) . "')";
285 $_SESSION['viewable'][strtolower($module_name).'_in'] = $mod_in;
290 function set_module_in($arrayList, $module_name){
292 if(!isset($_SESSION['viewable'][$module_name])){
293 $_SESSION['viewable'][$module_name] = array();
295 foreach($arrayList['list'] as $id){
296 $_SESSION['viewable'][$module_name][$id] = $id;
298 if($module_name == 'Accounts' && isset($id)){
299 $_SESSION['account_id'] = $id;
302 if(!empty($_SESSION['viewable'][strtolower($module_name).'_in'])){
303 if($arrayList['in'] != '()') {
304 $_SESSION['viewable'][strtolower($module_name).'_in'] = "('" . implode("', '", $_SESSION['viewable'][strtolower($module_name).'_in']);
305 $_SESSION['viewable'][strtolower($module_name).'_in'] .= implode("', '", $arrayList['list']) . "')";
308 $_SESSION['viewable'][strtolower($module_name).'_in'] = $arrayList['in'];
313 * Given the user auth, attempt to log the user in.
314 * used by SoapPortalUsers.php
316 function login_user($portal_auth){
317 $error = new SoapError();
319 $user = $user->retrieve_by_string_fields(array('user_name'=>$portal_auth['user_name'],'user_hash'=>$portal_auth['password'], 'deleted'=>0, 'status'=>'Active', 'portal_only'=>1) );
322 global $current_user;
323 $current_user = $user;
326 $GLOBALS['log']->fatal('SECURITY: User authentication for '. $portal_auth['user_name']. ' failed');
332 function portal_get_entry_list_limited($session, $module_name,$where, $order_by, $select_fields, $row_offset, $limit){
333 global $beanList, $beanFiles, $portal_modules;
334 $error = new SoapError();
335 if(! portal_validate_authenticated($session)){
336 $error->set_error('invalid_session');
337 return array('result_count'=>-1, 'entry_list'=>array(), 'error'=>$error->get_soap_array());
339 if($_SESSION['type'] == 'lead' ){
340 $error->set_error('no_access');
341 return array('result_count'=>-1, 'entry_list'=>array(), 'error'=>$error->get_soap_array());
343 if(empty($beanList[$module_name])){
344 $error->set_error('no_module');
345 return array('result_count'=>-1, 'entry_list'=>array(), 'error'=>$error->get_soap_array());
347 if($module_name == 'Cases'){
349 //if the related cases have not yet been loaded into the session object,
350 //then call the methods that will load the cases related to the contact/accounts for this user
351 if(!isset($_SESSION['viewable'][$module_name])){
352 //retrieve the contact/account id's for this user
353 $c =get_contacts_in();
354 $a = get_accounts_in();
355 if(!empty($c)) {get_cases_in_contacts($c);}
356 if(!empty($a)) { get_cases_in_accounts($a);}
359 $sugar = new aCase();
362 //if no Cases have been loaded into the session as viewable, then do not issue query, just return empty list
363 //issuing a query with no cases loaded in session will return ALL the Cases, which is not a good thing
364 if(!empty($_SESSION['viewable'][$module_name])){
365 $list = get_related_list(get_module_in($module_name), new aCase(), $where,$order_by, $row_offset, $limit);
368 }else if($module_name == 'Contacts'){
369 $sugar = new Contact();
370 $list = get_related_list(get_module_in($module_name), new Contact(), $where,$order_by);
371 }else if($module_name == 'Accounts'){
372 $sugar = new Account();
373 $list = get_related_list(get_module_in($module_name), new Account(), $where,$order_by);
374 }else if($module_name == 'Bugs'){
376 //if the related bugs have not yet been loaded into the session object,
377 //then call the methods that will load the bugs related to the contact/accounts for this user
378 if(!isset($_SESSION['viewable'][$module_name])){
379 //retrieve the contact/account id's for this user
380 $c =get_contacts_in();
381 $a = get_accounts_in();
382 if(!empty($c)) {get_bugs_in_contacts($c);}
383 if(!empty($a)) {get_bugs_in_accounts($a);}
387 //if no Bugs have been loaded into the session as viewable, then do not issue query, just return empty list
388 //issuing a query with no bugs loaded in session will return ALL the Bugs, which is not a good thing
389 if(!empty($_SESSION['viewable'][$module_name])){
390 $list = get_related_list(get_module_in($module_name), new Bug(), $where, $order_by, $row_offset, $limit);
392 } else if ($module_name == 'KBDocuments') {
393 } else if ($module_name == 'FAQ') {
395 $error->set_error('no_module_support');
396 return array('result_count'=>-1, 'entry_list'=>array(), 'error'=>$error->get_soap_array());
400 $output_list = Array();
401 $field_list = array();
402 foreach($list as $value)
405 //$loga->fatal("Adding another account to the list");
406 $output_list[] = get_return_value($value, $module_name);
407 $_SESSION['viewable'][$module_name][$value->id] = $value->id;
408 if(empty($field_list)){
409 $field_list = get_field_list($value);
412 $output_list = filter_return_list($output_list, $select_fields, $module_name);
413 $field_list = filter_field_list($field_list,$select_fields, $module_name);
415 return array('result_count'=>sizeof($output_list), 'next_offset'=>0,'field_list'=>$field_list, 'entry_list'=>$output_list, 'error'=>$error->get_soap_array());
418 $invalid_contact_fields = array('portal_name'=>1, 'portal_password'=>1, 'portal_active'=>1);
419 $valid_modules_for_contact = array('Contacts'=>1, 'Cases'=>1, 'Notes'=>1, 'Bugs'=>1, 'Accounts'=>1, 'Leads'=>1, 'KBDocuments'=>1);