2 /*********************************************************************************
3 * SugarCRM Community Edition is a customer relationship management program developed by
4 * SugarCRM, Inc. Copyright (C) 2004-2011 SugarCRM Inc.
6 * This program is free software; you can redistribute it and/or modify it under
7 * the terms of the GNU Affero General Public License version 3 as published by the
8 * Free Software Foundation with the addition of the following permission added
9 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
11 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
18 * You should have received a copy of the GNU Affero General Public License along with
19 * this program; if not, see http://www.gnu.org/licenses or write to the Free
20 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
24 * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
26 * The interactive user interfaces in modified source and object code versions
27 * of this program must display Appropriate Legal Notices, as required under
28 * Section 5 of the GNU Affero General Public License version 3.
30 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31 * these Appropriate Legal Notices must retain the display of the "Powered by
32 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
33 * technical reasons, the Appropriate Legal Notices must display the words
34 * "Powered by SugarCRM".
35 ********************************************************************************/
37 require_once('include/MVC/View/SugarView.php');
40 class SugarController{
42 * remap actions in here
43 * e.g. make all detail views go to edit views
44 * $action_remap = array('detailview'=>'editview');
46 protected $action_remap = array('index'=>'listview');
48 * The name of the current module.
50 public $module = 'Home';
52 * The name of the target module.
54 public $target_module = null;
56 * The name of the current action.
58 public $action = 'index';
60 * The id of the current record.
64 * The name of the return module.
66 public $return_module = null;
68 * The name of the return action.
70 public $return_action = null;
72 * The id of the return record.
74 public $return_id = null;
76 * If the action was remapped it will be set to do_action and then we will just
77 * use do_action for the actual action to perform.
79 protected $do_action = 'index';
81 * If a bean is present that set it.
87 public $redirect_url = '';
89 * any subcontroller can modify this to change the view
91 public $view = 'classic';
93 * this array will hold the mappings between a key and an object for use within the view.
95 public $view_object_map = array();
98 * This array holds the methods that handleAction() will invoke, in sequence.
100 protected $tasks = array(
106 * List of options to run through within the process() method.
107 * This list is meant to easily allow additions for new functionality as well as
108 * the ability to add a controller's own handling.
110 public $process_tasks = array(
119 * Whether or not the action has been handled by $process_tasks
123 protected $_processed = false;
125 * Map an action directly to a file
128 * Map an action directly to a file. This will be loaded from action_file_map.php
130 protected $action_file_map = array();
132 * Map an action directly to a view
135 * Map an action directly to a view. This will be loaded from action_view_map.php
137 protected $action_view_map = array();
140 * This can be set from the application to tell us whether we have authorization to
141 * process the action. If this is set we will default to the noaccess view.
143 public $hasAccess = true;
146 * Map case sensitive filenames to action. This is used for linux/unix systems
147 * where filenames are case sensitive
149 public static $action_case_file = array(
150 'editview'=>'EditView',
151 'detailview'=>'DetailView',
152 'listview'=>'ListView'
156 * Constructor. This ie meant tot load up the module, action, record as well
157 * as the mapping arrays.
159 function SugarController(){
163 * Called from SugarApplication and is meant to perform the setup operations
167 public function setup($module = ''){
168 if(empty($module) && !empty($_REQUEST['module']))
169 $module = $_REQUEST['module'];
172 $this->setModule($module);
174 if(!empty($_REQUEST['target_module']) && $_REQUEST['target_module'] != 'undefined') {
175 $this->target_module = $_REQUEST['target_module'];
177 //set properties on the controller from the $_REQUEST
178 $this->loadPropertiesFromRequest();
179 //load the mapping files
180 $this->loadMappings();
183 * Set the module on the Controller
185 * @param object $module
187 public function setModule($module){
188 $this->module = $module;
192 * Set properties on the Controller from the $_REQUEST
195 private function loadPropertiesFromRequest(){
196 if(!empty($_REQUEST['action']))
197 $this->action = $_REQUEST['action'];
198 if(!empty($_REQUEST['record']))
199 $this->record = $_REQUEST['record'];
200 if(!empty($_REQUEST['view']))
201 $this->view = $_REQUEST['view'];
202 if(!empty($_REQUEST['return_module']))
203 $this->return_module = $_REQUEST['return_module'];
204 if(!empty($_REQUEST['return_action']))
205 $this->return_action = $_REQUEST['return_action'];
206 if(!empty($_REQUEST['return_id']))
207 $this->return_id = $_REQUEST['return_id'];
211 * Load map files for use within the Controller
214 private function loadMappings(){
215 $this->loadMapping('action_view_map');
216 $this->loadMapping('action_file_map');
217 $this->loadMapping('action_remap', true);
221 * Given a record id load the bean. This bean is accessible from any sub controllers.
223 public function loadBean()
225 if(!empty($GLOBALS['beanList'][$this->module])){
226 $class = $GLOBALS['beanList'][$this->module];
227 if(!empty($GLOBALS['beanFiles'][$class])){
228 require_once($GLOBALS['beanFiles'][$class]);
229 $this->bean = new $class();
230 if(!empty($this->record)){
231 $this->bean->retrieve($this->record);
233 $GLOBALS['FOCUS'] = $this->bean;
240 * Generic load method to load mapping arrays.
242 private function loadMapping($var, $merge = false){
243 $$var = sugar_cache_retrieve("CONTROLLER_". $var . "_".$this->module);
245 if($merge && !empty($this->$var)){
250 if(file_exists('include/MVC/Controller/'. $var . '.php')){
251 require('include/MVC/Controller/'. $var . '.php');
253 if(file_exists('modules/'.$this->module.'/'. $var . '.php')){
254 require('modules/'.$this->module.'/'. $var . '.php');
256 if(file_exists('custom/modules/'.$this->module.'/'. $var . '.php')){
257 require('custom/modules/'.$this->module.'/'. $var . '.php');
259 if(file_exists('custom/include/MVC/Controller/'. $var . '.php')){
260 require('custom/include/MVC/Controller/'. $var . '.php');
263 // entry_point_registry -> EntryPointRegistry
265 $varname = str_replace(" ","",ucwords(str_replace("_"," ", $var)));
266 if(file_exists("custom/application/Ext/$varname/$var.ext.php")){
267 require("custom/application/Ext/$varname/$var.ext.php");
269 if(file_exists("custom/modules/{$this->module}/Ext/$varname/$var.ext.php")){
270 require("custom/modules/{$this->module}/Ext/$varname/$var.ext.php");
273 sugar_cache_put("CONTROLLER_". $var . "_".$this->module, $$var);
279 * This method is called from SugarApplication->execute and it will bootstrap the entire controller process
281 final public function execute(){
283 if(!empty($this->view)){
284 $this->processView();
285 }elseif(!empty($this->redirect_url)){
291 * Display the appropriate view.
293 private function processView(){
294 $view = ViewFactory::loadView($this->view, $this->module, $this->bean, $this->view_object_map, $this->target_module);
295 $GLOBALS['current_view'] = $view;
296 if(!empty($this->bean) && !$this->bean->ACLAccess($view->type) && $view->type != 'list'){
297 ACLController::displayNoAccess(true);
300 if(isset($this->errors)){
301 $view->errors = $this->errors;
307 * Meant to be overridden by a subclass and allows for specific functionality to be
308 * injected prior to the process() method being called.
310 public function preProcess()
314 * if we have a function to support the action use it otherwise use the default action
317 * 2) check for action
319 public function process(){
320 $GLOBALS['action'] = $this->action;
321 $GLOBALS['module'] = $this->module;
323 //check to ensure we have access to the module.
324 if($this->hasAccess){
325 $this->do_action = $this->action;
327 $file = self::getActionFilename($this->do_action);
332 foreach($this->process_tasks as $process){
334 if($this->_processed)
345 * This method is called from the process method. I could also be called within an action_* method.
346 * It allows a developer to override any one of these methods contained within,
347 * or if the developer so chooses they can override the entire action_* method.
349 * @return true if any one of the pre_, do_, or post_ methods have been defined,
350 * false otherwise. This is important b/c if none of these methods exists, then we will run the
351 * action_default() method.
353 protected function handle_action(){
355 foreach($this->tasks as $task){
356 $processed = ($this->$task() || $processed);
358 $this->_processed = $processed;
362 * Perform an action prior to the specified action.
363 * This can be overridde in a sub-class
365 private function pre_action(){
366 $function = 'pre_' . $this->action;
367 if($this->hasFunction($function)){
368 $GLOBALS['log']->debug('Performing pre_action');
376 * Perform the specified action.
377 * This can be overridde in a sub-class
379 private function do_action(){
380 $function = 'action_'. strtolower($this->do_action);
381 if($this->hasFunction($function)){
382 $GLOBALS['log']->debug('Performing action: '.$function.' MODULE: '.$this->module);
390 * Perform an action after to the specified action has occurred.
391 * This can be overridde in a sub-class
393 private function post_action(){
394 $function = 'post_' . $this->action;
395 if($this->hasFunction($function)){
396 $GLOBALS['log']->debug('Performing post_action');
404 * If there is no action found then display an error to the user.
406 protected function no_action(){
407 sugar_die($GLOBALS['app_strings']['LBL_NO_ACTION']);
411 * The default action handler for instances where we do not have access to process.
413 protected function no_access(){
414 $this->view = 'noaccess';
417 ///////////////////////////////////////////////
418 /////// HELPER FUNCTIONS
419 ///////////////////////////////////////////////
422 * Determine if a given function exists on the objects
423 * @param function - the function to check
424 * @return true if the method exists on the object, false otherwise
426 protected function hasFunction($function){
427 return method_exists($this, $function);
432 * Set the url to which we will want to redirect
434 * @param string url - the url to which we will want to redirect
436 protected function set_redirect($url){
437 $this->redirect_url = $url;
441 * Perform redirection based on the redirect_url
444 protected function redirect(){
446 if(!empty($this->redirect_url))
447 SugarApplication::redirect($this->redirect_url);
450 ////////////////////////////////////////////////////////
451 ////// DEFAULT ACTIONS
452 ///////////////////////////////////////////////////////
459 * Do some processing before saving the bean to the database.
461 public function pre_save(){
462 if(!empty($_POST['assigned_user_id']) && $_POST['assigned_user_id'] != $this->bean->assigned_user_id && $_POST['assigned_user_id'] != $GLOBALS['current_user']->id && empty($GLOBALS['sugar_config']['exclude_notifications'][$this->bean->module_dir])){
463 $this->bean->notify_on_save = true;
465 $GLOBALS['log']->debug("SugarController:: performing pre_save.");
466 require_once('include/SugarFields/SugarFieldHandler.php');
467 $sfh = new SugarFieldHandler();
468 foreach($this->bean->field_defs as $field => $properties) {
469 $type = !empty($properties['custom_type']) ? $properties['custom_type'] : $properties['type'];
470 $sf = $sfh->getSugarField(ucfirst($type), true);
471 if(isset($_POST[$field])) {
472 if(is_array($_POST[$field]) && !empty($properties['isMultiSelect'])) {
473 if(empty($_POST[$field][0])) {
474 unset($_POST[$field][0]);
476 $_POST[$field] = encodeMultienumValue($_POST[$field]);
478 $this->bean->$field = $_POST[$field];
479 } else if(!empty($properties['isMultiSelect']) && !isset($_POST[$field]) && isset($_POST[$field . '_multiselect'])) {
480 $this->bean->$field = '';
483 $sf->save($this->bean, $_POST, $field, $properties);
487 foreach($this->bean->relationship_fields as $field=>$link){
488 if(!empty($_POST[$field])){
489 $this->bean->$field = $_POST[$field];
492 if(!$this->bean->ACLAccess('save')){
493 ACLController::displayNoAccess(true);
496 $this->bean->unformat_all_fields();
500 * Perform the actual save
502 public function action_save(){
503 $this->bean->save(!empty($this->bean->notify_on_save));
507 * Specify what happens after the save has occurred.
509 protected function post_save(){
510 $module = (!empty($this->return_module) ? $this->return_module : $this->module);
511 $action = (!empty($this->return_action) ? $this->return_action : 'DetailView');
512 $id = (!empty($this->return_id) ? $this->return_id : $this->bean->id);
514 $url = "index.php?module=".$module."&action=".$action."&record=".$id;
515 $this->set_redirect($url);
523 * Perform the actual deletion.
525 protected function action_delete(){
526 //do any pre delete processing
527 //if there is some custom logic for deletion.
528 if(!empty($_REQUEST['record'])){
529 if(!$this->bean->ACLAccess('Delete')){
530 ACLController::displayNoAccess(true);
533 $this->bean->mark_deleted($_REQUEST['record']);
535 sugar_die("A record number must be specified to delete");
540 * Specify what happens after the deletion has occurred.
542 protected function post_delete(){
543 $return_module = isset($_REQUEST['return_module']) ?
544 $_REQUEST['return_module'] :
545 $GLOBALS['sugar_config']['default_module'];
546 $return_action = isset($_REQUEST['return_action']) ?
547 $_REQUEST['return_action'] :
548 $GLOBALS['sugar_config']['default_action'];
549 $return_id = isset($_REQUEST['return_id']) ?
550 $_REQUEST['return_id'] :
552 $url = "index.php?module=".$return_module."&action=".$return_action."&record=".$return_id;
554 //eggsurplus Bug 23816: maintain VCR after an edit/save. If it is a duplicate then don't worry about it. The offset is now worthless.
555 if(isset($_REQUEST['offset']) && empty($_REQUEST['duplicateSave'])) {
556 $url .= "&offset=".$_REQUEST['offset'];
559 $this->set_redirect($url);
562 * Perform the actual massupdate.
564 protected function action_massupdate(){
565 if(!empty($_REQUEST['massupdate']) && $_REQUEST['massupdate'] == 'true' && (!empty($_REQUEST['uid']) || !empty($_REQUEST['entire']))){
566 if(!empty($_REQUEST['Delete']) && $_REQUEST['Delete']=='true' && !$this->bean->ACLAccess('delete')
567 || (empty($_REQUEST['Delete']) || $_REQUEST['Delete']!='true') && !$this->bean->ACLAccess('save')){
568 ACLController::displayNoAccess(true);
572 set_time_limit(0);//I'm wondering if we will set it never goes timeout here.
573 // until we have more efficient way of handling MU, we have to disable the limit
574 $GLOBALS['db']->setQueryLimit(0);
575 require_once("include/MassUpdate.php");
576 require_once('modules/MySettings/StoreQuery.php');
577 $seed = loadBean($_REQUEST['module']);
578 $mass = new MassUpdate();
579 $mass->setSugarBean($seed);
580 if(isset($_REQUEST['entire']) && empty($_POST['mass'])) {
581 $mass->generateSearchWhere($_REQUEST['module'], $_REQUEST['current_query_by_page']);
583 $mass->handleMassUpdate();
584 $storeQuery = new StoreQuery();//restore the current search. to solve bug 24722 for multi tabs massupdate.
585 $temp_req = array('current_query_by_page' => $_REQUEST['current_query_by_page'], 'return_module' => $_REQUEST['return_module'], 'return_action' => $_REQUEST['return_action']);
586 if($_REQUEST['return_module'] == 'Emails') {
587 if(!empty($_REQUEST['type']) && !empty($_REQUEST['ie_assigned_user_id'])) {
588 $this->req_for_email = array('type' => $_REQUEST['type'], 'ie_assigned_user_id' => $_REQUEST['ie_assigned_user_id']); //specificly for My Achieves
592 $_REQUEST = unserialize(base64_decode($temp_req['current_query_by_page']));
593 unset($_REQUEST[$seed->module_dir.'2_'.strtoupper($seed->object_name).'_offset']);//after massupdate, the page should redirect to no offset page
594 $storeQuery->saveFromRequest($_REQUEST['module']);
595 $_REQUEST = array('return_module' => $temp_req['return_module'], 'return_action' => $temp_req['return_action']);//for post_massupdate, to go back to original page.
597 sugar_die("You must massupdate at least one record");
601 * Specify what happens after the massupdate has occurred.
603 protected function post_massupdate(){
604 $return_module = isset($_REQUEST['return_module']) ?
605 $_REQUEST['return_module'] :
606 $GLOBALS['sugar_config']['default_module'];
607 $return_action = isset($_REQUEST['return_action']) ?
608 $_REQUEST['return_action'] :
609 $GLOBALS['sugar_config']['default_action'];
610 $url = "index.php?module=".$return_module."&action=".$return_action;
611 if($return_module == 'Emails'){//specificly for My Achieves
612 if(!empty($this->req_for_email['type']) && !empty($this->req_for_email['ie_assigned_user_id'])) {
613 $url = $url . "&type=".$this->req_for_email['type']."&assigned_user_id=".$this->req_for_email['ie_assigned_user_id'];
616 $this->set_redirect($url);
619 * Perform the listview action
621 protected function action_listview(){
622 $this->view_object_map['bean'] = $this->bean;
623 $this->view = 'list';
628 //THIS IS HANDLED IN ACTION_REMAP WHERE INDEX IS SET TO LISTVIEW
629 function action_index(){
634 * Action to handle when using a file as was done in previous versions of Sugar.
636 protected function action_default(){
637 $this->view = 'classic';
641 * this method id used within a Dashlet when performing an ajax call
643 protected function action_callmethoddashlet(){
644 if(!empty($_REQUEST['id'])) {
645 $id = $_REQUEST['id'];
646 $requestedMethod = $_REQUEST['method'];
647 $dashletDefs = $GLOBALS['current_user']->getPreference('dashlets', 'Home'); // load user's dashlets config
648 if(!empty($dashletDefs[$id])) {
649 require_once($dashletDefs[$id]['fileLocation']);
651 $dashlet = new $dashletDefs[$id]['className']($id, (isset($dashletDefs[$id]['options']) ? $dashletDefs[$id]['options'] : array()));
653 if(method_exists($dashlet, $requestedMethod) || method_exists($dashlet, '__call')) {
654 echo $dashlet->$requestedMethod();
664 * this method is used within a Dashlet when the options configuration is posted
666 protected function action_configuredashlet(){
667 global $current_user, $mod_strings;
669 if(!empty($_REQUEST['id'])) {
670 $id = $_REQUEST['id'];
671 $dashletDefs = $current_user->getPreference('dashlets', $_REQUEST['module']); // load user's dashlets config
672 require_once($dashletDefs[$id]['fileLocation']);
674 $dashlet = new $dashletDefs[$id]['className']($id, (isset($dashletDefs[$id]['options']) ? $dashletDefs[$id]['options'] : array()));
675 if(!empty($_REQUEST['configure']) && $_REQUEST['configure']) { // save settings
676 $dashletDefs[$id]['options'] = $dashlet->saveOptions($_REQUEST);
677 $current_user->setPreference('dashlets', $dashletDefs, 0, $_REQUEST['module']);
679 else { // display options
680 $json = getJSONobj();
681 return 'result = ' . $json->encode((array('header' => $dashlet->title . ' : ' . $mod_strings['LBL_OPTIONS'],
682 'body' => $dashlet->displayOptions())));
694 public static function getActionFilename($action) {
695 if(isset(self::$action_case_file[$action])) {
696 return self::$action_case_file[$action];
701 /********************************************************************/
703 /********************************************************************/
706 * Given the module and action, determine whether the super/admin has prevented access
707 * to this url. In addition if any links specified for this module, load the links into
710 * @return true if we want to stop processing, false if processing should continue
712 private function blockFileAccess(){
713 //check if the we have enabled file_access_control and if so then check the mappings on the request;
714 if(!empty($GLOBALS['sugar_config']['admin_access_control']) && $GLOBALS['sugar_config']['admin_access_control']){
715 $this->loadMapping('file_access_control_map');
716 //since we have this turned on, check the mapping file
717 $module = strtolower($this->module);
718 $action = strtolower($this->do_action);
719 if(!empty($this->file_access_control_map['modules'][$module]['links'])){
720 $GLOBALS['admin_access_control_links'] = $this->file_access_control_map['modules'][$module]['links'];
723 if(!empty($this->file_access_control_map['modules'][$module]['actions']) && (in_array($action, $this->file_access_control_map['modules'][$module]['actions']) || !empty($this->file_access_control_map['modules'][$module]['actions'][$action]))){
725 if(!empty($this->file_access_control_map['modules'][$module]['actions'][$action]['params'])){
727 $params = $this->file_access_control_map['modules'][$module]['actions'][$action]['params'];
728 foreach($params as $param => $paramVals){
729 if(!empty($_REQUEST[$param])){
730 if(!in_array($_REQUEST[$param], $paramVals)){
737 $this->_processed = true;
741 $this->_processed = true;
746 $this->_processed = false;
750 * This code is part of the entry points reworking. We have consolidated all
751 * entry points to go through index.php. Now in order to bring up an entry point
752 * it will follow the format:
753 * 'index.php?entryPoint=download'
754 * the download entry point is mapped in the following file: entry_point_registry.php
757 private function handleEntryPoint(){
758 if(!empty($_REQUEST['entryPoint'])){
759 $this->loadMapping('entry_point_registry');
760 $entryPoint = $_REQUEST['entryPoint'];
762 if(!empty($this->entry_point_registry[$entryPoint])){
763 require_once($this->entry_point_registry[$entryPoint]['file']);
764 $this->_processed = true;
771 * Checks to see if the requested entry point requires auth
773 * @param $entrypoint string name of the entrypoint
774 * @return bool true if auth is required, false if not
776 public function checkEntryPointRequiresAuth($entryPoint)
778 $this->loadMapping('entry_point_registry');
780 if ( isset($this->entry_point_registry[$entryPoint]['auth'])
781 && !$this->entry_point_registry[$entryPoint]['auth'] )
787 * Meant to handle old views e.g. DetailView.php.
790 protected function callLegacyCode()
792 $file = self::getActionFilename($this->do_action);
793 if ( isset($this->action_view_map[strtolower($this->do_action)]) ) {
794 $action = $this->action_view_map[strtolower($this->do_action)];
797 $action = $this->do_action;
799 // index actions actually maps to the view.list.php view
800 if ( $action == 'index' ) {
804 if ((file_exists('modules/' . $this->module . '/'. $file . '.php')
805 && !file_exists('modules/' . $this->module . '/views/view.'. $action . '.php'))
806 || (file_exists('custom/modules/' . $this->module . '/'. $file . '.php')
807 && !file_exists('custom/modules/' . $this->module . '/views/view.'. $action . '.php'))
809 // A 'classic' module, using the old pre-MVC display files
810 // We should now discard the bean we just obtained for tracking as the pre-MVC module will instantiate its own
811 unset($GLOBALS['FOCUS']);
812 $GLOBALS['log']->debug('Module:' . $this->module . ' using file: '. $file);
813 $this->action_default();
814 $this->_processed = true;
819 * If the action has been remapped to a different action as defined in
820 * action_file_map.php or action_view_map.php load those maps here.
823 private function handleActionMaps(){
824 if(!empty($this->action_file_map[strtolower($this->do_action)])){
826 $GLOBALS['log']->debug('Using Action File Map:' . $this->action_file_map[strtolower($this->do_action)]);
827 require_once($this->action_file_map[strtolower($this->do_action)]);
828 $this->_processed = true;
829 }elseif(!empty($this->action_view_map[strtolower($this->do_action)])){
830 $GLOBALS['log']->debug('Using Action View Map:' . $this->action_view_map[strtolower($this->do_action)]);
831 $this->view = $this->action_view_map[strtolower($this->do_action)];
832 $this->_processed = true;
838 * Actually remap the action if required.
841 protected function remapAction(){
842 if(!empty($this->action_remap[$this->do_action])){
843 $this->action = $this->action_remap[$this->do_action];
844 $this->do_action = $this->action;