2 /*********************************************************************************
3 * SugarCRM Community Edition is a customer relationship management program developed by
4 * SugarCRM, Inc. Copyright (C) 2004-2011 SugarCRM Inc.
6 * This program is free software; you can redistribute it and/or modify it under
7 * the terms of the GNU Affero General Public License version 3 as published by the
8 * Free Software Foundation with the addition of the following permission added
9 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
11 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
18 * You should have received a copy of the GNU Affero General Public License along with
19 * this program; if not, see http://www.gnu.org/licenses or write to the Free
20 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
24 * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
26 * The interactive user interfaces in modified source and object code versions
27 * of this program must display Appropriate Legal Notices, as required under
28 * Section 5 of the GNU Affero General Public License version 3.
30 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31 * these Appropriate Legal Notices must retain the display of the "Powered by
32 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
33 * technical reasons, the Appropriate Legal Notices must display the words
34 * "Powered by SugarCRM".
35 ********************************************************************************/
37 require_once('include/MVC/View/SugarView.php');
40 * Main SugarCRM controller
43 class SugarController{
45 * remap actions in here
46 * e.g. make all detail views go to edit views
47 * $action_remap = array('detailview'=>'editview');
49 protected $action_remap = array('index'=>'listview');
51 * The name of the current module.
53 public $module = 'Home';
55 * The name of the target module.
57 public $target_module = null;
59 * The name of the current action.
61 public $action = 'index';
63 * The id of the current record.
67 * The name of the return module.
69 public $return_module = null;
71 * The name of the return action.
73 public $return_action = null;
75 * The id of the return record.
77 public $return_id = null;
79 * If the action was remapped it will be set to do_action and then we will just
80 * use do_action for the actual action to perform.
82 protected $do_action = 'index';
84 * If a bean is present that set it.
90 public $redirect_url = '';
92 * any subcontroller can modify this to change the view
94 public $view = 'classic';
96 * this array will hold the mappings between a key and an object for use within the view.
98 public $view_object_map = array();
101 * This array holds the methods that handleAction() will invoke, in sequence.
103 protected $tasks = array(
109 * List of options to run through within the process() method.
110 * This list is meant to easily allow additions for new functionality as well as
111 * the ability to add a controller's own handling.
113 public $process_tasks = array(
122 * Whether or not the action has been handled by $process_tasks
126 protected $_processed = false;
128 * Map an action directly to a file
131 * Map an action directly to a file. This will be loaded from action_file_map.php
133 protected $action_file_map = array();
135 * Map an action directly to a view
138 * Map an action directly to a view. This will be loaded from action_view_map.php
140 protected $action_view_map = array();
143 * This can be set from the application to tell us whether we have authorization to
144 * process the action. If this is set we will default to the noaccess view.
146 public $hasAccess = true;
149 * Map case sensitive filenames to action. This is used for linux/unix systems
150 * where filenames are case sensitive
152 public static $action_case_file = array(
153 'editview'=>'EditView',
154 'detailview'=>'DetailView',
155 'listview'=>'ListView'
159 * Constructor. This ie meant tot load up the module, action, record as well
160 * as the mapping arrays.
162 function SugarController(){
166 * Called from SugarApplication and is meant to perform the setup operations
170 public function setup($module = ''){
171 if(empty($module) && !empty($_REQUEST['module']))
172 $module = $_REQUEST['module'];
175 $this->setModule($module);
177 if(!empty($_REQUEST['target_module']) && $_REQUEST['target_module'] != 'undefined') {
178 $this->target_module = $_REQUEST['target_module'];
180 //set properties on the controller from the $_REQUEST
181 $this->loadPropertiesFromRequest();
182 //load the mapping files
183 $this->loadMappings();
186 * Set the module on the Controller
188 * @param object $module
190 public function setModule($module){
191 $this->module = $module;
195 * Set properties on the Controller from the $_REQUEST
198 private function loadPropertiesFromRequest(){
199 if(!empty($_REQUEST['action']))
200 $this->action = $_REQUEST['action'];
201 if(!empty($_REQUEST['record']))
202 $this->record = $_REQUEST['record'];
203 if(!empty($_REQUEST['view']))
204 $this->view = $_REQUEST['view'];
205 if(!empty($_REQUEST['return_module']))
206 $this->return_module = $_REQUEST['return_module'];
207 if(!empty($_REQUEST['return_action']))
208 $this->return_action = $_REQUEST['return_action'];
209 if(!empty($_REQUEST['return_id']))
210 $this->return_id = $_REQUEST['return_id'];
214 * Load map files for use within the Controller
217 private function loadMappings(){
218 $this->loadMapping('action_view_map');
219 $this->loadMapping('action_file_map');
220 $this->loadMapping('action_remap', true);
224 * Given a record id load the bean. This bean is accessible from any sub controllers.
226 public function loadBean()
228 if(!empty($GLOBALS['beanList'][$this->module])){
229 $class = $GLOBALS['beanList'][$this->module];
230 if(!empty($GLOBALS['beanFiles'][$class])){
231 require_once($GLOBALS['beanFiles'][$class]);
232 $this->bean = new $class();
233 if(!empty($this->record)){
234 $this->bean->retrieve($this->record);
236 $GLOBALS['FOCUS'] = $this->bean;
243 * Generic load method to load mapping arrays.
245 private function loadMapping($var, $merge = false){
246 $$var = sugar_cache_retrieve("CONTROLLER_". $var . "_".$this->module);
248 if($merge && !empty($this->$var)){
253 if(file_exists('include/MVC/Controller/'. $var . '.php')){
254 require('include/MVC/Controller/'. $var . '.php');
256 if(file_exists('modules/'.$this->module.'/'. $var . '.php')){
257 require('modules/'.$this->module.'/'. $var . '.php');
259 if(file_exists('custom/modules/'.$this->module.'/'. $var . '.php')){
260 require('custom/modules/'.$this->module.'/'. $var . '.php');
262 if(file_exists('custom/include/MVC/Controller/'. $var . '.php')){
263 require('custom/include/MVC/Controller/'. $var . '.php');
266 // entry_point_registry -> EntryPointRegistry
268 $varname = str_replace(" ","",ucwords(str_replace("_"," ", $var)));
269 if(file_exists("custom/application/Ext/$varname/$var.ext.php")){
270 require("custom/application/Ext/$varname/$var.ext.php");
272 if(file_exists("custom/modules/{$this->module}/Ext/$varname/$var.ext.php")){
273 require("custom/modules/{$this->module}/Ext/$varname/$var.ext.php");
276 sugar_cache_put("CONTROLLER_". $var . "_".$this->module, $$var);
282 * This method is called from SugarApplication->execute and it will bootstrap the entire controller process
284 final public function execute(){
286 if(!empty($this->view)){
287 $this->processView();
288 }elseif(!empty($this->redirect_url)){
294 * Display the appropriate view.
296 private function processView(){
297 $view = ViewFactory::loadView($this->view, $this->module, $this->bean, $this->view_object_map, $this->target_module);
298 $GLOBALS['current_view'] = $view;
299 if(!empty($this->bean) && !$this->bean->ACLAccess($view->type) && $view->type != 'list'){
300 ACLController::displayNoAccess(true);
303 if(isset($this->errors)){
304 $view->errors = $this->errors;
310 * Meant to be overridden by a subclass and allows for specific functionality to be
311 * injected prior to the process() method being called.
313 public function preProcess()
317 * if we have a function to support the action use it otherwise use the default action
320 * 2) check for action
322 public function process(){
323 $GLOBALS['action'] = $this->action;
324 $GLOBALS['module'] = $this->module;
326 //check to ensure we have access to the module.
327 if($this->hasAccess){
328 $this->do_action = $this->action;
330 $file = self::getActionFilename($this->do_action);
335 foreach($this->process_tasks as $process){
337 if($this->_processed)
348 * This method is called from the process method. I could also be called within an action_* method.
349 * It allows a developer to override any one of these methods contained within,
350 * or if the developer so chooses they can override the entire action_* method.
352 * @return true if any one of the pre_, do_, or post_ methods have been defined,
353 * false otherwise. This is important b/c if none of these methods exists, then we will run the
354 * action_default() method.
356 protected function handle_action(){
358 foreach($this->tasks as $task){
359 $processed = ($this->$task() || $processed);
361 $this->_processed = $processed;
365 * Perform an action prior to the specified action.
366 * This can be overridde in a sub-class
368 private function pre_action(){
369 $function = 'pre_' . $this->action;
370 if($this->hasFunction($function)){
371 $GLOBALS['log']->debug('Performing pre_action');
379 * Perform the specified action.
380 * This can be overridde in a sub-class
382 private function do_action(){
383 $function = 'action_'. strtolower($this->do_action);
384 if($this->hasFunction($function)){
385 $GLOBALS['log']->debug('Performing action: '.$function.' MODULE: '.$this->module);
393 * Perform an action after to the specified action has occurred.
394 * This can be overridde in a sub-class
396 private function post_action(){
397 $function = 'post_' . $this->action;
398 if($this->hasFunction($function)){
399 $GLOBALS['log']->debug('Performing post_action');
407 * If there is no action found then display an error to the user.
409 protected function no_action(){
410 sugar_die($GLOBALS['app_strings']['LBL_NO_ACTION']);
414 * The default action handler for instances where we do not have access to process.
416 protected function no_access(){
417 $this->view = 'noaccess';
420 ///////////////////////////////////////////////
421 /////// HELPER FUNCTIONS
422 ///////////////////////////////////////////////
425 * Determine if a given function exists on the objects
426 * @param function - the function to check
427 * @return true if the method exists on the object, false otherwise
429 protected function hasFunction($function){
430 return method_exists($this, $function);
435 * Set the url to which we will want to redirect
437 * @param string url - the url to which we will want to redirect
439 protected function set_redirect($url){
440 $this->redirect_url = $url;
444 * Perform redirection based on the redirect_url
447 protected function redirect(){
449 if(!empty($this->redirect_url))
450 SugarApplication::redirect($this->redirect_url);
453 ////////////////////////////////////////////////////////
454 ////// DEFAULT ACTIONS
455 ///////////////////////////////////////////////////////
462 * Do some processing before saving the bean to the database.
464 public function pre_save(){
465 if(!empty($_POST['assigned_user_id']) && $_POST['assigned_user_id'] != $this->bean->assigned_user_id && $_POST['assigned_user_id'] != $GLOBALS['current_user']->id && empty($GLOBALS['sugar_config']['exclude_notifications'][$this->bean->module_dir])){
466 $this->bean->notify_on_save = true;
468 $GLOBALS['log']->debug("SugarController:: performing pre_save.");
469 require_once('include/SugarFields/SugarFieldHandler.php');
470 $sfh = new SugarFieldHandler();
471 foreach($this->bean->field_defs as $field => $properties) {
472 $type = !empty($properties['custom_type']) ? $properties['custom_type'] : $properties['type'];
473 $sf = $sfh->getSugarField(ucfirst($type), true);
474 if(isset($_POST[$field])) {
475 if(is_array($_POST[$field]) && !empty($properties['isMultiSelect'])) {
476 if(empty($_POST[$field][0])) {
477 unset($_POST[$field][0]);
479 $_POST[$field] = encodeMultienumValue($_POST[$field]);
481 $this->bean->$field = $_POST[$field];
482 } else if(!empty($properties['isMultiSelect']) && !isset($_POST[$field]) && isset($_POST[$field . '_multiselect'])) {
483 $this->bean->$field = '';
486 $sf->save($this->bean, $_POST, $field, $properties);
490 foreach($this->bean->relationship_fields as $field=>$link){
491 if(!empty($_POST[$field])){
492 $this->bean->$field = $_POST[$field];
495 if(!$this->bean->ACLAccess('save')){
496 ACLController::displayNoAccess(true);
499 $this->bean->unformat_all_fields();
503 * Perform the actual save
505 public function action_save(){
506 $this->bean->save(!empty($this->bean->notify_on_save));
510 * Specify what happens after the save has occurred.
512 protected function post_save(){
513 $module = (!empty($this->return_module) ? $this->return_module : $this->module);
514 $action = (!empty($this->return_action) ? $this->return_action : 'DetailView');
515 $id = (!empty($this->return_id) ? $this->return_id : $this->bean->id);
517 $url = "index.php?module=".$module."&action=".$action."&record=".$id;
518 $this->set_redirect($url);
526 * Perform the actual deletion.
528 protected function action_delete(){
529 //do any pre delete processing
530 //if there is some custom logic for deletion.
531 if(!empty($_REQUEST['record'])){
532 if(!$this->bean->ACLAccess('Delete')){
533 ACLController::displayNoAccess(true);
536 $this->bean->mark_deleted($_REQUEST['record']);
538 sugar_die("A record number must be specified to delete");
543 * Specify what happens after the deletion has occurred.
545 protected function post_delete(){
546 $return_module = isset($_REQUEST['return_module']) ?
547 $_REQUEST['return_module'] :
548 $GLOBALS['sugar_config']['default_module'];
549 $return_action = isset($_REQUEST['return_action']) ?
550 $_REQUEST['return_action'] :
551 $GLOBALS['sugar_config']['default_action'];
552 $return_id = isset($_REQUEST['return_id']) ?
553 $_REQUEST['return_id'] :
555 $url = "index.php?module=".$return_module."&action=".$return_action."&record=".$return_id;
557 //eggsurplus Bug 23816: maintain VCR after an edit/save. If it is a duplicate then don't worry about it. The offset is now worthless.
558 if(isset($_REQUEST['offset']) && empty($_REQUEST['duplicateSave'])) {
559 $url .= "&offset=".$_REQUEST['offset'];
562 $this->set_redirect($url);
565 * Perform the actual massupdate.
567 protected function action_massupdate(){
568 if(!empty($_REQUEST['massupdate']) && $_REQUEST['massupdate'] == 'true' && (!empty($_REQUEST['uid']) || !empty($_REQUEST['entire']))){
569 if(!empty($_REQUEST['Delete']) && $_REQUEST['Delete']=='true' && !$this->bean->ACLAccess('delete')
570 || (empty($_REQUEST['Delete']) || $_REQUEST['Delete']!='true') && !$this->bean->ACLAccess('save')){
571 ACLController::displayNoAccess(true);
575 set_time_limit(0);//I'm wondering if we will set it never goes timeout here.
576 // until we have more efficient way of handling MU, we have to disable the limit
577 $GLOBALS['db']->setQueryLimit(0);
578 require_once("include/MassUpdate.php");
579 require_once('modules/MySettings/StoreQuery.php');
580 $seed = loadBean($_REQUEST['module']);
581 $mass = new MassUpdate();
582 $mass->setSugarBean($seed);
583 if(isset($_REQUEST['entire']) && empty($_POST['mass'])) {
584 $mass->generateSearchWhere($_REQUEST['module'], $_REQUEST['current_query_by_page']);
586 $mass->handleMassUpdate();
587 $storeQuery = new StoreQuery();//restore the current search. to solve bug 24722 for multi tabs massupdate.
588 $temp_req = array('current_query_by_page' => $_REQUEST['current_query_by_page'], 'return_module' => $_REQUEST['return_module'], 'return_action' => $_REQUEST['return_action']);
589 if($_REQUEST['return_module'] == 'Emails') {
590 if(!empty($_REQUEST['type']) && !empty($_REQUEST['ie_assigned_user_id'])) {
591 $this->req_for_email = array('type' => $_REQUEST['type'], 'ie_assigned_user_id' => $_REQUEST['ie_assigned_user_id']); //specificly for My Achieves
595 $_REQUEST = unserialize(base64_decode($temp_req['current_query_by_page']));
596 unset($_REQUEST[$seed->module_dir.'2_'.strtoupper($seed->object_name).'_offset']);//after massupdate, the page should redirect to no offset page
597 $storeQuery->saveFromRequest($_REQUEST['module']);
598 $_REQUEST = array('return_module' => $temp_req['return_module'], 'return_action' => $temp_req['return_action']);//for post_massupdate, to go back to original page.
600 sugar_die("You must massupdate at least one record");
604 * Specify what happens after the massupdate has occurred.
606 protected function post_massupdate(){
607 $return_module = isset($_REQUEST['return_module']) ?
608 $_REQUEST['return_module'] :
609 $GLOBALS['sugar_config']['default_module'];
610 $return_action = isset($_REQUEST['return_action']) ?
611 $_REQUEST['return_action'] :
612 $GLOBALS['sugar_config']['default_action'];
613 $url = "index.php?module=".$return_module."&action=".$return_action;
614 if($return_module == 'Emails'){//specificly for My Achieves
615 if(!empty($this->req_for_email['type']) && !empty($this->req_for_email['ie_assigned_user_id'])) {
616 $url = $url . "&type=".$this->req_for_email['type']."&assigned_user_id=".$this->req_for_email['ie_assigned_user_id'];
619 $this->set_redirect($url);
622 * Perform the listview action
624 protected function action_listview(){
625 $this->view_object_map['bean'] = $this->bean;
626 $this->view = 'list';
631 //THIS IS HANDLED IN ACTION_REMAP WHERE INDEX IS SET TO LISTVIEW
632 function action_index(){
637 * Action to handle when using a file as was done in previous versions of Sugar.
639 protected function action_default(){
640 $this->view = 'classic';
644 * this method id used within a Dashlet when performing an ajax call
646 protected function action_callmethoddashlet(){
647 if(!empty($_REQUEST['id'])) {
648 $id = $_REQUEST['id'];
649 $requestedMethod = $_REQUEST['method'];
650 $dashletDefs = $GLOBALS['current_user']->getPreference('dashlets', 'Home'); // load user's dashlets config
651 if(!empty($dashletDefs[$id])) {
652 require_once($dashletDefs[$id]['fileLocation']);
654 $dashlet = new $dashletDefs[$id]['className']($id, (isset($dashletDefs[$id]['options']) ? $dashletDefs[$id]['options'] : array()));
656 if(method_exists($dashlet, $requestedMethod) || method_exists($dashlet, '__call')) {
657 echo $dashlet->$requestedMethod();
667 * this method is used within a Dashlet when the options configuration is posted
669 protected function action_configuredashlet(){
670 global $current_user, $mod_strings;
672 if(!empty($_REQUEST['id'])) {
673 $id = $_REQUEST['id'];
674 $dashletDefs = $current_user->getPreference('dashlets', $_REQUEST['module']); // load user's dashlets config
675 require_once($dashletDefs[$id]['fileLocation']);
677 $dashlet = new $dashletDefs[$id]['className']($id, (isset($dashletDefs[$id]['options']) ? $dashletDefs[$id]['options'] : array()));
678 if(!empty($_REQUEST['configure']) && $_REQUEST['configure']) { // save settings
679 $dashletDefs[$id]['options'] = $dashlet->saveOptions($_REQUEST);
680 $current_user->setPreference('dashlets', $dashletDefs, 0, $_REQUEST['module']);
682 else { // display options
683 $json = getJSONobj();
684 return 'result = ' . $json->encode((array('header' => $dashlet->title . ' : ' . $mod_strings['LBL_OPTIONS'],
685 'body' => $dashlet->displayOptions())));
697 public static function getActionFilename($action) {
698 if(isset(self::$action_case_file[$action])) {
699 return self::$action_case_file[$action];
704 /********************************************************************/
706 /********************************************************************/
709 * Given the module and action, determine whether the super/admin has prevented access
710 * to this url. In addition if any links specified for this module, load the links into
713 * @return true if we want to stop processing, false if processing should continue
715 private function blockFileAccess(){
716 //check if the we have enabled file_access_control and if so then check the mappings on the request;
717 if(!empty($GLOBALS['sugar_config']['admin_access_control']) && $GLOBALS['sugar_config']['admin_access_control']){
718 $this->loadMapping('file_access_control_map');
719 //since we have this turned on, check the mapping file
720 $module = strtolower($this->module);
721 $action = strtolower($this->do_action);
722 if(!empty($this->file_access_control_map['modules'][$module]['links'])){
723 $GLOBALS['admin_access_control_links'] = $this->file_access_control_map['modules'][$module]['links'];
726 if(!empty($this->file_access_control_map['modules'][$module]['actions']) && (in_array($action, $this->file_access_control_map['modules'][$module]['actions']) || !empty($this->file_access_control_map['modules'][$module]['actions'][$action]))){
728 if(!empty($this->file_access_control_map['modules'][$module]['actions'][$action]['params'])){
730 $params = $this->file_access_control_map['modules'][$module]['actions'][$action]['params'];
731 foreach($params as $param => $paramVals){
732 if(!empty($_REQUEST[$param])){
733 if(!in_array($_REQUEST[$param], $paramVals)){
740 $this->_processed = true;
744 $this->_processed = true;
749 $this->_processed = false;
753 * This code is part of the entry points reworking. We have consolidated all
754 * entry points to go through index.php. Now in order to bring up an entry point
755 * it will follow the format:
756 * 'index.php?entryPoint=download'
757 * the download entry point is mapped in the following file: entry_point_registry.php
760 private function handleEntryPoint(){
761 if(!empty($_REQUEST['entryPoint'])){
762 $this->loadMapping('entry_point_registry');
763 $entryPoint = $_REQUEST['entryPoint'];
765 if(!empty($this->entry_point_registry[$entryPoint])){
766 require_once($this->entry_point_registry[$entryPoint]['file']);
767 $this->_processed = true;
774 * Checks to see if the requested entry point requires auth
776 * @param $entrypoint string name of the entrypoint
777 * @return bool true if auth is required, false if not
779 public function checkEntryPointRequiresAuth($entryPoint)
781 $this->loadMapping('entry_point_registry');
783 if ( isset($this->entry_point_registry[$entryPoint]['auth'])
784 && !$this->entry_point_registry[$entryPoint]['auth'] )
790 * Meant to handle old views e.g. DetailView.php.
793 protected function callLegacyCode()
795 $file = self::getActionFilename($this->do_action);
796 if ( isset($this->action_view_map[strtolower($this->do_action)]) ) {
797 $action = $this->action_view_map[strtolower($this->do_action)];
800 $action = $this->do_action;
802 // index actions actually maps to the view.list.php view
803 if ( $action == 'index' ) {
807 if ((file_exists('modules/' . $this->module . '/'. $file . '.php')
808 && !file_exists('modules/' . $this->module . '/views/view.'. $action . '.php'))
809 || (file_exists('custom/modules/' . $this->module . '/'. $file . '.php')
810 && !file_exists('custom/modules/' . $this->module . '/views/view.'. $action . '.php'))
812 // A 'classic' module, using the old pre-MVC display files
813 // We should now discard the bean we just obtained for tracking as the pre-MVC module will instantiate its own
814 unset($GLOBALS['FOCUS']);
815 $GLOBALS['log']->debug('Module:' . $this->module . ' using file: '. $file);
816 $this->action_default();
817 $this->_processed = true;
822 * If the action has been remapped to a different action as defined in
823 * action_file_map.php or action_view_map.php load those maps here.
826 private function handleActionMaps(){
827 if(!empty($this->action_file_map[strtolower($this->do_action)])){
829 $GLOBALS['log']->debug('Using Action File Map:' . $this->action_file_map[strtolower($this->do_action)]);
830 require_once($this->action_file_map[strtolower($this->do_action)]);
831 $this->_processed = true;
832 }elseif(!empty($this->action_view_map[strtolower($this->do_action)])){
833 $GLOBALS['log']->debug('Using Action View Map:' . $this->action_view_map[strtolower($this->do_action)]);
834 $this->view = $this->action_view_map[strtolower($this->do_action)];
835 $this->_processed = true;
841 * Actually remap the action if required.
844 protected function remapAction(){
845 if(!empty($this->action_remap[$this->do_action])){
846 $this->action = $this->action_remap[$this->do_action];
847 $this->do_action = $this->action;