modules/ACL/ACLJSController.php

   1 <?php
   2 if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
   3 /*********************************************************************************
   4  * SugarCRM Community Edition is a customer relationship management program developed by
   5  * SugarCRM, Inc. Copyright (C) 2004-2012 SugarCRM Inc.
   6  *
   7  * This program is free software; you can redistribute it and/or modify it under
   8  * the terms of the GNU Affero General Public License version 3 as published by the
   9  * Free Software Foundation with the addition of the following permission added
  10  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
  11  * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
  12  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
  13  *
  14  * This program is distributed in the hope that it will be useful, but WITHOUT
  15  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  16  * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
  17  * details.
  18  *
  19  * You should have received a copy of the GNU Affero General Public License along with
  20  * this program; if not, see http://www.gnu.org/licenses or write to the Free
  21  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  22  * 02110-1301 USA.
  23  *
  24  * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
  25  * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
  26  *
  27  * The interactive user interfaces in modified source and object code versions
  28  * of this program must display Appropriate Legal Notices, as required under
  29  * Section 5 of the GNU Affero General Public License version 3.
  30  *
  31  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
  32  * these Appropriate Legal Notices must retain the display of the "Powered by
  33  * SugarCRM" logo. If the display of the logo is not reasonably feasible for
  34  * technical reasons, the Appropriate Legal Notices must display the words
  35  * "Powered by SugarCRM".
  36  ********************************************************************************/
  37
  38
  39
  40 class ACLJSController{
  41
  42         function ACLJSController($module,$form='', $is_owner=false){
  43
  44                 $this->module = $module;
  45                 $this->is_owner = $is_owner;
  46                 $this->form = $form;
  47         }
  48
  49         function getJavascript(){
  50                 global $action;
  51                 if(!ACLController::moduleSupportsACL($this->module)){
  52                         return '';
  53                 }
  54                 $script = "<SCRIPT>\n//BEGIN ACL JAVASCRIPT\n";
  55
  56                 if($action == 'DetailView'){
  57                         if(!ACLController::checkAccess($this->module,'edit', $this->is_owner)){
  58                         $script .= <<<EOQ
  59                                                 if(typeof(document.DetailView) != 'undefined'){
  60                                                         if(typeof(document.DetailView.elements['Edit']) != 'undefined'){
  61                                                                 document.DetailView.elements['Edit'].disabled = 'disabled';
  62                                                         }
  63                                                         if(typeof(document.DetailView.elements['Duplicate']) != 'undefined'){
  64                                                                 document.DetailView.elements['Duplicate'].disabled = 'disabled';
  65                                                         }
  66                                                 }
  67 EOQ;
  68 }
  69                         if(!ACLController::checkAccess($this->module,'delete', $this->is_owner)){
  70                         $script .= <<<EOQ
  71                                                 if(typeof(document.DetailView) != 'undefined'){
  72                                                         if(typeof(document.DetailView.elements['Delete']) != 'undefined'){
  73                                                                 document.DetailView.elements['Delete'].disabled = 'disabled';
  74                                                         }
  75                                                 }
  76 EOQ;
  77 }
  78                 }
  79                 if(file_exists('modules/'. $this->module . '/metadata/acldefs.php')){
  80                         include('modules/'. $this->module . '/metadata/acldefs.php');
  81
  82                         foreach($acldefs[$this->module]['forms'] as $form_name=>$form){
  83
  84                                 foreach($form as $field_name=>$field){
  85
  86                                         if($field['app_action'] == $action){
  87                                                 switch($form_name){
  88                                                         case 'by_id':
  89                                                                 $script .= $this->getFieldByIdScript($field_name, $field);
  90                                                                 break;
  91                                                         case 'by_name':
  92                                                                 $script .= $this->getFieldByNameScript($field_name, $field);
  93                                                                 break;
  94                                                         default:
  95                                                                 $script .= $this->getFieldByFormScript($form_name, $field_name, $field);
  96                                                                 break;
  97                                                 }
  98                                         }
  99
 100                                 }
 101                         }
 102                 }
 103                 $script .=  '</SCRIPT>';
 104
 105                 return $script;
 106
 107
 108         }
 109
 110         function getHTMLValues($def){
 111                 $return_array = array();
 112                 switch($def['display_option']){
 113                         case 'clear_link':
 114                                 $return_array['href']= "#";
 115                                 $return_array['className']= "nolink";
 116                                 break;
 117                         default;
 118                                 $return_array[$def['display_option']] = $def['display_option'];
 119                                 break;
 120
 121                 }
 122                 return $return_array;
 123
 124         }
 125
 126         function getFieldByIdScript($name, $def){
 127                 $script = '';
 128                 if(!ACLController::checkAccess($def['module'], $def['action_option'], true)){
 129                 foreach($this->getHTMLValues($def) as $key=>$value){
 130                         $script .=  "\nif(document.getElementById('$name'))document.getElementById('$name')." . $key . '="' .$value. '";'. "\n";
 131                 }
 132                 }
 133                 return $script;
 134
 135         }
 136
 137         function getFieldByNameScript($name, $def){
 138                 $script = '';
 139                 if(!ACLController::checkAccess($def['module'], $def['action_option'], true)){
 140
 141                 foreach($this->getHTMLValues($def) as $key=>$value){
 142                         $script .=  <<<EOQ
 143                         var aclfields = document.getElementsByName('$name');
 144                         for(var i in aclfields){
 145                                 aclfields[i].$key = '$value';
 146                         }
 147 EOQ;
 148                 }
 149                 }
 150                 return $script;
 151
 152         }
 153
 154         function getFieldByFormScript($form, $name, $def){
 155                 $script = '';
 156
 157
 158                 if(!ACLController::checkAccess($def['module'], $def['action_option'], true)){
 159                         foreach($this->getHTMLValues($def) as $key=>$value){
 160                                 $script .= "\nif(typeof(document.$form.$name.$key) != 'undefined')\n document.$form.$name.".$key . '="' .$value. '";';
 161                         }
 162                 }
 163                 return $script;
 164
 165         }
 166
 167
 168
 169
 170
 171
 172
 173
 174 }
 175
 176
 177
 178 ?>