2 /*********************************************************************************
3 * SugarCRM Community Edition is a customer relationship management program developed by
4 * SugarCRM, Inc. Copyright (C) 2004-2012 SugarCRM Inc.
6 * This program is free software; you can redistribute it and/or modify it under
7 * the terms of the GNU Affero General Public License version 3 as published by the
8 * Free Software Foundation with the addition of the following permission added
9 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
11 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
18 * You should have received a copy of the GNU Affero General Public License along with
19 * this program; if not, see http://www.gnu.org/licenses or write to the Free
20 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
23 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
24 * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
26 * The interactive user interfaces in modified source and object code versions
27 * of this program must display Appropriate Legal Notices, as required under
28 * Section 5 of the GNU Affero General Public License version 3.
30 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31 * these Appropriate Legal Notices must retain the display of the "Powered by
32 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
33 * technical reasons, the Appropriate Legal Notices must display the words
34 * "Powered by SugarCRM".
35 ********************************************************************************/
37 require_once('service/v4/SugarWebServiceUtilv4.php');
39 class SugarWebServiceUtilv4_1 extends SugarWebServiceUtilv4
42 * Validate the provided session information is correct and current. Load the session.
44 * @param String $session_id -- The session ID that was returned by a call to login.
45 * @return true -- If the session is valid and loaded.
46 * @return false -- if the session is not valid.
48 function validate_authenticated($session_id)
50 $GLOBALS['log']->info('Begin: SoapHelperWebServices->validate_authenticated');
51 if(!empty($session_id)){
53 // only initialize session once in case this method is called multiple times
55 session_id($session_id);
59 if(!empty($_SESSION['is_valid_session']) && $this->is_valid_ip_address('ip_address') && $_SESSION['type'] == 'user'){
62 require_once('modules/Users/User.php');
63 $current_user = new User();
64 $current_user->retrieve($_SESSION['user_id']);
65 $this->login_success();
66 $GLOBALS['log']->info('Begin: SoapHelperWebServices->validate_authenticated - passed');
67 $GLOBALS['log']->info('End: SoapHelperWebServices->validate_authenticated');
71 $GLOBALS['log']->debug("calling destroy");
74 LogicHook::initialize();
75 $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
76 $GLOBALS['log']->info('End: SoapHelperWebServices->validate_authenticated - validation failed');
81 function check_modules_access($user, $module_name, $action='write'){
82 if(!isset($_SESSION['avail_modules'])){
83 $_SESSION['avail_modules'] = get_user_module_list($user);
85 if(isset($_SESSION['avail_modules'][$module_name])){
86 if($action == 'write' && $_SESSION['avail_modules'][$module_name] == 'read_only'){
87 if(is_admin($user))return true;
89 }elseif($action == 'write' && strcmp(strtolower($module_name), 'users') == 0 && !$user->isAdminForModule($module_name)){
90 //rrs bug: 46000 - If the client is trying to write to the Users module and is not an admin then we need to stop them