Account Suspended
Account Suspended
This Account has been suspended.
Contact your hosting provider for more information.
 All Data Structures Functions Variables Pages
FormLayoutSecurityUtil.php
1 <?php
2  /*********************************************************************************
3  * Zurmo is a customer relationship management program developed by
4  * Zurmo, Inc. Copyright (C) 2017 Zurmo Inc.
5  *
6  * Zurmo is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU Affero General Public License version 3 as published by the
8  * Free Software Foundation with the addition of the following permission added
9  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
10  * IN WHICH THE COPYRIGHT IS OWNED BY ZURMO, ZURMO DISCLAIMS THE WARRANTY
11  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
12  *
13  * Zurmo is distributed in the hope that it will be useful, but WITHOUT
14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15  * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
16  * details.
17  *
18  * You should have received a copy of the GNU Affero General Public License along with
19  * this program; if not, see http://www.gnu.org/licenses or write to the Free
20  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
21  * 02110-1301 USA.
22  *
23  * You can contact Zurmo, Inc. with a mailing address at 27 North Wacker Drive
24  * Suite 370 Chicago, IL 60606. or at email address contact@zurmo.com.
25  *
26  * The interactive user interfaces in original and modified versions
27  * of this program must display Appropriate Legal Notices, as required under
28  * Section 5 of the GNU Affero General Public License version 3.
29  *
30  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
31  * these Appropriate Legal Notices must retain the display of the Zurmo
32  * logo and Zurmo copyright notice. If the display of the logo is not reasonably
33  * feasible for technical reasons, the Appropriate Legal Notices must display the words
34  * "Copyright Zurmo Inc. 2017. All rights reserved".
35  ********************************************************************************/
36 
41  {
42  //TODO: change this functions once field level security is available.
50  public static function resolveElementForEditableRender($model, & $elementInformation, $user)
51  {
52  assert('$model instanceof RedBeanModel || $model instanceof CModel');
53  assert('is_array($elementInformation)');
54  assert('$user instanceof User && $user->id > 0');
55  $elementclassname = $elementInformation['type'] . 'Element';
56  $attributeName = $elementInformation['attributeName'];
57  if (is_subclass_of($elementclassname, 'ModelElement'))
58  {
59  $editableActionType = $elementclassname::getEditableActionType();
61  $editableActionType, $model->$attributeName, $user))
62  {
63  $elementInformation['attributeName'] = null;
64  $elementInformation['type'] = 'Null'; // Not Coding Standard
65  //TODO: potentially throw misconfiguration exception if field is required
66  //instead of just setting a null element.
67  }
68  //If there is already an existing model, but the user cannot view it, then this should be disabled
69  //otherwise the user can accidentially wipe this out since it will appear in the UI as if it is not
70  //populated.
71  elseif ($editableActionType == 'ModalList' &&
72  $model->{$attributeName} != null &&
73  $model->{$attributeName} instanceof RedBeanModel &
74  $model->{$attributeName}->id > 0 &&
75  !ActionSecurityUtil::canUserPerformAction('Details', $model->{$attributeName}, $user))
76  {
77  $elementInformation['attributeName'] = null;
78  $elementInformation['type'] = 'Null'; // Not Coding Standard
79  }
80  }
81  if (is_subclass_of($elementclassname, 'ModelsElement'))
82  {
83  $actionType = $elementclassname::getEditableActionType();
84  if ($actionType != null)
85  {
86  $actionSecurity = ActionSecurityFactory::createRightsOnlyActionSecurityFromActionType($actionType, $user);
87  if (!$actionSecurity->canUserPerformAction())
88  {
89  $elementInformation['attributeName'] = null;
90  $elementInformation['type'] = 'Null'; // Not Coding Standard
91  //TODO: potentially throw misconfiguration exception if field is required
92  //instead of just setting a null element.
93  }
94  }
95  }
96  }
97 
98  //TODO: change this functions once field level security is available.
106  public static function resolveElementForNonEditableRender($model, & $elementInformation, $user)
107  {
108  assert('$model instanceof RedBeanModel || $model instanceof CModel');
109  assert('is_array($elementInformation)');
110  assert('$user instanceof User && $user->id > 0');
111  $elementclassname = $elementInformation['type'] . 'Element';
112  $attributeName = $elementInformation['attributeName'];
113  if (is_subclass_of($elementclassname, 'ModelElement'))
114  {
115  $moduleId = $elementclassname::getModuleId();
116  $moduleClassName = get_class(Yii::app()->getModule($moduleId));
117  assert('is_string($moduleClassName)');
118  $userCanAccess = RightsUtil::canUserAccessModule($moduleClassName, $user);
119  $userCanReadItem = ActionSecurityUtil::canUserPerformAction(
120  $elementclassname::getNonEditableActionType(), $model->$attributeName, $user);
121  if ($userCanAccess && $userCanReadItem)
122  {
123  return;
124  }
125  elseif (!$userCanAccess && $userCanReadItem)
126  {
127  if ($model->$attributeName->id < 0)
128  {
129  $elementInformation['attributeName'] = null;
130  $elementInformation['type'] = 'Null'; // Not Coding Standard
131  }
132  else
133  {
134  $elementInformation['noLink'] = true;
135  }
136  }
137  else
138  {
139  $elementInformation['attributeName'] = null;
140  $elementInformation['type'] = 'Null'; // Not Coding Standard
141  }
142  }
143  elseif (is_subclass_of($elementclassname, 'ExplicitReadWriteModelPermissionsElement'))
144  {
145  if (ActionSecurityUtil::canUserPerformAction('Edit', $model, $user))
146  {
147  return;
148  }
149  else
150  {
151  $elementInformation['type'] = 'Null'; // Not Coding Standard
152  }
153  }
154  }
155  }
156 ?>
static resolveElementForNonEditableRender($model, &$elementInformation, $user)
static resolveElementForEditableRender($model, &$elementInformation, $user)
static canUserAccessModule($moduleClassName, $user)
Definition: RightsUtil.php:103
static createRightsOnlyActionSecurityFromActionType($actionType, $user)
static canUserPerformAction($actionType, $model, $user)
Generated on Sat Jul 11 2020 07:10:36
Account Suspended
Account Suspended
This Account has been suspended.
Contact your hosting provider for more information.