viscous/espocrm
1
0
Fork 0
mirror of https://github.com/espocrm/espocrm.git synced 2026-06-28 23:16:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

portal acl fixes

Browse Source
This commit is contained in:
yuri
2016-06-29 15:17:52 +03:00
parent 1497abff07
commit 60d121f1e1
2 changed files with 153 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

138
application/Espo/Core/Portal/AclManager.php
View File

@@ -37,6 +37,10 @@ class AclManager extends \Espo\Core\AclManager
{
protected $tableClassName = '\\Espo\\Core\\AclPortal\\Table';
private $mainManager = null;
private $portal = null;
public function getImplementation($scope)
{
if (empty($this->implementationHashMap[$scope])) {
@@ -70,6 +74,29 @@ class AclManager extends \Espo\Core\AclManager
return $this->implementationHashMap[$scope];
}
public function setMainManager($mainManager)
{
$this->mainManager = $mainManager;
}
protected function getMainManager()
{
return $this->mainManager;
}
public function setPortal($portal)
{
$this->portal = $portal;
}
protected function getPortal()
{
if ($this->portal) {
return $this->portal;
}
return $this->getContainer()->get('portal');
}
protected function getTable(User $user)
{
$key = $user->id;
@@ -82,7 +109,7 @@ class AclManager extends \Espo\Core\AclManager
$fileManager = $this->getContainer()->get('fileManager');
$metadata = $this->getContainer()->get('metadata');
$fieldManager = $this->getContainer()->get('fieldManager');
$portal = $this->getContainer()->get('portal');
$portal = $this->getPortal();
$this->tableHashMap[$key] = new $this->tableClassName($user, $portal, $config, $fileManager, $metadata, $fieldManager);
}
@@ -118,5 +145,114 @@ class AclManager extends \Espo\Core\AclManager
return $this->getImplementation($entity->getEntityType())->checkIsOwnContact($user, $entity);
}
public function getMap(User $user)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->getMap($user);
}
return parent::getMap($user);
}
public function getLevel(User $user, $scope, $action)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->getLevel($user, $scope, $action);
}
return parent::getLevel($user, $scope, $action);
}
public function get(User $user, $permission)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->get($user, $permission);
}
return parent::get($user, $permission);
}
public function checkReadOnlyTeam(User $user, $permission)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->checkReadOnlyTeam($user, $permission);
}
return false;
}
public function checkReadOnlyOwn(User $user, $permission)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->checkReadOnlyOwn($user, $permission);
}
return false;
}
public function check(User $user, $subject, $action = null)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->check($user, $subject, $action);
}
return parent::check($user, $subject, $action);
}
public function checkEntity(User $user, $subject, $action = null)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->checkEntity($user, $subject, $action);
}
return parent::checkEntity($user, $subject, $action);
}
public function checkIsOwner(User $user, Entity $entity)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->checkIsOwner($user, $entity);
}
return parent::checkIsOwner($user, $entity);
}
public function checkInTeam(User $user, Entity $entity)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->checkInTeam($user, $entity);
}
return parent::checkInTeam($user, $entity);
}
public function checkScope(User $user, $scope, $action = null)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->checkScope($user, $scope, $action);
}
return parent::checkScope($user, $scope, $action);
}
public function checkUser(User $user, $permission, User $entity)
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->checkUser($user, $permission, $entity);
}
return parent::checkUser($user, $permission, $entity);
}
public function getScopeForbiddenAttributeList(User $user, $scope, $action = 'read', $thresholdLevel = 'no')
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->getScopeForbiddenAttributeList($user, $scope, $action, $thresholdLevel);
}
return parent::getScopeForbiddenAttributeList($user, $scope, $action, $thresholdLevel);
}
public function getScopeForbiddenFieldList(User $user, $scope, $action = 'read', $thresholdLevel = 'no')
{
if ($this->checkUserIsNotPortal($user)) {
return $this->getMainManager()->getScopeForbiddenFieldList($user, $scope, $action, $thresholdLevel);
}
return parent::getScopeForbiddenFieldList($user, $scope, $action, $thresholdLevel);
}
protected function checkUserIsNotPortal($user)
{
return !$user->get('isPortalUser');
}
}

17
application/Espo/Core/Portal/Container.php
View File

@@ -38,12 +38,27 @@ class Container extends \Espo\Core\Container
return $className;
}
protected function getServiceMainClassName($name, $default)
{
$metadata = $this->get('metadata');
$className = $metadata->get('app.serviceContainer.classNames.' . $name, $default);
return $className;
}
protected function loadAclManager()
{
$className = $this->getServiceClassName('aclManager', '\\Espo\\Core\\Portal\\AclManager');
return new $className(
$mainClassName = $this->getServiceMainClassName('aclManager', '\\Espo\\Core\\AclManager');
$obj = new $className(
$this->get('container')
);
$objMain = new $mainClassName(
$this->get('container')
);
$obj->setMainManager($objMain);
return $obj;
}
protected function loadAcl()