fix email filter

* fix variable name

* init $number variable

* another fix

Gruntfile.js

@@ -34,7 +34,7 @@ module.exports = function (grunt) {
         'client/lib/jquery.autocomplete.js',
         'client/lib/bootstrap.min.js',
         'client/lib/bootstrap-datepicker.js',
-        'client/lib/bull.min.js',
+        'client/lib/bull.js',
         'client/src/namespace.js',
         'client/src/exceptions.js',
         'client/src/loader.js',
@@ -214,8 +214,11 @@ module.exports = function (grunt) {
                 },
                 src: [
                     'build/EspoCRM-<%= pkg.version %>/install',
+                    'build/EspoCRM-<%= pkg.version %>/portal',
                     'build/EspoCRM-<%= pkg.version %>/api',
                     'build/EspoCRM-<%= pkg.version %>/api/v1',
+                    'build/EspoCRM-<%= pkg.version %>/api/v1/portal-access',
+                    'build/EspoCRM-<%= pkg.version %>',
                 ]
             }
         },

application/Espo/Acl/Attachment.php

@@ -29,12 +29,12 @@
 
 namespace Espo\Acl;
 
-use \Espo\Entities\User;
+use \Espo\Entities\User as EntityUser;
 use \Espo\ORM\Entity;
 
 class Attachment extends \Espo\Core\Acl\Base
 {
-    public function checkEntityRead(User $user, Entity $entity, $data)
+    public function checkEntityRead(EntityUser $user, Entity $entity, $data)
     {
         if ($user->isAdmin()) {
             return true;
@@ -82,7 +82,7 @@ class Attachment extends \Espo\Core\Acl\Base
         return false;
     }
 
-    public function checkIsOwner(User $user, Entity $entity)
+    public function checkIsOwner(EntityUser $user, Entity $entity)
     {
         if ($user->id === $entity->get('createdById')) {
             return true;

application/Espo/Acl/Email.php

@@ -29,13 +29,13 @@
 
 namespace Espo\Acl;
 
-use \Espo\Entities\User;
+use \Espo\Entities\User as EntityUser;
 use \Espo\ORM\Entity;
 
 class Email extends \Espo\Core\Acl\Base
 {
 
-    public function checkEntityRead(User $user, Entity $entity, $data)
+    public function checkEntityRead(EntityUser $user, Entity $entity, $data)
     {
         if ($this->checkEntity($user, $entity, $data, 'read')) {
             return true;
@@ -60,7 +60,7 @@ class Email extends \Espo\Core\Acl\Base
         return false;
     }
 
-    public function checkIsOwner(User $user, Entity $entity)
+    public function checkIsOwner(EntityUser $user, Entity $entity)
     {
         if ($user->id === $entity->get('assignedUserId')) {
             return true;
@@ -76,5 +76,46 @@ class Email extends \Espo\Core\Acl\Base
 
         return false;
     }
+
+    public function checkEntityDelete(EntityUser $user, Entity $entity, $data)
+    {
+        if ($user->isAdmin()) {
+            return true;
+        }
+
+        if ($data === false) {
+            return false;
+        }
+
+        if ($data->delete === 'own') {
+            if ($user->id === $entity->get('assignedUserId')) {
+                return true;
+            }
+
+            if ($user->id === $entity->get('createdById')) {
+                return true;
+            }
+
+            $assignedUserIdList = $entity->getLinkMultipleIdList('assignedUsers');
+            if (count($assignedUserIdList) === 1 && $entity->hasLinkMultipleId('assignedUsers', $user->id)) {
+                return true;
+            }
+            return false;
+        }
+
+        if ($this->checkEntity($user, $entity, $data, 'delete')) {
+            return true;
+        }
+
+        if ($data->edit !== 'no' || $data->create !== 'no') {
+            if ($entity->get('createdById') === $user->id) {
+                if ($entity->get('status') !== 'Sent' && $entity->get('status') !== 'Archived') {
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
 }
 

application/Espo/Acl/EmailFilter.php

@@ -29,12 +29,12 @@
 
 namespace Espo\Acl;
 
-use \Espo\Entities\User;
+use \Espo\Entities\User as EntityUser;
 use \Espo\ORM\Entity;
 
 class EmailFilter extends \Espo\Core\Acl\Base
 {
-    public function checkIsOwner(User $user, Entity $entity)
+    public function checkIsOwner(EntityUser $user, Entity $entity)
     {
         if ($entity->has('parentId') && $entity->has('parentType')) {
             $parentType = $entity->get('parentType');
@@ -42,11 +42,14 @@ class EmailFilter extends \Espo\Core\Acl\Base
             if (!$parentType || !$parentId) return;
 
             $parent = $this->getEntityManager()->getEntity($parentType, $parentId);
+
+            if ($parent->getEntityType() === 'User') {
+                return $parent->id === $user->id;
+            }
             if ($parent && $parent->has('assignedUserId') && $parent->get('assignedUserId') === $user->id) {
                 return true;
             }
         }
-
         return;
     }
 }

application/Espo/Acl/Notification.php

@@ -29,12 +29,12 @@
 
 namespace Espo\Acl;
 
-use \Espo\Entities\User;
+use \Espo\Entities\User as EntityUser;
 use \Espo\ORM\Entity;
 
 class Notification extends \Espo\Core\Acl\Base
 {
-    public function checkIsOwner(User $user, Entity $entity)
+    public function checkIsOwner(EntityUser $user, Entity $entity)
     {
         if ($user->id === $entity->get('userId')) {
             return true;

application/Espo/AclPortal/Attachment.php

@@ -29,12 +29,12 @@
 
 namespace Espo\AclPortal;
 
-use \Espo\Entities\User;
+use \Espo\Entities\User as EntityUser;
 use \Espo\ORM\Entity;
 
 class Attachment extends \Espo\Core\AclPortal\Base
 {
-    public function checkEntityRead(User $user, Entity $entity, $data)
+    public function checkEntityRead(EntityUser $user, Entity $entity, $data)
     {
         if ($user->isAdmin()) {
             return true;
@@ -82,7 +82,7 @@ class Attachment extends \Espo\Core\AclPortal\Base
         return false;
     }
 
-    public function checkIsOwner(User $user, Entity $entity)
+    public function checkIsOwner(EntityUser $user, Entity $entity)
     {
         if ($user->id === $entity->get('createdById')) {
             return true;

application/Espo/AclPortal/Email.php

@@ -29,13 +29,13 @@
 
 namespace Espo\AclPortal;
 
-use \Espo\Entities\User;
+use \Espo\Entities\User as EntityUser;
 use \Espo\ORM\Entity;
 
 class Email extends \Espo\Core\AclPortal\Base
 {
 
-    public function checkEntityRead(User $user, Entity $entity, $data)
+    public function checkEntityRead(EntityUser $user, Entity $entity, $data)
     {
         if ($this->checkEntity($user, $entity, $data, 'read')) {
             return true;
@@ -60,7 +60,7 @@ class Email extends \Espo\Core\AclPortal\Base
         return false;
     }
 
-    public function checkIsOwner(User $user, Entity $entity)
+    public function checkIsOwner(EntityUser $user, Entity $entity)
     {
         if ($user->id === $entity->get('createdById')) {
             return true;

application/Espo/AclPortal/Notification.php

@@ -29,12 +29,12 @@
 
 namespace Espo\AclPortal;
 
-use \Espo\Entities\User;
+use \Espo\Entities\User as EntityUser;
 use \Espo\ORM\Entity;
 
 class Notification extends \Espo\Core\AclPortal\Base
 {
-    public function checkIsOwner(User $user, Entity $entity)
+    public function checkIsOwner(EntityUser $user, Entity $entity)
     {
         if ($user->id === $entity->get('userId')) {
             return true;

application/Espo/Controllers/App.php

@@ -47,8 +47,21 @@ class App extends \Espo\Core\Controllers\Base
             $user->loadLinkMultipleField('accounts');
         }
 
+        $userData = $user->getValues();
+
+        $emailAddressList = [];
+        foreach ($user->get('emailAddresses') as $emailAddress) {
+            if ($emailAddress->get('invalid')) continue;
+            if ($user->get('emailAddrses') === $emailAddress->get('name')) continue;
+            $emailAddressList[] = $emailAddress->get('name');
+        }
+        if ($user->get('emailAddrses')) {
+            array_unshift($emailAddressList, $user->get('emailAddrses'));
+        }
+        $userData['emailAddressList'] = $emailAddressList;
+
         return array(
-            'user' => $user->getValues(),
+            'user' => $userData,
             'acl' => $this->getAcl()->getMap(),
             'preferences' => $preferences,
             'token' => $this->getUser()->get('token')

application/Espo/Controllers/Email.php

@@ -32,6 +32,7 @@ namespace Espo\Controllers;
 use \Espo\Core\Exceptions\BadRequest;
 use \Espo\Core\Exceptions\Forbidden;
 use \Espo\Core\Exceptions\Error;
+use \Espo\Core\Exceptions\NotFound;
 
 class Email extends \Espo\Core\Controllers\Record
 {
@@ -51,22 +52,48 @@ class Email extends \Espo\Core\Controllers\Record
             throw new BadRequest();
         }
 
+        if (!$this->getAcl()->checkScope('Email')) {
+            throw new Forbidden();
+        }
+
         if (is_null($data['password'])) {
             if ($data['type'] == 'preferences') {
-                if (!$this->getUser()->isAdmin() && $data['id'] != $this->getUser()->id) {
+                if (!$this->getUser()->isAdmin() && $data['id'] !== $this->getUser()->id) {
                     throw new Forbidden();
                 }
                 $preferences = $this->getEntityManager()->getEntity('Preferences', $data['id']);
                 if (!$preferences) {
-                    throw new Error();
+                    throw new NotFound();
                 }
 
-                $data['password'] = $this->getContainer()->get('crypt')->decrypt($preferences->get('smtpPassword'));
+                if (is_null($data['password'])) {
+                    $data['password'] = $this->getContainer()->get('crypt')->decrypt($preferences->get('smtpPassword'));
+                }
+            } else if ($data['type'] == 'emailAccount') {
+                if (!$this->getAcl()->checkScope('EmailAccount')) {
+                    throw new Forbidden();
+                }
+                if (!empty($data['id'])) {
+                    $emailAccount = $this->getEntityManager()->getEntity('EmailAccount', $data['id']);
+                    if (!$emailAccount) {
+                        throw new NotFound();
+                    }
+                    if (!$this->getUser()->isAdmin()) {
+                        if ($emailAccount->get('assigniedUserId') !== $this->getUser()->id) {
+                            throw new Forbidden();
+                        }
+                    }
+                    if (is_null($data['password'])) {
+                        $data['password'] = $this->getContainer()->get('crypt')->decrypt($emailAccount->get('smtpPassword'));
+                    }
+                }
             } else {
                 if (!$this->getUser()->isAdmin()) {
                     throw new Forbidden();
                 }
-                $data['password'] = $this->getConfig()->get('smtpPassword');
+                if (is_null($data['password'])) {
+                    $data['password'] = $this->getConfig()->get('smtpPassword');
+                }
             }
         }
 
@@ -161,5 +188,38 @@ class Email extends \Espo\Core\Controllers\Record
         }
         return $this->getRecordService()->retrieveFromTrashByIdList($ids);
     }
+
+    public function getActionGetFoldersNotReadCounts(&$params, $request, $data)
+    {
+        return $this->getRecordService()->getFoldersNotReadCounts();
+    }
+
+    protected function fetchListParamsFromRequest(&$params, $request, $data)
+    {
+        parent::fetchListParamsFromRequest($params, $request, $data);
+
+        $folderId = $request->get('folderId');
+        if ($folderId) {
+            $params['folderId'] = $request->get('folderId');
+        }
+    }
+
+    public function postActionMoveToFolder($params, $data)
+    {
+        if (!empty($data['ids'])) {
+            $ids = $data['ids'];
+        } else {
+            if (!empty($data['id'])) {
+                $ids = [$data['id']];
+            } else {
+                throw new BadRequest();
+            }
+        }
+
+        if (empty($data['folderId'])) {
+            throw new BadRequest();
+        }
+        return $this->getRecordService()->moveToFolderByIdList($ids, $data['folderId']);
+    }
 }
 

application/Espo/Controllers/EmailFolder.php

@@ -0,0 +1,63 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Controllers;
+
+use \Espo\Core\Exceptions\BadRequest;
+
+class EmailFolder extends \Espo\Core\Controllers\Record
+{
+    public function postActionMoveUp($params, $data, $request)
+    {
+        if (empty($data['id'])) {
+            throw new BadRequest();
+        }
+
+        $this->getRecordService()->moveUp($data['id']);
+
+        return true;
+    }
+
+    public function postActionMoveDown($params, $data, $request)
+    {
+        if (empty($data['id'])) {
+            throw new BadRequest();
+        }
+
+        $this->getRecordService()->moveDown($data['id']);
+
+        return true;
+    }
+
+    public function getActionListAll()
+    {
+        return $this->getRecordService()->listAll();
+    }
+}
+

application/Espo/Controllers/EntityManager.php

@@ -78,14 +78,20 @@ class EntityManager extends \Espo\Core\Controllers\Base
         if (!empty($data['sortDirection'])) {
             $params['asc'] = $data['sortDirection'] === 'asc';
         }
+        if (isset($data['textFilterFields']) && is_array($data['textFilterFields'])) {
+            $params['textFilterFields'] = $data['textFilterFields'];
+        }
 
         $result = $this->getContainer()->get('entityManagerUtil')->create($name, $type, $params);
 
         if ($result) {
             $tabList = $this->getConfig()->get('tabList', []);
-            $tabList[] = $name;
-            $this->getConfig()->set('tabList', $tabList);
-            $this->getConfig()->save();
+
+            if (!in_array($name, $tabList)) {
+                $tabList[] = $name;
+                $this->getConfig()->set('tabList', $tabList);
+                $this->getConfig()->save();
+            }
 
             $this->getContainer()->get('dataManager')->rebuild();
         } else {

application/Espo/Controllers/Extension.php

@@ -94,17 +94,17 @@ class Extension extends \Espo\Core\Controllers\Record
         return true;
     }
 
-    public function actionCreate($params, $data)
+    public function actionCreate($params, $data, $request)
     {
         throw new Forbidden();
     }
 
-    public function actionUpdate($params, $data)
+    public function actionUpdate($params, $data, $request)
     {
         throw new Forbidden();
     }
 
-    public function actionPatch($params, $data)
+    public function actionPatch($params, $data, $request)
     {
         throw new Forbidden();
     }
@@ -139,12 +139,12 @@ class Extension extends \Espo\Core\Controllers\Record
         throw new Forbidden();
     }
 
-    public function actionCreateLink($params, $data)
+    public function actionCreateLink($params, $data, $request)
     {
         throw new Forbidden();
     }
 
-    public function actionRemoveLink($params, $data)
+    public function actionRemoveLink($params, $data, $request)
     {
         throw new Forbidden();
     }

application/Espo/Controllers/Import.php

@@ -43,12 +43,12 @@ class Import extends \Espo\Core\Controllers\Record
         }
     }
 
-    public function actionPatch($params, $data)
+    public function actionPatch($params, $data, $request)
     {
         throw new BadRequest();
     }
 
-    public function actionUpdate($params, $data)
+    public function actionUpdate($params, $data, $request)
     {
         throw new BadRequest();
     }
@@ -58,12 +58,12 @@ class Import extends \Espo\Core\Controllers\Record
         throw new BadRequest();
     }
 
-    public function actionCreateLink($params, $data)
+    public function actionCreateLink($params, $data, $request)
     {
         throw new BadRequest();
     }
 
-    public function actionRemoveLink($params, $data)
+    public function actionRemoveLink($params, $data, $request)
     {
         throw new BadRequest();
     }

application/Espo/Controllers/Job.php

@@ -41,17 +41,17 @@ class Job extends \Espo\Core\Controllers\Record
         }
     }
 
-    public function actionCreate($params, $data)
+    public function actionCreate($params, $data, $request)
     {
         throw new Forbidden();
     }
 
-    public function actionUpdate($params, $data)
+    public function actionUpdate($params, $data, $request)
     {
         throw new Forbidden();
     }
 
-    public function actionPatch($params, $data)
+    public function actionPatch($params, $data, $request)
     {
         throw new Forbidden();
     }
@@ -66,12 +66,12 @@ class Job extends \Espo\Core\Controllers\Record
         throw new Forbidden();
     }
 
-    public function actionCreateLink($params, $data)
+    public function actionCreateLink($params, $data, $request)
     {
         throw new Forbidden();
     }
 
-    public function actionRemoveLink($params, $data)
+    public function actionRemoveLink($params, $data, $request)
     {
         throw new Forbidden();
     }

application/Espo/Controllers/Notification.php

@@ -37,9 +37,6 @@ class Notification extends \Espo\Core\Controllers\Record
 
     public function actionList($params, $data, $request)
     {
-        $scope = $params['scope'];
-        $id = $params['id'];
-
         $userId = $this->getUser()->id;
 
         $offset = intval($request->get('offset'));

application/Espo/Controllers/Preferences.php

@@ -132,6 +132,7 @@ class Preferences extends \Espo\Core\Controllers\Base
 
         $entity->set('smtpEmailAddress', $user->get('emailAddress'));
         $entity->set('name', $user->get('name'));
+        $entity->set('isPortalUser', $user->get('isPortalUser'));
 
         $entity->clear('smtpPassword');
 

application/Espo/Controllers/Settings.php

@@ -90,4 +90,23 @@ class Settings extends \Espo\Core\Controllers\Base
 
         return $this->getConfigData();
     }
+
+    public function postActionTestLdapConnection($params, $data)
+    {
+        if (!$this->getUser()->isAdmin()) {
+            throw new Forbidden();
+        }
+
+        if (!isset($data['password'])) {
+            $data['password'] = $this->getConfig()->get('ldapPassword');
+        }
+
+        $ldapUtils = new \Espo\Core\Utils\Authentication\LDAP\Utils();
+        $options = $ldapUtils->normalizeOptions($data);
+
+        $ldapClient = new \Espo\Core\Utils\Authentication\LDAP\Client($options);
+        $ldapClient->bind(); //an exception if no connection
+
+        return true;
+    }
 }

application/Espo/Core/Acl.php

@@ -118,5 +118,15 @@ class Acl
     {
         return $this->getAclManager()->getScopeForbiddenFieldList($this->getUser(), $scope, $action, $thresholdLevel);
     }
+
+    public function checkUserPermission($target, $permissionType = 'userPermission')
+    {
+        return $this->getAclManager()->checkUserPermission($this->getUser(), $target, $permissionType);
+    }
+
+    public function checkAssignmentPermission($target)
+    {
+        return $this->getAclManager()->checkAssignmentPermission($this->getUser(), $target);
+    }
 }
 

application/Espo/Core/Acl/Base.php

@@ -66,6 +66,13 @@ class Base implements Injectable
         return $this->injections[$name];
     }
 
+    protected function addDependencyList(array $list)
+    {
+        foreach ($list as $item) {
+            $this->addDependency($item);
+        }
+    }
+
     protected function addDependency($name)
     {
         $this->dependencies[] = $name;

application/Espo/Core/Acl/Table.php

@@ -97,8 +97,6 @@ class Table
             throw new Error('User must be fetched before ACL check.');
         }
 
-        $this->user->loadLinkMultipleField('teams');
-
         if ($fileManager) {
             $this->fileManager = $fileManager;
         }
@@ -119,7 +117,7 @@ class Table
 
     protected function initCacheFilePath()
     {
-        $this->cacheFilePath = 'data/cache/application/acl/' . $this->user->id . '.php';
+        $this->cacheFilePath = 'data/cache/application/acl/' . $this->getUser()->id . '.php';
     }
 
     protected function getUser()
@@ -192,7 +190,7 @@ class Table
         $aclTableList = [];
         $fieldTableList = [];
 
-        if (!$this->user->isAdmin()) {
+        if (!$this->getUser()->isAdmin()) {
             $roleList = $this->getRoleList();
 
             foreach ($roleList as $role) {
@@ -209,6 +207,7 @@ class Table
             $this->applyDefault($aclTable, $fieldTable);
             $this->applyDisabled($aclTable, $fieldTable);
             $this->applyMandatory($aclTable, $fieldTable);
+            $this->applyAdditional($aclTable, $fieldTable, $valuePermissionLists);
         } else {
             $aclTable = (object) [];
             foreach ($this->getScopeList() as $scope) {
@@ -242,7 +241,7 @@ class Table
 
         $this->fillFieldTableQuickAccess();
 
-        if (!$this->user->isAdmin()) {
+        if (!$this->getUser()->isAdmin()) {
             foreach ($this->valuePermissionList as $permission) {
                 $this->data->$permission = $this->mergeValueList($valuePermissionLists->$permission, $this->metadata->get('app.'.$this->type.'.default.' . $permission, 'yes'));
                 if ($this->metadata->get('app.'.$this->type.'.mandatory.' . $permission)) {
@@ -266,11 +265,17 @@ class Table
         $roleList = [];
 
         $userRoleList = $this->getUser()->get('roles');
+        if (!(is_array($userRoleList) || $userRoleList instanceof \Traversable)) {
+            throw new Error();
+        }
         foreach ($userRoleList as $role) {
             $roleList[] = $role;
         }
 
         $teamList = $this->getUser()->get('teams');
+        if (!(is_array($teamList) || $teamList instanceof \Traversable)) {
+            throw new Error();
+        }
         foreach ($teamList as $team) {
             $teamRoleList = $team->get('roles');
             foreach ($teamRoleList as $role) {
@@ -396,7 +401,7 @@ class Table
 
     protected function applyDefault(&$table, &$fieldTable)
     {
-        if ($this->user->isAdmin()) {
+        if ($this->getUser()->isAdmin()) {
             return;
         }
 
@@ -461,7 +466,7 @@ class Table
 
     protected function applyMandatory(&$table, &$fieldTable)
     {
-        if ($this->user->isAdmin()) {
+        if ($this->getUser()->isAdmin()) {
             return;
         }
 
@@ -508,7 +513,7 @@ class Table
 
     protected function applyDisabled(&$table, &$fieldTable)
     {
-        if ($this->user->isAdmin()) {
+        if ($this->getUser()->isAdmin()) {
             return;
         }
 
@@ -520,6 +525,19 @@ class Table
         }
     }
 
+    protected function applyAdditional(&$table, &$fieldTable, &$valuePermissionLists)
+    {
+        if ($this->getUser()->get('isPortalUser')) {
+            foreach ($this->getScopeList() as $scope) {
+                $table->$scope = false;
+                unset($fieldTable->$scope);
+            }
+            foreach ($this->valuePermissionList as $permission) {
+                $valuePermissionLists->{$permission}[] = 'no';
+            }
+        }
+    }
+
     private function mergeValueList(array $list, $defaultValue)
     {
         $result = null;

application/Espo/Core/AclManager.php

@@ -98,7 +98,10 @@ class AclManager
 
     protected function getTable(User $user)
     {
-        $key = spl_object_hash($user);
+        $key = $user->id;
+        if (empty($key)) {
+            $key = spl_object_hash($user);
+        }
 
         if (empty($this->tableHashMap[$key])) {
             $config = $this->getContainer()->get('config');
@@ -181,7 +184,7 @@ class AclManager
         return $this->getImplementation($entity->getEntityType())->checkIsOwner($user, $entity);
     }
 
-    public function checkInTeam(User $user, Entity $entity, $action)
+    public function checkInTeam(User $user, Entity $entity)
     {
         return $this->getImplementation($entity->getEntityType())->checkInTeam($user, $entity);
     }
@@ -232,5 +235,40 @@ class AclManager
         if ($user->isAdmin()) return [];
         return $this->getTable($user)->getScopeForbiddenFieldList($scope, $action, $thresholdLevel);
     }
+
+    public function checkUserPermission(User $user, $target, $permissionType = 'userPermission')
+    {
+        $permission = $this->get($user, $permissionType);
+
+        if (is_object($target)) {
+            $userId = $target->id;
+        } else {
+            $userId = $target;
+        }
+
+        if ($user->id === $userId) return true;
+
+        if ($permission === 'no') {
+            return false;
+        }
+
+        if ($permission === 'yes') {
+            return true;
+        }
+
+        if ($permission === 'team') {
+            $teamIdList = $user->getLinkMultipleIdList('teams');
+            if (!$this->getContainer()->get('entityManager')->getRepository('User')->checkBelongsToAnyOfTeams($userId, $teamIdList)) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public function checkAssignmentPermission(User $user, $target)
+    {
+        return $this->checkUserPermission($user, $target, 'assignmentPermission');
+    }
 }
 

application/Espo/Core/AclPortal/Table.php

@@ -76,11 +76,17 @@ class Table extends \Espo\Core\Acl\Table
         $roleList = [];
 
         $userRoleList = $this->getUser()->get('portalRoles');
+        if (!(is_array($userRoleList) || $userRoleList instanceof \Traversable)) {
+            throw new Error();
+        }
         foreach ($userRoleList as $role) {
             $roleList[] = $role;
         }
 
         $portalRoleList = $this->getPortal()->get('portalRoles');
+        if (!(is_array($portalRoleList) || $portalRoleList instanceof \Traversable)) {
+            throw new Error();
+        }
         foreach ($portalRoleList as $role) {
             $roleList[] = $role;
         }
@@ -115,11 +121,15 @@ class Table extends \Espo\Core\Acl\Table
     {
         foreach ($this->getScopeList() as $scope) {
             $d = $this->getMetadata()->get('scopes.' . $scope);
-            if ($d['disabled'] || $d['portalDisabled']) {
+            if (!empty($d['disabled']) || !empty($d['portalDisabled'])) {
                 $table->$scope = false;
                 unset($fieldTable->$scope);
             }
         }
     }
+
+    protected function applyAdditional(&$table, &$fieldTable, &$valuePermissionLists)
+    {
+    }
 }
 

application/Espo/Core/Application.php

@@ -315,7 +315,7 @@ class Application
             return $_GET['portalId'];
         }
         if (!empty($_COOKIE['auth-token'])) {
-            $token = $this->getContainer()->get('entityManager')->getRepository('AuthToken')->where(array('token'=>$_COOKIE['auth-token']))->findOne();
+            $token = $this->getContainer()->get('entityManager')->getRepository('AuthToken')->where(array('token' => $_COOKIE['auth-token']))->findOne();
 
             if ($token && $token->get('portalId')) {
                 return $token->get('portalId');
@@ -323,5 +323,12 @@ class Application
         }
         return null;
     }
+
+    public function setupSystemUser()
+    {
+        $user = $this->getContainer()->get('entityManager')->getEntity('User', 'system');
+        $this->getContainer()->setUser($user);
+        $this->getContainer()->get('entityManager')->setUser($user);
+    }
 }
 

application/Espo/Core/Container.php

@@ -181,7 +181,7 @@ class Container
 
     protected function loadNumber()
     {
-        return new \Espo\Core\Utils\Number(
+        return new \Espo\Core\Utils\NumberUtil(
             $this->get('config')->get('decimalMark'),
             $this->get('config')->get('thousandSeparator')
         );
@@ -200,7 +200,9 @@ class Container
             $this->get('entityManager'),
             $this->get('user'),
             $this->get('acl'),
-            $this->get('metadata')
+            $this->get('aclManager'),
+            $this->get('metadata'),
+            $this->get('config')
         );
     }
 
@@ -293,7 +295,8 @@ class Container
     {
         return new \Espo\Core\Utils\FieldManager(
             $this->get('metadata'),
-            $this->get('language')
+            $this->get('language'),
+            $this
         );
     }
 

application/Espo/Core/Controllers/Record.php

@@ -64,7 +64,7 @@ class Record extends Base
         return $service;
     }
 
-    public function actionRead($params)
+    public function actionRead($params, $data, $request)
     {
         $id = $params['id'];
         $entity = $this->getRecordService()->getEntity($id);
@@ -128,12 +128,10 @@ class Record extends Base
         $where = $request->get('where');
         $offset = $request->get('offset');
         $maxSize = $request->get('maxSize');
-        $asc = $request->get('asc') === 'true';
+        $asc = $request->get('asc', 'true') === 'true';
         $sortBy = $request->get('sortBy');
         $q = $request->get('q');
-        $primaryFilter = $request->get('primaryFilter');
         $textFilter = $request->get('textFilter');
-        $boolFilterList = $request->get('boolFilterList');
 
         if (empty($maxSize)) {
             $maxSize = self::MAX_SIZE_LIMIT;
@@ -151,12 +149,8 @@ class Record extends Base
             'q' => $q,
             'textFilter' => $textFilter
         );
-        if ($request->get('primaryFilter')) {
-            $params['primaryFilter'] = $request->get('primaryFilter');
-        }
-        if ($request->get('boolFilterList')) {
-            $params['boolFilterList'] = $request->get('boolFilterList');
-        }
+
+        $this->fetchListParamsFromRequest($params, $request, $data);
 
         $result = $this->getRecordService()->findEntities($params);
 
@@ -166,6 +160,16 @@ class Record extends Base
         );
     }
 
+    protected function fetchListParamsFromRequest(&$params, $request, $data)
+    {
+        if ($request->get('primaryFilter')) {
+            $params['primaryFilter'] = $request->get('primaryFilter');
+        }
+        if ($request->get('boolFilterList')) {
+            $params['boolFilterList'] = $request->get('boolFilterList');
+        }
+    }
+
     public function actionListLinked($params, $data, $request)
     {
         $id = $params['id'];
@@ -174,7 +178,7 @@ class Record extends Base
         $where = $request->get('where');
         $offset = $request->get('offset');
         $maxSize = $request->get('maxSize');
-        $asc = $request->get('asc') === 'true';
+        $asc = $request->get('asc', 'true') === 'true';
         $sortBy = $request->get('sortBy');
         $q = $request->get('q');
         $textFilter = $request->get('textFilter');
@@ -195,12 +199,8 @@ class Record extends Base
             'q' => $q,
             'textFilter' => $textFilter
         );
-        if ($request->get('primaryFilter')) {
-            $params['primaryFilter'] = $request->get('primaryFilter');
-        }
-        if ($request->get('boolFilterList')) {
-            $params['boolFilterList'] = $request->get('boolFilterList');
-        }
+
+        $this->fetchListParamsFromRequest($params, $request, $data);
 
         $result = $this->getRecordService()->findLinkedEntities($id, $link, $params);
 
@@ -237,9 +237,11 @@ class Record extends Base
         $ids = $request->get('ids');
         $where = $request->get('where');
         $byWhere = $request->get('byWhere');
+        $selectData = $request->get('selectData');
 
         $params = array();
         if ($byWhere) {
+            $params['selectData'] = $selectData;
             $params['where'] = $where;
         } else {
             $params['ids'] = $ids;
@@ -266,6 +268,9 @@ class Record extends Base
         $params = array();
         if (array_key_exists('where', $data) && !empty($data['byWhere'])) {
             $params['where'] = json_decode(json_encode($data['where']), true);
+            if (array_key_exists('selectData', $data)) {
+                $params['selectData'] = json_decode(json_encode($data['selectData']), true);
+            }
         } else if (array_key_exists('ids', $data)) {
             $params['ids'] = $data['ids'];
         }
@@ -290,9 +295,11 @@ class Record extends Base
         if (array_key_exists('where', $data) && !empty($data['byWhere'])) {
             $where = json_decode(json_encode($data['where']), true);
             $params['where'] = $where;
+            if (array_key_exists('selectData', $data)) {
+                $params['selectData'] = json_decode(json_encode($data['selectData']), true);
+            }
         }
         if (array_key_exists('ids', $data)) {
-            $where = json_decode(json_encode($data['where']), true);
             $params['ids'] = $data['ids'];
         }
 
@@ -319,7 +326,13 @@ class Record extends Base
                 throw new BadRequest();
             }
             $where = json_decode(json_encode($data['where']), true);
-            return $this->getRecordService()->linkEntityMass($id, $link, $where);
+
+            $selectData = null;
+            if (isset($data['selectData']) && is_array($data['selectData'])) {
+                $selectData = json_decode(json_encode($data['selectData']), true);
+            }
+
+            return $this->getRecordService()->linkEntityMass($id, $link, $where, $selectData);
         } else {
             $foreignIdList = array();
             if (isset($data['id'])) {
@@ -411,17 +424,34 @@ class Record extends Base
             throw new BadRequest();
         }
 
-        if (empty($data['targetId']) || empty($data['sourceIds']) || !is_array($data['sourceIds'])) {
+        if (empty($data['targetId']) || empty($data['sourceIds']) || !is_array($data['sourceIds']) || !($data['attributes'] instanceof \StdClass)) {
             throw new BadRequest();
         }
         $targetId = $data['targetId'];
         $sourceIds = $data['sourceIds'];
+        $attributes = get_object_vars($data['attributes']);
 
         if (!$this->getAcl()->check($this->name, 'edit')) {
             throw new Forbidden();
         }
 
-        return $this->getRecordService()->merge($targetId, $sourceIds);
+        return $this->getRecordService()->merge($targetId, $sourceIds, $attributes);
+    }
+
+    public function postActionGetDuplicateAttributes($params, $data, $request)
+    {
+        if (empty($data['id'])) {
+            throw new BadRequest();
+        }
+
+        if (!$this->getAcl()->check($this->name, 'create')) {
+            throw new Forbidden();
+        }
+        if (!$this->getAcl()->check($this->name, 'read')) {
+            throw new Forbidden();
+        }
+
+        return $this->getRecordService()->getDuplicateAttributes($data['id']);
     }
 }
 

application/Espo/Core/CronManager.php

@@ -35,15 +35,21 @@ use Espo\Core\Exceptions\NotFound;
 class CronManager
 {
     private $container;
+
     private $config;
+
     private $fileManager;
+
     private $entityManager;
 
     private $scheduledJobUtil;
 
     const PENDING = 'Pending';
+
     const RUNNING = 'Running';
+
     const SUCCESS = 'Success';
+
     const FAILED = 'Failed';
 
     protected $lastRunTime = 'data/cache/application/cronLastRunTime.php';
@@ -149,19 +155,15 @@ class CronManager
 
         $this->setLastRunTime(time());
 
-        $entityManager = $this->getEntityManager();
-
-        $cronJob = $this->getCronJob();
-        $cronScheduledJob = $this->getCronScheduledJob();
-
-        //Check scheduled jobs and create related jobs
+        $this->getCronJob()->markFailedJobs();
+        $this->getCronJob()->updateFailedJobAttempts();
         $this->createJobsFromScheduledJobs();
+        $this->getCronJob()->removePendingJobDuplicates();
 
-        $pendingJobs = $cronJob->getPendingJobs();
+        $pendingJobList = $this->getCronJob()->getPendingJobList();
 
-        foreach ($pendingJobs as $job) {
-
-            $jobEntity = $entityManager->getEntity('Job', $job['id']);
+        foreach ($pendingJobList as $job) {
+            $jobEntity = $this->getEntityManager()->getEntity('Job', $job['id']);
 
             if (!isset($jobEntity)) {
                 $GLOBALS['log']->error('CronManager: empty Job entity ['.$job['id'].'].');
@@ -169,7 +171,7 @@ class CronManager
             }
 
             $jobEntity->set('status', self::RUNNING);
-            $entityManager->saveEntity($jobEntity);
+            $this->getEntityManager()->saveEntity($jobEntity);
 
             $isSuccess = true;
 
@@ -187,11 +189,10 @@ class CronManager
             $status = $isSuccess ? self::SUCCESS : self::FAILED;
 
             $jobEntity->set('status', $status);
-            $entityManager->saveEntity($jobEntity);
+            $this->getEntityManager()->saveEntity($jobEntity);
 
-            //set status in the schedulerJobLog
             if (!empty($job['scheduled_job_id'])) {
-                $cronScheduledJob->addLogRecord($job['scheduled_job_id'], $status);
+                $this->getCronScheduledJob()->addLogRecord($job['scheduled_job_id'], $status, null, $job['target_id'], $job['target_type']);
             }
         }
     }
@@ -213,12 +214,20 @@ class CronManager
         }
 
         $jobClass = new $className($this->container);
-        $method = $this->getScheduledJobUtil()->getMethodName();
+        $method = 'run';
         if (!method_exists($jobClass, $method)) {
             throw new NotFound();
         }
 
-        $jobClass->$method();
+        $data = null;
+        if (!empty($job['data'])) {
+            $data = $job['data'];
+            if (Json::isJSON($data)) {
+                $data = Json::decode($data, true);
+            }
+        }
+
+        $jobClass->$method($data, $job['target_id'], $job['target_type']);
     }
 
     /**
@@ -248,7 +257,7 @@ class CronManager
             $data = Json::decode($data, true);
         }
 
-        $service->$serviceMethod($data);
+        $service->$serviceMethod($data, $job['target_id'], $job['target_type']);
     }
 
     /**
@@ -258,55 +267,62 @@ class CronManager
      */
     protected function createJobsFromScheduledJobs()
     {
-        $entityManager = $this->getEntityManager();
+        $activeScheduledJobList = $this->getCronScheduledJob()->getActiveScheduledJobList();
 
-        $activeScheduledJobs = $this->getCronScheduledJob()->getActiveJobs();
+        $runningScheduledJobIdList = $this->getCronJob()->getRunningScheduledJobIdList();
 
-        $cronJob = $this->getCronJob();
-        $runningScheduledJobs = $cronJob->getActiveJobs('scheduled_job_id', self::RUNNING, PDO::FETCH_COLUMN);
+        $createdJobIdList = array();
+        foreach ($activeScheduledJobList as $scheduledJob) {
+            $scheduling = $scheduledJob['scheduling'];
 
-        $createdJobs = array();
-        foreach ($activeScheduledJobs as $scheduledJob) {
-
-            if (in_array($scheduledJob['id'], $runningScheduledJobs)) {
+            try {
+                $cronExpression = \Cron\CronExpression::factory($scheduling);
+            } catch (\Exception $e) {
+                $GLOBALS['log']->error('CronManager (ScheduledJob ['.$scheduledJob['id'].']): Scheduling string error - '. $e->getMessage() . '.');
                 continue;
             }
 
-            $scheduling = $scheduledJob['scheduling'];
-
-            $cronExpression = \Cron\CronExpression::factory($scheduling);
-
             try {
-                $prevDate = $cronExpression->getPreviousRunDate()->format('Y-m-d H:i:s');
+                $previousDate = $cronExpression->getPreviousRunDate()->format('Y-m-d H:i:s');
             } catch (\Exception $e) {
-                $GLOBALS['log']->error('CronManager: ScheduledJob ['.$scheduledJob['id'].']: CronExpression - Impossible CRON expression ['.$scheduling.']');
+                $GLOBALS['log']->error('CronManager (ScheduledJob ['.$scheduledJob['id'].']): Unsupported CRON expression ['.$scheduling.']');
                 continue;
             }
 
             if ($cronExpression->isDue()) {
-                $prevDate = date('Y-m-d H:i:s');
+                $previousDate = date('Y-m-d H:i:s');
             }
 
-            $existsJob = $cronJob->getJobByScheduledJob($scheduledJob['id'], $prevDate);
+            $existingJob = $this->getCronJob()->getJobByScheduledJob($scheduledJob['id'], $previousDate);
+            if ($existingJob) continue;
 
-            if (!isset($existsJob) || empty($existsJob)) {
-                //create a new job
-                $jobEntity = $entityManager->getEntity('Job');
-                $jobEntity->set(array(
-                    'name' => $scheduledJob['name'],
-                    'status' => self::PENDING,
-                    'scheduledJobId' => $scheduledJob['id'],
-                    'executeTime' => $prevDate,
-                    'method' => $scheduledJob['job'],
-                ));
-                $jobEntityId = $entityManager->saveEntity($jobEntity);
-                if (!empty($jobEntityId)) {
-                    $createdJobs[] = $jobEntityId;
+            $className = $this->getScheduledJobUtil()->get($scheduledJob['job']);
+            if ($className) {
+                if (method_exists($className, 'prepare')) {
+                    $implementation = new $className($this->container);
+                    $implementation->prepare($scheduledJob, $previousDate);
+                    continue;
                 }
             }
+
+            if (in_array($scheduledJob['id'], $runningScheduledJobIdList)) {
+                continue;
+            }
+
+            $jobEntity = $this->getEntityManager()->getEntity('Job');
+            $jobEntity->set(array(
+                'name' => $scheduledJob['name'],
+                'status' => self::PENDING,
+                'scheduledJobId' => $scheduledJob['id'],
+                'executeTime' => $previousDate,
+                'method' => $scheduledJob['job']
+            ));
+            $this->getEntityManager()->saveEntity($jobEntity);
+
+            $createdJobIdList[] = $jobEntity->id;
         }
 
-        return $createdJobs;
+        return $createdJobIdList;
     }
 }
 

application/Espo/Core/HookManager.php

@@ -131,7 +131,7 @@ class HookManager
             }
             return $hook;
         }
-        $GLOBALS['log']->error("Hook class '{$name}' does not exist.");
+        $GLOBALS['log']->error("Hook class '{$className}' does not exist.");
     }
 
     /**

application/Espo/Core/Hooks/Base.php

@@ -29,15 +29,16 @@
 
 namespace Espo\Core\Hooks;
 
-use \Espo\Core\Interfaces\Injectable;
+use Espo\Core\Interfaces\Injectable;
 
 abstract class Base implements Injectable
 {
     protected $dependencies = array(
+        'container',
         'entityManager',
         'config',
         'metadata',
-        'acl',
+        'aclManager',
         'user',
     );
 
@@ -59,6 +60,13 @@ abstract class Base implements Injectable
         return $this->dependencies;
     }
 
+    protected function addDependencyList(array $list)
+    {
+        foreach ($list as $item) {
+            $this->addDependency($item);
+        }
+    }
+
     protected function addDependency($name)
     {
         $this->dependencies[] = $name;
@@ -74,29 +82,39 @@ abstract class Base implements Injectable
         $this->injections[$name] = $object;
     }
 
+    protected function getContainer()
+    {
+        return $this->getInjection('container');
+    }
+
     protected function getEntityManager()
     {
-        return $this->injections['entityManager'];
+        return $this->getInjection('entityManager');
     }
 
     protected function getUser()
     {
-        return $this->injections['user'];
+        return $this->getInjection('user');
     }
 
     protected function getAcl()
     {
-        return $this->injections['acl'];
+        return $this->getContainer()->get('acl');
+    }
+
+    protected function getAclManager()
+    {
+        return $this->getInjection('aclManager');
     }
 
     protected function getConfig()
     {
-        return $this->injections['config'];
+        return $this->getInjection('config');
     }
 
     protected function getMetadata()
     {
-        return $this->injections['metadata'];
+        return $this->getInjection('metadata');
     }
 
     protected function getRepository()

application/Espo/Core/Htmlizer/Htmlizer.php

@@ -34,7 +34,7 @@ use Espo\Core\Exceptions\Error;
 
 use Espo\Core\Utils\File\Manager as FileManager;
 use Espo\Core\Utils\DateTime;
-use Espo\Core\Utils\Number;
+use Espo\Core\Utils\NumberUtil;
 
 require('vendor/zordius/lightncandy/src/lightncandy.php');
 
@@ -46,11 +46,19 @@ class Htmlizer
 
     protected $config;
 
-    public function __construct(FileManager $fileManager, DateTime $dateTime, Number $number)
+    protected $acl;
+
+    public function __construct(FileManager $fileManager, DateTime $dateTime, NumberUtil $number, $acl = null)
     {
         $this->fileManager = $fileManager;
         $this->dateTime = $dateTime;
         $this->number = $number;
+        $this->acl = $acl;
+    }
+
+    protected function getAcl()
+    {
+        return $this->acl;
     }
 
     protected function formatNumber($value)
@@ -68,20 +76,25 @@ class Htmlizer
         return $value;
     }
 
-    protected function getDataFromEntity(Entity $entity)
+    protected function getDataFromEntity(Entity $entity, $skipLinks = false)
     {
         $data = $entity->toArray();
 
-
-
         $fieldDefs = $entity->getFields();
         $fieldList = array_keys($fieldDefs);
 
+        $forbidenAttributeList = [];
+
+        if ($this->getAcl()) {
+            $forbidenAttributeList = $this->getAcl()->getScopeForbiddenAttributeList($entity->getEntityType(), 'read');
+        }
+
         foreach ($fieldList as $field) {
-            $type = null;
-            if (!empty($fieldDefs[$field]['type'])) {
-                $type = $fieldDefs[$field]['type'];
-            }
+            if (in_array($field, $forbidenAttributeList)) continue;
+
+
+            $type = $entity->getAttributeType($field);
+
             if ($type == Entity::DATETIME) {
                 if (!empty($data[$field])) {
                     $data[$field] = $this->dateTime->convertSystemDateTime($data[$field]);
@@ -116,6 +129,8 @@ class Htmlizer
                         $data[$field][$k] = $this->format($data[$field][$k]);
                     }
                 }
+            } else if ($type === Entity::PASSWORD) {
+                unset($data[$field]);
             }
 
             if (array_key_exists($field, $data)) {
@@ -123,19 +138,52 @@ class Htmlizer
             }
         }
 
+        if (!$skipLinks) {
+            $relationDefs = $entity->getRelations();
+            foreach ($entity->getRelationList() as $relation) {
+                if (
+                    !empty($relationDefs[$relation]['type'])
+                    &&
+                    ($entity->getRelationType($relation) === 'belongsTo' || $entity->getRelationType($relation) === 'belongsToParent')
+                ) {
+                    $relatedEntity = $entity->get($relation);
+                    if (!$relatedEntity) continue;
+                    if ($this->getAcl()) {
+                        if (!$this->getAcl()->check($relatedEntity, 'read')) continue;
+                    }
+
+                    $data[$relation] = $this->getDataFromEntity($relatedEntity, true);
+                }
+            }
+        }
+
         return $data;
     }
 
-    public function render(Entity $entity, $template)
+    public function render(Entity $entity, $template, $id = null, $additionalData = array(), $skipLinks = false)
     {
         $code = \LightnCandy::compile($template);
-        $id = uniqid('', true);
-        $fileName = 'data/cache/template-' . $id;
-        $this->fileManager->putContents($fileName, $code);
-        $renderer = include($fileName);
-        $this->fileManager->removeFile($fileName);
 
-        $data = $this->getDataFromEntity($entity);
+        $toRemove = false;
+        if ($id === null) {
+            $id = uniqid('', true);
+            $toRemove = true;
+        }
+
+        $fileName = 'data/cache/templates/' . $id . '.php';
+
+        $this->fileManager->putContents($fileName, $code);
+        $renderer = $this->fileManager->getPhpContents($fileName);
+
+        if ($toRemove) {
+            $this->fileManager->removeFile($fileName);
+        }
+
+        $data = $this->getDataFromEntity($entity, $skipLinks);
+
+        foreach ($additionalData as $k => $value) {
+            $data[$k] = $value;
+        }
 
         $html = $renderer($data);
 

application/Espo/Core/Interfaces/Injectable.php

@@ -25,14 +25,14 @@
  *
  * In accordance with Section 7(b) of the GNU General Public License version 3,
  * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
- ************************************************************************/ 
+ ************************************************************************/
 
 namespace Espo\Core\Interfaces;
 
 interface Injectable
 {
     public function getDependencyList();
-    
+
     public function inject($name, $object);
 }
 

application/Espo/Core/Jobs/Base.php

@@ -70,7 +70,5 @@ abstract class Base
         $this->container = $container;
     }
 
-    abstract public function run();
-
 }
 

application/Espo/Core/Loaders/EmailFilterManager.php

@@ -0,0 +1,43 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Loaders;
+
+class EmailFilterManager extends Base
+{
+    public function load()
+    {
+        $emailFilterManager = new \Espo\Core\Utils\EmailFilterManager(
+            $this->getContainer()->get('entityManager')
+        );
+
+        return $emailFilterManager;
+    }
+}
+

application/Espo/Core/Loaders/EntityManager.php

@@ -40,6 +40,7 @@ class EntityManager extends Base
             'port' => $config->get('database.port'),
             'dbname' => $config->get('database.dbname'),
             'user' => $config->get('database.user'),
+            'charset' => $config->get('database.charset', 'utf8'),
             'password' => $config->get('database.password'),
             'metadata' => $this->getContainer()->get('metadata')->getOrmMetadata(),
             'repositoryFactoryClassName' => '\\Espo\\Core\\ORM\\RepositoryFactory',

application/Espo/Core/Mail/FiltersMatcher.php

@@ -39,51 +39,83 @@ class FiltersMatcher
 
     }
 
-    public function match(Email $email, $filterList = [])
+    protected function matchTo(Email $email, $filter)
     {
-        foreach ($filterList as $filter) {
-            if ($filter->get('from')) {
-                if ($this->matchString(strtolower($filter->get('from')), strtolower($email->get('from')))) {
-                    return true;
-                }
-            }
-            if ($filter->get('to')) {
-                if ($email->get('to')) {
-                    $toArr = explode(';', $email->get('to'));
-                    foreach ($toArr as $to) {
-                        if ($this->matchString(strtolower($filter->get('to')), strtolower($to))) {
-                            return true;
-                        }
-                    }
-                }
-            }
-            if ($filter->get('subject')) {
-                if ($this->matchString($filter->get('subject'), $email->get('name'))) {
+        if ($email->get('to')) {
+            $toArr = explode(';', $email->get('to'));
+            foreach ($toArr as $to) {
+                if ($this->matchString(strtolower($filter->get('to')), strtolower($to))) {
                     return true;
                 }
             }
         }
+    }
+
+    public function match(Email $email, $subject, $skipBody = false)
+    {
+        if (is_array($subject) || $subject instanceof \Traversable) {
+            $filterList = $subject;
+        } else {
+            $filterList = [$subject];
+        }
+
+        foreach ($filterList as $filter) {
+            $filterCount = 0;
+
+            if ($filter->get('from')) {
+                $filterCount++;
+                if (!$this->matchString(strtolower($filter->get('from')), strtolower($email->get('from')))) {
+                    continue;
+                }
+            }
+
+            if ($filter->get('to')) {
+                $filterCount++;
+                if (!$this->matchTo($email, $filter)) {
+                    continue;
+                }
+            }
+
+            if ($filter->get('subject')) {
+                $filterCount++;
+                if (!$this->matchString($filter->get('subject'), $email->get('name'))) {
+                    continue;
+                }
+            }
+
+            $wordList = $filter->get('bodyContains');
+            if (!empty($wordList)) {
+                $filterCount++;
+                if ($skipBody) {
+                    continue;
+                }
+                if (!$this->matchBody($email, $filter)) {
+                    continue;
+                }
+
+            }
+
+            if ($filterCount) {
+                return true;
+            }
+        }
+
         return false;
     }
 
-    public function matchBody(Email $email, $filterList = [])
+    protected function matchBody(Email $email, $filter)
     {
-        foreach ($filterList as $filter) {
-            if ($filter->get('bodyContains')) {
-                $phraseList = $filter->get('bodyContains');
-                $body = $email->get('body');
-                $bodyPlain = $email->get('bodyPlain');
-                foreach ($phraseList as $phrase) {
-                    if (stripos($bodyPlain, $phrase) !== false) {
-                        return true;
-                    }
-                    if (stripos($body, $phrase) !== false) {
-                        return true;
-                    }
-                }
+        $phraseList = $filter->get('bodyContains');
+        $body = $email->get('body');
+        $bodyPlain = $email->get('bodyPlain');
+        foreach ($phraseList as $phrase) {
+            if (stripos($bodyPlain, $phrase) !== false) {
+                return true;
+            }
+            if (stripos($body, $phrase) !== false) {
+                return true;
             }
         }
-        return false;
     }
 
     protected function matchString($pattern, $value)

application/Espo/Core/Mail/Importer.php

@@ -38,16 +38,13 @@ class Importer
 {
     private $entityManager;
 
-    private $fileManager;
-
     private $config;
 
     private $filtersMatcher;
 
-    public function __construct($entityManager, $fileManager, $config)
+    public function __construct($entityManager, $config)
     {
         $this->entityManager = $entityManager;
-        $this->fileManager = $fileManager;
         $this->config = $config;
         $this->filtersMatcher = new FiltersMatcher();
     }
@@ -56,27 +53,31 @@ class Importer
     {
         return $this->entityManager;
     }
+
     protected function getConfig()
     {
         return $this->config;
     }
 
-    protected function getFileManager()
-    {
-        return $this->fileManager;
-    }
-
     protected function getFiltersMatcher()
     {
         return $this->filtersMatcher;
     }
 
-    public function importMessage($message, $assignedUserId = null, $teamsIdList = [], $userIdList = [], $filterList = [])
+    public function importMessage($message, $assignedUserId = null, $teamsIdList = [], $userIdList = [], $filterList = [], $fetchOnlyHeader = false, $folderData = null)
     {
         try {
             $email = $this->getEntityManager()->getEntity('Email');
 
-            $subject = $message->subject;
+            $email->set('isBeingImported', true);
+
+            $subject = '';
+            if (isset($message->subject)) {
+                $subject = $message->subject;
+            }
+            if (!empty($subject) && is_string($subject)) {
+                $subject = trim($subject);
+            }
             if ($subject !== '0' && empty($subject)) {
                 $subject = '(No Subject)';
             }
@@ -87,12 +88,14 @@ class Importer
             $email->set('attachmentsIds', []);
             if ($assignedUserId) {
                 $email->set('assignedUserId', $assignedUserId);
-                $email->set('assignedUsersIds', [$assignedUserId]);
+                $email->addLinkMultipleId('assignedUsers', $assignedUserId);
             }
             $email->set('teamsIds', $teamsIdList);
 
             if (!empty($userIdList)) {
-                $email->set('usersIds', $userIdList);
+                foreach ($userIdList as $uId) {
+                    $email->addLinkMultipleId('users', $uId);
+                }
             }
 
             $fromArr = $this->getAddressListFromMessage($message, 'from');
@@ -112,7 +115,13 @@ class Importer
             $email->set('cc', implode(';', $ccArr));
             $email->set('replyTo', implode(';', $replyToArr));
 
-            if ($this->getFiltersMatcher()->match($email, $filterList)) {
+            if ($folderData) {
+                foreach ($folderData as $uId => $folderId) {
+                    $email->setLinkMultipleColumn('users', 'folderId', $uId, $folderId);
+                }
+            }
+
+            if ($this->getFiltersMatcher()->match($email, $filterList, true)) {
                 return false;
             }
 
@@ -137,7 +146,15 @@ class Importer
                     }
                 }
 
-            	$this->getEntityManager()->saveEntity($duplicate);
+                if ($folderData) {
+                    foreach ($folderData as $uId => $folderId) {
+                        $email->setLinkMultipleColumn('users', 'folderId', $uId, $folderId);
+                    }
+                }
+
+                $duplicate->set('isBeingImported', true);
+
+                $this->getEntityManager()->saveEntity($duplicate);
 
                 if (!empty($teamsIdList)) {
                     foreach ($teamsIdList as $teamId) {
@@ -154,8 +171,8 @@ class Importer
                     $email->set('dateSent', $dateSent);
                 }
             } else {
-				$email->set('dateSent', date('Y-m-d H:i:s'));
-			}
+                $email->set('dateSent', date('Y-m-d H:i:s'));
+            }
             if (isset($message->deliveryDate)) {
                 $dt = new \DateTime($message->deliveryDate);
                 if ($dt) {
@@ -166,32 +183,42 @@ class Importer
 
             $inlineIds = array();
 
-            if ($message->isMultipart()) {
-                foreach (new \RecursiveIteratorIterator($message) as $part) {
-                    $this->importPartDataToEmail($email, $part, $inlineIds);
+            if (!$fetchOnlyHeader) {
+                if ($message->isMultipart()) {
+                    foreach (new \RecursiveIteratorIterator($message) as $part) {
+                        $this->importPartDataToEmail($email, $part, $inlineIds);
+                    }
+                } else {
+                    $this->importPartDataToEmail($email, $message, $inlineIds, 'text/plain');
+                }
+
+                if (!$email->get('body') && $email->get('bodyPlain')) {
+                    $email->set('body', $email->get('bodyPlain'));
+                }
+
+                $body = $email->get('body');
+                if (!empty($body)) {
+                    foreach ($inlineIds as $cid => $attachmentId) {
+                        if (strpos($body, 'cid:' . $cid) !== false) {
+                            $body = str_replace('cid:' . $cid, '?entryPoint=attachment&id=' . $attachmentId, $body);
+                        } else {
+                            $email->addLinkMultipleId('attachments', $attachmentId);
+                        }
+                    }
+                    $email->set('body', $body);
+                }
+
+                if ($this->getFiltersMatcher()->match($email, $filterList)) {
+                    return false;
                 }
             } else {
-                $this->importPartDataToEmail($email, $message, $inlineIds, 'text/plain');
-            }
-
-            if (!$email->get('body') && $email->get('bodyPlain')) {
-                $email->set('body', $email->get('bodyPlain'));
-            }
-
-            $body = $email->get('body');
-            if (!empty($body)) {
-                foreach ($inlineIds as $cid => $attachmentId) {
-                    $body = str_replace('cid:' . $cid, '?entryPoint=attachment&id=' . $attachmentId, $body);
-                }
-                $email->set('body', $body);
-            }
-
-            if ($this->getFiltersMatcher()->matchBody($email, $filterList)) {
-                return false;
+                $email->set('body', '(Not fetched)');
+                $email->set('isHtml', false);
             }
 
             $parentFound = false;
 
+            $replied = null;
             if (isset($message->inReplyTo) && !empty($message->inReplyTo)) {
                 $arr = explode(' ', $message->inReplyTo);
                 $inReplyTo = $arr[0];
@@ -209,6 +236,7 @@ class Importer
                 $reference = str_replace(array('/', '@'), " ", trim($reference, '<>'));
                 $parentType = $parentId = null;
                 $emailSent = PHP_INT_MAX;
+                $number = null;
                 $n = sscanf($reference, '%s %s %d %d espo', $parentType, $parentId, $emailSent, $number);
                 if ($n == 4 && $emailSent < time()) {
                     if (!empty($parentType) && !empty($parentId)) {
@@ -241,6 +269,15 @@ class Importer
                 }
             }
 
+            if (!$parentFound) {
+                if ($replied && $replied->get('parentId') && $replied->get('parentType')) {
+                    $parentFound = $this->getEntityManager()->getEntity($replied->get('parentType'), $replied->get('parentId'));
+                    if ($parentFound) {
+                        $email->set('parentType', $replied->get('parentType'));
+                        $email->set('parentId', $replied->get('parentId'));
+                    }
+                }
+            }
             if (!$parentFound) {
                 $from = $email->get('from');
                 if ($from) {
@@ -291,15 +328,15 @@ class Importer
                 $email->set('parentId', $account->id);
                 return true;
             } else {
-	            $lead = $this->getEntityManager()->getRepository('Lead')->where(array(
-	                'emailAddress' => $emailAddress
-	            ))->findOne();
-	            if ($lead) {
-	                $email->set('parentType', 'Lead');
-	                $email->set('parentId', $lead->id);
-	                return true;
-	            }
-	       	}
+                $lead = $this->getEntityManager()->getRepository('Lead')->where(array(
+                    'emailAddress' => $emailAddress
+                ))->findOne();
+                if ($lead) {
+                    $email->set('parentType', 'Lead');
+                    $email->set('parentId', $lead->id);
+                    return true;
+                }
+            }
         }
     }
 
@@ -352,6 +389,8 @@ class Importer
                 } else if (strpos(strtolower($part->ContentDisposition), 'inline') === 0) {
                     $contentDisposition = 'inline';
                 }
+            } else if (isset($part->contentID)) {
+                $contentDisposition = 'inline';
             }
 
             if (empty($type)) {
@@ -395,7 +434,6 @@ class Importer
                 $contentId = null;
 
                 if ($contentDisposition) {
-
                     if ($contentDisposition === 'attachment') {
                         $fileName = $this->fetchFileNameFromContentDisposition($part->ContentDisposition);
                         if ($fileName) {
@@ -436,13 +474,10 @@ class Importer
                     $content = base64_decode($content);
                 }
 
-                $attachment->set('size', strlen($content));
+                $attachment->set('contents', $content);
 
                 $this->getEntityManager()->saveEntity($attachment);
 
-                $path = $this->getEntityManager()->getRepository('Attachment')->getFilePath($attachment);
-                $this->getFileManager()->putContents($path, $content);
-
                 if ($disposition == 'attachment') {
                     $attachmentsIds = $email->get('attachmentsIds');
                     $attachmentsIds[] = $attachment->id;
@@ -454,24 +489,61 @@ class Importer
         } catch (\Exception $e) {}
     }
 
-    protected function fetchFileNameFromContentDisposition($contentDisposition)
+    protected function decodeAttachmentFileName($fileName)
     {
-        $m = array();
-        if (preg_match('/filename="?([^"]+)"?/i', $contentDisposition, $m)) {
-            $fileName = $m[1];
-            return $fileName;
-        } else if (preg_match('/filename\*="?([^"]+)"?/i', $contentDisposition, $m)) {
-            $fileName = $m[1];
-            if ($fileName && stripos($fileName, "''") !== false) {
-                list($encoding, $fileName) = explode("''", $fileName);
-                $fileName = rawurldecode($fileName);
-                if (strtoupper($encoding) !== 'UTF-8') {
+        if ($fileName && stripos($fileName, "''") !== false) {
+            list($encoding, $fileName) = explode("''", $fileName);
+            $fileName = rawurldecode($fileName);
+            if (strtoupper($encoding) !== 'UTF-8') {
+                if ($encoding) {
                     $fileName = mb_convert_encoding($fileName, 'UTF-8', $encoding);
                 }
-                return $fileName;
             }
         }
-        return false;
+        return $fileName;
+    }
+
+    protected function fetchFileNameFromContentDisposition($contentDisposition)
+    {
+        $contentDisposition = preg_replace('/\\\\"/', "{{_!Q!U!O!T!E!_}}", $contentDisposition);
+
+        $fileName = false;
+        $m = array();
+
+        if (preg_match('/filename="([^"]+)";?/i', $contentDisposition, $m)) {
+            $fileName = $m[1];
+        } else if (preg_match('/filename=([^";]+);?/i', $contentDisposition, $m)) {
+            $fileName = $m[1];
+        } else if (preg_match('/filename\*="([^"]+)";?/i', $contentDisposition, $m)) {
+            $fileName = $m[1];
+            $fileName = $this->decodeAttachmentFileName($fileName);
+        } else if (preg_match('/filename\*=([^";]+);?/i', $contentDisposition, $m)) {
+            $fileName = $m[1];
+            $fileName = $this->decodeAttachmentFileName($fileName);
+        } else {
+            $fileName = '';
+            foreach (['0', '1'] as $i) {
+                if (preg_match('/filename\*'.$i.'[\*]?="([^"]+)";?/i', $contentDisposition, $m)) {
+                    $part = $m[1];
+                    $fileName .= $part;
+                } else if (preg_match('/filename\*'.$i.'[\*]?=([^";]+);?/i', $contentDisposition, $m)) {
+                    $part = $m[1];
+                    $fileName .= $part;
+                }
+            }
+
+            if ($fileName === '') {
+                $fileName = null;
+            } else {
+                $fileName = $this->decodeAttachmentFileName($fileName);
+            }
+        }
+
+        if ($fileName) {
+            $fileName = str_replace('{{_!Q!U!O!T!E!_}}', '"', $fileName);
+        }
+
+        return $fileName;
     }
 
     protected function getContentFromPart($part)

application/Espo/Core/Mail/Mail/Storage/Message.php

@@ -34,6 +34,7 @@ use Zend\Mail\Header\HeaderInterface;
 use Zend\Mime;
 use Zend\Mail\Storage\Exception;
 use Zend\Mail\Storage\AbstractStorage;
+use Zend\Stdlib\ErrorHandler;
 
 class Message extends \Zend\Mail\Storage\Message
 {

application/Espo/Core/Mail/Sender.php

@@ -104,10 +104,10 @@ class Sender
             $opts['connection_config']['ssl'] = strtolower($params['security']);
         }
 
-        if (in_array('fromName', $params)) {
+        if (array_key_exists('fromName', $params)) {
             $this->params['fromName'] = $params['fromName'];
         }
-        if (in_array('fromAddress', $params)) {
+        if (array_key_exists('fromAddress', $params)) {
             $this->params['fromAddress'] = $params['fromAddress'];
         }
 
@@ -340,15 +340,12 @@ class Sender
         $message->setEncoding('UTF-8');
 
         try {
-            $rand = mt_rand(1000, 9999);
-
-            if ($email->get('parentType') && $email->get('parentId')) {
-                $messageId = '' . $email->get('parentType') .'/' . $email->get('parentId') . '/' . time() . '/' . $rand . '@espo';
+            $messageId = $email->get('messageId');
+            if (empty($messageId) || !is_string($messageId) || strlen($messageId) < 4) {
+                $messageId = $this->generateMessageId($email);
+                $email->set('messageId', '<' . $messageId . '>');
             } else {
-                $messageId = '' . md5($email->get('name')) . '/' . time() . '/' . $rand .  '@espo';
-            }
-            if ($email->get('isSystem')) {
-                $messageId .= '-system';
+                $messageId = substr($messageId, 1, strlen($messageId) - 2);
             }
 
             $messageIdHeader = new \Zend\Mail\Header\MessageId();
@@ -357,7 +354,6 @@ class Sender
 
             $this->transport->send($message);
 
-            $email->set('messageId', '<' . $messageId . '>');
             $email->set('status', 'Sent');
             $email->set('dateSent', date("Y-m-d H:i:s"));
         } catch (\Exception $e) {
@@ -366,5 +362,21 @@ class Sender
 
         $this->useGlobal();
     }
+
+    static public function generateMessageId(Email $email)
+    {
+        $rand = mt_rand(1000, 9999);
+
+        if ($email->get('parentType') && $email->get('parentId')) {
+            $messageId = '' . $email->get('parentType') .'/' . $email->get('parentId') . '/' . time() . '/' . $rand . '@espo';
+        } else {
+            $messageId = '' . md5($email->get('name')) . '/' . time() . '/' . $rand .  '@espo';
+        }
+        if ($email->get('isSystem')) {
+            $messageId .= '-system';
+        }
+
+        return $messageId;
+    }
 }
 

application/Espo/Core/Notificators/Base.php

@@ -53,6 +53,13 @@ class Base implements Injectable
     {
     }
 
+    protected function addDependencyList(array $list)
+    {
+        foreach ($list as $item) {
+            $this->addDependency($item);
+        }
+    }
+
     protected function addDependency($name)
     {
         $this->dependencies[] = $name;

application/Espo/Core/ORM/Entity.php

@@ -105,7 +105,27 @@ class Entity extends \Espo\ORM\Entity
                 }
             }
         }
+    }
 
+    public function setLinkMultipleColumn($field, $column, $id, $value)
+    {
+        $columnsField = $field . 'Columns';
+        if (!$this->hasField($columnsField)) {
+            return;
+        }
+        $object = $this->get($columnsField);
+        if (!isset($object) || !($object instanceof \StdClass)) {
+            $object = (object) [];
+        }
+        if (!isset($object->$id)) {
+            $object->$id = (object) [];
+        }
+        if (!isset($object->$id->$column)) {
+            $object->$id->$column = (object) [];
+        }
+
+        $object->$id->$column = $value;
+        $this->set($columnsField, $object);
     }
 
     public function setLinkMultipleIdList($field, array $idList)

application/Espo/Core/ORM/Repositories/RDB.php

@@ -52,6 +52,13 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
         $this->dependencies[] = $name;
     }
 
+    protected function addDependencyList(array $list)
+    {
+        foreach ($list as $item) {
+            $this->addDependency($item);
+        }
+    }
+
     public function inject($name, $object)
     {
         $this->injections[$name] = $object;
@@ -72,6 +79,16 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
         return $this->getInjection('metadata');
     }
 
+    public function __construct($entityType, EntityManager $entityManager, EntityFactory $entityFactory)
+    {
+        parent::__construct($entityType, $entityManager, $entityFactory);
+        $this->init();
+    }
+
+    protected function init()
+    {
+    }
+
     public function handleSelectParams(&$params)
     {
         $this->handleEmailAddressParams($params);
@@ -81,7 +98,7 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
 
     protected function handleCurrencyParams(&$params)
     {
-        $entityName = $this->entityName;
+        $entityType = $this->entityType;
 
         $metadata = $this->getMetadata();
 
@@ -89,7 +106,7 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
             return;
         }
 
-        $defs = $metadata->get('entityDefs.' . $entityName);
+        $defs = $metadata->get('entityDefs.' . $entityType);
 
         foreach ($defs['fields'] as $field => $d) {
             if (isset($d['type']) && $d['type'] == 'currency') {
@@ -101,7 +118,7 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
                 }
                 $alias = Util::toUnderScore($field) . "_currency_alias";
                 $params['customJoin'] .= "
-                    LEFT JOIN currency AS `{$alias}` ON {$alias}.id = ".Util::toUnderScore($entityName).".".Util::toUnderScore($field)."_currency
+                    LEFT JOIN currency AS `{$alias}` ON {$alias}.id = ".Util::toUnderScore($entityType).".".Util::toUnderScore($field)."_currency
                 ";
             }
         }
@@ -110,9 +127,9 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
 
     protected function handleEmailAddressParams(&$params)
     {
-        $entityName = $this->entityName;
+        $entityType = $this->entityType;
 
-        $defs = $this->getEntityManager()->getMetadata()->get($entityName);
+        $defs = $this->getEntityManager()->getMetadata()->get($entityType);
         if (!empty($defs['relations']) && array_key_exists('emailAddresses', $defs['relations'])) {
             if (empty($params['leftJoins'])) {
                 $params['leftJoins'] = array();
@@ -132,9 +149,9 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
 
     protected function handlePhoneNumberParams(&$params)
     {
-        $entityName = $this->entityName;
+        $entityType = $this->entityType;
 
-        $defs = $this->getEntityManager()->getMetadata()->get($entityName);
+        $defs = $this->getEntityManager()->getMetadata()->get($entityType);
         if (!empty($defs['relations']) && array_key_exists('phoneNumbers', $defs['relations'])) {
             if (empty($params['leftJoins'])) {
                 $params['leftJoins'] = array();
@@ -155,7 +172,7 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
     protected function beforeRemove(Entity $entity, array $options = array())
     {
         parent::beforeRemove($entity, $options);
-        $this->getEntityManager()->getHookManager()->process($this->entityName, 'beforeRemove', $entity, $options);
+        $this->getEntityManager()->getHookManager()->process($this->entityType, 'beforeRemove', $entity, $options);
 
         $nowString = date('Y-m-d H:i:s', time());
         if ($entity->hasAttribute('modifiedAt')) {
@@ -169,14 +186,14 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
     protected function afterRemove(Entity $entity, array $options = array())
     {
         parent::afterRemove($entity, $options);
-        $this->getEntityManager()->getHookManager()->process($this->entityName, 'afterRemove', $entity, $options);
+        $this->getEntityManager()->getHookManager()->process($this->entityType, 'afterRemove', $entity, $options);
     }
 
     public function remove(Entity $entity, array $options = array())
     {
         $result = parent::remove($entity, $options);
         if ($result) {
-            $this->getEntityManager()->getHookManager()->process($this->entityName, 'afterRemove', $entity, $options);
+            $this->getEntityManager()->getHookManager()->process($this->entityType, 'afterRemove', $entity, $options);
         }
         return $result;
     }
@@ -185,7 +202,7 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
     {
         parent::beforeSave($entity, $options);
 
-        $this->getEntityManager()->getHookManager()->process($this->entityName, 'beforeSave', $entity, $options);
+        $this->getEntityManager()->getHookManager()->process($this->entityType, 'beforeSave', $entity, $options);
     }
 
     protected function afterSave(Entity $entity, array $options = array())
@@ -196,12 +213,12 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
         }
         parent::afterSave($entity, $options);
 
-        $this->handleEmailAddressSave($entity);
-        $this->handlePhoneNumberSave($entity);
-        $this->handleSpecifiedRelations($entity);
-        $this->handleFileFields($entity);
+        $this->processEmailAddressSave($entity);
+        $this->processPhoneNumberSave($entity);
+        $this->processSpecifiedRelationsSave($entity);
+        $this->processFileFieldsSave($entity);
 
-        $this->getEntityManager()->getHookManager()->process($this->entityName, 'afterSave', $entity, $options);
+        $this->getEntityManager()->getHookManager()->process($this->entityType, 'afterSave', $entity, $options);
     }
 
     public function save(Entity $entity, array $options = array())
@@ -215,13 +232,17 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
             }
 
             if ($entity->hasAttribute('createdAt')) {
-                $entity->set('createdAt', $nowString);
+                if (empty($options['import']) || !$entity->has('createdAt')) {
+                    $entity->set('createdAt', $nowString);
+                }
             }
             if ($entity->hasAttribute('modifiedAt')) {
                 $entity->set('modifiedAt', $nowString);
             }
             if ($entity->hasAttribute('createdById')) {
-                $entity->set('createdById', $this->entityManager->getUser()->id);
+                if (empty($options['import']) || !$entity->has('createdById')) {
+                    $entity->set('createdById', $this->entityManager->getUser()->id);
+                }
             }
 
             if ($entity->has('modifiedById')) {
@@ -242,13 +263,18 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
             }
 
             if ($entity->has('createdById')) {
-                $restoreData['createdById'] = $entity->get('createdById');
+                if (empty($options['import'])) {
+                    $restoreData['createdById'] = $entity->get('createdById');
+                    $entity->clear('createdById');
+                }
             }
+
             if ($entity->has('createdAt')) {
-                $restoreData['createdAt'] = $entity->get('createdAt');
+                if (empty($options['import'])) {
+                    $restoreData['createdAt'] = $entity->get('createdAt');
+                    $entity->clear('createdAt');
+                }
             }
-            $entity->clear('createdById');
-            $entity->clear('createdAt');
         }
         $this->restoreData = $restoreData;
 
@@ -257,7 +283,7 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
         return $result;
     }
 
-    protected function handleFileFields(Entity $entity)
+    protected function processFileFieldsSave(Entity $entity)
     {
         foreach ($entity->getRelations() as $name => $defs) {
             if (!isset($defs['type']) || !isset($defs['entity'])) continue;
@@ -278,23 +304,22 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
         }
     }
 
-    protected function handleEmailAddressSave(Entity $entity)
+    protected function processEmailAddressSave(Entity $entity)
     {
         if ($entity->hasRelation('emailAddresses') && $entity->hasAttribute('emailAddress')) {
             $emailAddressRepository = $this->getEntityManager()->getRepository('EmailAddress')->storeEntityEmailAddress($entity);
         }
     }
 
-    protected function handlePhoneNumberSave(Entity $entity)
+    protected function processPhoneNumberSave(Entity $entity)
     {
         if ($entity->hasRelation('phoneNumbers') && $entity->hasAttribute('phoneNumber')) {
             $emailAddressRepository = $this->getEntityManager()->getRepository('PhoneNumber')->storeEntityPhoneNumber($entity);
         }
     }
 
-    protected function handleSpecifiedRelations(Entity $entity)
+    protected function processSpecifiedRelationsSave(Entity $entity)
     {
-
         $relationTypeList = [$entity::HAS_MANY, $entity::MANY_MANY, $entity::HAS_CHILDREN];
         foreach ($entity->getRelations() as $name => $defs) {
             if (in_array($defs['type'], $relationTypeList)) {
@@ -358,15 +383,16 @@ class RDB extends \Espo\ORM\Repositories\RDB implements Injectable
                             } else {
                                 if (!empty($columns)) {
                                     foreach ($columns as $columnName => $columnField) {
-                                        if ($columnData->$id->$columnName != $existingColumnsData->$id->$columnName) {
-                                            $toUpdateIds[] = $id;
+                                        if (isset($columnData->$id)) {
+                                            if ($columnData->$id->$columnName !== $existingColumnsData->$id->$columnName) {
+                                                $toUpdateIds[] = $id;
+                                            }
                                         }
                                     }
                                 }
                             }
                         }
 
-
                         foreach ($specifiedIds as $id) {
                             if (!in_array($id, $existingIds)) {
                                 $data = null;

application/Espo/Core/ORM/Repository.php

@@ -31,12 +31,18 @@ namespace Espo\Core\ORM;
 
 use \Espo\Core\Interfaces\Injectable;
 
+use \Espo\ORM\EntityFactory;
+
 abstract class Repository extends \Espo\ORM\Repository implements Injectable
 {
     protected $dependencies = array();
 
     protected $injections = array();
 
+    protected function init()
+    {
+    }
+
     public function inject($name, $object)
     {
         $this->injections[$name] = $object;
@@ -51,5 +57,23 @@ abstract class Repository extends \Espo\ORM\Repository implements Injectable
     {
         return $this->dependencies;
     }
+
+    protected function addDependencyList(array $list)
+    {
+        foreach ($list as $item) {
+            $this->addDependency($item);
+        }
+    }
+
+    protected function addDependency($name)
+    {
+        $this->dependencies[] = $name;
+    }
+
+    public function __construct($entityType, EntityManager $entityManager, EntityFactory $entityFactory)
+    {
+        parent::__construct($entityType, $entityManager, $entityFactory);
+        $this->init();
+    }
 }
 

application/Espo/Core/Portal/AclManager.php

@@ -37,6 +37,10 @@ class AclManager extends \Espo\Core\AclManager
 {
     protected $tableClassName = '\\Espo\\Core\\AclPortal\\Table';
 
+    private $mainManager = null;
+
+    private $portal = null;
+
     public function getImplementation($scope)
     {
         if (empty($this->implementationHashMap[$scope])) {
@@ -70,16 +74,42 @@ class AclManager extends \Espo\Core\AclManager
         return $this->implementationHashMap[$scope];
     }
 
+    public function setMainManager($mainManager)
+    {
+        $this->mainManager = $mainManager;
+    }
+
+    protected function getMainManager()
+    {
+        return $this->mainManager;
+    }
+
+    public function setPortal($portal)
+    {
+        $this->portal = $portal;
+    }
+
+    protected function getPortal()
+    {
+        if ($this->portal) {
+            return $this->portal;
+        }
+        return $this->getContainer()->get('portal');
+    }
+
     protected function getTable(User $user)
     {
-        $key = spl_object_hash($user);
+        $key = $user->id;
+        if (empty($key)) {
+            $key = spl_object_hash($user);
+        }
 
         if (empty($this->tableHashMap[$key])) {
             $config = $this->getContainer()->get('config');
             $fileManager = $this->getContainer()->get('fileManager');
             $metadata = $this->getContainer()->get('metadata');
             $fieldManager = $this->getContainer()->get('fieldManager');
-            $portal = $this->getContainer()->get('portal');
+            $portal = $this->getPortal();
 
             $this->tableHashMap[$key] = new $this->tableClassName($user, $portal, $config, $fileManager, $metadata, $fieldManager);
         }
@@ -115,5 +145,116 @@ class AclManager extends \Espo\Core\AclManager
         return $this->getImplementation($entity->getEntityType())->checkIsOwnContact($user, $entity);
     }
 
+    public function getMap(User $user)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->getMap($user);
+        }
+        return parent::getMap($user);
+    }
+
+    public function getLevel(User $user, $scope, $action)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->getLevel($user, $scope, $action);
+        }
+        return parent::getLevel($user, $scope, $action);
+    }
+
+    public function get(User $user, $permission)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->get($user, $permission);
+        }
+        return parent::get($user, $permission);
+    }
+
+    public function checkReadOnlyTeam(User $user, $scope)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            $data = $this->getTable($user)->getScopeData($scope);
+            return $this->getMainManager()->checkReadOnlyTeam($user, $data);
+        }
+        return parent::checkReadOnlyTeam($user, $scope);
+    }
+
+    public function checkReadOnlyOwn(User $user, $scope)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            $data = $this->getTable($user)->getScopeData($scope);
+            return $this->getMainManager()->checkReadOnlyOwn($user, $data);
+        }
+        return parent::checkReadOnlyOwn($user, $scope);
+    }
+
+    public function check(User $user, $subject, $action = null)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->check($user, $subject, $action);
+        }
+        return parent::check($user, $subject, $action);
+    }
+
+    public function checkEntity(User $user, Entity $entity, $action = 'read')
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->checkEntity($user, $entity, $action);
+        }
+        return parent::checkEntity($user, $entity, $action);
+    }
+
+    public function checkIsOwner(User $user, Entity $entity)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->checkIsOwner($user, $entity);
+        }
+        return parent::checkIsOwner($user, $entity);
+    }
+
+    public function checkInTeam(User $user, Entity $entity)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->checkInTeam($user, $entity);
+        }
+        return parent::checkInTeam($user, $entity);
+    }
+
+    public function checkScope(User $user, $scope, $action = null)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->checkScope($user, $scope, $action);
+        }
+        return parent::checkScope($user, $scope, $action);
+    }
+
+    public function checkUser(User $user, $permission, User $entity)
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->checkUser($user, $permission, $entity);
+        }
+        return parent::checkUser($user, $permission, $entity);
+    }
+
+    public function getScopeForbiddenAttributeList(User $user, $scope, $action = 'read', $thresholdLevel = 'no')
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->getScopeForbiddenAttributeList($user, $scope, $action, $thresholdLevel);
+        }
+        return parent::getScopeForbiddenAttributeList($user, $scope, $action, $thresholdLevel);
+    }
+
+    public function getScopeForbiddenFieldList(User $user, $scope, $action = 'read', $thresholdLevel = 'no')
+    {
+        if ($this->checkUserIsNotPortal($user)) {
+            return $this->getMainManager()->getScopeForbiddenFieldList($user, $scope, $action, $thresholdLevel);
+        }
+        return parent::getScopeForbiddenFieldList($user, $scope, $action, $thresholdLevel);
+    }
+
+    protected function checkUserIsNotPortal($user)
+    {
+        return !$user->get('isPortalUser');
+    }
+
 }
 

application/Espo/Core/Portal/Application.php

@@ -49,6 +49,12 @@ class Application extends \Espo\Core\Application
 
         $portal = $this->getContainer()->get('entityManager')->getEntity('Portal', $portalId);
 
+        if (!$portal) {
+            $portal = $this->getContainer()->get('entityManager')->getRepository('Portal')->where(array(
+                'customId' => $portalId
+            ))->findOne();
+        }
+
         if (!$portal) {
             throw new NotFound();
         }

application/Espo/Core/Portal/Container.php

@@ -38,12 +38,27 @@ class Container extends \Espo\Core\Container
         return $className;
     }
 
+    protected function getServiceMainClassName($name, $default)
+    {
+        $metadata = $this->get('metadata');
+        $className = $metadata->get('app.serviceContainer.classNames.' . $name, $default);
+        return $className;
+    }
+
     protected function loadAclManager()
     {
         $className = $this->getServiceClassName('aclManager', '\\Espo\\Core\\Portal\\AclManager');
-        return new $className(
+        $mainClassName = $this->getServiceMainClassName('aclManager', '\\Espo\\Core\\AclManager');
+
+        $obj = new $className(
             $this->get('container')
         );
+        $objMain = new $mainClassName(
+            $this->get('container')
+        );
+        $obj->setMainManager($objMain);
+
+        return $obj;
     }
 
     protected function loadAcl()

application/Espo/Core/Repositories/CategoryTree.php

@@ -29,11 +29,11 @@
 
 namespace Espo\Core\Repositories;
 
-use \Espo\Core\Entities\CategoryTreeItem as Entity;
+use \Espo\ORM\Entity;
 
 class CategoryTree extends \Espo\Core\ORM\Repositories\RDB
 {
-	public function afterSave(Entity $entity, $options)
+	protected function afterSave(Entity $entity, array $options = array())
 	{
 		parent::afterSave($entity, $options);
 
@@ -86,7 +86,7 @@ class CategoryTree extends \Espo\Core\ORM\Repositories\RDB
 		}
 	}
 
-	public function afterRemove(Entity $entity, $options)
+	protected function afterRemove(Entity $entity, array $options = array())
 	{
 		parent::afterRemove($entity, $options);
 

application/Espo/Core/SelectManagerFactory.php

@@ -43,12 +43,14 @@ class SelectManagerFactory
 
     private $metadata;
 
-    public function __construct($entityManager, \Espo\Entities\User $user, Acl $acl, $metadata)
+    public function __construct($entityManager, \Espo\Entities\User $user, Acl $acl, AclManager $aclManager, Utils\Metadata $metadata, Utils\Config $config)
     {
         $this->entityManager = $entityManager;
         $this->user = $user;
         $this->acl = $acl;
+        $this->aclManager = $aclManager;
         $this->metadata = $metadata;
+        $this->config = $config;
     }
 
     public function create($entityType)
@@ -68,7 +70,7 @@ class SelectManagerFactory
             }
         }
 
-        $selectManager = new $className($this->entityManager, $this->user, $this->acl, $this->metadata);
+        $selectManager = new $className($this->entityManager, $this->user, $this->acl, $this->aclManager, $this->metadata, $this->config);
         $selectManager->setEntityType($entityType);
 
         return $selectManager;

application/Espo/Core/SelectManagers/Base.php

@@ -33,6 +33,9 @@ use \Espo\Core\Exceptions\Error;
 use \Espo\Core\Exceptions\Forbidden;
 
 use \Espo\Core\Acl;
+use \Espo\Core\AclManager;
+use \Espo\Core\Utils\Metadata;
+use \Espo\Core\Utils\Config;
 
 class Base
 {
@@ -48,6 +51,8 @@ class Base
 
     protected $metadata;
 
+    private $config;
+
     private $seed = null;
 
     private $userTimeZone = null;
@@ -56,13 +61,15 @@ class Base
 
     const MIN_LENGTH_FOR_CONTENT_SEARCH = 4;
 
-    public function __construct($entityManager, \Espo\Entities\User $user, Acl $acl, $metadata)
+    public function __construct($entityManager, \Espo\Entities\User $user, Acl $acl, AclManager $aclManager, Metadata $metadata, Config $config)
     {
         $this->entityManager = $entityManager;
         $this->user = $user;
         $this->acl = $acl;
+        $this->aclManager = $aclManager;
 
         $this->metadata = $metadata;
+        $this->config = $config;
     }
 
     protected function getEntityManager()
@@ -70,6 +77,11 @@ class Base
         return $this->entityManager;
     }
 
+    protected function getMetadata()
+    {
+        return $this->metadata;
+    }
+
     protected function getUser()
     {
         return $this->user;
@@ -80,6 +92,16 @@ class Base
         return $this->acl;
     }
 
+    protected function getConfig()
+    {
+        return $this->config;
+    }
+
+    protected function getAclManager()
+    {
+        return $this->aclManager;
+    }
+
     public function setEntityType($entityType)
     {
         $this->entityType = $entityType;
@@ -100,18 +122,30 @@ class Base
         }
     }
 
-    protected function order($sortBy, $asc, &$result)
+    protected function order($sortBy, $desc = false, &$result)
     {
         if (!empty($sortBy)) {
             $result['orderBy'] = $sortBy;
-            $type = $this->metadata->get("entityDefs.{$this->entityType}.fields." . $result['orderBy'] . ".type");
-            if ($type == 'link') {
+            $type = $this->getMetadata()->get(['entityDefs', $this->getEntityType(), 'fields', $sortBy, 'type']);
+            if ($type === 'link') {
                 $result['orderBy'] .= 'Name';
-            } else if ($type == 'linkParent') {
+            } else if ($type === 'linkParent') {
                 $result['orderBy'] .= 'Type';
+            } else if ($type === 'enum') {
+                $list = $this->getMetadata()->get(['entityDefs', $this->getEntityType(), 'fields', $sortBy, 'options']);
+                if ($list && is_array($list) && count($list)) {
+                    if ($this->getMetadata()->get(['entityDefs', $this->getEntityType(), 'fields', $sortBy, 'isSorted'])) {
+                        $list = asort($list);
+                    }
+                    if ($desc) {
+                        $list = array_reverse($list);
+                    }
+                    $result['orderBy'] = 'LIST:' . $sortBy . ':' . implode(',', $list);
+                    return;
+                }
             }
         }
-        if ($asc) {
+        if (!$desc) {
             $result['order'] = 'ASC';
         } else {
             $result['order'] = 'DESC';
@@ -120,7 +154,7 @@ class Base
 
     protected function getTextFilterFieldList()
     {
-        return $this->metadata->get("entityDefs.{$this->entityType}.collection.textFilterFields", ['name']);
+        return $this->getMetadata()->get("entityDefs.{$this->entityType}.collection.textFilterFields", ['name']);
     }
 
     protected function getSeed()
@@ -595,6 +629,11 @@ class Base
         return $result;
     }
 
+    public function buildSelectParams(array $params, $withAcl = false, $checkWherePermission = false)
+    {
+        return $this->getSelectParams($params, $withAcl, $checkWherePermission);
+    }
+
     public function getSelectParams(array $params, $withAcl = false, $checkWherePermission = false)
     {
         $result = array();
@@ -604,7 +643,7 @@ class Base
             if (!array_key_exists('asc', $params)) {
                 $params['asc'] = true;
             }
-            $this->order($params['sortBy'], $params['asc'], $result);
+            $this->order($params['sortBy'], !$params['asc'], $result);
         }
 
         if (!isset($params['offset'])) {
@@ -667,18 +706,22 @@ class Base
         }
     }
 
-    protected function getUserTimeZone()
+    public function getUserTimeZone()
     {
         if (empty($this->userTimeZone)) {
             $preferences = $this->getEntityManager()->getEntity('Preferences', $this->getUser()->id);
-            $timeZone = $preferences->get('timeZone');
-            $this->userTimeZone = $timeZone;
+            if ($preferences) {
+                $timeZone = $preferences->get('timeZone');
+                $this->userTimeZone = $timeZone;
+            } else {
+                $this->userTimeZone = 'UTC';
+            }
         }
 
         return $this->userTimeZone;
     }
 
-    protected function convertDateTimeWhere($item)
+    public function convertDateTimeWhere($item)
     {
         $format = 'Y-m-d H:i:s';
 
@@ -875,6 +918,9 @@ class Base
                 case 'startsWith':
                     $part[$item['field'] . '*'] = $item['value'] . '%';
                     break;
+                case 'endsWith':
+                    $part[$item['field'] . '*'] = '%' . $item['value'];
+                    break;
                 case 'contains':
                     $part[$item['field'] . '*'] = '%' . $item['value'] . '%';
                     break;
@@ -1019,10 +1065,10 @@ class Base
         return $part;
     }
 
-    public function applyOrder($sortBy, $asc, &$result)
+    public function applyOrder($sortBy, $desc, &$result)
     {
         $this->prepareResult($result);
-        $this->order($sortBy, $asc, $result);
+        $this->order($sortBy, $desc, $result);
     }
 
     public function applyLimit($offset, $maxSize, &$result)
@@ -1064,12 +1110,36 @@ class Base
 
     public function hasJoin($join, &$result)
     {
-        return in_array($join, $result['joins']);
+        if (in_array($join, $result['joins'])) {
+            return true;
+        }
+
+        foreach ($result['joins'] as $item) {
+            if (is_array($item) && count($item) > 1) {
+                if ($item[1] == $join) {
+                    return true;
+                }
+            }
+        }
+
+        return false;
     }
 
     public function hasLeftJoin($leftJoin, &$result)
     {
-        return in_array($leftJoin, $result['leftJoin']);
+        if (in_array($leftJoin, $result['leftJoins'])) {
+            return true;
+        }
+
+        foreach ($result['leftJoins'] as $item) {
+            if (is_array($item) && count($item) > 1) {
+                if ($item[1] == $leftJoin) {
+                    return true;
+                }
+            }
+        }
+
+        return false;
     }
 
     public function addJoin($join, &$result)
@@ -1163,15 +1233,21 @@ class Base
         $d = array();
 
         foreach ($fieldList as $field) {
+            $expression = $textFilter . '%';
             if (
                 strlen($textFilter) >= self::MIN_LENGTH_FOR_CONTENT_SEARCH
                 &&
-                !empty($fieldDefs[$field]['type']) && $fieldDefs[$field]['type'] == 'text'
+                (
+                    !empty($fieldDefs[$field]['type']) && $fieldDefs[$field]['type'] == 'text'
+                    ||
+                    $this->getConfig()->get('textFilterUseContainsForVarchar')
+                )
             ) {
-                $d[$field . '*'] = '%' . $textFilter . '%';
+                $expression = '%' . $textFilter . '%';
             } else {
-                $d[$field . '*'] = $textFilter . '%';
+                $expression = $textFilter . '%';
             }
+            $d[$field . '*'] = $expression;
         }
         $result['whereClause'][] = array(
             'OR' => $d

application/Espo/Core/Services/Base.php

@@ -65,6 +65,13 @@ abstract class Base implements Injectable
         $this->dependencies[] = $name;
     }
 
+    protected function addDependencyList(array $list)
+    {
+        foreach ($list as $item) {
+            $this->addDependency($item);
+        }
+    }
+
     public function getDependencyList()
     {
         return $this->dependencies;

application/Espo/Core/Templates/Controllers/Event.php

@@ -0,0 +1,36 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Templates\Controllers;
+
+class Event extends \Espo\Core\Controllers\Record
+{
+
+}
+

application/Espo/Core/Templates/Entities/Event.php

@@ -0,0 +1,36 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Templates\Entities;
+
+class Event extends \Espo\Core\ORM\Entity
+{
+
+}
+

application/Espo/Core/Templates/Layouts/Event/detail.json

@@ -0,0 +1,39 @@
+[
+    {
+        "label": "Overview",
+        "rows": [
+            [
+                {
+                    "name": "name"
+                },
+                false
+            ],
+            [
+                {
+                    "name": "status"
+                },
+                false
+            ],
+            [
+                {
+                    "name": "dateStart"
+                },
+                {
+                    "name": "dateEnd"
+                }
+            ],
+            [
+                {
+                    "name": "duration"
+                },
+                false
+            ],
+            [
+                {
+                    "name": "description",
+                    "fullWidth": true
+                }
+            ]
+        ]
+    }
+]

application/Espo/Core/Templates/Layouts/Event/detailSmall.json

@@ -0,0 +1,43 @@
+[
+    {
+        "label": "",
+        "rows": [
+            [
+                {
+                    "name": "name",
+                    "fullWidth": true
+                }
+            ],
+            [
+                {
+                    "name": "status",
+                    "fullWidth": true
+                }
+            ],
+            [
+                {
+                    "name": "dateStart",
+                    "fullWidth": true
+                }
+            ],
+            [
+                {
+                    "name": "duration",
+                    "fullWidth": true
+                }
+            ],
+            [
+                {
+                    "name": "dateEnd",
+                    "fullWidth": true
+                }
+            ],
+            [
+                {
+                    "name": "description",
+                    "fullWidth": true
+                }
+            ]
+        ]
+    }
+]

application/Espo/Core/Templates/Metadata/Base/clientDefs.json

@@ -1,4 +1,4 @@
 {
-   "controller": "Controllers.Record",
+   "controller": "controllers/record",
    "boolFilterList": ["onlyMy"]
 }

application/Espo/Core/Templates/Metadata/Base/entityDefs.json

@@ -29,10 +29,11 @@
         "assignedUser": {
             "type": "link",
             "required": true,
-            "view": "views/fields/user"
+            "view": "views/fields/assigned-user"
         },
         "teams": {
-            "type": "linkMultiple"
+            "type": "linkMultiple",
+            "view": "views/fields/teams"
         }
     },
     "links": {

application/Espo/Core/Templates/Metadata/CategoryTree/clientDefs.json

@@ -1,6 +1,6 @@
 {
-    "controller": "Controllers.RecordTree",
-    "collection": "Collections.Tree",
+    "controller": "controllers/record-tree",
+    "collection": "collections/tree",
     "menu": {
         "listTree": {
             "buttons": [

application/Espo/Core/Templates/Metadata/Event/clientDefs.json

@@ -0,0 +1,4 @@
+{
+   "controller": "controllers/record",
+   "boolFilterList": ["onlyMy"]
+}

application/Espo/Core/Templates/Metadata/Event/entityDefs.json

@@ -0,0 +1,116 @@
+{
+    "fields": {
+        "name": {
+            "type": "varchar",
+            "required": true,
+            "trim": true
+        },
+        "status": {
+            "type": "enum",
+            "options": ["Planned", "Held", "Not Held"],
+            "default": "Planned",
+            "view": "views/fields/enum-styled",
+            "style": {
+                "Held": "success"
+            },
+            "audited": true
+        },
+        "dateStart": {
+            "type": "datetime",
+            "required": true,
+            "default": "javascript: return this.dateTime.getNow(15);",
+            "audited": true
+        },
+        "dateEnd": {
+            "type": "datetime",
+            "required": true,
+            "after": "dateStart"
+        },
+        "duration": {
+            "type": "duration",
+            "start": "dateStart",
+            "end": "dateEnd",
+            "options": [300, 600, 900, 1800, 2700, 3600, 7200],
+            "default": 300,
+            "notStorable": true
+        },
+        "parent": {
+            "type": "linkParent",
+            "entityList": ["Account", "Lead"]
+        },
+        "description": {
+            "type": "text"
+        },
+        "createdAt": {
+            "type": "datetime",
+            "readOnly": true
+        },
+        "modifiedAt": {
+            "type": "datetime",
+            "readOnly": true
+        },
+        "createdBy": {
+            "type": "link",
+            "readOnly": true,
+            "view": "views/fields/user"
+        },
+        "modifiedBy": {
+            "type": "link",
+            "readOnly": true,
+            "view": "views/fields/user"
+        },
+        "assignedUser": {
+            "type": "link",
+            "required": false,
+            "view": "views/fields/assigned-user"
+        },
+        "teams": {
+            "type": "linkMultiple",
+            "view": "views/fields/teams"
+        }
+    },
+    "links": {
+        "parent": {
+            "type": "belongsToParent"
+        },
+        "createdBy": {
+            "type": "belongsTo",
+            "entity": "User"
+        },
+        "modifiedBy": {
+            "type": "belongsTo",
+            "entity": "User"
+        },
+        "assignedUser": {
+            "type": "belongsTo",
+            "entity": "User"
+        },
+        "teams": {
+            "type": "hasMany",
+            "entity": "Team",
+            "relationName": "EntityTeam",
+            "layoutRelationshipsDisabled": true
+        }
+    },
+    "collection": {
+        "sortBy": "dateStart",
+        "asc": false
+    },
+    "indexes": {
+        "dateStartStatus": {
+            "columns": ["dateStart", "status"]
+        },
+        "dateStart": {
+            "columns": ["dateStart", "deleted"]
+        },
+        "status": {
+            "columns": ["status", "deleted"]
+        },
+        "assignedUser": {
+            "columns": ["assignedUserId", "deleted"]
+        },
+        "assignedUserStatus": {
+            "columns": ["assignedUserId", "status"]
+        }
+    }
+}

application/Espo/Core/Templates/Metadata/Event/scopes.json

@@ -0,0 +1,11 @@
+{
+    "entity": true,
+    "layouts": true,
+    "tab": true,
+    "acl": true,
+    "aclPortal": true,
+    "customizable": true,
+    "importable": true,
+    "calendar": true,
+    "notifications": true
+}

application/Espo/Core/Templates/Metadata/Person/clientDefs.json

@@ -1,4 +1,4 @@
 {
-   "controller": "Controllers.Record",
+   "controller": "controllers/record",
    "boolFilterList": ["onlyMy"]
 }

application/Espo/Core/Templates/Metadata/Person/entityDefs.json

@@ -21,10 +21,6 @@
         "description": {
             "type": "text"
         },
-        "createdAt": {
-            "type": "datetime",
-            "readOnly": true
-        },
         "emailAddress": {
             "type": "email"
         },
@@ -53,6 +49,10 @@
         "addressPostalCode": {
             "type": "varchar"
         },
+        "createdAt": {
+            "type": "datetime",
+            "readOnly": true
+        },
         "modifiedAt": {
             "type": "datetime",
             "readOnly": true
@@ -70,10 +70,11 @@
         "assignedUser": {
             "type": "link",
             "required": false,
-            "view": "views/fields/user"
+            "view": "views/fields/assigned-user"
         },
         "teams": {
-            "type": "linkMultiple"
+            "type": "linkMultiple",
+            "view": "views/fields/teams"
         }
     },
     "links": {

application/Espo/Core/Templates/Repositories/Event.php

@@ -0,0 +1,36 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Templates\Repositories;
+
+class Event extends \Espo\Core\ORM\Repositories\RDB
+{
+
+}
+

application/Espo/Core/Templates/Services/Event.php

@@ -0,0 +1,36 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Templates\Services;
+
+class Event extends \Espo\Services\Record
+{
+
+}
+

application/Espo/Core/Templates/Services/Person.php

@@ -32,6 +32,39 @@ namespace Espo\Core\Templates\Services;
 
 class Person extends \Espo\Services\Record
 {
+    protected function getDuplicateWhereClause(Entity $entity, $data = array())
+    {
+        $data = array(
+            'OR' => array(
+                array(
+                    'firstName' => $entity->get('firstName'),
+                    'lastName' => $entity->get('lastName'),
+                )
+            )
+        );
+        if (
+            ($entity->get('emailAddress') || $entity->get('emailAddressData'))
+            &&
+            ($entity->isNew() || $entity->isFieldChanged('emailAddress') || $entity->isFieldChanged('emailAddressData'))
+        ) {
+            if ($entity->get('emailAddress')) {
+                $list = [$entity->get('emailAddress')];
+            }
+            if ($entity->get('emailAddressData')) {
+                foreach ($entity->get('emailAddressData') as $row) {
+                    if (!in_array($row->emailAddress, $list)) {
+                        $list[] = $row->emailAddress;
+                    }
+                }
+            }
+            foreach ($list as $emailAddress) {
+                $data['OR'][] = array(
+                    'emailAddress' => $emailAddress
+                );
+            }
+        }
 
+        return $data;
+    }
 }
 

application/Espo/Core/Upgrades/Actions/Base.php

@@ -32,7 +32,7 @@ use Espo\Core\Utils\Util;
 use Espo\Core\Utils\System;
 use Espo\Core\Utils\Json;
 use Espo\Core\Exceptions\Error;
-use vierbergenlars\SemVer;
+use Composer\Semver\Semver;
 
 abstract class Base
 {
@@ -221,20 +221,12 @@ abstract class Base
             $versionList = (array) $versionList;
         }
 
-        try {
-            $semver = new SemVer\version($currentVersion);
-        } catch (\Exception $e) {
-            $GLOBALS['log']->error('Cannot recognize currentVersion ['.$currentVersion.'], error: '.$e->getMessage().'.');
-            return false;
-        }
-
         foreach ($versionList as $version) {
-
             $isInRange = false;
             try {
-                $isInRange = $semver->satisfies(new SemVer\expression($version));
+                $isInRange = Semver::satisfies($currentVersion, $version);
             } catch (\Exception $e) {
-                $GLOBALS['log']->error('Version identification error: '.$e->getMessage().'.');
+                $GLOBALS['log']->error('SemVer: Version identification error: '.$e->getMessage().'.');
             }
 
             if ($isInRange) {

application/Espo/Core/Utils/Auth.php

@@ -163,6 +163,8 @@ class Auth
                     return false;
                 }
                 $user->set('portalId', $this->getPortal()->id);
+            } else {
+                $user->loadLinkMultipleField('teams');
             }
 
             $this->getEntityManager()->setUser($user);

application/Espo/Core/Utils/Authentication/LDAP.php

@@ -28,49 +28,68 @@
  ************************************************************************/
 
 namespace Espo\Core\Utils\Authentication;
-use Espo\Core\Exceptions\Error,
-    Espo\Core\Utils\Config,
-    Espo\Core\ORM\EntityManager,
-    Espo\Core\Utils\Auth;
+
+use Espo\Core\Exceptions\Error;
+use Espo\Core\Utils\Config;
+use Espo\Core\ORM\EntityManager;
+use Espo\Core\Utils\Auth;
 
 class LDAP extends Base
 {
     private $utils;
 
-    private $zendLdap;
+    private $ldapClient;
 
     /**
-     * Espo => LDAP name
+     * User field name  => option name (LDAP attribute)
      *
      * @var array
      */
-    private $fields = array(
-        'userName' => 'cn',
-        'firstName' => 'givenname',
-        'lastName' => 'sn',
-        'title' => 'title',
-        'emailAddress' => 'mail',
-        'phoneNumber' => 'telephonenumber',
+    protected $ldapFieldMap = array(
+        'userName' => 'userNameAttribute',
+        'firstName' => 'userFirstNameAttribute',
+        'lastName' => 'userLastNameAttribute',
+        'title' => 'userTitleAttribute',
+        'emailAddress' => 'userEmailAddressAttribute',
+        'phoneNumber' => 'userPhoneNumberAttribute',
+    );
+
+    /**
+     * User field name => option name
+     *
+     * @var array
+     */
+    protected $userFieldMap = array(
+        'teamsIds' => 'userTeamsIds',
+        'defaultTeamId' => 'userDefaultTeamId',
     );
 
     public function __construct(Config $config, EntityManager $entityManager, Auth $auth)
     {
         parent::__construct($config, $entityManager, $auth);
 
-        $this->zendLdap = new LDAP\LDAP();
         $this->utils = new LDAP\Utils($config);
     }
 
-    protected function getZendLdap()
-    {
-        return $this->zendLdap;
-    }
-
     protected function getUtils()
     {
         return $this->utils;
     }
 
+    protected function getLdapClient()
+    {
+        if (!isset($this->ldapClient)) {
+            $options = $this->getUtils()->getLdapClientOptions();
+
+            try {
+                $this->ldapClient = new LDAP\Client($options);
+            } catch (\Exception $e) {
+                $GLOBALS['log']->error('LDAP error: ' . $e->getMessage());
+            }
+        }
+
+        return $this->ldapClient;
+    }
 
     /**
      * LDAP login
@@ -78,6 +97,7 @@ class LDAP extends Base
      * @param  string $username
      * @param  string $password
      * @param  \Espo\Entities\AuthToken $authToken
+     *
      * @return \Espo\Entities\User | null
      */
     public function login($username, $password, \Espo\Entities\AuthToken $authToken = null)
@@ -86,28 +106,36 @@ class LDAP extends Base
             return $this->loginByToken($username, $authToken);
         }
 
-        $options = $this->getUtils()->getZendOptions();
-
-        $ldap = $this->getZendLdap();
-        $ldap = $ldap->setOptions($options);
+        $ldapClient = $this->getLdapClient();
 
+        //login LDAP system user (ldapUsername, ldapPassword)
         try {
-            $ldap->bind($username, $password);
+            $ldapClient->bind();
+        } catch (\Exception $e) {
+            $options = $this->getUtils()->getLdapClientOptions();
+            $GLOBALS['log']->error('LDAP: Could not connect to LDAP server ['.$options['host'].'], details: ' . $e->getMessage());
 
-            $dn = $ldap->getDn($username);
-
-            $loginFilter = $this->getUtils()->getOption('userLoginFilter');
-            $userData = $ldap->searchByLoginFilter($loginFilter, $dn, 3);
-
-        } catch (\Zend\Ldap\Exception\LdapException $zle) {
-
-            $admin = $this->adminLogin($username, $password);
-            if (!isset($admin)) {
-                $GLOBALS['log']->info('LDAP Authentication: ' . $zle->getMessage());
+            $adminUser = $this->adminLogin($username, $password);
+            if (!isset($adminUser)) {
                 return null;
             }
+            $GLOBALS['log']->info('LDAP: Administrator ['.$username.'] was logged in by Espo method.');
+        }
 
-            $GLOBALS['log']->info('LDAP Authentication: Administrator login by username ['.$username.']');
+        if (!isset($adminUser)) {
+            $userDn = $this->findLdapUserDnByUsername($username);
+            $GLOBALS['log']->debug('Found DN for ['.$username.']: ['.$userDn.'].');
+            if (!isset($userDn)) {
+                $GLOBALS['log']->error('LDAP: Authentication failed for user ['.$username.'], details: user is not found.');
+                return;
+            }
+
+            try {
+                $ldapClient->bind($userDn, $password);
+            } catch (\Exception $e) {
+                $GLOBALS['log']->error('LDAP: Authentication failed for user ['.$username.'], details: ' . $e->getMessage());
+                return null;
+            }
         }
 
         $user = $this->getEntityManager()->getRepository('User')->findOne(array(
@@ -118,7 +146,7 @@ class LDAP extends Base
 
         $isCreateUser = $this->getUtils()->getOption('createEspoUser');
         if (!isset($user) && $isCreateUser) {
-            $this->getAuth()->useNoAuth(); /** Required to fix Acl "isFetched()" error */
+            $userData = $ldapClient->getEntry($userDn);
             $user = $this->createUser($userData);
         }
 
@@ -130,6 +158,7 @@ class LDAP extends Base
      *
      * @param  string $username
      * @param  \Espo\Entities\AuthToken $authToken
+     *
      * @return \Espo\Entities\User | null
      */
     protected function loginByToken($username, \Espo\Entities\AuthToken $authToken = null)
@@ -182,26 +211,106 @@ class LDAP extends Base
      * Create Espo user with data gets from LDAP server
      *
      * @param  array $userData LDAP entity data
+     *
      * @return \Espo\Entities\User
      */
     protected function createUser(array $userData)
     {
+        $GLOBALS['log']->info('Creating new user ...');
         $data = array();
-        foreach ($this->fields as $espo => $ldap) {
+
+        // show full array of the LDAP user
+        $GLOBALS['log']->debug('LDAP: user data: ' .print_r($userData, true));
+
+        //set values from ldap server
+        $ldapFields = $this->loadFields('ldap');
+        foreach ($ldapFields as $espo => $ldap) {
+            $ldap = strtolower($ldap);
             if (isset($userData[$ldap][0])) {
+                $GLOBALS['log']->debug('LDAP: Create a user wtih ['.$espo.'] = ['.$userData[$ldap][0].'].');
                 $data[$espo] = $userData[$ldap][0];
             }
         }
 
+        //set user fields
+        $userFields = $this->loadFields('user');
+        foreach ($userFields as $fieldName => $fieldValue) {
+            $data[$fieldName] = $fieldValue;
+        }
+
         $user = $this->getEntityManager()->getEntity('User');
         $user->set($data);
 
         $this->getEntityManager()->saveEntity($user);
 
-        return $user;
+        return $this->getEntityManager()->getEntity('User', $user->id);
     }
 
+    /**
+     * Find LDAP user DN by his username
+     *
+     * @param  string $username
+     *
+     * @return string | null
+     */
+    protected function findLdapUserDnByUsername($username)
+    {
+        $ldapClient = $this->getLdapClient();
+        $options = $this->getUtils()->getOptions();
 
+        $loginFilterString = '';
+        if (!empty($options['userLoginFilter'])) {
+            $loginFilterString = $this->convertToFilterFormat($options['userLoginFilter']);
+        }
 
-}
+        $searchString = '(&(objectClass='.$options['userObjectClass'].')('.$options['userNameAttribute'].'='.$username.')'.$loginFilterString.')';
+        $result = $ldapClient->search($searchString, null, LDAP\Client::SEARCH_SCOPE_SUB);
+        $GLOBALS['log']->debug('LDAP: user search string: "' . $searchString . '"');
 
+        foreach ($result as $item) {
+            return $item["dn"];
+        }
+    }
+
+    /**
+     * Check and convert filter item into LDAP format
+     *
+     * @param  string $filter E.g. "memberof=CN=externalTesters,OU=groups,DC=espo,DC=local"
+     *
+     * @return string
+     */
+    protected function convertToFilterFormat($filter)
+    {
+        $filter = trim($filter);
+        if (substr($filter, 0, 1) != '(') {
+            $filter = '(' . $filter;
+        }
+        if (substr($filter, -1) != ')') {
+            $filter = $filter . ')';
+        }
+        return $filter;
+    }
+
+    /**
+     * Load fields for a user
+     *
+     * @param  string $type
+     *
+     * @return array
+     */
+    protected function loadFields($type)
+    {
+        $options = $this->getUtils()->getOptions();
+
+        $typeMap = $type . 'FieldMap';
+
+        $fields = array();
+        foreach ($this->$typeMap as $fieldName => $fieldValue) {
+            if (isset($options[$fieldValue])) {
+                $fields[$fieldName] = $options[$fieldValue];
+            }
+        }
+
+        return $fields;
+    }
+}

application/Espo/Core/Utils/Authentication/LDAP/Client.php

@@ -0,0 +1,35 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Utils\Authentication\LDAP;
+
+class Client extends \Zend\Ldap\Ldap
+{
+
+}

application/Espo/Core/Utils/Authentication/LDAP/LDAP.php

@@ -1,129 +0,0 @@
-<?php
-/************************************************************************
- * This file is part of EspoCRM.
- *
- * EspoCRM - Open Source CRM application.
- * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
- * Website: http://www.espocrm.com
- *
- * EspoCRM is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * EspoCRM is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
- *
- * The interactive user interfaces in modified source and object code versions
- * of this program must display Appropriate Legal Notices, as required under
- * Section 5 of the GNU General Public License version 3.
- *
- * In accordance with Section 7(b) of the GNU General Public License version 3,
- * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
- ************************************************************************/
-
-namespace Espo\Core\Utils\Authentication\LDAP;
-class LDAP extends \Zend\Ldap\Ldap
-{
-    protected $usernameAttribute = 'cn';
-
-
-    /**
-     * Get DN depends on options, ex. "cn=test,ou=People,dc=maxcrc,dc=com"
-     *
-     * @return string DN format
-     */
-    public function getDn($acctname)
-    {
-        return $this->getAccountDn($acctname, \Zend\Ldap\Ldap::ACCTNAME_FORM_DN);
-    }
-
-    /**
-     * Fix a bug, ex. CN=Alice Baker,CN=Users,DC=example,DC=com
-     *
-     * @param  string $acctname
-     * @return string - Account DN
-     */
-    protected function getAccountDn($acctname)
-    {
-        $baseDn = $this->getBaseDn();
-
-        if ($this->getBindRequiresDn() && isset($baseDn)) {
-            try {
-                return parent::getAccountDn($acctname);
-            } catch (\Zend\Ldap\Exception\LdapException $zle) {
-                if ($zle->getCode() != \Zend\Ldap\Exception\LdapException::LDAP_NO_SUCH_OBJECT) {
-                    throw $zle;
-                }
-            }
-
-            $acctname = $this->usernameAttribute . '=' . \Zend\Ldap\Filter\AbstractFilter::escapeValue($acctname) . ',' . $baseDn;
-        }
-
-        return parent::getAccountDn($acctname);
-    }
-
-    /**
-     * Search a user using userLoginFilter
-     *
-     * @param  string $filter
-     * @param  string $basedn
-     * @param  int $scope
-     * @param  array  $attributes
-     * @return array
-     */
-    public function searchByLoginFilter($filter, $basedn = null, $scope = self::SEARCH_SCOPE_SUB, array $attributes = array())
-    {
-        $filter = $this->getLoginFilter($filter);
-
-        $result = $this->search($filter, $basedn, $scope, $attributes);
-
-        if ($result->count() > 0) {
-            return $result->getFirst();
-        }
-
-        throw new \Zend\Ldap\Exception\LdapException($this, 'searching: ' . $filter);
-    }
-
-    /**
-     * Get login filter in LDAP format
-     *
-     * @param  string $filter
-     * @return string
-     */
-    protected function getLoginFilter($filter)
-    {
-        $baseFilter = '(objectClass=*)';
-
-        if (!empty($filter)) {
-            $baseFilter = '(&' . $baseFilter . $this->convertToFilterFormat($filter). ')';
-        }
-
-        return $baseFilter;
-    }
-
-    /**
-     * Check and convert filter item in LDAP format
-     *
-     * @param  string $filter [description]
-     * @return string
-     */
-    protected function convertToFilterFormat($filter)
-    {
-        $filter = trim($filter);
-        if (substr($filter, 0, 1) != '(') {
-            $filter = '(' . $filter;
-        }
-
-        if (substr($filter, -1) != ')') {
-            $filter = $filter . ')';
-        }
-
-        return $filter;
-    }
-}

application/Espo/Core/Utils/Authentication/LDAP/Utils.php

@@ -57,7 +57,16 @@ class Utils
         'tryUsernameSplit' => 'ldapTryUsernameSplit',
         'networkTimeout' => 'ldapNetworkTimeout',
         'createEspoUser' => 'ldapCreateEspoUser',
+        'userNameAttribute' => 'ldapUserNameAttribute',
+        'userTitleAttribute' => 'ldapUserTitleAttribute',
+        'userFirstNameAttribute' => 'ldapUserFirstNameAttribute',
+        'userLastNameAttribute' => 'ldapUserLastNameAttribute',
+        'userEmailAddressAttribute' => 'ldapUserEmailAddressAttribute',
+        'userPhoneNumberAttribute' => 'ldapUserPhoneNumberAttribute',
         'userLoginFilter' => 'ldapUserLoginFilter',
+        'userTeamsIds' => 'ldapUserTeamsIds',
+        'userDefaultTeamId' => 'ldapUserDefaultTeamId',
+        'userObjectClass' => 'ldapUserObjectClass',
     );
 
     /**
@@ -66,8 +75,17 @@ class Utils
      * @var array
      */
     protected $permittedEspoOptions = array(
-        'createEspoUser' => false,
-        'userLoginFilter' => null,
+        'createEspoUser',
+        'userNameAttribute',
+        'userObjectClass',
+        'userTitleAttribute',
+        'userFirstNameAttribute',
+        'userLastNameAttribute',
+        'userEmailAddressAttribute',
+        'userPhoneNumberAttribute',
+        'userLoginFilter',
+        'userTeamsIds',
+        'userDefaultTeamId',
     );
 
     /**
@@ -83,9 +101,11 @@ class Utils
     );
 
 
-    public function __construct(Config $config)
+    public function __construct(Config $config = null)
     {
-        $this->config = $config;
+        if (isset($config)) {
+            $this->config = $config;
+        }
     }
 
     protected function getConfig()
@@ -113,14 +133,25 @@ class Utils
             }
         }
 
-        /** peculiar fields */
+        $this->options = $this->normalizeOptions($options);
+
+        return $this->options;
+    }
+
+    /**
+     * Normalize options to LDAP client format
+     *
+     * @param  array  $options
+     *
+     * @return array
+     */
+    public function normalizeOptions(array $options)
+    {
         $options['useSsl'] = (bool) ($options['useSsl'] == 'SSL');
         $options['useStartTls'] = (bool) ($options['useStartTls'] == 'TLS');
         $options['accountCanonicalForm'] = $this->accountCanonicalFormMap[ $options['accountCanonicalForm'] ];
 
-        $this->options = $options;
-
-        return $this->options;
+        return $options;
     }
 
     /**
@@ -148,12 +179,10 @@ class Utils
      *
      * @return array
      */
-    public function getZendOptions()
+    public function getLdapClientOptions()
     {
         $options = $this->getOptions();
-        $espoOptions = array_keys($this->permittedEspoOptions);
-
-        $zendOptions = array_diff_key($options, array_flip($espoOptions));
+        $zendOptions = array_diff_key($options, array_flip($this->permittedEspoOptions));
 
         return $zendOptions;
     }

application/Espo/Core/Utils/ClientManager.php

@@ -96,8 +96,9 @@ class ClientManager
         foreach ($vars as $key => $value) {
             $html = str_replace('{{'.$key.'}}', $value, $html);
         }
+        $html = str_replace('{{applicationName}}', $this->getConfig()->get('applicationName', 'EspoCRM'), $html);
         $html = str_replace('{{cacheTimestamp}}', $this->getCacheTimestamp(), $html);
-        $html = str_replace('{{useCache}}', $this->getConfig()->get('useCache') ? 'true' : 'false' , $html);
+        $html = str_replace('{{useCache}}', $this->getConfig()->get('useCache') ? 'true' : 'false', $html);
         $html = str_replace('{{stylesheet}}', $this->getThemeManager()->getStylesheet(), $html);
         $html = str_replace('{{runScript}}', $runScript , $html);
         $html = str_replace('{{basePath}}', $this->basePath , $html);

application/Espo/Core/Utils/Config.php

@@ -316,6 +316,11 @@ class Config
 
         return true;
     }
+
+    public function getSiteUrl()
+    {
+        return rtrim($this->get('siteUrl'), '/');
+    }
 }
 
 ?>

application/Espo/Core/Utils/Cron/Job.php

@@ -69,20 +69,18 @@ class Job
      *
      * @return array
      */
-    public function getPendingJobs()
+    public function getPendingJobList()
     {
-        /** Mark Failed old jobs and remove pending duplicates */
-        $this->markFailedJobs();
-        $this->markJobAttempts();
-        $this->removePendingJobDuplicates();
+        $jobConfigs = $this->getConfig()->get('cron');
+        $limit = !empty($jobConfigs['maxJobNumber']) ? intval($jobConfigs['maxJobNumber']) : 0;
 
-        $jobList = $this->getActiveJobs();
+        $jobList = $this->getJobList(CronManager::PENDING, $limit);
 
-        $runningScheduledJobs = $this->getActiveJobs('scheduled_job_id', CronManager::RUNNING, PDO::FETCH_COLUMN);
+        $runningScheduledJobIdList = $this->getRunningScheduledJobIdList();
 
-        $list = array();
+        $list = [];
         foreach ($jobList as $row) {
-            if (!in_array($row['scheduled_job_id'], $runningScheduledJobs)) {
+            if (!in_array($row['scheduled_job_id'], $runningScheduledJobIdList)) {
                 $list[] = $row;
             }
         }
@@ -90,32 +88,63 @@ class Job
         return $list;
     }
 
-    /**
-     * Get active Jobs, which execution date in jobPeriod time
-     *
-     * @param  string $displayColumns
-     * @param  string $status
-     *
-     * @return array
-     */
-    public function getActiveJobs($displayColumns = '*', $status = CronManager::PENDING, $fetchMode = PDO::FETCH_ASSOC)
+    public function getRunningScheduledJobIdList()
     {
-        $jobConfigs = $this->getConfig()->get('cron');
-
-        $currentTime = time();
-        $limit = empty($jobConfigs['maxJobNumber']) ? '' : 'LIMIT '.$jobConfigs['maxJobNumber'];
-
-        $query = "SELECT " . $displayColumns . " FROM job WHERE
-                    `status` = '" . $status . "'
-                    AND execute_time <= '".date('Y-m-d H:i:s', $currentTime)."'
-                    AND deleted = 0
-                    ORDER BY execute_time ASC ".$limit;
+        $list = [];
 
         $pdo = $this->getEntityManager()->getPDO();
+
+        $query = "
+            SELECT scheduled_job_id FROM job
+            WHERE
+                `status` = 'Running' AND
+                scheduled_job_id IS NOT NULL AND
+                target_id IS NULL AND
+                deleted = 0
+            ORDER BY execute_time
+        ";
         $sth = $pdo->prepare($query);
         $sth->execute();
 
-        $rows = $sth->fetchAll($fetchMode);
+        $rowList = $sth->fetchAll(PDO::FETCH_ASSOC);
+        foreach ($rowList as $row) {
+            $list[] = $row['scheduled_job_id'];
+        }
+
+        return $list;
+    }
+
+    /**
+     * Get job list, which execution date in jobPeriod time
+     *
+     * @param  string $status
+     * @param  int $limit
+     *
+     * @return array
+     */
+    public function getJobList($status = CronManager::PENDING, $limit = null)
+    {
+        $currentTime = time();
+
+        $pdo = $this->getEntityManager()->getPDO();
+
+        $query = "
+            SELECT * FROM job
+            WHERE
+                `status` = " . $pdo->quote($status) . "
+                AND execute_time <= '".date('Y-m-d H:i:s', $currentTime)."'
+                AND deleted = 0
+            ORDER BY execute_time ASC
+        ";
+
+        if ($limit) {
+            $query .= " LIMIT " . $limit ;
+        }
+
+        $sth = $pdo->prepare($query);
+        $sth->execute();
+
+        $rows = $sth->fetchAll(PDO::FETCH_ASSOC);
 
         return $rows;
     }
@@ -133,13 +162,17 @@ class Job
         $dateObj = new \DateTime($time);
         $timeWithoutSeconds = $dateObj->format('Y-m-d H:i:');
 
-        $query = "SELECT * FROM job WHERE
-                    scheduled_job_id = '".$scheduledJobId."'
-                    AND execute_time LIKE '".$timeWithoutSeconds."%'
-                    AND deleted = 0
-                    LIMIT 1";
-
         $pdo = $this->getEntityManager()->getPDO();
+
+        $query = "
+            SELECT * FROM job
+            WHERE
+                scheduled_job_id = ".$pdo->quote($scheduledJobId)."
+                AND execute_time LIKE ". $pdo->quote($timeWithoutSeconds . '%') . "
+                AND deleted = 0
+            LIMIT 1
+        ";
+
         $sth = $pdo->prepare($query);
         $sth->execute();
 
@@ -153,7 +186,7 @@ class Job
      *
      * @return void
      */
-    protected function markFailedJobs()
+    public function markFailedJobs()
     {
         $jobConfigs = $this->getConfig()->get('cron');
 
@@ -162,9 +195,11 @@ class Job
 
         $pdo = $this->getEntityManager()->getPDO();
 
-        $select = "SELECT id, scheduled_job_id, execute_time FROM `job` WHERE
-                    (`status` = '" . CronManager::RUNNING ."')
-                    AND execute_time < '".date('Y-m-d H:i:s', $periodTime)."' ";
+        $select = "
+            SELECT id, scheduled_job_id, execute_time, target_id, target_type FROM `job`
+            WHERE
+            `status` = '" . CronManager::RUNNING ."' AND execute_time < '".date('Y-m-d H:i:s', $periodTime)."'
+        ";
         $sth = $pdo->prepare($select);
         $sth->execute();
 
@@ -173,7 +208,11 @@ class Job
            $jobData[$row['id']] = $row;
         }
 
-        $update = "UPDATE job SET `status` = '". CronManager::FAILED ."' WHERE id IN ('".implode("', '", array_keys($jobData))."')";
+        $update = "
+            UPDATE job
+            SET `status` = '". CronManager::FAILED ."'
+            WHERE id IN ('".implode("', '", array_keys($jobData))."')
+        ";
         $sth = $pdo->prepare($update);
         $sth->execute();
 
@@ -181,7 +220,7 @@ class Job
         $cronScheduledJob = $this->getCronScheduledJob();
         foreach ($jobData as $jobId => $job) {
             if (!empty($job['scheduled_job_id'])) {
-                $cronScheduledJob->addLogRecord($job['scheduled_job_id'], CronManager::FAILED, $job['execute_time']);
+                $cronScheduledJob->addLogRecord($job['scheduled_job_id'], CronManager::FAILED, $job['execute_time'], $job['target_id'], $job['target_type']);
             }
         }
     }
@@ -191,38 +230,50 @@ class Job
      *
      * @return void
      */
-    protected function removePendingJobDuplicates()
+    public function removePendingJobDuplicates()
     {
         $pdo = $this->getEntityManager()->getPDO();
 
-        $query = "SELECT scheduled_job_id FROM job
-                    WHERE
-                    scheduled_job_id IS NOT NULL
-                    AND `status` = '".CronManager::PENDING."'
-                    AND execute_time <= '".date('Y-m-d H:i:s')."'
-                    AND deleted = 0
-                    GROUP BY scheduled_job_id
-                    HAVING count( * ) > 1
-                    ORDER BY execute_time ASC";
+        $query = "
+            SELECT scheduled_job_id
+            FROM job
+            WHERE
+                scheduled_job_id IS NOT NULL AND
+                `status` = '".CronManager::PENDING."' AND
+                execute_time <= '".date('Y-m-d H:i:s')."' AND
+                target_id IS NULL AND
+                deleted = 0
+            GROUP BY scheduled_job_id
+            HAVING count( * ) > 1
+            ORDER BY MAX(execute_time) ASC
+        ";
         $sth = $pdo->prepare($query);
         $sth->execute();
 
-        $duplicateJobs = $sth->fetchAll(PDO::FETCH_ASSOC);
+        $duplicateJobList = $sth->fetchAll(PDO::FETCH_ASSOC);
 
-        foreach ($duplicateJobs as $row) {
+        foreach ($duplicateJobList as $row) {
             if (!empty($row['scheduled_job_id'])) {
 
                 /* no possibility to use limit in update or subqueries */
-                $query = "SELECT id FROM `job` WHERE scheduled_job_id = '" . $row['scheduled_job_id'] . "'
-                            AND `status` = '" . CronManager::PENDING ."'
-                            ORDER BY execute_time
-                            DESC LIMIT 1, 100000 ";
+                $query = "
+                    SELECT id FROM `job`
+                    WHERE
+                        scheduled_job_id = '" . $row['scheduled_job_id'] . "' AND
+                        `status` = '" . CronManager::PENDING ."'
+                        ORDER BY execute_time
+                        DESC LIMIT 1, 100000
+                    ";
                 $sth = $pdo->prepare($query);
                 $sth->execute();
                 $jobIds = $sth->fetchAll(PDO::FETCH_COLUMN);
 
-                $update = "UPDATE job SET deleted = 1 WHERE
-                            id IN ('". implode("', '", $jobIds)."') ";
+                $update = "
+                    UPDATE job
+                    SET deleted = 1
+                    WHERE
+                        id IN ('". implode("', '", $jobIds)."')
+                ";
 
                 $sth = $pdo->prepare($update);
                 $sth->execute();
@@ -235,13 +286,16 @@ class Job
      *
      * @return void
      */
-    protected function markJobAttempts()
+    public function updateFailedJobAttempts()
     {
-        $query = "SELECT * FROM job WHERE
-                    `status` = '" . CronManager::FAILED . "'
-                    AND deleted = 0
-                    AND execute_time <= '".date('Y-m-d H:i:s')."'
-                    AND attempts > 0";
+        $query = "
+            SELECT * FROM job
+            WHERE
+                `status` = '" . CronManager::FAILED . "' AND
+                deleted = 0 AND
+                execute_time <= '".date('Y-m-d H:i:s')."' AND
+                attempts > 0
+        ";
 
         $pdo = $this->getEntityManager()->getPDO();
         $sth = $pdo->prepare($query);
@@ -255,12 +309,14 @@ class Job
                 $attempts = $row['attempts'] - 1;
                 $failedAttempts = $row['failed_attempts'] + 1;
 
-                $update = "UPDATE job SET
-                            `status` = '" . CronManager::PENDING ."',
-                            attempts = '".$attempts."',
-                            failed_attempts = '".$failedAttempts."'
-                            WHERE
-                            id = '".$row['id']."'
+                $update = "
+                    UPDATE job
+                    SET
+                        `status` = '" . CronManager::PENDING ."',
+                        attempts = '".$attempts."',
+                        failed_attempts = '".$failedAttempts."'
+                    WHERE
+                        id = '".$row['id']."'
                 ";
                 $pdo->prepare($update)->execute();
             }

application/Espo/Core/Utils/Cron/ScheduledJob.php

@@ -59,11 +59,14 @@ class ScheduledJob
      *
      * @return array
      */
-    public function getActiveJobs()
+    public function getActiveScheduledJobList()
     {
-        $query = "SELECT * FROM scheduled_job WHERE
-                    `status` = 'Active'
-                    AND deleted = 0";
+        $query = "
+            SELECT * FROM scheduled_job
+            WHERE
+                `status` = 'Active' AND
+                deleted = 0
+        ";
 
         $pdo = $this->getEntityManager()->getPDO();
         $sth = $pdo->prepare($query);
@@ -87,7 +90,7 @@ class ScheduledJob
      *
      * @return string ID of created ScheduledJobLogRecord
      */
-    public function addLogRecord($scheduledJobId, $status, $runTime = null)
+    public function addLogRecord($scheduledJobId, $status, $runTime = null, $targetId = null, $targetType = null)
     {
         if (!isset($runTime)) {
             $runTime = date('Y-m-d H:i:s');
@@ -96,6 +99,11 @@ class ScheduledJob
         $entityManager = $this->getEntityManager();
 
         $scheduledJob = $entityManager->getEntity('ScheduledJob', $scheduledJobId);
+
+        if (!$scheduledJob) {
+            return;
+        }
+
         $scheduledJob->set('lastRun', $runTime);
         $entityManager->saveEntity($scheduledJob);
 
@@ -105,6 +113,8 @@ class ScheduledJob
             'name' => $scheduledJob->get('name'),
             'status' => $status,
             'executionTime' => $runTime,
+            'targetId' => $targetId,
+            'targetType' => $targetType
         ));
         $scheduledJobLogId = $entityManager->saveEntity($scheduledJobLog);
 

application/Espo/Core/Utils/Database/Converter.php

@@ -82,15 +82,11 @@ class Converter
     */
     public function process()
     {
-        $GLOBALS['log']->debug('Orm\Converter - Start: orm convertation');
-
         $ormMeta = $this->getOrmConverter()->process();
 
         //save database meta to a file espoMetadata.php
         $result = $this->getMetadata()->setOrmMetadata($ormMeta);
 
-        $GLOBALS['log']->debug('Orm\Converter - End: orm convertation, result=['.$result.']');
-
         return $result;
     }
 }

application/Espo/Core/Utils/Database/Orm/Fields/Currency.php

@@ -66,7 +66,9 @@ class Currency extends Base
                         "<" => Util::toUnderScore($entityName) . "." . $currencyColumnName . " * {$alias}.rate < {value}",
                         ">=" => Util::toUnderScore($entityName) . "." . $currencyColumnName . " * {$alias}.rate >= {value}",
                         "<=" => Util::toUnderScore($entityName) . "." . $currencyColumnName . " * {$alias}.rate <= {value}",
-                        "<>" => Util::toUnderScore($entityName) . "." . $currencyColumnName . " * {$alias}.rate <> {value}"
+                        "<>" => Util::toUnderScore($entityName) . "." . $currencyColumnName . " * {$alias}.rate <> {value}",
+                        "IS NULL" => Util::toUnderScore($entityName) . "." . $currencyColumnName . ' IS NULL',
+                        "IS NOT NULL" => Util::toUnderScore($entityName) . "." . $currencyColumnName . ' IS NOT NULL',
                 ),
                 'notStorable' => true,
                 'orderBy' => $converedFieldName . " {direction}"

application/Espo/Core/Utils/Database/Orm/Fields/Email.php

@@ -48,22 +48,36 @@ class Email extends Base
                                     entity_email_address.deleted = 0 AND entity_email_address.entity_type = '{$entityName}' AND
                                     email_address.deleted = 0 AND email_address.name LIKE {value}
                             )",
-                            '=' => \Espo\Core\Utils\Util::toUnderScore($entityName) . ".id IN (
-                                SELECT entity_id
-                                FROM entity_email_address
-                                JOIN email_address ON email_address.id = entity_email_address.email_address_id
-                                WHERE
-                                    entity_email_address.deleted = 0 AND entity_email_address.entity_type = '{$entityName}' AND
-                                    email_address.deleted = 0 AND email_address.name = {value}
-                            )",
-                            '<>' => \Espo\Core\Utils\Util::toUnderScore($entityName) . ".id IN (
-                                SELECT entity_id
-                                FROM entity_email_address
-                                JOIN email_address ON email_address.id = entity_email_address.email_address_id
-                                WHERE
-                                    entity_email_address.deleted = 0 AND entity_email_address.entity_type = '{$entityName}' AND
-                                    email_address.deleted = 0 AND email_address.name <> {value}
-                            )"
+                            '=' => array(
+                                'leftJoins' => [['emailAddresses', 'emailAddressesMultiple']],
+                                'sql' => 'emailAddressesMultiple.name = {value}',
+                                'distinct' => true
+                            ),
+                            '<>' => array(
+                                'leftJoins' => [['emailAddresses', 'emailAddressesMultiple']],
+                                'sql' => 'emailAddressesMultiple.name <> {value}',
+                                'distinct' => true
+                            ),
+                            'IN' => array(
+                                'leftJoins' => [['emailAddresses', 'emailAddressesMultiple']],
+                                'sql' => 'emailAddressesMultiple.name IN {value}',
+                                'distinct' => true
+                            ),
+                            'NOT IN' => array(
+                                'leftJoins' => [['emailAddresses', 'emailAddressesMultiple']],
+                                'sql' => 'emailAddressesMultiple.name NOT IN {value}',
+                                'distinct' => true
+                            ),
+                            'IS NULL' => array(
+                                'leftJoins' => [['emailAddresses', 'emailAddressesMultiple']],
+                                'sql' => 'emailAddressesMultiple.name IS NULL',
+                                'distinct' => true
+                            ),
+                            'IS NOT NULL' => array(
+                                'leftJoins' => [['emailAddresses', 'emailAddressesMultiple']],
+                                'sql' => 'emailAddressesMultiple.name IS NOT NULL',
+                                'distinct' => true
+                            )
                         ),
                         'orderBy' => 'emailAddresses.name {direction}',
                     ),
@@ -73,7 +87,7 @@ class Email extends Base
                     ),
                 ),
                 'relations' => array(
-                    $fieldName.'es' => array(
+                    'emailAddresses' => array(
                         'type' => 'manyMany',
                         'entity' => 'EmailAddress',
                         'relationName' => 'entityEmailAddress',

application/Espo/Core/Utils/Database/Orm/Fields/Phone.php

@@ -48,22 +48,36 @@ class Phone extends Base
                                     entity_phone_number.deleted = 0 AND entity_phone_number.entity_type = '{$entityName}' AND
                                     phone_number.deleted = 0 AND phone_number.name LIKE {value}
                             )",
-                            '=' => \Espo\Core\Utils\Util::toUnderScore($entityName) . ".id IN (
-                                SELECT entity_id
-                                FROM entity_phone_number
-                                JOIN phone_number ON phone_number.id = entity_phone_number.phone_number_id
-                                WHERE
-                                    entity_phone_number.deleted = 0 AND entity_phone_number.entity_type = '{$entityName}' AND
-                                    phone_number.deleted = 0 AND phone_number.name = {value}
-                            )",
-                            '<>' => \Espo\Core\Utils\Util::toUnderScore($entityName) . ".id IN (
-                                SELECT entity_id
-                                FROM entity_phone_number
-                                JOIN phone_number ON phone_number.id = entity_phone_number.phone_number_id
-                                WHERE
-                                    entity_phone_number.deleted = 0 AND entity_phone_number.entity_type = '{$entityName}' AND
-                                    phone_number.deleted = 0 AND phone_number.name <> {value}
-                            )"
+                            '=' => array(
+                                'leftJoins' => [['phoneNumbers', 'phoneNumbersMultiple']],
+                                'sql' => 'phoneNumbersMultiple.name = {value}',
+                                'distinct' => true
+                            ),
+                            '<>' => array(
+                                'leftJoins' => [['phoneNumbers', 'phoneNumbersMultiple']],
+                                'sql' => 'phoneNumbersMultiple.name <> {value}',
+                                'distinct' => true
+                            ),
+                            'IN' => array(
+                                'leftJoins' => [['phoneNumbers', 'phoneNumbersMultiple']],
+                                'sql' => 'phoneNumbersMultiple.name IN {value}',
+                                'distinct' => true
+                            ),
+                            'NOT IN' => array(
+                                'leftJoins' => [['phoneNumbers', 'phoneNumbersMultiple']],
+                                'sql' => 'phoneNumbersMultiple.name NOT IN {value}',
+                                'distinct' => true
+                            ),
+                            'IS NULL' => array(
+                                'leftJoins' => [['phoneNumbers', 'phoneNumbersMultiple']],
+                                'sql' => 'phoneNumbersMultiple.name IS NULL',
+                                'distinct' => true
+                            ),
+                            'IS NOT NULL' => array(
+                                'leftJoins' => [['phoneNumbers', 'phoneNumbersMultiple']],
+                                'sql' => 'phoneNumbersMultiple.name IS NOT NULL',
+                                'distinct' => true
+                            )
                         ),
                         'orderBy' => 'phoneNumbers.name {direction}',
                     ),
@@ -73,7 +87,7 @@ class Phone extends Base
                     ),
                 ),
                 'relations' => array(
-                    $fieldName.'s' => array(
+                    'phoneNumbers' => array(
                         'type' => 'manyMany',
                         'entity' => 'PhoneNumber',
                         'relationName' => 'entityPhoneNumber',

application/Espo/Core/Utils/DateTime.php

@@ -116,6 +116,11 @@ class DateTime
         return null;
     }
 
+    public function setTimezone($timezone)
+    {
+        $this->timezone = new \DateTimeZone($timezone);
+    }
+
 }
 
 

application/Espo/Core/Utils/EmailFilterManager.php

@@ -0,0 +1,78 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Core\Utils;
+
+use \Espo\Core\ORM\EntityManager;
+use \Espo\Entities\Email;
+
+class EmailFilterManager
+{
+    private $entityManager;
+
+    private $data = array();
+
+    protected $filtersMatcher = null;
+
+    public function __construct(EntityManager $entityManager)
+    {
+        $this->entityManager = $entityManager;
+    }
+
+    protected function getEntityManager()
+    {
+        return $this->entityManager;
+    }
+
+    protected function getFiltersMatcher()
+    {
+        if (!$this->filtersMatcher) {
+            $this->filtersMatcher = new \Espo\Core\Mail\FiltersMatcher();
+        }
+        return $this->filtersMatcher;
+    }
+
+    public function getMatchingFilter(Email $email, $userId)
+    {
+        if (!array_key_exists($userId, $this->data)) {
+            $emailFilterList = $this->getEntityManager()->getRepository('EmailFilter')->where(array(
+                'parentId' => $userId,
+                'parentType' => 'User'
+            ))->order('LIST:action:Skip;Move to Folder')->find();
+            $this->data[$userId] = $emailFilterList;
+        }
+        foreach ($this->data[$userId] as $emailFilter) {
+            if ($this->getFiltersMatcher()->match($email, $emailFilter)) {
+                return $emailFilter;
+            }
+        }
+    }
+}
+
+

application/Espo/Core/Utils/EntityManager.php

@@ -82,6 +82,8 @@ class EntityManager
             throw new Error();
         }
 
+        $name = trim($name);
+
         $normalizedName = Util::normilizeClassName($name);
 
         $contents = "<" . "?" . "php\n\n".
@@ -217,6 +219,15 @@ class EntityManager
             $this->getMetadata()->set('entityDefs', $name, $entityDefsData);
         }
 
+        if (isset($data['textFilterFields'])) {
+            $entityDefsData = array(
+                'collection' => array(
+                    'textFilterFields' => $data['textFilterFields']
+                )
+            );
+            $this->getMetadata()->set('entityDefs', $name, $entityDefsData);
+        }
+
         $this->getMetadata()->save();
         $this->getLanguage()->save();
 
@@ -270,9 +281,9 @@ class EntityManager
         $linkType = $params['linkType'];
 
         $entity = $params['entity'];
-        $link = $params['link'];
+        $link = trim($params['link']);
         $entityForeign = $params['entityForeign'];
-        $linkForeign = $params['linkForeign'];
+        $linkForeign = trim($params['linkForeign']);
 
         $label = $params['label'];
         $labelForeign = $params['labelForeign'];
@@ -320,9 +331,15 @@ class EntityManager
 
         switch ($linkType) {
             case 'oneToMany':
-                if ($this->getMetadata()->get('entityDefs.' . $entityForeign . '.field.' . $linkForeign)) {
+                if ($this->getMetadata()->get('entityDefs.' . $entityForeign . '.fields.' . $linkForeign)) {
                     throw new Conflict('Field ['.$entityForeign.'::'.$linkForeign.'] already exists.');
                 }
+                if ($this->getMetadata()->get('entityDefs.' . $entityForeign . '.fields.' . $linkForeign . 'Id')) {
+                    throw new Conflict('Field ['.$entityForeign.'::'.$linkForeign.'Id] already exists.');
+                }
+                if ($this->getMetadata()->get('entityDefs.' . $entityForeign . '.fields.' . $linkForeign . 'Name')) {
+                    throw new Conflict('Field ['.$entityForeign.'::'.$linkForeign.'Name] already exists.');
+                }
                 $dataLeft = array(
                     'fields' => array(
                         $link => array(
@@ -361,9 +378,15 @@ class EntityManager
                 );
                 break;
             case 'manyToOne':
-                if ($this->getMetadata()->get('entityDefs.' . $entity . '.field.' . $link)) {
+                if ($this->getMetadata()->get('entityDefs.' . $entity . '.fields.' . $link)) {
                     throw new Conflict('Field ['.$entity.'::'.$link.'] already exists.');
                 }
+                if ($this->getMetadata()->get('entityDefs.' . $entity . '.fields.' . $link . 'Id')) {
+                    throw new Conflict('Field ['.$entity.'::'.$link.'Id] already exists.');
+                }
+                if ($this->getMetadata()->get('entityDefs.' . $entity . '.fields.' . $link . 'Name')) {
+                    throw new Conflict('Field ['.$entity.'::'.$link.'Name] already exists.');
+                }
                 $dataLeft = array(
                     'fields' => array(
                         $link => array(

application/Espo/Core/Utils/FieldManager.php

@@ -31,6 +31,8 @@ namespace Espo\Core\Utils;
 use \Espo\Core\Exceptions\Error,
     \Espo\Core\Exceptions\Conflict;
 
+use \Espo\Core\Container;
+
 class FieldManager
 {
     private $metadata;
@@ -41,14 +43,17 @@ class FieldManager
 
     protected $isChanged = null;
 
+    private $container;
+
     protected $metadataType = 'entityDefs';
 
     protected $customOptionName = 'isCustom';
 
-    public function __construct(Metadata $metadata, Language $language)
+    public function __construct(Metadata $metadata, Language $language, Container $container = null)
     {
         $this->metadata = $metadata;
         $this->language = $language;
+        $this->container = $container;
 
         $this->metadataHelper = new \Espo\Core\Utils\Metadata\Helper($this->metadata);
     }
@@ -74,6 +79,10 @@ class FieldManager
 
         $fieldDefs['label'] = $this->getLanguage()->translate($name, 'fields', $scope);
 
+        $type = $this->getMetadata()->get(['entityDefs', $scope, 'fields', $name, 'type']);
+
+        $this->processHook('onRead', $type, $scope, $name, $fieldDefs);
+
         return $fieldDefs;
     }
 
@@ -89,6 +98,7 @@ class FieldManager
 
     public function update($name, $fieldDefs, $scope)
     {
+        $name = trim($name);
         /*Add option to metadata to identify the custom field*/
         if (!$this->isCore($name, $scope)) {
             $fieldDefs[$this->customOptionName] = true;
@@ -99,7 +109,11 @@ class FieldManager
             $this->setLabel($name, $fieldDefs['label'], $scope);
         }
 
-        if (isset($fieldDefs['type']) && ($fieldDefs['type'] == 'enum' || $fieldDefs['type'] == 'phone')) {
+        $type = isset($fieldDefs['type']) ? $fieldDefs['type'] : $type = $this->getMetadata()->get(['entityDefs', $scope, 'fields', $name, 'type']);
+
+        $this->processHook('beforeSave', $type, $scope, $name, $fieldDefs);
+
+        if ($this->getMetadata()->get(['fields', $type, 'translatedOptions'])) {
             if (isset($fieldDefs['translatedOptions'])) {
                 $this->setTranslatedOptions($name, $fieldDefs['translatedOptions'], $scope);
             }
@@ -107,6 +121,8 @@ class FieldManager
 
         if (isset($fieldDefs['label']) || isset($fieldDefs['translatedOptions'])) {
             $res &= $this->getLanguage()->save();
+
+            $this->processHook('afterSave', $type, $scope, $name, $fieldDefs);
         }
 
         if ($this->isDefsChanged($name, $fieldDefs, $scope)) {
@@ -122,6 +138,10 @@ class FieldManager
             throw new Error('Cannot delete core field ['.$name.'] in '.$scope);
         }
 
+        $type = $this->getMetadata()->get(['entityDefs', $scope, 'fields', $name, 'type']);
+
+        $this->processHook('beforeRemove', $type, $scope, $name);
+
         $unsets = array(
             'fields.'.$name,
             'links.'.$name,
@@ -131,6 +151,8 @@ class FieldManager
         $res = $this->getMetadata()->save();
         $res &= $this->deleteLabel($name, $scope);
 
+        $this->processHook('afterRemove', $type, $scope, $name);
+
         return (bool) $res;
     }
 
@@ -336,4 +358,31 @@ class FieldManager
     {
         return array_merge($this->getActualAttributeList($scope, $name), $this->getNotActualAttributeList($scope, $name));
     }
+
+    protected function processHook($methodName, $type, $scope, $name, &$defs = null)
+    {
+        $hook = $this->getHook($type);
+        if (!$hook) return;
+
+        if (!method_exists($hook, $methodName)) return;
+
+        $hook->$methodName($scope, $name, $defs);
+    }
+
+    protected function getHook($type)
+    {
+        $className = $this->getMetadata()->get(['fields', $type, 'hookClassName']);
+
+        if (!$className) return;
+
+        if (class_exists($className)) {
+            $hook = new $className();
+            foreach ($hook->getDependencyList() as $name) {
+                $hook->inject($name, $this->container->get($name));
+            }
+            return $hook;
+        }
+        $GLOBALS['log']->error("Field Manager hook class '{$className}' does not exist.");
+        return;
+    }
 }

application/Espo/Core/Utils/FieldManager/Hooks/Base.php

@@ -0,0 +1,65 @@
+<?php
+
+namespace Espo\Core\Utils\FieldManager\Hooks;
+
+abstract class Base
+{
+    protected $dependencyList = [
+        'entityManager',
+        'config',
+        'metadata',
+    ];
+
+    protected $injections = array();
+
+    public function __construct()
+    {
+        $this->init();
+    }
+
+    protected function init()
+    {
+    }
+
+    public function getDependencyList()
+    {
+        return $this->dependencyList;
+    }
+
+    protected function addDependencyList(array $list)
+    {
+        foreach ($list as $item) {
+            $this->addDependency($item);
+        }
+    }
+
+    protected function addDependency($name)
+    {
+        $this->dependencies[] = $name;
+    }
+
+    protected function getInjection($name)
+    {
+        return $this->injections[$name];
+    }
+
+    public function inject($name, $object)
+    {
+        $this->injections[$name] = $object;
+    }
+
+    protected function getMetadata()
+    {
+        return $this->getInjection('metadata');
+    }
+
+    protected function getConfig()
+    {
+        return $this->getInjection('config');
+    }
+
+    protected function getEntityManager()
+    {
+        return $this->getInjection('entityManager');
+    }
+}

application/Espo/Core/Utils/FieldManager/Hooks/NumberType.php

@@ -0,0 +1,61 @@
+<?php
+
+namespace Espo\Core\Utils\FieldManager\Hooks;
+
+class NumberType extends Base
+{
+    public function onRead($scope, $name, &$defs)
+    {
+        $number = $this->getEntityManager()->getRepository('NextNumber')->where(array(
+            'entityType' => $scope,
+            'fieldName' => $name
+        ))->findOne();
+
+        $value = null;
+        if (!$number) {
+            $value = 1;
+        } else {
+            if (!$number->get('value')) {
+                $value = 1;
+            }
+        }
+
+        if (!$value && $number) {
+            $value = $number->get('value');
+        }
+
+        $defs['nextNumber'] = $value;
+    }
+
+    public function afterSave($scope, $name, $defs)
+    {
+        if (!isset($defs['nextNumber'])) return;
+
+        $number = $this->getEntityManager()->getRepository('NextNumber')->where(array(
+            'entityType' => $scope,
+            'fieldName' => $name
+        ))->findOne();
+
+        if (!$number) {
+            $number = $this->getEntityManager()->getEntity('NextNumber');
+
+            $number->set('entityType', $scope);
+            $number->set('fieldName', $name);
+        }
+
+        $number->set('value', $defs['nextNumber']);
+        $this->getEntityManager()->saveEntity($number);
+    }
+
+    public function afterRemove($scope, $name)
+    {
+        $number = $this->getEntityManager()->getRepository('NextNumber')->where(array(
+            'entityType' => $scope,
+            'fieldName' => $name
+        ))->findOne();
+
+        if (!$number) return;
+
+        $this->getEntityManager()->removeEntity($number);
+    }
+}

application/Espo/Core/Utils/File/Manager.php

@@ -188,9 +188,7 @@ class Manager
 
         if (file_exists($fullPath) && strtolower(substr($fullPath, -4)) == '.php') {
             $phpContents = include($fullPath);
-            if (is_array($phpContents)) {
-                return $phpContents;
-            }
+            return $phpContents;
         }
 
         return false;
@@ -249,7 +247,7 @@ class Manager
     public function putContentsJson($path, $data)
     {
         if (!Utils\Json::isJSON($data)) {
-            $data = Utils\Json::encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
+            $data = Utils\Json::encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
         }
 
         return $this->putContents($path, $data, LOCK_EX);
@@ -290,7 +288,7 @@ class Manager
         $data = Utils\Util::merge($savedDataArray, $newDataArray);
 
         if ($isReturnJson) {
-            $data = Utils\Json::encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
+            $data = Utils\Json::encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
         }
 
         if ($isPhp) {
@@ -336,7 +334,7 @@ class Manager
     public function unsetContents($path, $unsets, $isJSON = true)
     {
         $currentData = $this->getContents($path);
-        if ($currentData == false) {
+        if (!isset($currentData) || !$currentData) {
             $GLOBALS['log']->notice('FileManager::unsetContents: File ['.$this->concatPaths($path).'] does not exist.');
             return false;
         }

application/Espo/Core/Utils/File/Permission.php

@@ -373,7 +373,7 @@ class Permission
     protected function chmodReal($filename, $mode)
     {
         try {
-            $result = chmod($filename, $mode);
+            $result = @chmod($filename, $mode);
         } catch (\Exception $e) {
             $result = false;
         }
@@ -383,7 +383,7 @@ class Permission
             $this->chgrp($filename, $this->getDefaultGroup(true));
 
             try {
-                $result = chmod($filename, $mode);
+                $result = @chmod($filename, $mode);
             } catch (\Exception $e) {
                 throw new Error($e->getMessage());
             }
@@ -395,7 +395,7 @@ class Permission
     protected function chownReal($path, $user)
     {
         try {
-            $result = chown($path, $user);
+            $result = @chown($path, $user);
         } catch (\Exception $e) {
             throw new Error($e->getMessage());
         }
@@ -406,7 +406,7 @@ class Permission
     protected function chgrpReal($path, $group)
     {
         try {
-            $result = chgrp($path, $group);
+            $result = @chgrp($path, $group);
         } catch (\Exception $e) {
             throw new Error($e->getMessage());
         }

application/Espo/Core/Utils/Language.php

@@ -185,6 +185,11 @@ class Language
         $options = $this->get($scope. '.options.' . $field);
         if (is_array($options) && array_key_exists($value, $options)) {
             return $options[$value];
+        } else if ($scope !== 'Global') {
+            $options = $this->get('Global.options.' . $field);
+            if (is_array($options) && array_key_exists($value, $options)) {
+                return $options[$value];
+            }
         }
         return $value;
     }

application/Espo/Core/Utils/Metadata.php

@@ -28,6 +28,7 @@
  ************************************************************************/
 
 namespace Espo\Core\Utils;
+
 use Espo\Core\Exceptions\Error;
 
 class Metadata
@@ -187,7 +188,7 @@ class Metadata
     /**
     * Get Metadata
     *
-    * @param string $key
+    * @param mixed string|array $key
     * @param mixed $default
     *
     * @return array

application/Espo/Core/Utils/NumberUtil.php

@@ -29,7 +29,7 @@
 
 namespace Espo\Core\Utils;
 
-class Number
+class NumberUtil
 {
     protected $decimalMark;
 

application/Espo/Core/Utils/Util.php

@@ -394,33 +394,35 @@ class Util
             $unsets = (array) $unsets;
         }
 
-        foreach($unsets as $rootKey => $unsetItem){
+        foreach ($unsets as $rootKey => $unsetItem) {
             $unsetItem = is_array($unsetItem) ? $unsetItem : (array) $unsetItem;
 
-            foreach($unsetItem as $unsetSett){
-                if (!empty($unsetSett)){
-                    $keyItems = explode('.', $unsetSett);
-                    $currVal = isset($content[$rootKey]) ? "\$content['{$rootKey}']" : "\$content";
+            foreach ($unsetItem as $unsetString) {
+                if (is_string($rootKey)) {
+                    $unsetString = $rootKey . '.' . $unsetString;
+                }
 
-                    $lastKey = array_pop($keyItems);
-                    foreach($keyItems as $keyItem){
-                        $currVal .= "['{$keyItem}']";
-                    }
+                $keyСhain = explode('.', $unsetString);
+                $keyChainCount = count($keyСhain) - 1;
 
-                    $unsetElem = $currVal . "['{$lastKey}']";
+                $elem = & $content;
+                for ($i = 0; $i <= $keyChainCount; $i++) {
 
-                    $evalString = "
-                    if (isset({$unsetElem}) || ( is_array({$currVal}) && array_key_exists('{$lastKey}', {$currVal}) )) {
-                        unset({$unsetElem});
-                    } ";
-                    eval($evalString);
+                    if (is_array($elem) && array_key_exists($keyСhain[$i], $elem)) {
+
+                        if ($i == $keyChainCount) {
+
+                            unset($elem[$keyСhain[$i]]);
+
+                            if ($unsetParentEmptyArray && is_array($elem) && empty($elem)) {
+                                unset($keyСhain[$i]);
+                                $content = static::unsetInArray($content, implode('.', $keyСhain), false);
+                            }
+
+                        } else if (is_array($elem[$keyСhain[$i]])) {
+                            $elem = & $elem[$keyСhain[$i]];
+                        }
 
-                    if ($unsetParentEmptyArray) {
-                        $evalString = "
-                        if (is_array({$currVal}) && empty({$currVal})) {
-                            unset({$currVal});
-                        } ";
-                        eval($evalString);
                     }
                 }
             }
@@ -449,7 +451,7 @@ class Util
      * Return values of defined $key.
      *
      * @param  array $array
-     * @param  string $key     Ex. of key is "entityDefs", "entityDefs.User"
+     * @param  mixed array|string $key     Ex. of key is "entityDefs", "entityDefs.User"
      * @param  mixed $default
      * @return mixed
      */
@@ -459,7 +461,11 @@ class Util
             return $array;
         }
 
-        $keys = explode('.', $key);
+        if (is_array($key)) {
+            $keys = $key;
+        } else {
+            $keys = explode('.', $key);
+        }
 
         $lastItem = $array;
         foreach($keys as $keyName) {

application/Espo/Core/defaults/config.php

@@ -32,6 +32,7 @@ return array (
         'driver' => 'pdo_mysql',
         'host' => 'localhost',
         'port' => '',
+        'charset' => 'utf8',
         'dbname' => '',
         'user' => '',
         'password' => '',
@@ -67,6 +68,8 @@ return array (
         'de_DE',
         'es_ES',
         'fr_FR',
+        'id_ID',
+        'it_IT',
         'nl_NL',
         'tr_TR',
         'ro_RO',
@@ -93,12 +96,13 @@ return array (
         'Opportunity',
     ),
     "tabList" => ["Account", "Contact", "Lead", "Opportunity", "Calendar", "Meeting", "Call", "Task", "Case", "Email", "Document", "Campaign", "KnowledgeBaseArticle"],
-    "quickCreateList" => ["Account", "Contact", "Lead", "Opportunity", "Meeting", "Call", "Task", "Case"],
-    'calendarDefaultEntity' => 'Meeting',
+    "quickCreateList" => ["Account", "Contact", "Lead", "Opportunity", "Meeting", "Call", "Task", "Case", "Email"],
     'exportDisabled' => false,
     'assignmentEmailNotifications' => false,
     'assignmentEmailNotificationsEntityList' => ['Lead', 'Opportunity', 'Task', 'Case'],
     'assignmentNotificationsEntityList' => ['Meeting', 'Call', 'Task', 'Email'],
+    "portalStreamEmailNotifications" => true,
+    'streamEmailNotificationsEntityList' => ['Case'],
     'emailMessageMaxSize' => 10,
     'notificationsCheckInterval' => 10,
     'disabledCountQueryEntityList' => ['Email'],
@@ -113,6 +117,7 @@ return array (
     'authTokenLifetime' => 0,
     'authTokenMaxIdleTime' => 120,
     'userNameRegularExpression' => '[^a-z0-9\-@_\.\s]',
+    'addressFormat' => 1,
     'displayListViewRecordCount' => true,
     'dashboardLayout' => [
         (object) [
@@ -145,6 +150,7 @@ return array (
             ]
         ]
     ],
-    'isInstalled' => false
+    "calendarEntityList" => ["Meeting", "Call", "Task"],
+    'isInstalled' => false,
 );
 

application/Espo/Core/defaults/systemConfig.php

@@ -123,6 +123,15 @@ return array (    'defaultPermissions' =>
         'ldapTryUsernameSplit',
         'ldapOptReferrals',
         'ldapCreateEspoUser',
+        'ldapAccountDomainName',
+        'ldapAccountDomainNameShort',
+        'ldapUserNameAttribute',
+        'ldapUserFirstNameAttribute',
+        'ldapUserLastNameAttribute',
+        'ldapUserTitleAttribute',
+        'ldapUserEmailAddressAttribute',
+        'ldapUserPhoneNumberAttribute',
+        'ldapUserObjectClass',
         'maxEmailAccountCount',
         'massEmailMaxPerHourCount',
         'personalEmailMaxPortionSize',
@@ -131,5 +140,12 @@ return array (    'defaultPermissions' =>
         'authTokenMaxIdleTime'
     ),
     'isInstalled' => false,
+    'ldapUserNameAttribute' => 'sAMAccountName',
+    'ldapUserFirstNameAttribute' => 'givenName',
+    'ldapUserLastNameAttribute' => 'sn',
+    'ldapUserTitleAttribute' => 'title',
+    'ldapUserEmailAddressAttribute' => 'mail',
+    'ldapUserPhoneNumberAttribute' => 'telephoneNumber',
+    'ldapUserObjectClass' => 'person',
 );
 

application/Espo/Entities/Email.php

@@ -51,6 +51,11 @@ class Email extends \Espo\Core\ORM\Entity
         }
     }
 
+    public function isManuallyArchived()
+    {
+        return $this->get('status') === 'Archived' && $this->get('createdById') !== 'system';
+    }
+
     public function addAttachment(\Espo\Entities\Attachment $attachment)
     {
         if (!empty($this->id)) {

application/Espo/Entities/EmailFolder.php

@@ -0,0 +1,36 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Entities;
+
+class EmailFolder extends \Espo\Core\ORM\Entity
+{
+
+}
+

application/Espo/Entities/NextNumber.php

@@ -0,0 +1,35 @@
+<?php
+/************************************************************************
+ * This file is part of EspoCRM.
+ *
+ * EspoCRM - Open Source CRM application.
+ * Copyright (C) 2014-2015 Yuri Kuznetsov, Taras Machyshyn, Oleksiy Avramenko
+ * Website: http://www.espocrm.com
+ *
+ * EspoCRM is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * EspoCRM is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with EspoCRM. If not, see http://www.gnu.org/licenses/.
+ *
+ * The interactive user interfaces in modified source and object code versions
+ * of this program must display Appropriate Legal Notices, as required under
+ * Section 5 of the GNU General Public License version 3.
+ *
+ * In accordance with Section 7(b) of the GNU General Public License version 3,
+ * these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
+ ************************************************************************/
+
+namespace Espo\Entities;
+
+class NextNumber extends \Espo\Core\ORM\Entity
+{
+
+}

application/Espo/EntryPoints/Attachment.php

@@ -66,8 +66,6 @@ class Attachment extends \Espo\Core\EntryPoints\Base
 
         header('Pragma: public');
         header('Content-Length: ' . filesize($fileName));
-        ob_clean();
-        flush();
         readfile($fileName);
         exit;
     }

application/Espo/EntryPoints/Avatar.php

@@ -40,7 +40,9 @@ class Avatar extends Image
 
     public static $notStrictAuth = true;
 
-    private $colorList = [
+    protected $systemColor = [212,114,155];
+
+    protected $colorList = [
         [111,168,214],
         [237,197,85],
         [212,114,155],
@@ -73,7 +75,6 @@ class Avatar extends Image
 
         $userId = $_GET['id'];
 
-
         $user = $this->getEntityManager()->getEntity('User', $userId);
         if (!$user) {
             throw new NotFound();
@@ -106,9 +107,14 @@ class Avatar extends Image
                 header('Cache-Control: max-age=360000, must-revalidate');
                 header('Content-Type: image/png');
 
-                ob_clean();
-                flush();
-                echo $identicon->getImageData($userId, $width, $this->getColor($userId));
+                $hash = $userId;
+                $color = $this->getColor($userId);
+                if ($hash === 'system') {
+                    $color = $this->systemColor;
+                }
+
+                $imgContent = $identicon->getImageData($hash, $width, $color);
+                echo $imgContent;
                 exit;
             }
         }

application/Espo/EntryPoints/Download.php

@@ -73,6 +73,9 @@ class Download extends \Espo\Core\EntryPoints\Base
             throw new NotFound();
         }
 
+        $outputFileName = $attachment->get('name');
+        $outputFileName = str_replace("\"", "\\\"", $outputFileName);
+
         $type = $attachment->get('type');
 
         $disposition = 'attachment';
@@ -84,13 +87,12 @@ class Download extends \Espo\Core\EntryPoints\Base
         if ($type) {
             header('Content-Type: ' . $type);
         }
-        header("Content-Disposition: " . $disposition . ";filename=\"" . $attachment->get('name') . "\"");
+        header("Content-Disposition: " . $disposition . ";filename=\"" . $outputFileName . "\"");
         header('Expires: 0');
         header('Cache-Control: must-revalidate');
         header('Pragma: public');
         header('Content-Length: ' . filesize($fileName));
-        ob_clean();
-        flush();
+
         readfile($fileName);
         exit;
     }

application/Espo/EntryPoints/Image.php

@@ -143,8 +143,6 @@ class Image extends \Espo\Core\EntryPoints\Base
         if ($fileSize) {
             header('Content-Length: ' . $fileSize);
         }
-        ob_clean();
-        flush();
         readfile($filePath);
         exit;
     }

application/Espo/EntryPoints/Portal.php

@@ -44,7 +44,10 @@ class Portal extends \Espo\Core\EntryPoints\Base
         } else if (!empty($data['id'])) {
             $id = $data['id'];
         } else {
-            $id = $this->getConfig()->get('defaultPortalId');
+            $id = explode('/', $_SERVER['REQUEST_URI'])[count(explode('/', $_SERVER['SCRIPT_NAME'])) - 1];
+            if (!$id) {
+                $id = $this->getConfig()->get('defaultPortalId');
+            }
             if (!$id) {
                 throw new NotFound();
             }