[Vtigercrm-developers] Record restriction based on reports_to field.

salim salimcmd at gmail.com
Tue Apr 30 10:06:39 UTC 2013 

Adam,
   Thanks again, As you suggested  i chose option[2]  and made some changes
in UserInfoUtil.php. Now it works nicely. It would be great if i get
your opinion/suggestions.

This what i have done to make it work:

Created a new function in *UserInfoUtil.php* called *getReportingUsers*


   1. /**
   2.  * Function to get reporting users of the given user
   3.  * @param <Int> $userId
   4.  * @return <Array> $reportingUsers
   5.  */
   6. function getReportingUsers($userId) {
   7.     global $log;
   8.     $log->debug("Entering getReportingUsers(" . $userId . ") method
   ...");
   9.     global $adb;
   10.     $sql = "select id from vtiger_users where reports_to_id = $userId
   ";
   11.     $result = $adb->pquery($sql, array());
   12.     $num_rows = $adb->num_rows($result);
   13.     $reportingUsers = array();
   14.     if ($num_rows < 0)
   15.         return FALSE;
   16.     for ($i = 0; $i < $num_rows; $i++) {
   17.         $id = $adb->query_result($result, $i, 'id');
   18.         $reportingUsers[] = array(
   19.             $id,
   20.             getReportingUsers($id)
   21.         );
   22.     }
   23.     return $reportingUsers;
   24. }


And instead of checking Subordinate
Users<http://trac.vtiger.com/cgi-bin/trac.cgi/browser/vtigercrm/branches/6.0.0/include/utils/UserInfoUtil.php#L890>,
i checked Reporting users:


   1.                 //Checking if the Record Owner is a reporting User
   2.                 $userids = array();
   3.                 foreach (new RecursiveIteratorIterator(new
    RecursiveArrayIterator(getReportingUsers($current_user->id))) as $userid
   ) {
   4.                     array_push($userids, $userid);
   5.                 }
   6.                 if(in_array($recOwnId, $userids)){
   7.                         $permission='yes';
   8.                         $log->debug("Exiting isPermitted method ...");
   9.                         return $permission;
   10.                 }


Also how can we restrict the records from ListView, i had look in to
this<http://trac.vtiger.com/cgi-bin/trac.cgi/browser/vtigercrm/branches/6.0.0/include/utils/ListViewUtils.php#L479>,
But it make me sick.  :P

Thanks
--
Salim


On 29 April 2013 21:17, salim <salimcmd at gmail.com> wrote:

> Adam, Thanks for your reply. I will look at it and let you know how it
> goes.
>
>
>
>
> Thanks
> --
> Salim
>
>
>
> On 29 April 2013 19:35, Adam Heinz <amh at metricwise.net> wrote:
>
>> That is a great idea, but not currently possible; I see no relevant code
>> in isPermitted [1].  If you don't mind writing some code, I think you could
>> set up something similar to how subordinate users are checked [2].  As far
>> as current configuration options go, the closest thing I can think of would
>> be to create two groups for each manager, i.e. Group::Bob and
>> Group::Reports_to_Bob and set up sharing access rules.  Unfortunately, this
>> is redundant with reports_to and you will get drift.
>>
>> [1]
>> http://trac.vtiger.com/cgi-bin/trac.cgi/browser/vtigercrm/branches/6.0.0/include/utils/UserInfoUtil.php#L745
>> [2]
>> http://trac.vtiger.com/cgi-bin/trac.cgi/browser/vtigercrm/branches/6.0.0/include/utils/UserInfoUtil.php#L890
>>
>>
>> On Mon, Apr 29, 2013 at 6:20 AM, salim <salimcmd at gmail.com> wrote:
>>
>>> Hi Team.
>>>
>>>     Is there anyway to restrict records based on *reports_to* field.
>>> The role structure :- *roleA *under that there is another role called *roleB.
>>>  *And User :- *UserA1* and *UserA2*. Both of user using *RoleA.  *There
>>> is two more users *UserB1* And *UserB2*. The *UserB1* is *reports_to *field set
>>> to  *UserA1 *and* **UserB2* is *reports_to *field* *set to  *UserA2*.
>>> and both of them using *RoleB.*
>>>
>>>     When a user log in to Application he/she can only access the
>>>  records that reports to that user. Example *UserA1 * he can only
>>> access the records that created by *UserB1. *
>>> I think In current implantation of vTiger, *UserA2 * can see the* *records
>>> that created by *UserB1 *even if i set to reports_to field *UserA1*
>>>
>>>
>>> *Roles*
>>> --------
>>> roleA
>>>       roleB
>>>
>>> *User*
>>> -----
>>> UserA1 using role RoleA
>>>       UserB1 using role roleB and reports_to filed set to UserA1
>>> UserA2 using role RoleA
>>>       UserB2 using role roleB and reports_to filed set to UserA2
>>>
>>>
>>> Thanks
>>> --
>>> Salim
>>>
>>>
>>> _______________________________________________
>>> http://www.vtiger.com/
>>>
>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
>
> --
> Muhammed Abdul Salim
>



-- 
Muhammed Abdul Salim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20130430/60425335/attachment-0001.html>

More information about the vtigercrm-developers mailing list