Skip to content
Snippets Groups Projects
Commit 0e4e5bd9 authored by Uma's avatar Uma
Browse files

Non-admin user is restricted from accessing user modules all records

parent 0e60685d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/Users/models/ListView.php
+ 10
0
View file @ 0e4e5bd9
......@@ -66,6 +66,8 @@ class Users_ListView_Model extends Vtiger_ListView_Model {
* @return string
*/
public function getQuery() {
echo '<pre>';
print_r('Get query api triggered');
$listQuery = parent::getQuery();
$searchKey = $this->get('search_key');
......@@ -74,6 +76,14 @@ class Users_ListView_Model extends Vtiger_ListView_Model {
$listQuery = implode(' WHERE ', $listQueryComponents);
}
$listQuery .= " AND (vtiger_users.user_name != 'admin' OR vtiger_users.is_owner = 1)";
// Impose non-admin restrictions.
$user = vglobal('current_user');
if(!is_admin($user)){
$listQuery .= " AND vtiger_users.id = {$user->id}";
//TODO: Consider user based on Role-heirarchy
}
echo "<br>";print_r($listQuery);
return $listQuery;
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Copyright 2023 Vtiger. All rights reserved.