diff --git a/modules/Vtiger/actions/Delete.php b/modules/Vtiger/actions/Delete.php
index 00b1c0290c1f81d5dc3a9742c17eb1b883642e80..dc0e221d10da9255e56a142c0a0cf8ae6a45651a 100644
--- a/modules/Vtiger/actions/Delete.php
+++ b/modules/Vtiger/actions/Delete.php
@@ -23,7 +23,7 @@ class Vtiger_Delete_Action extends Vtiger_Action_Controller {
parent::checkPermission($request);
- $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
+ $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss', 'EmailTemplates');
if ($record && !in_array($moduleName, $nonEntityModules)) {
$recordEntityName = getSalesEntityType($record);
if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/actions/Mass.php b/modules/Vtiger/actions/Mass.php
index f077bcb7b486086a62b8830edd5b875b1eef4eca..cb2a11c2de69d8c438623a3601b0de68bd10410c 100644
--- a/modules/Vtiger/actions/Mass.php
+++ b/modules/Vtiger/actions/Mass.php
@@ -13,7 +13,8 @@ abstract class Vtiger_Mass_Action extends Vtiger_Action_Controller {
public function requiresPermission(\Vtiger_Request $request) {
$permissions = parent::requiresPermission($request);
$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
- return $permissions;
+ $permissions[] = array('module_parameter' => 'module', 'action' => 'EditView');
+ return $permissions;
}
protected function getRecordsListFromRequest(Vtiger_Request $request) {
diff --git a/modules/Vtiger/actions/Save.php b/modules/Vtiger/actions/Save.php
index 98bfde8017f0f293d772c0906ae9a4fdb6fe86b8..36cf4c2fd320fdd851631b9deae67fc049cca0cd 100644
--- a/modules/Vtiger/actions/Save.php
+++ b/modules/Vtiger/actions/Save.php
@@ -35,7 +35,7 @@ class Vtiger_Save_Action extends Vtiger_Action_Controller {
$moduleName = $request->getModule();
$record = $request->get('record');
- $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
+ $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss', 'EmailTemplates');
if ($record && !in_array($moduleName, $nonEntityModules)) {
$recordEntityName = getSalesEntityType($record);
if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/views/Detail.php b/modules/Vtiger/views/Detail.php
index 940912466bd9e866c11e8e99fa4bf8b9672e311f..51370ac9c7a5b88072736357d0e44ab0cf32946e 100644
--- a/modules/Vtiger/views/Detail.php
+++ b/modules/Vtiger/views/Detail.php
@@ -58,17 +58,18 @@ class Vtiger_Detail_View extends Vtiger_Index_View {
}
function checkPermission(Vtiger_Request $request) {
+ parent::checkPermission($request);
$moduleName = $request->getModule();
$recordId = $request->get('record');
- $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
+ $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss', 'EmailTemplates');
if ($recordId && !in_array($moduleName, $nonEntityModules)) {
$recordEntityName = getSalesEntityType($recordId);
if ($recordEntityName !== $moduleName) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
}
- return parent::checkPermission($request);
+ return true;
}
function preProcess(Vtiger_Request $request, $display=true) {
diff --git a/modules/Vtiger/views/Edit.php b/modules/Vtiger/views/Edit.php
index fb653ee02eb89de3dca96fcb27b657869d1c4056..d33c4e7681ddce08a6598202e57b6d3049fa3a1d 100644
--- a/modules/Vtiger/views/Edit.php
+++ b/modules/Vtiger/views/Edit.php
@@ -29,7 +29,7 @@ Class Vtiger_Edit_View extends Vtiger_Index_View {
$moduleName = $request->getModule();
$record = $request->get('record');
- $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
+ $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss', 'EmailTemplates');
if ($record && !in_array($moduleName, $nonEntityModules)) {
$recordEntityName = getSalesEntityType($record);
if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/views/Index.php b/modules/Vtiger/views/Index.php
index 8e9b597e866272642cef891a1ef6ceb2ed8838d0..7818f31e8d4e4a1fceb2cf7eb6397be53b82970e 100644
--- a/modules/Vtiger/views/Index.php
+++ b/modules/Vtiger/views/Index.php
@@ -16,7 +16,7 @@ class Vtiger_Index_View extends Vtiger_Basic_View {
public function requiresPermission(\Vtiger_Request $request) {
$permissions = parent::requiresPermission($request);
- $permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+ $permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
return $permissions;
}
diff --git a/modules/Vtiger/views/ListViewQuickPreview.php b/modules/Vtiger/views/ListViewQuickPreview.php
index 3010a2f35ffe3be18547ef06616beea4dcc6dbce..3b0761e288628a54061948bdf9d8d6eec9e9d9bc 100644
--- a/modules/Vtiger/views/ListViewQuickPreview.php
+++ b/modules/Vtiger/views/ListViewQuickPreview.php
@@ -28,7 +28,7 @@ class Vtiger_ListViewQuickPreview_View extends Vtiger_Index_View {
parent::checkPermission($request);
- $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss');
+ $nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports', 'Rss', 'EmailTemplates');
if ($recordId && !in_array($moduleName, $nonEntityModules)) {
$recordEntityName = getSalesEntityType($recordId);
if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/views/QuickCreateAjax.php b/modules/Vtiger/views/QuickCreateAjax.php
index 742d952c5344fb6614289bbfa281d90286d67cd2..76c189abaa5d6ab0e561836eb56887232640cf2a 100644
--- a/modules/Vtiger/views/QuickCreateAjax.php
+++ b/modules/Vtiger/views/QuickCreateAjax.php
@@ -16,9 +16,6 @@ class Vtiger_QuickCreateAjax_View extends Vtiger_IndexAjax_View {
$permissions[] = array('module_parameter' => 'module', 'action' => 'CreateView');
return $permissions;
}
- public function checkPermission(Vtiger_Request $request) {
- return parent::checkPermission($request);
- }
public function process(Vtiger_Request $request) {
$moduleName = $request->getModule();
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/Delete.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/Delete.php
index 5d8bbe004171cac9864bdd65f770a5a4151c3704..72813ceb99e119503338acf824fa6489e9ab0421 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/Delete.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/Delete.php
@@ -10,9 +10,18 @@
class EmailTemplates_Delete_Action extends Vtiger_Delete_Action {
- function checkPermission(Vtiger_Request $request) {
- return true;
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
}
+
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
public function process(Vtiger_Request $request) {
$moduleName = $request->getModule();
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/DeleteAjax.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/DeleteAjax.php
index 2c4b995707c9d5561319f67fb6b810666a8ce54a..a381b9101a2860a108bb92996789325869cbc59d 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/DeleteAjax.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/DeleteAjax.php
@@ -10,16 +10,19 @@
class EmailTemplates_DeleteAjax_Action extends Vtiger_Delete_Action {
- public function checkPermission(Vtiger_Request $request) {
- $moduleName = $request->getModule();
- $record = $request->get('record');
-
- $currentUserPrivilegesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
- if(!$currentUserPrivilegesModel->isPermitted($moduleName, 'Delete', $record)) {
- throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
- }
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
}
-
+
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
+
public function process(Vtiger_Request $request) {
$moduleName = $request->getModule();
$recordId = $request->get('record');
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/MassDelete.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/MassDelete.php
index ff0959be57861230f6b565b416c8d4e6f0382623..9475702e6a836fcd303149ba49536c5a92122e8b 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/MassDelete.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/MassDelete.php
@@ -10,10 +10,19 @@
class EmailTemplates_MassDelete_Action extends Vtiger_Mass_Action {
- function checkPermission(){
- return true;
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
}
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
+
function preProcess(Vtiger_Request $request) {
return true;
}
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/Save.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/Save.php
index 3fad84c90a5337ab25470042a921247373159947..2ce48d0e665d38d3e8acb211a83f2c030d606fec 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/Save.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/Save.php
@@ -10,6 +10,19 @@
class EmailTemplates_Save_Action extends Vtiger_Save_Action {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
+
public function process(Vtiger_Request $request) {
$site_URL = vglobal('site_URL');
$moduleName = $request->getModule();
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/ShowTemplateContent.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/ShowTemplateContent.php
index 2d2e9402e550d70627010737ebee7e2ecf97bf32..4d97bec0cd9ff028e09a7f465f32fdb94a2bf94d 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/ShowTemplateContent.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/actions/ShowTemplateContent.php
@@ -14,6 +14,15 @@ class EmailTemplates_ShowTemplateContent_Action extends Vtiger_Action_Controller
$this->exposeMethod('getContent');
}
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
+
public function process(Vtiger_Request $request) {
$mode = $request->getMode();
if (!empty($mode)) {
@@ -23,15 +32,6 @@ class EmailTemplates_ShowTemplateContent_Action extends Vtiger_Action_Controller
}
}
- public function checkPermission(Vtiger_Request $request) {
- $record = $request->get('record');
- $moduleName = $request->getModule();
-
- if (!Users_Privileges_Model::isPermitted($moduleName, 'DetailView', $record)) {
- throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
- }
- }
-
public function getContent(Vtiger_Request $request) {
$response = new Vtiger_Response();
$recordId = $request->get('record');
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Detail.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Detail.php
index 484363abe2f1402ae0dd011e085c06d9de2d7f36..120633386fd40f2928275360709455afd4455702 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Detail.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Detail.php
@@ -10,6 +10,19 @@
class EmailTemplates_Detail_View extends Vtiger_Index_View {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
+
function preProcess(Vtiger_Request $request, $display=true) {
parent::preProcess($request, false);
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Edit.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Edit.php
index f771f4c291143ceca211c1301d2dbca168f8f398..abc14a7e52168a08bf17c5429f99510d9e96ee9f 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Edit.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Edit.php
@@ -10,7 +10,20 @@
Class EmailTemplates_Edit_View extends Vtiger_Index_View {
- public function preProcess(Vtiger_Request $request, $display = true) {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
+
+ public function preProcess(Vtiger_Request $request, $display = true) {
$record = $request->get('record');
if (!empty($record)) {
$recordModel = EmailTemplates_Record_Model::getInstanceById($record);
@@ -36,15 +49,6 @@ Class EmailTemplates_Edit_View extends Vtiger_Index_View {
$viewer->assign('MODULE_SETTING_ACTIONS', $settingLinks);
}
- /**
- * Function to check module Edit Permission
- * @param Vtiger_Request $request
- * @return boolean
- */
- public function checkPermission(Vtiger_Request $request) {
- return true;
- }
-
/**
* Function to get the list of Script models to be included
* @param Vtiger_Request $request
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/List.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/List.php
index 225730d592c14526854a3c2b5114507811f6537f..8c7b04c1a67017dff7d3c4c16d3edf0031f244ec 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/List.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/List.php
@@ -14,6 +14,19 @@ class EmailTemplates_List_View extends Vtiger_Index_View {
parent::__construct();
}
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
+
function preProcess(Vtiger_Request $request, $display = true) {
parent::preProcess($request, false);
diff --git a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Popup.php b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Popup.php
index d5e561d00d86940c6fe9ad7209e4273b91112f29..9eb4bb018b269e6c83eea8d3d8b8a5d9a0593185 100644
--- a/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Popup.php
+++ b/pkg/vtiger/modules/EmailTemplates/modules/EmailTemplates/views/Popup.php
@@ -10,10 +10,18 @@
class EmailTemplates_Popup_View extends Vtiger_Popup_View {
- public function checkPermission(Vtiger_Request $request) {
- return true;
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
}
+ public function checkPermission($request) {
+ $moduleName = $request->getModule();
+ $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
+ if(!$moduleModel->isActive()){
+ return false;
+ }
+ return true;
+ }
/*
* Function to initialize the required data in smarty to display the List View Contents
*/
diff --git a/pkg/vtiger/modules/Google/modules/Google/actions/Import.php b/pkg/vtiger/modules/Google/modules/Google/actions/Import.php
index 0a3cbd760b5991952310e14bfd9e0bd5db11fd5e..1ea5d6dfdc0e634b2d4419acb656cd6f11057174 100644
--- a/pkg/vtiger/modules/Google/modules/Google/actions/Import.php
+++ b/pkg/vtiger/modules/Google/modules/Google/actions/Import.php
@@ -10,6 +10,10 @@
class Google_Import_Action extends Vtiger_BasicAjax_Action {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
function process(Vtiger_Request $request) {
$request->set('sourcemodule', 'Contacts');
$sourceModule = $request->get('sourcemodule');
diff --git a/pkg/vtiger/modules/Google/modules/Google/actions/MapAjax.php b/pkg/vtiger/modules/Google/modules/Google/actions/MapAjax.php
index 6fbf65a2c5e8458b3c4189d4dafd347c382499cf..3fda89a193181d9b55d197c56eb6053360570c67 100644
--- a/pkg/vtiger/modules/Google/modules/Google/actions/MapAjax.php
+++ b/pkg/vtiger/modules/Google/modules/Google/actions/MapAjax.php
@@ -11,6 +11,10 @@
class Google_MapAjax_Action extends Vtiger_BasicAjax_Action {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
public function process(Vtiger_Request $request) {
switch ($request->get("mode")) {
case 'getLocation' : $result = $this->getLocation($request);
diff --git a/pkg/vtiger/modules/Google/modules/Google/actions/SaveSettings.php b/pkg/vtiger/modules/Google/modules/Google/actions/SaveSettings.php
index d3c417b90f373aa8a61d41857e5529bdfb4c2378..2dc74f2030c9ef9a051105ad61fe0460567d3a9b 100644
--- a/pkg/vtiger/modules/Google/modules/Google/actions/SaveSettings.php
+++ b/pkg/vtiger/modules/Google/modules/Google/actions/SaveSettings.php
@@ -11,6 +11,10 @@
class Google_SaveSettings_Action extends Vtiger_BasicAjax_Action {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
public function process(Vtiger_Request $request) {
$sourceModule = $request->get('sourcemodule');
$fieldMapping = $request->get('fieldmapping');
diff --git a/pkg/vtiger/modules/Google/modules/Google/actions/SaveSyncSettings.php b/pkg/vtiger/modules/Google/modules/Google/actions/SaveSyncSettings.php
index d72d9a9d9d15f04ef7343ca9af71ca7243275a93..b8cfb91cfbf802f9135fedd7b85a29ea52f08b5b 100644
--- a/pkg/vtiger/modules/Google/modules/Google/actions/SaveSyncSettings.php
+++ b/pkg/vtiger/modules/Google/modules/Google/actions/SaveSyncSettings.php
@@ -10,6 +10,10 @@
class Google_SaveSyncSettings_Action extends Vtiger_BasicAjax_Action {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
public function process(Vtiger_Request $request) {
$contactsSettings = $request->get('Contacts');
$calendarSettings = $request->get('Calendar');
diff --git a/pkg/vtiger/modules/Google/modules/Google/views/Authenticate.php b/pkg/vtiger/modules/Google/modules/Google/views/Authenticate.php
index 406e7527371d9852fe98539e80e7b7db10dbf6e1..d8872c81dbe529fe135ae81d6c2d59b85eec3079 100644
--- a/pkg/vtiger/modules/Google/modules/Google/views/Authenticate.php
+++ b/pkg/vtiger/modules/Google/modules/Google/views/Authenticate.php
@@ -10,6 +10,10 @@
class Google_Authenticate_View extends Vtiger_Index_View {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
public function checkPermission(Vtiger_Request $request) {
$moduleName = $request->getModule();
diff --git a/pkg/vtiger/modules/Google/modules/Google/views/Index.php b/pkg/vtiger/modules/Google/modules/Google/views/Index.php
index 48c9ab0c12857d547e483538e9a3ee20a2f6b10c..0b9c9adbd4f8a0d18980ca72ba8ebd0c082550ad 100644
--- a/pkg/vtiger/modules/Google/modules/Google/views/Index.php
+++ b/pkg/vtiger/modules/Google/modules/Google/views/Index.php
@@ -14,6 +14,10 @@ class Google_Index_View extends Vtiger_ExtensionViews_View {
parent::__construct();
$this->exposeMethod('settings');
}
+
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
function getUserEmail() {
$user = Users_Record_Model::getCurrentUserModel();
diff --git a/pkg/vtiger/modules/Google/modules/Google/views/List.php b/pkg/vtiger/modules/Google/modules/Google/views/List.php
index 3570e508fd0562dd7289f9744a3b579ffb71d00a..c9756f305e8c3325b676ecb389a7e623fa8c078c 100644
--- a/pkg/vtiger/modules/Google/modules/Google/views/List.php
+++ b/pkg/vtiger/modules/Google/modules/Google/views/List.php
@@ -16,6 +16,10 @@ class Google_List_View extends Vtiger_PopupAjax_View {
$this->exposeMethod('Contacts');
$this->exposeMethod('Calendar');
}
+
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
function process(Vtiger_Request $request) {
switch ($request->get('operation')) {
diff --git a/pkg/vtiger/modules/Google/modules/Google/views/Setting.php b/pkg/vtiger/modules/Google/modules/Google/views/Setting.php
index bdaf161d80fb75cbf06ef5d140a5a898d60bc4e3..e27ecffed5bebbdc8209043fbbad7a2fe2af96fd 100644
--- a/pkg/vtiger/modules/Google/modules/Google/views/Setting.php
+++ b/pkg/vtiger/modules/Google/modules/Google/views/Setting.php
@@ -14,6 +14,10 @@ class Google_Setting_View extends Vtiger_PopupAjax_View {
$this->exposeMethod('emitContactSyncSettingUI');
}
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
public function process(Vtiger_Request $request) {
switch ($request->get('sourcemodule')) {
case "Contacts" : $this->emitContactsSyncSettingUI($request);
diff --git a/pkg/vtiger/modules/MailManager/modules/MailManager/actions/Folder.php b/pkg/vtiger/modules/MailManager/modules/MailManager/actions/Folder.php
index 2db5e533cc90b81970cefe44f67a6e98f3af6bc3..00e28e0d2228c21327452590bd0fd6fbbe651707 100644
--- a/pkg/vtiger/modules/MailManager/modules/MailManager/actions/Folder.php
+++ b/pkg/vtiger/modules/MailManager/modules/MailManager/actions/Folder.php
@@ -15,10 +15,6 @@ class MailManager_Folder_Action extends Vtiger_Action_Controller {
$this->exposeMethod('showMailContent');
}
- function checkPermission(Vtiger_Request $request) {
- return true;
- }
-
public function process(Vtiger_Request $request) {
$mode = $request->getMode();
if (!empty($mode)) {
diff --git a/pkg/vtiger/modules/MailManager/modules/MailManager/views/Abstract.php b/pkg/vtiger/modules/MailManager/modules/MailManager/views/Abstract.php
index bdd18fdd7f3bdc99bb5d30d0a30251076509160d..d3e6112a21eb1fc16dd26ed9d29a4c510eb95e6e 100644
--- a/pkg/vtiger/modules/MailManager/modules/MailManager/views/Abstract.php
+++ b/pkg/vtiger/modules/MailManager/modules/MailManager/views/Abstract.php
@@ -16,7 +16,11 @@ vimport('modules/Settings/MailConverter/handlers/MailRecord.php');
abstract class MailManager_Abstract_View extends Vtiger_Index_View {
- public function preProcess (Vtiger_Request $request, $display = true) {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
+ public function preProcess (Vtiger_Request $request, $display = true) {
if ($this->getOperationArg($request) === 'attachment_dld') {
return true;
} else {
diff --git a/pkg/vtiger/modules/MailManager/modules/MailManager/views/ComposeEmail.php b/pkg/vtiger/modules/MailManager/modules/MailManager/views/ComposeEmail.php
index 96a9213fcc81fbd75577d123c5bd7c550675e784..5dbd4936da1f530bde69c9fc136865b7bd5a4199 100644
--- a/pkg/vtiger/modules/MailManager/modules/MailManager/views/ComposeEmail.php
+++ b/pkg/vtiger/modules/MailManager/modules/MailManager/views/ComposeEmail.php
@@ -9,6 +9,10 @@
* ***********************************************************************************/
class MailManager_ComposeEmail_View extends Vtiger_ComposeEmail_View {
+
+ public function requiresPermission(Vtiger_Request $request){
+ return array();
+ }
public function composeMailData($request) {
$moduleName = 'Emails';
diff --git a/pkg/vtiger/modules/MailManager/modules/MailManager/views/MassActionAjax.php b/pkg/vtiger/modules/MailManager/modules/MailManager/views/MassActionAjax.php
index af68246a07f824b9aa9e18571911969fa1914b6d..7d43c4cf57a6ed9cebc4cba205a570bb810bc776 100644
--- a/pkg/vtiger/modules/MailManager/modules/MailManager/views/MassActionAjax.php
+++ b/pkg/vtiger/modules/MailManager/modules/MailManager/views/MassActionAjax.php
@@ -10,7 +10,11 @@
class MailManager_MassActionAjax_View extends Vtiger_MassActionAjax_View {
- protected function getEmailFieldsInfo(Vtiger_Request $request) {
+ public function requiresPermission(\Vtiger_Request $request) {
+ return array();
+ }
+
+ protected function getEmailFieldsInfo(Vtiger_Request $request) {
$sourceModules = Array();
$linkToModule = $request->get('linktomodule');
if (!empty($linkToModule)) {
diff --git a/pkg/vtiger/modules/RecycleBin/modules/RecycleBin/actions/RecycleBinAjax.php b/pkg/vtiger/modules/RecycleBin/modules/RecycleBin/actions/RecycleBinAjax.php
index 0d8b141f3d770279e786e63ff180dc202d269624..3d5a429a48b04e7e79baab2670655f988a561849 100644
--- a/pkg/vtiger/modules/RecycleBin/modules/RecycleBin/actions/RecycleBinAjax.php
+++ b/pkg/vtiger/modules/RecycleBin/modules/RecycleBin/actions/RecycleBinAjax.php
@@ -19,7 +19,11 @@ class RecycleBin_RecycleBinAjax_Action extends Vtiger_Mass_Action {
function checkPermission(Vtiger_Request $request) {
if($request->get('mode') == 'emptyRecycleBin') {
- //we dont check for permissions since recylebin axis will not be there for non admin users
+ //Only admin user can empty the recycle bin, so this check is mabdatory
+ $currentUserModel = Users_Record_Model::getCurrentUserModel();
+ if(!$currentUserModel->isAdminUser()) {
+ throw new AppException(vtranslate('LBL_PERMISSION_DENIED', 'Vtiger'));
+ }
return true;
}
$targetModuleName = $request->get('sourceModule', $request->get('module'));
diff --git a/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/actions/MassSaveAjax.php b/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/actions/MassSaveAjax.php
index a03a9ae4b5f45336fb2b8bd65289eeae33184889..76d364ecb4738e65fc128bc42410842f3f5932ee 100644
--- a/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/actions/MassSaveAjax.php
+++ b/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/actions/MassSaveAjax.php
@@ -10,16 +10,6 @@
class SMSNotifier_MassSaveAjax_Action extends Vtiger_Mass_Action {
- function checkPermission(Vtiger_Request $request) {
- $moduleName = $request->getModule();
- $moduleModel = Vtiger_Module_Model::getInstance($moduleName);
-
- $currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
- if(!$currentUserPriviligesModel->hasModuleActionPermission($moduleModel->getId(), 'Save')) {
- throw new AppException(vtranslate($moduleName, $moduleName).' '.vtranslate('LBL_NOT_ACCESSIBLE'));
- }
- }
-
/**
* Function that saves SMS records
* @param Vtiger_Request $request
diff --git a/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/views/CheckStatus.php b/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/views/CheckStatus.php
index e2a3e5b8af45b848438afa36a518ceb471b42696..e3b7976e9439fcf236b90810ce633f49b25f1228 100644
--- a/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/views/CheckStatus.php
+++ b/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/views/CheckStatus.php
@@ -10,15 +10,7 @@
class SMSNotifier_CheckStatus_View extends Vtiger_IndexAjax_View {
- function checkPermission(Vtiger_Request $request) {
- $moduleName = $request->getModule();
-
- if(!Users_Privileges_Model::isPermitted($moduleName, 'DetailView', $request->get('record'))) {
- throw new AppException(vtranslate($moduleName, $moduleName).' '.vtranslate('LBL_NOT_ACCESSIBLE'));
- }
- }
-
- function process(Vtiger_Request $request) {
+ function process(Vtiger_Request $request) {
$viewer = $this->getViewer($request);
$moduleName = $request->getModule();
diff --git a/pkg/vtiger/modules/Webforms/settings/actions/CheckDuplicate.php b/pkg/vtiger/modules/Webforms/settings/actions/CheckDuplicate.php
index c20c03690c9e23d34960234aa0dfb5c322557c28..0e13a01a4d32d4a866238e79c426461136b5cb56 100644
--- a/pkg/vtiger/modules/Webforms/settings/actions/CheckDuplicate.php
+++ b/pkg/vtiger/modules/Webforms/settings/actions/CheckDuplicate.php
@@ -19,6 +19,7 @@ class Settings_Webforms_CheckDuplicate_Action extends Settings_Vtiger_Index_Acti
if(!$currentUserPrivilegesModel->hasModulePermission($moduleModel->getId())) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
+ return true;
}
public function process(Vtiger_Request $request) {
diff --git a/pkg/vtiger/modules/Webforms/settings/actions/Delete.php b/pkg/vtiger/modules/Webforms/settings/actions/Delete.php
index 141015b02988a4e2282576c87ec67dbe884d51e4..c4749cf109adb571b22482c2dddaf765a4471be9 100644
--- a/pkg/vtiger/modules/Webforms/settings/actions/Delete.php
+++ b/pkg/vtiger/modules/Webforms/settings/actions/Delete.php
@@ -20,6 +20,7 @@ class Settings_Webforms_Delete_Action extends Settings_Vtiger_Index_Action {
if(!$recordId || !$currentUserPrivilegesModel->hasModulePermission($moduleModel->getId())) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
+ return true;
}
public function process(Vtiger_Request $request) {
diff --git a/pkg/vtiger/modules/Webforms/settings/views/Detail.php b/pkg/vtiger/modules/Webforms/settings/views/Detail.php
index 88c2879b81f0408fda206c15745c937da0c2f7ee..c43d2442bf41d2e17148fd8ff8dcce7e66d4533c 100644
--- a/pkg/vtiger/modules/Webforms/settings/views/Detail.php
+++ b/pkg/vtiger/modules/Webforms/settings/views/Detail.php
@@ -20,6 +20,7 @@ class Settings_Webforms_Detail_View extends Settings_Vtiger_Index_View {
if(!$recordId || !$currentUserPrivilegesModel->hasModulePermission($moduleModel->getId())) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
+ return true;
}
public function process(Vtiger_Request $request) {
diff --git a/pkg/vtiger/modules/Webforms/settings/views/Edit.php b/pkg/vtiger/modules/Webforms/settings/views/Edit.php
index 221fd21dde14a21e645e4934ecb30219376139b3..bb49a99573b65500a2ccc6f16b3c5557a4feed7c 100644
--- a/pkg/vtiger/modules/Webforms/settings/views/Edit.php
+++ b/pkg/vtiger/modules/Webforms/settings/views/Edit.php
@@ -19,6 +19,7 @@ Class Settings_Webforms_Edit_View extends Settings_Vtiger_Index_View {
if (!$currentUserPrivilegesModel->hasModulePermission($moduleModel->getId())) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
+ return true;
}
public function process(Vtiger_Request $request) {
diff --git a/pkg/vtiger/modules/Webforms/settings/views/GetSourceModuleFields.php b/pkg/vtiger/modules/Webforms/settings/views/GetSourceModuleFields.php
index 0cdbafe69b5894734a632a7e5233f92d8bee0b4d..bf4cca671b352d475bd94c2b413e5e02a65027c7 100644
--- a/pkg/vtiger/modules/Webforms/settings/views/GetSourceModuleFields.php
+++ b/pkg/vtiger/modules/Webforms/settings/views/GetSourceModuleFields.php
@@ -19,6 +19,7 @@ class Settings_Webforms_GetSourceModuleFields_View extends Settings_Vtiger_Index
if(!$currentUserPrivilegesModel->hasModulePermission($moduleModel->getId())) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
+ return true;
}
public function process(Vtiger_Request $request) {
diff --git a/pkg/vtiger/modules/Webforms/settings/views/List.php b/pkg/vtiger/modules/Webforms/settings/views/List.php
index a723ad73655d9a58c2ae55d893b94c8516000117..76873580ec3407c6a83dc42f16a3491cfa8832a7 100644
--- a/pkg/vtiger/modules/Webforms/settings/views/List.php
+++ b/pkg/vtiger/modules/Webforms/settings/views/List.php
@@ -25,6 +25,7 @@ class Settings_Webforms_List_View extends Settings_Vtiger_List_View {
if(!$currentUserPrivilegesModel->hasModulePermission($moduleModel->getId())) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
+ return true;
}
/**
diff --git a/pkg/vtiger/modules/Webforms/settings/views/ShowForm.php b/pkg/vtiger/modules/Webforms/settings/views/ShowForm.php
index 91cffb4778925bcc8642de46bd6ae7aa7022ffb5..2f8ba7bba226552e18e709851170618e7ebd3e90 100644
--- a/pkg/vtiger/modules/Webforms/settings/views/ShowForm.php
+++ b/pkg/vtiger/modules/Webforms/settings/views/ShowForm.php
@@ -20,6 +20,7 @@ Class Settings_Webforms_ShowForm_View extends Settings_Vtiger_IndexAjax_View {
if(!$recordId || !$currentUserPrivilegesModel->hasModulePermission($moduleModel->getId())) {
throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
}
+ return true;
}
public function process(Vtiger_Request $request) {