From 4ec5665444502dd033cfebc943f0a5ce2d4a2027 Mon Sep 17 00:00:00 2001
From: Uma S <uma.s@vtiger.com>
Date: Tue, 13 Aug 2019 11:07:23 +0530
Subject: [PATCH]  Check permission on Reports module

---
 modules/Reports/actions/ChartActions.php   | 12 ++++--------
 modules/Reports/actions/CheckDuplicate.php |  6 ++++--
 modules/Reports/actions/DeleteAjax.php     | 13 +++++--------
 modules/Reports/actions/Folder.php         | 12 ++++--------
 modules/Reports/actions/MassDelete.php     | 12 ++++--------
 modules/Reports/actions/MoveReports.php    | 12 ++++--------
 modules/Reports/actions/Save.php           |  6 ++++++
 modules/Reports/views/ChartDetail.php      | 13 +++++++++----
 modules/Reports/views/ChartEdit.php        | 15 +++++++--------
 modules/Reports/views/ChartSaveAjax.php    | 17 +++--------------
 modules/Reports/views/Detail.php           | 14 +++++++++-----
 modules/Reports/views/Edit.php             | 15 ++++++++-------
 modules/Reports/views/EditFolder.php       | 14 +++++---------
 modules/Reports/views/ExportReport.php     | 15 ++++-----------
 modules/Reports/views/List.php             | 12 ++++--------
 modules/Reports/views/MoveReports.php      | 12 ++++--------
 modules/Reports/views/SaveAjax.php         | 20 +++++---------------
 modules/Vtiger/actions/Delete.php          |  3 ++-
 modules/Vtiger/actions/Save.php            |  2 +-
 modules/Vtiger/views/Edit.php              |  2 +-
 20 files changed, 93 insertions(+), 134 deletions(-)

diff --git a/modules/Reports/actions/ChartActions.php b/modules/Reports/actions/ChartActions.php
index 8ec2140fb..7260d21a6 100644
--- a/modules/Reports/actions/ChartActions.php
+++ b/modules/Reports/actions/ChartActions.php
@@ -16,14 +16,10 @@ class Reports_ChartActions_Action extends Vtiger_Action_Controller {
 		$this->exposeMethod('unpinChartFromDashboard');
 	}
 
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
diff --git a/modules/Reports/actions/CheckDuplicate.php b/modules/Reports/actions/CheckDuplicate.php
index eb28be78b..5858755c9 100644
--- a/modules/Reports/actions/CheckDuplicate.php
+++ b/modules/Reports/actions/CheckDuplicate.php
@@ -10,8 +10,10 @@
 
 class Reports_CheckDuplicate_Action extends Vtiger_Action_Controller {
 
-	function checkPermission(Vtiger_Request $request) {
-		return;
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
diff --git a/modules/Reports/actions/DeleteAjax.php b/modules/Reports/actions/DeleteAjax.php
index cb9eab395..b1c5ab0b9 100644
--- a/modules/Reports/actions/DeleteAjax.php
+++ b/modules/Reports/actions/DeleteAjax.php
@@ -10,14 +10,11 @@
 
 class Reports_DeleteAjax_Action extends Vtiger_DeleteAjax_Action {
     
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$record = $request->get('record');
-
-		$currentUserPrivilegesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPrivilegesModel->isPermitted($moduleName, 'Delete', $record)) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'Delete', 'record_parameter' => 'record');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
diff --git a/modules/Reports/actions/Folder.php b/modules/Reports/actions/Folder.php
index 2d34ed231..e39f179c3 100644
--- a/modules/Reports/actions/Folder.php
+++ b/modules/Reports/actions/Folder.php
@@ -16,14 +16,10 @@ class Reports_Folder_Action extends Vtiger_Action_Controller {
 		$this->exposeMethod('delete');
 	}
 
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
diff --git a/modules/Reports/actions/MassDelete.php b/modules/Reports/actions/MassDelete.php
index eb9df6bb3..fd62b54db 100644
--- a/modules/Reports/actions/MassDelete.php
+++ b/modules/Reports/actions/MassDelete.php
@@ -10,14 +10,10 @@
 
 class Reports_MassDelete_Action extends Vtiger_Mass_Action {
 
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
 
 	function preProcess(Vtiger_Request $request) {
diff --git a/modules/Reports/actions/MoveReports.php b/modules/Reports/actions/MoveReports.php
index d6f42c650..142a36025 100644
--- a/modules/Reports/actions/MoveReports.php
+++ b/modules/Reports/actions/MoveReports.php
@@ -10,14 +10,10 @@
 
 class Reports_MoveReports_Action extends Vtiger_Mass_Action {
 
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
diff --git a/modules/Reports/actions/Save.php b/modules/Reports/actions/Save.php
index d1c09555f..c2bb8b71f 100644
--- a/modules/Reports/actions/Save.php
+++ b/modules/Reports/actions/Save.php
@@ -10,6 +10,12 @@
 
 class Reports_Save_Action extends Vtiger_Save_Action {
 
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		return $permissions;
+	}
+	
 	public function checkPermission(Vtiger_Request $request) {
 		parent::checkPermission($request);
 
diff --git a/modules/Reports/views/ChartDetail.php b/modules/Reports/views/ChartDetail.php
index 9f46d862d..9c8398ce1 100644
--- a/modules/Reports/views/ChartDetail.php
+++ b/modules/Reports/views/ChartDetail.php
@@ -10,10 +10,14 @@
 
 class Reports_ChartDetail_View extends Vtiger_Index_View {
 
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		return $permissions;
+	}
+	
 	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
+		parent::checkPermission($request);
 		$record = $request->get('record');
 		$reportModel = Reports_Record_Model::getCleanInstance($record);
 		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
@@ -25,9 +29,10 @@ class Reports_ChartDetail_View extends Vtiger_Index_View {
 		if(($currentUserPriviligesModel->id != $owner) && $sharingType == "Private"){
 			$isRecordShared = $reportModel->isRecordHasViewAccess($sharingType);
 		}
-		if(!$isRecordShared || !$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
+		if(!$isRecordShared) {
 			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
 		}
+		return true;
 	}
 
 	function preProcess(Vtiger_Request $request) {
diff --git a/modules/Reports/views/ChartEdit.php b/modules/Reports/views/ChartEdit.php
index 90bdd818e..bd55cf25a 100644
--- a/modules/Reports/views/ChartEdit.php
+++ b/modules/Reports/views/ChartEdit.php
@@ -16,15 +16,13 @@ Class Reports_ChartEdit_View extends Vtiger_Edit_View {
 		$this->exposeMethod('step3');
 	}
 
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		return $permissions;
+	}
+	
 	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if (!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
-
+		parent::checkPermission($request);
 		$record = $request->get('record');
 		if ($record) {
 			$reportModel = Reports_Record_Model::getCleanInstance($record);
@@ -32,6 +30,7 @@ Class Reports_ChartEdit_View extends Vtiger_Edit_View {
 				throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
 			}
 		}
+		return true;
 	}
 
 	public function preProcess(Vtiger_Request $request) {
diff --git a/modules/Reports/views/ChartSaveAjax.php b/modules/Reports/views/ChartSaveAjax.php
index f4e31a235..f99f572be 100644
--- a/modules/Reports/views/ChartSaveAjax.php
+++ b/modules/Reports/views/ChartSaveAjax.php
@@ -10,20 +10,9 @@
 
 class Reports_ChartSaveAjax_View extends Vtiger_IndexAjax_View {
 
-	public function checkPermission(Vtiger_Request $request) {
-		$record = $request->get('record');
-		if (!$record) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
-
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-		$reportModel = Reports_Record_Model::getCleanInstance($record);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if (!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
diff --git a/modules/Reports/views/Detail.php b/modules/Reports/views/Detail.php
index 686be3d5e..325c3fb4b 100644
--- a/modules/Reports/views/Detail.php
+++ b/modules/Reports/views/Detail.php
@@ -14,12 +14,15 @@ class Reports_Detail_View extends Vtiger_Index_View {
 	protected $calculationFields;
 	protected $count;
 
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		return $permissions;
+	}
+	
 	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
+		parent::checkPermission($request);
 		$record = $request->get('record');
-
 		$reportModel = Reports_Record_Model::getCleanInstance($record);
 		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
 
@@ -30,9 +33,10 @@ class Reports_Detail_View extends Vtiger_Index_View {
 		if(($currentUserPriviligesModel->id != $owner) && $sharingType == "Private"){
 			$isRecordShared = $reportModel->isRecordHasViewAccess($sharingType);
 		}
-		if(!$isRecordShared || !$currentUserPriviligesModel->hasModulePermission($moduleModel->getId()) ) {
+		if(!$isRecordShared) {
 			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
 		}
+		return true;
 	}
 
 	const REPORT_LIMIT = 500;
diff --git a/modules/Reports/views/Edit.php b/modules/Reports/views/Edit.php
index 7840dcf61..406e1955a 100644
--- a/modules/Reports/views/Edit.php
+++ b/modules/Reports/views/Edit.php
@@ -17,18 +17,19 @@ Class Reports_Edit_View extends Vtiger_Edit_View {
 		$this->exposeMethod('step3');
 	}
 
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		return $permissions;
+	}
+	
 	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if (!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+		parent::checkPermission($request);
 		$recordModel = Reports_Record_Model::getInstanceById($request->get('record'));
 		if(!$recordModel->isEditableBySharing()) {
 			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
 		}
+		return true;
 	}
 
 	public function preProcess(Vtiger_Request $request) {
diff --git a/modules/Reports/views/EditFolder.php b/modules/Reports/views/EditFolder.php
index 3faaa0ba0..bee02e360 100644
--- a/modules/Reports/views/EditFolder.php
+++ b/modules/Reports/views/EditFolder.php
@@ -10,16 +10,12 @@
 
 class Reports_EditFolder_View extends Vtiger_IndexAjax_View {
 
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
-
+	
 	public function process (Vtiger_Request $request) {
 		
 		$viewer = $this->getViewer($request);
diff --git a/modules/Reports/views/ExportReport.php b/modules/Reports/views/ExportReport.php
index 7813c25b0..f9e1431ce 100644
--- a/modules/Reports/views/ExportReport.php
+++ b/modules/Reports/views/ExportReport.php
@@ -17,17 +17,10 @@ class Reports_ExportReport_View extends Vtiger_View_Controller {
 		$this->exposeMethod('GetCSV');
 	}
 
-	function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$record = $request->get('record');
-		$reportModel = Reports_Record_Model::getCleanInstance($record);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		return $permissions;
 	}
 
 	function preProcess(Vtiger_Request $request) {
diff --git a/modules/Reports/views/List.php b/modules/Reports/views/List.php
index 2de1ab8c3..644df3ea8 100644
--- a/modules/Reports/views/List.php
+++ b/modules/Reports/views/List.php
@@ -14,14 +14,10 @@ class Reports_List_View extends Vtiger_Index_View {
 	protected $listViewEntries = false;
 	protected $listViewCount   = false;
 
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
 
 
diff --git a/modules/Reports/views/MoveReports.php b/modules/Reports/views/MoveReports.php
index e60a9afe5..2e5768314 100644
--- a/modules/Reports/views/MoveReports.php
+++ b/modules/Reports/views/MoveReports.php
@@ -10,14 +10,10 @@
 
 class Reports_MoveReports_View extends Vtiger_Index_View {
 
-	public function checkPermission(Vtiger_Request $request) {
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if(!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView');
+		return $permissions;
 	}
 
 	public function process(Vtiger_Request $request) {
diff --git a/modules/Reports/views/SaveAjax.php b/modules/Reports/views/SaveAjax.php
index ea3bc1f18..62efc0eb7 100644
--- a/modules/Reports/views/SaveAjax.php
+++ b/modules/Reports/views/SaveAjax.php
@@ -10,22 +10,12 @@
 
 class Reports_SaveAjax_View extends Vtiger_IndexAjax_View {
 
-	public function checkPermission(Vtiger_Request $request) {
-		$record = $request->get('record');
-		if (!$record) {
-			throw new AppException('LBL_PERMISSION_DENIED');
-		}
-
-		$moduleName = $request->getModule();
-		$moduleModel = Reports_Module_Model::getInstance($moduleName);
-		$reportModel = Reports_Record_Model::getCleanInstance($record);
-
-		$currentUserPriviligesModel = Users_Privileges_Model::getCurrentUserPrivilegesModel();
-		if (!$currentUserPriviligesModel->hasModulePermission($moduleModel->getId())) {
-			throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
-		}
+	public function requiresPermission(\Vtiger_Request $request) {
+		$permissions = parent::requiresPermission($request);
+		$permissions[] = array('module_parameter' => 'module', 'action' => 'DetailView', 'record_parameter' => 'record');
+		return $permissions;
 	}
-
+	
 	public function process(Vtiger_Request $request) {
 		$mode = $request->getMode();
 		$viewer = $this->getViewer($request);
diff --git a/modules/Vtiger/actions/Delete.php b/modules/Vtiger/actions/Delete.php
index 783d004f4..b51e8d7f7 100644
--- a/modules/Vtiger/actions/Delete.php
+++ b/modules/Vtiger/actions/Delete.php
@@ -22,7 +22,8 @@ class Vtiger_Delete_Action extends Vtiger_Action_Controller {
 
 		parent::checkPermission($request);
 
-		if ($record) {
+		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports');
+		if ($record && !in_array($moduleName, $nonEntityModules)) {
 			$recordEntityName = getSalesEntityType($record);
 			if ($recordEntityName !== $moduleName) {
 				throw new AppException(vtranslate('LBL_PERMISSION_DENIED'));
diff --git a/modules/Vtiger/actions/Save.php b/modules/Vtiger/actions/Save.php
index 583bb1561..767f88edc 100644
--- a/modules/Vtiger/actions/Save.php
+++ b/modules/Vtiger/actions/Save.php
@@ -35,7 +35,7 @@ class Vtiger_Save_Action extends Vtiger_Action_Controller {
 		$moduleName = $request->getModule();
 		$record = $request->get('record');
 
-		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal');
+		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Portal', 'Reports');
 		if ($record && !in_array($moduleName, $nonEntityModules)) {
 			$recordEntityName = getSalesEntityType($record);
 			if ($recordEntityName !== $moduleName) {
diff --git a/modules/Vtiger/views/Edit.php b/modules/Vtiger/views/Edit.php
index e2766d333..e7246224f 100644
--- a/modules/Vtiger/views/Edit.php
+++ b/modules/Vtiger/views/Edit.php
@@ -29,7 +29,7 @@ Class Vtiger_Edit_View extends Vtiger_Index_View {
 		$moduleName = $request->getModule();
 		$record = $request->get('record');
 
-		$nonEntityModules = array('Users', 'Events', 'Calendar');
+		$nonEntityModules = array('Users', 'Events', 'Calendar', 'Reports');
 		if ($record && !in_array($moduleName, $nonEntityModules)) {
 			$recordEntityName = getSalesEntityType($record);
 			if ($recordEntityName !== $moduleName) {
-- 
GitLab