bsiggel/espocrm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
root
2026-01-19 17:44:46 +01:00
commit 823af8b11d
8721 changed files with 1130846 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
application/Espo/Modules/Crm/Classes/Acl/Call/AccessChecker.php Normal file
View File

@@ -0,0 +1,87 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\Call;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\Call;
use Espo\ORM\Entity;
use Espo\Core\ORM\Entity as CoreEntity;
use Espo\Core\Acl\AccessEntityCREDSChecker;
use Espo\Core\Acl\DefaultAccessChecker;
use Espo\Core\Acl\ScopeData;
use Espo\Core\Acl\Table;
use Espo\Core\Acl\Traits\DefaultAccessCheckerDependency;
/**
* @implements AccessEntityCREDSChecker<Call>
*/
class AccessChecker implements AccessEntityCREDSChecker
{
use DefaultAccessCheckerDependency;
public function __construct(DefaultAccessChecker $defaultAccessChecker)
{
$this->defaultAccessChecker = $defaultAccessChecker;
}
public function checkEntityRead(User $user, Entity $entity, ScopeData $data): bool
{
if ($this->defaultAccessChecker->checkEntityRead($user, $entity, $data)) {
return true;
}
assert($entity instanceof CoreEntity);
if ($data->getRead() === Table::LEVEL_OWN || $data->getRead() === Table::LEVEL_TEAM) {
if ($entity->hasLinkMultipleId('users', $user->getId())) {
return true;
}
}
return false;
}
public function checkEntityStream(User $user, Entity $entity, ScopeData $data): bool
{
if ($this->defaultAccessChecker->checkEntityStream($user, $entity, $data)) {
return true;
}
assert($entity instanceof CoreEntity);
if ($data->getStream() === Table::LEVEL_OWN || $data->getRead() === Table::LEVEL_TEAM) {
if ($entity->hasLinkMultipleId('users', $user->getId())) {
return true;
}
}
return false;
}
}

82
application/Espo/Modules/Crm/Classes/Acl/CampaignLogRecord/OwnershipChecker.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\CampaignLogRecord;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\CampaignLogRecord;
use Espo\ORM\Entity;
use Espo\Core\Acl\OwnershipOwnChecker;
use Espo\Core\Acl\OwnershipTeamChecker;
use Espo\Core\AclManager;
use Espo\Core\ORM\EntityManager;
/**
* @implements OwnershipOwnChecker<CampaignLogRecord>
* @implements OwnershipTeamChecker<CampaignLogRecord>
*/
class OwnershipChecker implements OwnershipOwnChecker, OwnershipTeamChecker
{
public function __construct(private AclManager $aclManager, private EntityManager $entityManager)
{}
public function checkOwn(User $user, Entity $entity): bool
{
$campaignId = $entity->get('campaignId');
if (!$campaignId) {
return false;
}
$campaign = $this->entityManager->getEntityById('Campaign', $campaignId);
if ($campaign && $this->aclManager->checkOwnershipOwn($user, $campaign)) {
return true;
}
return false;
}
public function checkTeam(User $user, Entity $entity): bool
{
$campaignId = $entity->get('campaignId');
if (!$campaignId) {
return false;
}
$campaign = $this->entityManager->getEntityById('Campaign', $campaignId);
if ($campaign && $this->aclManager->checkOwnershipTeam($user, $campaign)) {
return true;
}
return false;
}
}

82
application/Espo/Modules/Crm/Classes/Acl/CampaignTrackingUrl/OwnershipChecker.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\CampaignTrackingUrl;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\CampaignTrackingUrl;
use Espo\ORM\Entity;
use Espo\Core\Acl\OwnershipOwnChecker;
use Espo\Core\Acl\OwnershipTeamChecker;
use Espo\Core\AclManager;
use Espo\Core\ORM\EntityManager;
/**
* @implements OwnershipOwnChecker<CampaignTrackingUrl>
* @implements OwnershipTeamChecker<CampaignTrackingUrl>
*/
class OwnershipChecker implements OwnershipOwnChecker, OwnershipTeamChecker
{
public function __construct(private AclManager $aclManager, private EntityManager $entityManager)
{}
public function checkOwn(User $user, Entity $entity): bool
{
$campaignId = $entity->get('campaignId');
if (!$campaignId) {
return false;
}
$campaign = $this->entityManager->getEntityById('Campaign', $campaignId);
if ($campaign && $this->aclManager->checkOwnershipOwn($user, $campaign)) {
return true;
}
return false;
}
public function checkTeam(User $user, Entity $entity): bool
{
$campaignId = $entity->get('campaignId');
if (!$campaignId) {
return false;
}
$campaign = $this->entityManager->getEntityById('Campaign', $campaignId);
if ($campaign && $this->aclManager->checkOwnershipTeam($user, $campaign)) {
return true;
}
return false;
}
}

89
application/Espo/Modules/Crm/Classes/Acl/Case/LinkCheckers/AccountLinkChecker.php Normal file
View File

@@ -0,0 +1,89 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\Case\LinkCheckers;
use Espo\Core\Acl\LinkChecker;
use Espo\Core\AclManager;
use Espo\Entities\Email;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\Account;
use Espo\Modules\Crm\Entities\CaseObj;
use Espo\ORM\Entity;
use Espo\ORM\EntityManager;
/**
* @implements LinkChecker<CaseObj, Account>
* @noinspection PhpUnused
*/
class AccountLinkChecker implements LinkChecker
{
public function __construct(
private AclManager $aclManager,
private EntityManager $entityManager
) {}
public function check(User $user, Entity $entity, Entity $foreignEntity): bool
{
if ($this->aclManager->checkEntityRead($user, $foreignEntity)) {
return true;
}
if (!$entity->isNew()) {
return false;
}
$emailId = $entity->get('originalEmailId');
if (!$emailId) {
return false;
}
$email = $this->entityManager->getRepositoryByClass(Email::class)->getById($emailId);
if (!$email) {
return false;
}
$parent = $email->getParent();
if (!$parent) {
return false;
}
if (
$parent->getEntityType() !== Account::ENTITY_TYPE ||
$parent->getId() !== $foreignEntity->getId()
) {
return false;
}
return $this->aclManager->checkEntityRead($user, $email);
}
}

89
application/Espo/Modules/Crm/Classes/Acl/Case/LinkCheckers/ContactLinkChecker.php Normal file
View File

@@ -0,0 +1,89 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\Case\LinkCheckers;
use Espo\Core\Acl\LinkChecker;
use Espo\Core\AclManager;
use Espo\Entities\Email;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\CaseObj;
use Espo\Modules\Crm\Entities\Contact;
use Espo\ORM\Entity;
use Espo\ORM\EntityManager;
/**
* @implements LinkChecker<CaseObj, Contact>
* @noinspection PhpUnused
*/
class ContactLinkChecker implements LinkChecker
{
public function __construct(
private AclManager $aclManager,
private EntityManager $entityManager
) {}
public function check(User $user, Entity $entity, Entity $foreignEntity): bool
{
if ($this->aclManager->checkEntityRead($user, $foreignEntity)) {
return true;
}
if (!$entity->isNew()) {
return false;
}
$emailId = $entity->get('originalEmailId');
if (!$emailId) {
return false;
}
$email = $this->entityManager->getRepositoryByClass(Email::class)->getById($emailId);
if (!$email) {
return false;
}
$parent = $email->getParent();
if (!$parent) {
return false;
}
if (
$parent->getEntityType() !== Contact::ENTITY_TYPE ||
$parent->getId() !== $foreignEntity->getId()
) {
return false;
}
return $this->aclManager->checkEntityRead($user, $email);
}
}

90
application/Espo/Modules/Crm/Classes/Acl/Case/LinkCheckers/LeadLinkChecker.php Normal file
View File

@@ -0,0 +1,90 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\Case\LinkCheckers;
use Espo\Core\Acl\LinkChecker;
use Espo\Core\AclManager;
use Espo\Entities\Email;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\CaseObj;
use Espo\Modules\Crm\Entities\Lead;
use Espo\ORM\Entity;
use Espo\ORM\EntityManager;
/**
* @implements LinkChecker<CaseObj, Lead>
* @noinspection PhpUnused
*/
class LeadLinkChecker implements LinkChecker
{
public function __construct(
private AclManager $aclManager,
private EntityManager $entityManager
) {}
public function check(User $user, Entity $entity, Entity $foreignEntity): bool
{
if ($this->aclManager->checkEntityRead($user, $foreignEntity)) {
return true;
}
if (!$entity->isNew()) {
return false;
}
$emailId = $entity->get('originalEmailId');
if (!$emailId) {
return false;
}
$email = $this->entityManager->getRepositoryByClass(Email::class)->getById($emailId);
if (!$email) {
return false;
}
$parent = $email->getParent();
if (!$parent) {
return false;
}
if (
$parent->getEntityType() !== Lead::ENTITY_TYPE ||
$parent->getId() !== $foreignEntity->getId()
) {
return false;
}
return $this->aclManager->checkEntityRead($user, $email);
}
}

94
application/Espo/Modules/Crm/Classes/Acl/MassEmail/AccessChecker.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\MassEmail;
use Espo\Core\Acl\AccessEntityCREDChecker;
use Espo\Core\Acl\DefaultAccessChecker;
use Espo\Core\Acl\ScopeData;
use Espo\Core\Acl\Traits\DefaultAccessCheckerDependency;
use Espo\Core\AclManager;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\MassEmail;
use Espo\ORM\Entity;
/**
* @implements AccessEntityCREDChecker<MassEmail>
*/
class AccessChecker implements AccessEntityCREDChecker
{
use DefaultAccessCheckerDependency;
public function __construct(
DefaultAccessChecker $defaultAccessChecker,
private AclManager $aclManager,
) {
$this->defaultAccessChecker = $defaultAccessChecker;
}
public function checkCreate(User $user, ScopeData $data): bool
{
return $this->checkEdit($user, $data);
}
public function checkDelete(User $user, ScopeData $data): bool
{
return $this->checkEdit($user, $data) || $this->defaultAccessChecker->checkDelete($user, $data);
}
public function checkEntityCreate(User $user, Entity $entity, ScopeData $data): bool
{
if ($this->defaultAccessChecker->checkEntityCreate($user, $entity, $data)) {
return true;
}
$campaign = $entity->getCampaign();
if ($campaign && $this->aclManager->checkEntityEdit($user, $campaign)) {
return true;
}
return false;
}
public function checkEntityDelete(User $user, Entity $entity, ScopeData $data): bool
{
if ($this->defaultAccessChecker->checkEntityDelete($user, $entity, $data)) {
return true;
}
$campaign = $entity->getCampaign();
if ($campaign && $this->aclManager->checkEntityEdit($user, $campaign)) {
return true;
}
return false;
}
}

48
application/Espo/Modules/Crm/Classes/Acl/MassEmail/LinkCheckers/InboundEmailLinkChecker.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\MassEmail\LinkCheckers;
use Espo\Core\Acl\LinkChecker;
use Espo\Entities\InboundEmail;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\MassEmail;
use Espo\ORM\Entity;
/**
* @implements LinkChecker<MassEmail, InboundEmail>
* @noinspection PhpUnused
*/
class InboundEmailLinkChecker implements LinkChecker
{
public function check(User $user, Entity $entity, Entity $foreignEntity): bool
{
return $foreignEntity->smtpIsForMassEmail();
}
}

70
application/Espo/Modules/Crm/Classes/Acl/MassEmail/OwnershipChecker.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\MassEmail;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\MassEmail;
use Espo\ORM\Entity;
use Espo\Core\Acl\OwnershipOwnChecker;
use Espo\Core\Acl\OwnershipTeamChecker;
use Espo\Core\AclManager;
/**
* @implements OwnershipOwnChecker<MassEmail>
* @implements OwnershipTeamChecker<MassEmail>
*/
class OwnershipChecker implements OwnershipOwnChecker, OwnershipTeamChecker
{
public function __construct(
private AclManager $aclManager,
) {}
public function checkOwn(User $user, Entity $entity): bool
{
$campaign = $entity->getCampaign();
if ($campaign && $this->aclManager->checkOwnershipOwn($user, $campaign)) {
return true;
}
return false;
}
public function checkTeam(User $user, Entity $entity): bool
{
$campaign = $entity->getCampaign();
if ($campaign && $this->aclManager->checkOwnershipTeam($user, $campaign)) {
return true;
}
return false;
}
}

87
application/Espo/Modules/Crm/Classes/Acl/Meeting/AccessChecker.php Normal file
View File

@@ -0,0 +1,87 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\Meeting;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\Meeting;
use Espo\ORM\Entity;
use Espo\Core\ORM\Entity as CoreEntity;
use Espo\Core\Acl\AccessEntityCREDSChecker;
use Espo\Core\Acl\DefaultAccessChecker;
use Espo\Core\Acl\ScopeData;
use Espo\Core\Acl\Table;
use Espo\Core\Acl\Traits\DefaultAccessCheckerDependency;
/**
* @implements AccessEntityCREDSChecker<Meeting>
*/
class AccessChecker implements AccessEntityCREDSChecker
{
use DefaultAccessCheckerDependency;
public function __construct(DefaultAccessChecker $defaultAccessChecker)
{
$this->defaultAccessChecker = $defaultAccessChecker;
}
public function checkEntityRead(User $user, Entity $entity, ScopeData $data): bool
{
if ($this->defaultAccessChecker->checkEntityRead($user, $entity, $data)) {
return true;
}
assert($entity instanceof CoreEntity);
if ($data->getRead() === Table::LEVEL_OWN || $data->getRead() === Table::LEVEL_TEAM) {
if ($entity->hasLinkMultipleId('users', $user->getId())) {
return true;
}
}
return false;
}
public function checkEntityStream(User $user, Entity $entity, ScopeData $data): bool
{
if ($this->defaultAccessChecker->checkEntityStream($user, $entity, $data)) {
return true;
}
assert($entity instanceof CoreEntity);
if ($data->getStream() === Table::LEVEL_OWN || $data->getRead() === Table::LEVEL_TEAM) {
if ($entity->hasLinkMultipleId('users', $user->getId())) {
return true;
}
}
return false;
}
}

102
application/Espo/Modules/Crm/Classes/Acl/Meeting/AssignmentChecker.php Normal file
View File

@@ -0,0 +1,102 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\Meeting;
use Espo\Core\Acl;
use Espo\Core\Acl\AssignmentChecker as AssignmentCheckerInterface;
use Espo\Core\Acl\DefaultAssignmentChecker;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\Call;
use Espo\Modules\Crm\Entities\Meeting;
use Espo\ORM\Entity;
use Espo\ORM\EntityManager;
use Espo\ORM\Name\Attribute;
/**
* @implements AssignmentCheckerInterface<Meeting|Call>
*/
class AssignmentChecker implements AssignmentCheckerInterface
{
public function __construct(
private DefaultAssignmentChecker $defaultAssignmentChecker,
private EntityManager $entityManager,
private Acl $acl
) {}
public function check(User $user, Entity $entity): bool
{
if (!$this->defaultAssignmentChecker->check($user, $entity)) {
return false;
}
$userIds = $this->getUserIds($entity);
foreach ($userIds as $userId) {
if (!$this->acl->checkAssignmentPermission($userId)) {
return false;
}
}
return true;
}
/**
* @return string[]
*/
private function getUserIds(Meeting|Call $entity): array
{
$userIdList = $entity->getUsers()->getIdList();
if ($entity->isNew()) {
return $userIdList;
}
$newIdList = [];
$existingIdList = [];
$usersCollection = $this->entityManager
->getRDBRepository($entity->getEntityType())
->getRelation($entity, 'users')
->select(Attribute::ID)
->find();
foreach ($usersCollection as $user) {
$existingIdList[] = $user->getId();
}
foreach ($userIdList as $id) {
if (!in_array($id, $existingIdList)) {
$newIdList[] = $id;
}
}
return $newIdList;
}
}

100
application/Espo/Modules/Crm/Classes/Acl/Task/LinkCheckers/AccountLinkChecker.php Normal file
View File

@@ -0,0 +1,100 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\Task\LinkCheckers;
use Espo\Core\Acl\LinkChecker;
use Espo\Core\AclManager;
use Espo\Entities\Email;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\Account;
use Espo\Modules\Crm\Entities\Task;
use Espo\ORM\Entity;
use Espo\ORM\EntityManager;
/**
* @implements LinkChecker<Task, Account>
* @noinspection PhpUnused
*/
class AccountLinkChecker implements LinkChecker
{
public function __construct(
private AclManager $aclManager,
private EntityManager $entityManager
) {}
public function check(User $user, Entity $entity, Entity $foreignEntity): bool
{
if ($this->aclManager->checkEntityRead($user, $foreignEntity)) {
return true;
}
if (!$entity->isNew()) {
return false;
}
/** @var ?string $emailId */
$emailId = $entity->get('originalEmailId');
if (!$emailId) {
return false;
}
$email = $this->entityManager
->getRepositoryByClass(Email::class)
->getById($emailId);
if (!$email) {
return false;
}
if (
$email->getAccount() &&
$foreignEntity->getId() === $email->getAccount()->getId() &&
$this->aclManager->checkEntityRead($user, $email)
) {
return true;
}
$parent = $email->getParent();
if (!$parent) {
return false;
}
if (
$parent->getEntityType() !== Account::ENTITY_TYPE ||
$parent->getId() !== $foreignEntity->getId()
) {
return false;
}
return $this->aclManager->checkEntityRead($user, $email);
}
}

91
application/Espo/Modules/Crm/Classes/Acl/Task/LinkCheckers/ParentLinkChecker.php Normal file
View File

@@ -0,0 +1,91 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Modules\Crm\Classes\Acl\Task\LinkCheckers;
use Espo\Core\Acl\LinkChecker;
use Espo\Core\AclManager;
use Espo\Entities\Email;
use Espo\Entities\User;
use Espo\Modules\Crm\Entities\Task;
use Espo\ORM\Entity;
use Espo\ORM\EntityManager;
/**
* @implements LinkChecker<Task, Entity>
* @noinspection PhpUnused
*/
class ParentLinkChecker implements LinkChecker
{
public function __construct(
private AclManager $aclManager,
private EntityManager $entityManager
) {}
public function check(User $user, Entity $entity, Entity $foreignEntity): bool
{
if ($this->aclManager->checkEntityRead($user, $foreignEntity)) {
return true;
}
if (!$entity->isNew()) {
return false;
}
/** @var ?string $emailId */
$emailId = $entity->get('originalEmailId');
if (!$emailId) {
return false;
}
$email = $this->entityManager
->getRepositoryByClass(Email::class)
->getById($emailId);
if (!$email) {
return false;
}
$parent = $email->getParent();
if (!$parent) {
return false;
}
if (
$parent->getEntityType() !== $foreignEntity->getEntityType() ||
$parent->getId() !== $foreignEntity->getId()
) {
return false;
}
return $this->aclManager->checkEntityRead($user, $email);
}
}