bsiggel/espocrm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
root
2026-01-19 17:44:46 +01:00
commit 823af8b11d
8721 changed files with 1130846 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
application/Espo/Services/Email.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Services;
use Espo\Tools\Email\SendService;
use Espo\ORM\Entity;
use Espo\Entities\Email as EmailEntity;
use Espo\Core\Exceptions\Error;
use Espo\Core\Exceptions\Conflict;
use Espo\Core\Exceptions\Forbidden;
use Espo\Core\Exceptions\BadRequest;
use Espo\Core\Mail\Exceptions\SendingError;
use Espo\Core\Record\CreateParams;
use stdClass;
/**
* @extends Record<EmailEntity>
*/
class Email extends Record
{
protected bool $getEntityBeforeUpdate = true;
private ?SendService $sendService = null;
private function getSendService(): SendService
{
if (!$this->sendService) {
$this->sendService = $this->injectableFactory->create(SendService::class);
}
return $this->sendService;
}
/**
* @todo Move to hook? Make sure needed data is loaded before sending.
*
* @throws BadRequest
* @throws Error
* @throws Forbidden
* @throws Conflict
* @throws BadRequest
* @throws SendingError
*/
public function create(stdClass $data, CreateParams $params): Entity
{
/** @var EmailEntity $entity */
$entity = parent::create($data, $params);
if ($entity->getStatus() === EmailEntity::STATUS_SENDING) {
$this->getSendService()->send($entity, $this->user);
}
return $entity;
}
}

177
application/Espo/Services/ExternalAccount.php Normal file
View File

@@ -0,0 +1,177 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Services;
use Espo\ORM\Entity;
use Espo\Core\ExternalAccount\Clients\OAuth2Abstract;
use Espo\Core\ExternalAccount\ClientManager;
use Espo\Core\Exceptions\Error;
use Espo\Core\Exceptions\NotFound;
use Espo\Core\Exceptions\NotFoundSilent;
use Espo\Core\Exceptions\Forbidden;
use Espo\Core\Record\ReadParams;
use Espo\Core\Di;
use Espo\Entities\ExternalAccount as ExternalAccountEntity;
use Espo\Entities\Integration as IntegrationEntity;
use Exception;
/**
* @extends Record<ExternalAccountEntity>
*/
class ExternalAccount extends Record implements Di\HookManagerAware
{
use Di\HookManagerSetter;
/**
* @throws NotFound
* @throws Error
*/
private function getClient(string $integration, string $id): ?object
{
/** @var IntegrationEntity|null $integrationEntity */
$integrationEntity = $this->entityManager->getEntityById(IntegrationEntity::ENTITY_TYPE, $integration);
if (!$integrationEntity) {
throw new NotFound();
}
if (!$integrationEntity->get('enabled')) {
throw new Error("$integration is disabled.");
}
return $this->injectableFactory
->create(ClientManager::class)
->create($integration, $id);
}
private function getExternalAccountEntity(string $integration, string $userId): ?ExternalAccountEntity
{
$id = $integration . '__' . $userId;
/** @var ?ExternalAccountEntity */
return $this->entityManager->getEntityById(ExternalAccountEntity::ENTITY_TYPE, $id);
}
/**
* @return bool
* @todo In v9.1. Move to Tools. Fix all usages.
*/
public function ping(string $integration, string $userId)
{
try {
$client = $this->getClient($integration, $userId);
if ($client && method_exists($client, 'ping')) {
/** @var bool */
return $client->ping();
}
} catch (Exception) {}
return false;
}
/**
* @return bool
* @throws NotFound
* @throws Error
* @throws Exception
* @todo In v9.1. Return void. Move to Tools. Fix all usages.
*/
public function authorizationCode(string $integration, string $userId, string $code)
{
$entity = $this->getExternalAccountEntity($integration, $userId);
if (!$entity) {
throw new NotFound();
}
$entity->set('enabled', true);
$this->entityManager->saveEntity($entity);
$client = $this->getClient($integration, $userId);
if (!$client instanceof OAuth2Abstract) {
throw new Error("Could not load client for $integration.");
}
$result = $client->getAccessTokenFromAuthorizationCode($code);
if (empty($result) || empty($result['accessToken'])) {
throw new Error("Could not get access token for $integration.");
}
$entity->clear('accessToken');
$entity->clear('refreshToken');
$entity->clear('tokenType');
$entity->clear('expiresAt');
foreach ($result as $name => $value) {
$entity->set($name, $value);
}
$this->entityManager->saveEntity($entity);
$this->hookManager->process('ExternalAccount', 'afterConnect', $entity, [
'integration' => $integration,
'userId' => $userId,
'code' => $code,
]);
return true;
}
public function read(string $id, ReadParams $params): Entity
{
[, $userId] = explode('__', $id);
if ($this->user->getId() !== $userId && !$this->user->isAdmin()) {
throw new Forbidden();
}
$entity = $this->entityManager->getEntityById(ExternalAccountEntity::ENTITY_TYPE, $id);
if (!$entity) {
throw new NotFoundSilent();
}
[$integration,] = explode('__', $entity->getId());
$secretAttributeList =
$this->metadata->get(['integrations', $integration, 'externalAccountSecretAttributeList']) ?? [];
foreach ($secretAttributeList as $a) {
$entity->clear($a);
}
return $entity;
}
}

97
application/Espo/Services/Import.php Normal file
View File

@@ -0,0 +1,97 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Services;
use Espo\Repositories\Import as Repository;
use Espo\Entities\Import as ImportEntity;
use Espo\Core\Acl\Table;
use Espo\Core\Exceptions\Forbidden;
use Espo\Core\Exceptions\NotFoundSilent;
use Espo\Core\FieldProcessing\ListLoadProcessor;
use Espo\Core\Record\Collection as RecordCollection;
use Espo\Core\Select\SearchParams;
/**
* @extends Record<ImportEntity>
*/
class Import extends Record
{
public function findLinked(string $id, string $link, SearchParams $searchParams): RecordCollection
{
if (!in_array($link, ['imported', 'duplicates', 'updated'])) {
return parent::findLinked($id, $link, $searchParams);
}
/** @var ?ImportEntity $entity */
$entity = $this->getImportRepository()->getById($id);
if (!$entity) {
throw new NotFoundSilent();
}
$foreignEntityType = $entity->get('entityType');
if (!$this->acl->check($entity, Table::ACTION_READ)) {
throw new Forbidden();
}
if (!$this->acl->check($foreignEntityType, Table::ACTION_READ)) {
throw new Forbidden();
}
$query = $this->selectBuilderFactory
->create()
->from($foreignEntityType)
->withStrictAccessControl()
->withSearchParams($searchParams)
->build();
$collection = $this->getImportRepository()->findResultRecords($entity, $link, $query);
$listLoadProcessor = $this->injectableFactory->create(ListLoadProcessor::class);
$recordService = $this->recordServiceContainer->get($foreignEntityType);
foreach ($collection as $e) {
$listLoadProcessor->process($e);
$recordService->prepareEntityForOutput($e);
}
$total = $this->getImportRepository()->countResultRecords($entity, $link, $query);
return new RecordCollection($collection, $total);
}
private function getImportRepository(): Repository
{
/** @var Repository */
return $this->getRepository();
}
}

136
application/Espo/Services/Integration.php Normal file
View File

@@ -0,0 +1,136 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Services;
use Espo\Core\Exceptions\Forbidden;
use Espo\Core\Exceptions\NotFound;
use Espo\Core\ORM\Type\FieldType;
use Espo\Core\Utils\Config;
use Espo\Core\Utils\Config\ConfigWriter;
use Espo\Core\Utils\Metadata;
use Espo\Entities\Integration as IntegrationEntity;
use Espo\Entities\User;
use Espo\ORM\Entity;
use Espo\ORM\EntityManager;
use stdClass;
class Integration
{
public function __construct(
private EntityManager $entityManager,
private User $user,
private Config $config,
private ConfigWriter $configWriter,
private Metadata $metadata,
) {}
/**
* @return void
* @throws Forbidden
*/
protected function processAccessCheck()
{
if (!$this->user->isAdmin()) {
throw new Forbidden();
}
}
/**
* @throws Forbidden
* @throws NotFound
*/
public function read(string $id): Entity
{
$this->processAccessCheck();
/** @var ?IntegrationEntity $entity */
$entity = $this->entityManager->getEntityById(IntegrationEntity::ENTITY_TYPE, $id);
if (!$entity) {
throw new NotFound();
}
$this->prepareEntity($entity);
return $entity;
}
/**
* @throws Forbidden
* @throws NotFound
*/
public function update(string $id, stdClass $data): Entity
{
$this->processAccessCheck();
/** @var ?IntegrationEntity $entity */
$entity = $this->entityManager->getEntityById(IntegrationEntity::ENTITY_TYPE, $id);
if (!$entity) {
throw new NotFound();
}
$entity->set($data);
$this->entityManager->saveEntity($entity);
$configData = $this->config->get('integrations') ?? (object) [];
if (!$configData instanceof stdClass) {
$configData = (object) [];
}
$configData->$id = $entity->get('enabled');
$this->configWriter->set('integrations', $configData);
$this->configWriter->save();
$this->prepareEntity($entity);
return $entity;
}
private function prepareEntity(IntegrationEntity $entity): void
{
/** @var array<string, array<string, mixed>> $fields */
$fields = $this->metadata->get("integrations.{$entity->getId()}.fields") ?? [];
foreach ($fields as $field => $fieldDefs) {
$type = $fieldDefs['type'] ?? null;
if ($type === FieldType::PASSWORD) {
$entity->clear($field);
}
// @todo Clear readOnly.
}
}
}

65
application/Espo/Services/Record.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Services;
use Espo\Core\Select\SelectBuilderFactory;
use Espo\ORM\Entity;
use Espo\Core\Record\Service as RecordService;
use Espo\Core\Utils\Util;
/**
* Extending is not recommended. Use composition with metadata > recordDefs.
*
* @template TEntity of Entity
* @extends RecordService<TEntity>
*/
class Record extends RecordService
{
/**
* @internal
*/
protected function initEntityType(): void
{
if ($this->entityType) {
return;
}
// Detecting the entity type by the class-name.
$name = get_class($this);
$matches = null;
if (preg_match('@\\\\([\w]+)$@', $name, $matches)) {
$name = $matches[1];
}
$this->entityType = Util::normalizeScopeName($name);
}
}

478
application/Espo/Services/RecordTree.php Normal file
View File

@@ -0,0 +1,478 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Services;
use Espo\Core\Acl\Table;
use Espo\Core\Exceptions\BadRequest;
use Espo\Core\Name\Field;
use Espo\Core\Templates\Entities\CategoryTree;
use Espo\ORM\Collection;
use Espo\ORM\Entity;
use Espo\ORM\Name\Attribute;
use Espo\ORM\Query\Part\Order;
use Espo\Core\Acl\Table as AclTable;
use Espo\Core\Exceptions\Error;
use Espo\Core\Exceptions\Forbidden;
use Espo\Core\Exceptions\NotFound;
use Espo\Core\Record\UpdateParams;
use Espo\Core\Select\SearchParams;
use Espo\Core\Select\Where\Item as WhereItem;
use Espo\Core\Acl\Exceptions\NotImplemented;
use ArrayAccess;
use Espo\Tools\CategoryTree\Move\LoopReferenceChecker;
use Espo\Tools\CategoryTree\Record\ReadTreeParams;
use stdClass;
/**
* @template TEntity of Entity
* @extends Record<TEntity>
*/
class RecordTree extends Record
{
private const MAX_DEPTH = 2;
private ?Entity $seed = null;
/**
* @var ?string
* @todo Add native type in v9.3.
*/
protected $subjectEntityType = null;
/**
* @var ?string
* @todo Add native type in v9.3.
*/
protected $categoryField = null;
/**
* @return ?Collection<Entity>
* @throws Forbidden
* @throws BadRequest
*/
public function getTree(ReadTreeParams $params): ?Collection
{
if (!$this->acl->check($this->entityType, Table::ACTION_READ)) {
throw new Forbidden();
}
$path = $params->currentId ? $this->getTreeItemPath($params->currentId) : null;
return $this->getTreeInternal($params->parentId, $params, $path);
}
/**
* @param string[] $path
* @return ?Collection<Entity>
* @throws BadRequest
* @throws Forbidden
*/
private function getTreeInternal(?string $parentId, ReadTreeParams $params, ?array $path, int $level = 0): ?Collection
{
$maxDepth = $params->maxDepth ?? self::MAX_DEPTH;
if ($level === $maxDepth) {
if ($path === null || !in_array($parentId, $path)) {
return null;
}
}
$searchParams = SearchParams::create();
if ($params->where) {
$searchParams = $searchParams->withWhere($params->where);
}
$selectBuilder = $this->selectBuilderFactory
->create()
->from($this->entityType)
->withStrictAccessControl()
->withSearchParams($searchParams)
->buildQueryBuilder()
->where(['parentId' => $parentId]);
$selectBuilder->order([]);
if ($this->hasOrder()) {
$selectBuilder->order('order', Order::ASC);
}
$selectBuilder->order(Field::NAME, Order::ASC);
$filterItems = false;
if ($this->checkFilterOnlyNotEmpty()) {
$filterItems = true;
}
$collection = $this->getRepository()
->clone($selectBuilder->build())
->find();
if (
($params->onlyNotEmpty || $filterItems) &&
$collection instanceof ArrayAccess
) {
foreach ($collection as $i => $entity) {
if ($this->checkItemIsEmpty($entity)) {
unset($collection[$i]);
}
}
}
foreach ($collection as $entity) {
$childList = $this->getTreeInternal($entity->getId(), $params, $path, $level + 1);
$entity->set('childList', $childList?->getValueMapList());
}
return $collection;
}
protected function checkFilterOnlyNotEmpty(): bool
{
try {
if (!$this->acl->checkScope($this->getSubjectEntityType(), Table::ACTION_CREATE)) {
return true;
}
} catch (NotImplemented) {
return false;
}
return false;
}
/**
* @throws BadRequest
* @throws Forbidden
*/
protected function checkItemIsEmpty(Entity $entity): bool
{
$entityType = $this->getSubjectEntityType();
// If used without an actual subject entity.
if (!$this->entityManager->hasRepository($entityType)) {
return true;
}
$query = $this->selectBuilderFactory
->create()
->from($entityType)
->withStrictAccessControl()
->withWhere(
WhereItem::fromRaw([
'type' => 'inCategory',
'attribute' => $this->getCategoryField(),
'value' => $entity->getId(),
])
)
->build();
$one = $this->entityManager
->getRDBRepository($entityType)
->clone($query)
->select([Attribute::ID])
->findOne();
if ($one) {
return false;
}
return true;
}
/**
* @throws Forbidden
* @throws NotFound
*/
public function getCategoryData(?string $id): ?stdClass
{
if (!$this->acl->check($this->entityType, AclTable::ACTION_READ)) {
throw new Forbidden();
}
if ($id === null) {
return null;
}
$category = $this->entityManager->getEntityById($this->entityType, $id);
if (!$category) {
throw new NotFound();
}
if (!$this->acl->check($category, AclTable::ACTION_READ)) {
throw new Forbidden();
}
return (object) [
'upperId' => $category->get('parentId'),
'upperName' => $category->get('parentName'),
'id' => $id,
'name' => $category->get(Field::NAME),
];
}
/**
* @return string[]
* @throws Forbidden
*/
public function getTreeItemPath(?string $parentId = null): array
{
if (!$this->acl->check($this->entityType, AclTable::ACTION_READ)) {
throw new Forbidden();
}
$arr = [];
while (1) {
if (empty($parentId)) {
break;
}
$parent = $this->entityManager->getEntityById($this->entityType, $parentId);
if ($parent) {
$parentId = $parent->get('parentId');
array_unshift($arr, $parent->getId());
} else {
$parentId = null;
}
}
return $arr;
}
private function getSeed(): Entity
{
if (empty($this->seed)) {
$this->seed = $this->entityManager->getNewEntity($this->entityType);
}
return $this->seed;
}
private function hasOrder(): bool
{
$seed = $this->getSeed();
if ($seed->hasAttribute('order')) {
return true;
}
return false;
}
/**
* @throws Forbidden
* @throws Error
* @todo Refactor.
*/
protected function beforeCreateEntity(Entity $entity, $data)
{
parent::beforeCreateEntity($entity, $data);
if (!empty($data->parentId)) {
$parent = $this->entityManager->getEntityById($this->entityType, $data->parentId);
if (!$parent) {
throw new Error("Tried to create tree item entity with not existing parent.");
}
if (!$this->acl->check($parent, Table::ACTION_EDIT)) {
throw new Forbidden();
}
}
}
/**
* @throws Forbidden
* @throws BadRequest
*/
protected function beforeDeleteEntity(Entity $entity)
{
parent::beforeDeleteEntity($entity);
$childCategory = $this->entityManager
->getRelation($entity, 'children')
->findOne();
if ($childCategory) {
throw Forbidden::createWithBody(
'cannotRemoveCategoryWithChildCategory',
Error\Body::create()->withMessageTranslation('cannotRemoveCategoryWithChildCategory')
);
}
if (!$this->checkItemIsEmpty($entity)) {
throw Forbidden::createWithBody(
'cannotRemoveNotEmptyCategory',
Error\Body::create()->withMessageTranslation('cannotRemoveNotEmptyCategory')
);
}
}
/**
* @throws Forbidden
*/
protected function beforeUpdateEntity(Entity $entity, $data)
{
parent::beforeUpdateEntity($entity, $data);
if (
!$entity->isNew() &&
$entity->isAttributeChanged('parentId') &&
$entity->get('parentId') &&
$entity instanceof CategoryTree
) {
$parentId = $entity->get('parentId');
$parent = $this->entityManager->getEntityById($this->entityType, $parentId);
if ($parent) {
$this->injectableFactory->create(LoopReferenceChecker::class)
->check($entity, $parent);
}
}
}
public function update(string $id, stdClass $data, UpdateParams $params): Entity
{
if (!empty($data->parentId) && $data->parentId === $id) {
throw new Forbidden();
}
return parent::update($id, $data, $params);
}
public function link(string $id, string $link, string $foreignId): void
{
if ($id == $foreignId) {
throw new Forbidden();
}
parent::link($id, $link, $foreignId);
}
/**
* @return string[]
* @throws Forbidden
* @throws BadRequest
*/
public function getLastChildrenIdList(?string $parentId = null): array
{
if (!$this->acl->check($this->entityType, Table::ACTION_READ)) {
throw new Forbidden();
}
$query = $this->selectBuilderFactory
->create()
->from($this->entityType)
->withStrictAccessControl()
->buildQueryBuilder()
->where([
'parentId' => $parentId,
])
->build();
$idList = [];
$includingRecords = false;
if ($this->checkFilterOnlyNotEmpty()) {
$includingRecords = true;
}
$collection = $this->getRepository()
->clone($query)
->select([Attribute::ID])
->find();
foreach ($collection as $entity) {
$subQuery = $this->selectBuilderFactory
->create()
->from($this->entityType)
->withStrictAccessControl()
->buildQueryBuilder()
->where([
'parentId' => $entity->getId(),
])
->build();
$count = $this->getRepository()
->clone($subQuery)
->count();
if (!$count) {
$idList[] = $entity->getId();
continue;
}
if ($includingRecords) {
$isNotEmpty = false;
$subCollection = $this->getRepository()
->clone($subQuery)
->find();
foreach ($subCollection as $subEntity) {
if (!$this->checkItemIsEmpty($subEntity)) {
$isNotEmpty = true;
break;
}
}
if (!$isNotEmpty) {
$idList[] = $entity->getId();
}
}
}
return $idList;
}
private function getSubjectEntityType(): string
{
return $this->metadata->get("scopes.$this->entityType.categoryParentEntityType") ??
$this->subjectEntityType ??
substr($this->entityType, 0, strlen($this->entityType) - 8);
}
private function getCategoryField(): string
{
return $this->metadata->get("scopes.$this->entityType.categoryField") ??
$this->categoryField ??
'category';
}
}

36
application/Espo/Services/Stream.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Services;
/**
* For backward compatibility.
* @todo Remove in v10.0.
*/
class Stream extends \Espo\Tools\Stream\Service {}

185
application/Espo/Services/User.php Normal file
View File

@@ -0,0 +1,185 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM Open Source CRM application.
* Copyright (C) 2014-2025 EspoCRM, Inc.
* Website: https://www.espocrm.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
namespace Espo\Services;
use Espo\Core\Di\LogAware;
use Espo\Core\Di\LogSetter;
use Espo\Core\Mail\Exceptions\SendingError;
use Espo\Entities\User as UserEntity;
use Espo\Core\Exceptions\BadRequest;
use Espo\Core\Exceptions\Forbidden;
use Espo\Core\Record\CreateParams;
use Espo\Core\Record\UpdateParams;
use Espo\Core\Utils\PasswordHash;
use Espo\ORM\Entity;
use Espo\Tools\UserSecurity\Password\Checker as PasswordChecker;
use Espo\Tools\UserSecurity\Password\Generator as PasswordGenerator;
use Espo\Tools\UserSecurity\Password\Sender as PasswordSender;
use Espo\Tools\UserSecurity\Password\Service as PasswordService;
use SensitiveParameter;
use stdClass;
use Exception;
/**
* @extends Record<UserEntity>
*/
class User extends Record implements LogAware
{
use LogSetter;
private function hashPassword(#[SensitiveParameter] string $password): string
{
$passwordHash = $this->injectableFactory->create(PasswordHash::class);
return $passwordHash->hash($password);
}
/**
* @throws BadRequest
*/
private function fetchPassword(#[SensitiveParameter] stdClass $data): ?string
{
$password = $data->password ?? null;
if ($password === '') {
$password = null;
}
if ($password !== null && !is_string($password)) {
throw new BadRequest("Bad password value.");
}
return $password;
}
public function create(stdClass $data, CreateParams $params): Entity
{
$newPassword = $this->fetchPassword($data);
$passwordSpecified = $newPassword !== null;
if (
$newPassword !== null &&
!$this->createPasswordChecker()->checkStrength($newPassword)
) {
throw new Forbidden("Password is weak.");
}
if (!$newPassword) {
// Generate a password as authentication implementations may require user records
// to have passwords for auth token mechanism functioning.
$newPassword = $this->createPasswordGenerator()->generate();
}
$data->password = $this->hashPassword($newPassword);
/** @var UserEntity $user */
$user = parent::create($data, $params);
$sendAccessInfo = !empty($data->sendAccessInfo);
if (!$sendAccessInfo || !$user->isActive() || $user->isApi()) {
return $user;
}
try {
if ($passwordSpecified) {
$this->sendPassword($user, $newPassword);
return $user;
}
$this->getPasswordService()->sendAccessInfoForNewUser($user);
} catch (Exception $e) {
$this->log->error("Could not send user access info. " . $e->getMessage());
}
return $user;
}
public function update(string $id, stdClass $data, UpdateParams $params): Entity
{
$newPassword = null;
if (property_exists($data, 'password')) {
$newPassword = $data->password;
if (!$this->createPasswordChecker()->checkStrength($newPassword)) {
throw new Forbidden("Password is weak.");
}
$data->password = $this->hashPassword($data->password);
}
if ($id === $this->user->getId()) {
unset($data->isActive);
unset($data->isPortalUser);
unset($data->type);
}
/** @var UserEntity $user */
$user = parent::update($id, $data, $params);
if (!is_null($newPassword)) {
try {
if ($user->isActive() && !empty($data->sendAccessInfo)) {
$this->sendPassword($user, $newPassword);
}
} catch (Exception) {}
}
return $user;
}
private function getPasswordService(): PasswordService
{
return $this->injectableFactory->create(PasswordService::class);
}
/**
* @throws SendingError
*/
private function sendPassword(UserEntity $user, string $password): void
{
$this->injectableFactory
->create(PasswordSender::class)
->sendPassword($user, $password);
}
private function createPasswordChecker(): PasswordChecker
{
return $this->injectableFactory->create(PasswordChecker::class);
}
private function createPasswordGenerator(): PasswordGenerator
{
return $this->injectableFactory->create(PasswordGenerator::class);
}
}