Skip to content

Commit

Permalink
SuiteCRM 7.12.5 Release
Browse files Browse the repository at this point in the history
  • Loading branch information
mattlorimer committed Mar 1, 2022
1 parent e9414a1 commit e93b269
Show file tree
Hide file tree
Showing 12 changed files with 127 additions and 55 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<img width="180px" height="41px" src="https://suitecrm.com/wp-content/uploads/2017/12/logo.png" align="right" />
</a>

# SuiteCRM 7.12.4
# SuiteCRM 7.12.5

[![Build Status](https://travis-ci.org/salesagility/SuiteCRM.svg?branch=hotfix)](https://travis-ci.org/salesagility/SuiteCRM)
[![codecov](https://codecov.io/gh/salesagility/SuiteCRM/branch/hotfix/graph/badge.svg)](https://codecov.io/gh/salesagility/SuiteCRM/branch/hotfix)
Expand Down
72 changes: 39 additions & 33 deletions files.md5

Large diffs are not rendered by default.

28 changes: 24 additions & 4 deletions modules/AOR_Scheduled_Reports/AOR_Scheduled_Reports.php
Original file line number Diff line number Diff line change
Expand Up @@ -83,9 +83,7 @@ public function bean_implements($interface)

public function save($check_notify = false)
{
if (isset($_POST['email_recipients']) && is_array($_POST['email_recipients'])) {
$this->email_recipients = base64_encode(serialize($_POST['email_recipients']));
}
$this->parseRecipients();

return parent::save($check_notify);
}
Expand Down Expand Up @@ -180,7 +178,7 @@ public function shouldRun(DateTime $date)
}

$lastRun = $this->last_run ? $timedate->fromDb($this->last_run) : $timedate->fromDb($this->date_entered);

$this->handleTimeZone($lastRun);
$next = $cron->getNextRunDate($lastRun);

Expand All @@ -200,4 +198,26 @@ protected function handleTimeZone(DateTime $date)
$date->modify($offset . 'second');
}

/**
* Parse and set recipients
* @return void
*/
protected function parseRecipients(): void
{
$recipients = $_POST['email_recipients'] ?? null;
unset($_POST['email_recipients'], $_REQUEST['email_recipients'], $_GET['email_recipients']);
$this->email_recipients = null;

if (is_array($recipients)) {
$types = $recipients['email_target_type'] ?? [];
$emailInfo = $recipients['email'] ?? [];
$recipients = [
'email_target_type' => $types,
'email' => $emailInfo,
];

$this->email_recipients = base64_encode(serialize($recipients));
}
}

}
5 changes: 3 additions & 2 deletions modules/Calendar/CalendarActivity.php
Original file line number Diff line number Diff line change
Expand Up @@ -266,11 +266,12 @@ public static function get_activities(
}

$focus_list = build_related_list_by_user_id($bean, $user_id, $where);
require_once 'modules/SecurityGroups/SecurityGroup.php';
//require_once 'modules/SecurityGroups/SecurityGroup.php';
foreach ($focus_list as $focusBean) {
if (isset($seen_ids[$focusBean->id])) {
continue;
}
/* TODO update currently unused functionality, disabled as expensive
$in_group = SecurityGroup::groupHasAccess($key, $focusBean->id, 'list');
$show_as_busy = !ACLController::checkAccess(
$key,
Expand All @@ -279,7 +280,7 @@ public static function get_activities(
'module',
$in_group
);
$focusBean->show_as_busy = $show_as_busy;
$focusBean->show_as_busy = $show_as_busy;*/

$seen_ids[$focusBean->id] = 1;
$act = new CalendarActivity($focusBean);
Expand Down
5 changes: 5 additions & 0 deletions modules/Employees/Employee.php
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,11 @@ public function list_view_parse_additional_sections(&$list_form/*, $xTemplateSec

public function create_export_query($order_by, $where, $relate_link_join = '')
{
global $current_user;
if (!is_admin($current_user)) {
throw new RuntimeException('Not authorized');
}

include('modules/Employees/field_arrays.php');

$cols = '';
Expand Down
9 changes: 3 additions & 6 deletions modules/ModuleBuilder/Module/IconRepository.php
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,13 @@ class IconRepository
*/
private static $iconNames = [
AOS_Contracts::class => 'aos-contracts-signature',
AOR_Scheduled_Reports::class => 'aor-reports',
'EmailTemplates' => 'emails',
'Employees' => 'users',
jjwg_Address_Cache::class => 'jjwg-markers',
'ProjectTask' => 'am-tasktemplates',
AM_ProjectTemplates::class => 'am-tasktemplates',
'SurveyQuestionOptions' => self::DEFAULT_ICON,
'SurveyQuestionResponses' => self::DEFAULT_ICON,
'SurveyQuestions' => self::DEFAULT_ICON,
'SurveyQuestionResponses' => 'survey-responses',
'SurveyResponses' => 'survey-responses',
'Prospects' => 'targets'
];
Expand All @@ -33,8 +32,6 @@ class IconRepository
*/
public static function getIconName($module)
{
return isset(static::$iconNames[$module])
? static::$iconNames[$module]
: strtolower(str_replace('_', '-', $module));
return static::$iconNames[$module] ?? strtolower(str_replace('_', '-', $module));
}
}
4 changes: 2 additions & 2 deletions modules/ProspectLists/Duplicate.php
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,11 @@
if (isset($_POST['isDuplicate']) && $_POST['isDuplicate'] == true) {
$focus->id='';
$focus->name=$mod_strings['LBL_COPY_PREFIX'].' '.$focus->name;

$focus->save();
$return_id=$focus->id;
//duplicate the linked items.
$query = "select * from prospect_lists_prospects where prospect_list_id = '".$_POST['record']."'";
$query = "select * from prospect_lists_prospects where prospect_list_id = '". $focus->db->quote($_POST['record']) ."'";
$result = $focus->db->query($query);
if ($result != null) {
while (($row = $focus->db->fetchByAssoc($result)) != null) {
Expand Down
30 changes: 30 additions & 0 deletions modules/Users/User.php
Original file line number Diff line number Diff line change
Expand Up @@ -606,6 +606,10 @@ public function save($check_notify = false)
{
global $current_user, $mod_strings;

if (!$this->hasSaveAccess()) {
throw new RuntimeException('Not authorized');
}

$msg = '';

$isUpdate = !empty($this->id) && !$this->new_with_id;
Expand Down Expand Up @@ -1591,6 +1595,11 @@ public static function getActiveUsers()

public function create_export_query($order_by, $where, $relate_link_join = '')
{
global $current_user;
if (!is_admin($current_user)) {
throw new RuntimeException('Not authorized');
}

include('modules/Users/field_arrays.php');

$cols = '';
Expand Down Expand Up @@ -2437,4 +2446,25 @@ public function getSubTheme()
}
return $subTheme;
}

/**
* Check if current user can save the current user record
* @return bool
*/
protected function hasSaveAccess(): bool
{
global $current_user;

if (empty($this->id)) {
return true;
}

if (empty($current_user->id)) {
return true;
}

$sameUser = $current_user->id === $this->id;

return $sameUser || is_admin($current_user);
}
}
6 changes: 3 additions & 3 deletions modules/vCals/vCal.php
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ public function get_freebusy_lines_cache(&$user_bean)
public function create_sugar_freebusy($user_bean, $start_date_time, $end_date_time)
{
$ical_array = array();
global $DO_USER_TIME_OFFSET, $timedate, $current_user;
global $DO_USER_TIME_OFFSET, $timedate;

$DO_USER_TIME_OFFSET = true;
if (empty($GLOBALS['current_user']) || empty($GLOBALS['current_user']->id)) {
Expand All @@ -138,11 +138,11 @@ public function create_sugar_freebusy($user_bean, $start_date_time, $end_date_ti
// loop thru each activity, get start/end time in UTC, and return FREEBUSY strings
foreach ($acts_arr as $act) {
if (empty($act->start_time)) {
$startTime = $timedate->fromUser($act->sugar_bean->date_start, $user_bean);
$act->start_time = $timedate->fromUser($act->sugar_bean->date_start, $user_bean);
}

if (empty($act->end_time)) {
$endTime = $timedate->fromUser($act->sugar_bean->date_finish, $user_bean);
$act->end_time = $timedate->fromUser($act->sugar_bean->date_finish, $user_bean);
}

$ID = $act->sugar_bean->id;
Expand Down
4 changes: 2 additions & 2 deletions suitecrm_version.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@
die('Not A Valid Entry Point');
}

$suitecrm_version = '7.12.4';
$suitecrm_timestamp = '2022-02-10 12:00:00';
$suitecrm_version = '7.12.5';
$suitecrm_timestamp = '2022-03-01 12:00:00';
7 changes: 7 additions & 0 deletions tests/unit/phpunit/modules/Employees/EmployeeTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,8 @@ public function testcreate_export_query(): void
{
$employee = BeanFactory::newBean('Employees');

global $current_user;
$current_user->is_admin = '1';
//test with empty string params
$expected = "SELECT id, user_name, first_name, last_name, description, date_entered, date_modified, modified_user_id, created_by, title, department, is_admin, phone_home, phone_mobile, phone_work, phone_other, phone_fax, address_street, address_city, address_state, address_postalcode, address_country, reports_to_id, portal_only, status, receive_notifications, employee_status, messenger_id, messenger_type, is_group FROM users WHERE users.deleted = 0 ORDER BY users.user_name";
$actual = $employee->create_export_query('', '');
Expand All @@ -137,6 +139,11 @@ public function testcreate_export_query(): void
$expected = "SELECT id, user_name, first_name, last_name, description, date_entered, date_modified, modified_user_id, created_by, title, department, is_admin, phone_home, phone_mobile, phone_work, phone_other, phone_fax, address_street, address_city, address_state, address_postalcode, address_country, reports_to_id, portal_only, status, receive_notifications, employee_status, messenger_id, messenger_type, is_group FROM users WHERE users.user_name=\"\" AND users.deleted = 0 ORDER BY users.id";
$actual = $employee->create_export_query('users.id', 'users.user_name=""');
self::assertSame($expected, $actual);

$current_user->is_admin = '0';
$this->expectException(RuntimeException::class);
$employee->create_export_query('', '');

}

public function testpreprocess_fields_on_save(): void
Expand Down
10 changes: 8 additions & 2 deletions tests/unit/phpunit/modules/Users/UserTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -683,16 +683,22 @@ public function testcreate_export_query(): void
{
$user = BeanFactory::newBean('Users');

global $current_user;
$current_user->is_admin = '1';
//test with empty string params
$expected = "SELECT id, user_name, first_name, last_name, description, date_entered, date_modified, modified_user_id, created_by, title, department, is_admin, phone_home, phone_mobile, phone_work, phone_other, phone_fax, address_street, address_city, address_state, address_postalcode, address_country, reports_to_id, portal_only, status, receive_notifications, employee_status, messenger_id, messenger_type, is_group FROM users WHERE users.deleted = 0 AND users.is_admin=0 ORDER BY users.user_name";
$expected = "SELECT id, user_name, first_name, last_name, description, date_entered, date_modified, modified_user_id, created_by, title, department, is_admin, phone_home, phone_mobile, phone_work, phone_other, phone_fax, address_street, address_city, address_state, address_postalcode, address_country, reports_to_id, portal_only, status, receive_notifications, employee_status, messenger_id, messenger_type, is_group FROM users WHERE users.deleted = 0 ORDER BY users.user_name";
$actual = $user->create_export_query('', '');
self::assertSame($expected, $actual);


//test with valid string params
$expected = "SELECT id, user_name, first_name, last_name, description, date_entered, date_modified, modified_user_id, created_by, title, department, is_admin, phone_home, phone_mobile, phone_work, phone_other, phone_fax, address_street, address_city, address_state, address_postalcode, address_country, reports_to_id, portal_only, status, receive_notifications, employee_status, messenger_id, messenger_type, is_group FROM users WHERE user_name=\"\" AND users.deleted = 0 AND users.is_admin=0 ORDER BY id";
$expected = "SELECT id, user_name, first_name, last_name, description, date_entered, date_modified, modified_user_id, created_by, title, department, is_admin, phone_home, phone_mobile, phone_work, phone_other, phone_fax, address_street, address_city, address_state, address_postalcode, address_country, reports_to_id, portal_only, status, receive_notifications, employee_status, messenger_id, messenger_type, is_group FROM users WHERE user_name=\"\" AND users.deleted = 0 ORDER BY id";
$actual = $user->create_export_query('id', 'user_name=""');
self::assertSame($expected, $actual);

$current_user->is_admin = '0';
$this->expectException(RuntimeException::class);
$user->create_export_query('', '');
}


Expand Down

0 comments on commit e93b269

Please sign in to comment.