mirror of
https://github.com/SuiteCRM/SuiteCRM-Core.git
synced 2025-08-29 04:21:06 +08:00
2473298dc6
f058c4c306 Fix #9106 - Update securexss for backwards compatibility 05471a51f3 Update composer.lock dee3305fce 7.11.19 0952712425 Fix Calender display issues in FullCalender 3.10 91bfb1cf3a Fix #7999 - Prevent securitygroups mass assign damage e36e1a52f5 Fix #5624 - Make SWSPEditRoleButton::displayList compatible w. parent 8265b5e29b Fix #8571 - Remove duplicate code in users detailviewdefs f63f05a4a2 Fix #8514 - Implement effective opcache file clearing 5e671f3b1b Fix #8461, #8462 - PHP files are potentially overwritten 0b18500b42 Fix #8700 - Various problems in PHPDocs throughout the codebase. 25dce7954d Fix #9067 - Fix the drop down width 28eecb4198 Add Additional api filter option `like` 8b5a152f7f Add filters in relationship API 7a92e5ec8a Add Relationship Beans in V8 API Response c192ccdf2e Fix #9090 - User menu alignment 466f2d96e7 Fix #6051 - Modulebuilder labels edit fixes fe5ed90fd9 Update JQuery JS Library to v3.6.0 e0382c1a6c Update FullCalendar JS Library to v3.10.2 86882a4d4f Update YUI JS Library to 2.9.1 540245494b Fix #8999 - Hardcoded 'by' label in calls e4f3c6a2fb Fix #9034 - Business Hours does not work in non-english languages b0a51cc667 Fix #8910 - Update the V8 Api to allow for upload of documents similar to notes 8408cd8e91 Fix #9010 - Add missing 'view task' label on calendar faa46f5a4c Fix #8894 - Add missing label for calendar dashlet 5905f3d308 Fix #9032 - Prevent Notice Error During Import 5c9e8700ba Fix #8182 - Update updateTimeDateFields to handle undefined dates fc3dd03386 Fix #9075 - Removing deleted related beans via link 039d9a69d2 Fix #8988 - Improve upon solution which doesn't cache incomplete beans f562c57c8d Fix #7772 - Only index ElasticSearch when enabled dd1a5bc244 Fix #9101 LangText exception breaking ElasticSearch 0c861d3f1a Fix #8472 - No or not complete Searchresults using elasticsearch engine e4e884667c Fix #6800 - Elasticsearch: Elastic index name is hardcoded e525634d7b Fix #8916 - Misspelled elasticsearch labels 28d7afaa59 Fix #9080 - Update config for google/apiclient at composer.json 66bd8998ec Fix #9060 - Project Form action should not be changed if delete is not confirmed 06195fe5f1 Fix #8676 - New Scheduled Reports does not run 89341758e2 Fix #2645 - Calendar quick create ignores required fields a329377bc0 Deprecate PdfParser e5c03ad198 Deprecate advanced open discovery (AOD) git-subtree-dir: public/legacy git-subtree-split: f058c4c3062e7fff72cc2b62440bf064a63e6843
266 lines
9 KiB
PHP
Executable file
266 lines
9 KiB
PHP
Executable file
<?php
|
|
/**
|
|
*
|
|
* SugarCRM Community Edition is a customer relationship management program developed by
|
|
* SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
|
|
*
|
|
* SuiteCRM is an extension to SugarCRM Community Edition developed by SalesAgility Ltd.
|
|
* Copyright (C) 2011 - 2018 SalesAgility Ltd.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify it under
|
|
* the terms of the GNU Affero General Public License version 3 as published by the
|
|
* Free Software Foundation with the addition of the following permission added
|
|
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
|
|
* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
|
|
* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
|
|
*
|
|
* This program is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
|
|
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
|
|
* details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License along with
|
|
* this program; if not, see http://www.gnu.org/licenses or write to the Free
|
|
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
* 02110-1301 USA.
|
|
*
|
|
* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
|
|
* SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
|
|
*
|
|
* The interactive user interfaces in modified source and object code versions
|
|
* of this program must display Appropriate Legal Notices, as required under
|
|
* Section 5 of the GNU Affero General Public License version 3.
|
|
*
|
|
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
|
|
* these Appropriate Legal Notices must retain the display of the "Powered by
|
|
* SugarCRM" logo and "Supercharged by SuiteCRM" logo. If the display of the logos is not
|
|
* reasonably feasible for technical reasons, the Appropriate Legal Notices must
|
|
* display the words "Powered by SugarCRM" and "Supercharged by SuiteCRM".
|
|
*/
|
|
|
|
|
|
require_once('include/externalAPI/Base/ExternalAPIPlugin.php');
|
|
require_once('include/externalAPI/Base/ExternalOAuthAPIPlugin.php');
|
|
require_once('include/connectors/sources/SourceFactory.php');
|
|
|
|
/**
|
|
* Base implementation for external API
|
|
* @api
|
|
*/
|
|
abstract class ExternalAPIBase implements ExternalAPIPlugin
|
|
{
|
|
public $account_name;
|
|
public $account_password;
|
|
public $authMethod = 'password';
|
|
public $useAuth = true;
|
|
public $requireAuth = true;
|
|
|
|
const APP_STRING_ERROR_PREFIX = 'ERR_EXTERNAL_API_';
|
|
protected $_appStringErrorPrefix = self::APP_STRING_ERROR_PREFIX;
|
|
|
|
/**
|
|
* Authorization data
|
|
* @var EAPM
|
|
*/
|
|
protected $authData;
|
|
|
|
/**
|
|
* Load authorization data
|
|
* @param EAPM $eapmBean
|
|
* @see ExternalAPIPlugin::loadEAPM()
|
|
*/
|
|
public function loadEAPM($eapmBean)
|
|
{
|
|
// FIXME: check if the bean is validated, if not, refuse it?
|
|
$this->eapmBean = $eapmBean;
|
|
if ($this->authMethod == 'password') {
|
|
$this->account_name = $eapmBean->name;
|
|
$this->account_password = $eapmBean->password;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Check login
|
|
* @param EAPM $eapmBean
|
|
* @see ExternalAPIPlugin::checkLogin()
|
|
*/
|
|
public function checkLogin($eapmBean = null)
|
|
{
|
|
if (!empty($eapmBean)) {
|
|
$this->loadEAPM($eapmBean);
|
|
}
|
|
|
|
if (!isset($this->eapmBean)) {
|
|
return array('success' => false);
|
|
}
|
|
|
|
return array('success' => true);
|
|
}
|
|
|
|
public function quickCheckLogin()
|
|
{
|
|
if (!isset($this->eapmBean)) {
|
|
return array('success' => false, 'errorMessage' => translate('LBL_ERR_NO_AUTHINFO', 'EAPM'));
|
|
}
|
|
|
|
if ($this->eapmBean->validated==0) {
|
|
return array('success' => false, 'errorMessage' => translate('LBL_ERR_NO_AUTHINFO', 'EAPM'));
|
|
}
|
|
|
|
return array('success' => true);
|
|
}
|
|
|
|
protected function getValue($value)
|
|
{
|
|
if (!empty($this->$value)) {
|
|
return $this->$value;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
public function logOff()
|
|
{
|
|
// Not sure if we should do anything.
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Does API support this method?
|
|
* @see ExternalAPIPlugin::supports()
|
|
*/
|
|
public function supports($method = '')
|
|
{
|
|
return $method==$this->authMethod;
|
|
}
|
|
|
|
protected function postData($url, $postfields, $headers)
|
|
{
|
|
$ch = curl_init($url);
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
$proxy_config = SugarModule::get('Administration')->loadBean();
|
|
$proxy_config->retrieveSettings('proxy');
|
|
|
|
if (!empty($proxy_config) &&
|
|
!empty($proxy_config->settings['proxy_on']) &&
|
|
$proxy_config->settings['proxy_on'] == 1) {
|
|
curl_setopt($ch, CURLOPT_PROXY, $proxy_config->settings['proxy_host']);
|
|
curl_setopt($ch, CURLOPT_PROXYPORT, $proxy_config->settings['proxy_port']);
|
|
if (!empty($proxy_settings['proxy_auth'])) {
|
|
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxy_settings['proxy_username'] . ':' . $proxy_settings['proxy_password']);
|
|
}
|
|
}
|
|
|
|
if ((is_array($postfields) && count($postfields) == 0) ||
|
|
empty($postfields)) {
|
|
curl_setopt($ch, CURLOPT_POST, false);
|
|
} else {
|
|
curl_setopt($ch, CURLOPT_POST, true);
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
|
|
}
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
|
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
|
|
|
|
$GLOBALS['log']->debug("ExternalAPIBase->postData Where: ".$url);
|
|
$GLOBALS['log']->debug("Headers:\n".print_r($headers, true));
|
|
// $GLOBALS['log']->debug("Postfields:\n".print_r($postfields,true));
|
|
$rawResponse = curl_exec($ch);
|
|
$GLOBALS['log']->debug("Got:\n".print_r($rawResponse, true));
|
|
|
|
return $rawResponse;
|
|
}
|
|
|
|
/**
|
|
* Get connector for this API
|
|
* @return source|null
|
|
*/
|
|
public function getConnector()
|
|
{
|
|
if (isset($this->connector)) {
|
|
if (empty($this->connector_source)) {
|
|
$this->connector_source = SourceFactory::getSource($this->connector, false);
|
|
$this->connector_source->setEAPM($this);
|
|
}
|
|
return $this->connector_source;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* Get parameter from source
|
|
* @param string $name
|
|
* @return mixed
|
|
*/
|
|
public function getConnectorParam($name)
|
|
{
|
|
$connector = $this->getConnector();
|
|
if (empty($connector)) {
|
|
return null;
|
|
}
|
|
return $connector->getProperty($name);
|
|
}
|
|
|
|
|
|
/**
|
|
* formatCallbackURL
|
|
*
|
|
* This function takes a callback_url and checks the $_REQUEST variable to see if
|
|
* additional parameters should be appended to the callback_url value. The $_REQUEST variables
|
|
* that are being checked deal with handling the behavior of closing/hiding windows/tabs that
|
|
* are displayed when prompting for OAUTH validation
|
|
*
|
|
* @param string $callback_url value of callback URL
|
|
* @return string value of URL with applicable formatting
|
|
*/
|
|
protected function formatCallbackURL($callback_url)
|
|
{
|
|
// This is a tweak so that we can automatically close windows if requested by the external account system
|
|
if (isset($_REQUEST['closeWhenDone']) && $_REQUEST['closeWhenDone'] == 1) {
|
|
$callback_url .= '&closeWhenDone=1';
|
|
}
|
|
|
|
//Pass back the callbackFunction to call on the window.opener object
|
|
if (!empty($_REQUEST['callbackFunction'])) {
|
|
$callback_url .= '&callbackFunction=' . $_REQUEST['callbackFunction'];
|
|
}
|
|
|
|
//Pass back the id of the application that triggered this oauth login
|
|
if (!empty($_REQUEST['application'])) {
|
|
$callback_url .= '&application=' . $_REQUEST['application'];
|
|
}
|
|
|
|
//Pass back the id of the application that triggered this oauth login
|
|
if (!empty($_REQUEST['refreshParentWindow'])) {
|
|
$callback_url .= '&refreshParentWindow=' . $_REQUEST['refreshParentWindow'];
|
|
}
|
|
|
|
return $callback_url;
|
|
}
|
|
|
|
/**
|
|
* Allow API clients to provide translated language strings for a given error code
|
|
*
|
|
* @param unknown_type $error_numb
|
|
*/
|
|
protected function getErrorStringFromCode($error_numb)
|
|
{
|
|
$language_key = $this->_appStringErrorPrefix . $error_numb;
|
|
if (isset($GLOBALS['app_strings'][$language_key])) {
|
|
return $GLOBALS['app_strings'][$language_key];
|
|
} else {
|
|
return $GLOBALS['app_strings']['ERR_EXTERNAL_API_SAVE_FAIL'];
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Determine if mime detection extensions are available.
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function isMimeDetectionAvailable()
|
|
{
|
|
return (function_exists('mime_content_type') || function_exists('ext2mime'));
|
|
}
|
|
}
|
