by eggsurplus

Control what your users can access and save time, money, and frustrations. Lock down sensitive data in SugarCRM or SuiteCRM to specific groups or teams. Supports unlimited assigned users, unlimited group assignments to records, custom layouts for each group, login/sudo capabilities and much more.

Cancel at any time!
Free Trial

#2258 - SuiteCRM - Choose PDF Template PopUp doesn't respect SecurityGroups

In Progress Bug? created by Lion Solution Verified Purchase 3 years ago

Hi, on a SuiteCRM 7.6.3 when i try to "print as PDF" a Quote, an Invoice and so on, you are faced with a "Choose PDF Template PopUp"
I noticed that it doesn't respect SecurityGroups settings.

i think it's related to
/modules/AOS_Quotes/views/view.detail.php > function displayPopupHtml()

How have i to do?

Thanks in advance

  1. MayerElyashiv member avatar

    Lion Solution Verified Purchase

    3 years ago

    function populateQuoteTemplates(){
            global $app_list_strings, $current_user;

        **$sql = "SELECT id, name FROM aos_pdf_templates WHERE deleted=0 AND type='AOS_Quotes' AND active = 1";**
    
        $res = $this->bean->db->query($sql);
    
        $app_list_strings['template_ddown_c_list'] = array();
        while($row = $this->bean->db->fetchByAssoc($res)){
            if($row['id']){
                $app_list_strings['template_ddown_c_list'][$row['id']] = $row['name'];
            }
        }
    }
    
    function displayPopupHtml(){
        global $app_list_strings,$app_strings, $mod_strings;
        $templates = array_keys($app_list_strings['template_ddown_c_list']);
        if($templates){
    
        echo '  <div id="popupDiv_ara" style="display:none;position:fixed;top: 39%; left: 41%;opacity:1;z-index:9999;background:#FFFFFF;">
                <form id="popupForm" action="index.php?entryPoint=generatePdf" method="post">
                <table style="border: #000 solid 2px;padding-left:40px;padding-right:40px;padding-top:10px;padding-bottom:10px;font-size:110%;" >
                    <tr height="20">
                        <td colspan="2">
                        <b>'.$app_strings['LBL_SELECT_TEMPLATE'].':-</b>
                        </td>
                    </tr>';
            foreach($templates as $template){
                if(!$template){
                    continue;
    
                }
    

    ...

    }

  2. MayerElyashiv member avatar

    Lion Solution Verified Purchase

    3 years ago

    I'm not good at formatting my posts here,...

  3. eggsurplus member avatar

    eggsurplus Provider Affiliate

    3 years ago

    Hi Mayer,

    You would need to add the SecuritySuite logic to append some conditions to the SQL. An example that you can follow is in data/SugarBean.php->create_new_list_query(). Look for the Security Groups code block.

This case is public. Please leave out any sensitive information such as URLs, passwords, etc.
Saving Comment Saving Comment...
Rating
Rating
  • "The perfect solution for managing security. Very stable and easy to implement. Must-have add-on for every CE implementation!"

    Read More Reviews

Keep up to date on the latest additions

We'll send you an email every month with handpicked add-ons, reviews, tricks and tips. Don't worry, we hate spam as much as you do.