Here's how you do it:
Let's say you only want people from a specific group to be able to change the status of a SalesOrder when it is set to a specific status. For instance, if that status is 'Waiting for payment', you only want certain people to be able to 'release' that order.
FIRST
You create a businessmap of the 'Validation' type, for SalesOrders:
You specify you want to keep an eye on the sostatus field and that you want to use a custom rule. You need 4 restriction parameters:
You create the file, with the function:
This function will receive four parameters:
Returning false will show the user an alert with the message from the language file that has the key you set in the business map (last restriction).
Let's say you only want people from a specific group to be able to change the status of a SalesOrder when it is set to a specific status. For instance, if that status is 'Waiting for payment', you only want certain people to be able to 'release' that order.
FIRST
You create a businessmap of the 'Validation' type, for SalesOrders:
Code:
<map>
<originmodule>
<originname>SalesOrder</originname>
</originmodule>
<fields>
<field>
<fieldname>sostatus</fieldname>
<validations>
<validation>
<rule>custom</rule>
<restrictions>
<restriction>modules/SalesOrder/mySalesOrderValidation.php</restriction>
<restriction>CanThisUserDoThis</restriction>
<restriction>checkPaymentStatusGroup</restriction>
<restriction>LBL_NOT_ALLOWED_STATUS_ONLY_GROUP</restriction>
</restrictions>
</validation>
</validations>
</field>
</fields>
</map>- Where the file is that your validation function is in
- A name for your validation, doesn't really matter
- The name of the function you defined in that file
- The array key in the language file in SalesOrders (can also be a custom lang file) where your message lives (that will be shown when the validation fails)
You create the file, with the function:
PHP Code:
function checkPaymentStatusGroup($fieldname, $fieldvalue, $params, $entity) {
global $adb, $current_user, $log;
$current_status = $entity['current_sostatus'];
$q = "SELECT vtiger_groups.groupname FROM vtiger_groups INNER JOIN vtiger_users2group ON vtiger_groups.groupid = vtiger_users2group.groupid WHERE vtiger_users2group.userid = ?";
$p = array($current_user->id);
$r = $adb->pquery($q, $p);
$groups = array();
while ($groupname = $adb->fetch_array($r)) {
$groups[] = $groupname['groupname'];
}
if (!in_array('Payment Checking Group', $groups) && $current_status == 'Waiting for payment' && $entity['sostatus'] != 'Waiting for payment') {
return false;
} else {
return true;
}
}
- The fieldname of the field that was edited. Not very usefull, you created the Map for that field so you already know the name
- The fieldvalue that a user is TRYING to save
- an empty array
- The record you are saving (array). This has some interesting features:
- A 'record' key, that holds the crm ID of the record you are editing.
- A 'from_link' key, that holds the view (e.g. DetailView)
- Also things like the 'convertmode', 'action', 'return_action' and such
- Best of all, ALL the current fields of the record, prefixed with 'current_'. So for instance, the current SalesOrder status would be in 'current_sostatus'.
Returning false will show the user an alert with the message from the language file that has the key you set in the business map (last restriction).