Hi Team,
We are running suitecrm on 7.7.6 version.We have few users which have “show on employees” checkbox unchecked,also we have enabled employees module in the global search.
Now when we search an user it results employee record as well from the global search even though show on employees checkbox is unchecked.
Could anyone guide me to stop resulting employees when the “show on employees” is unchecked at users module.
Thanks for your time.
Regards,
Sravani
This might help you get more confused:
https://pgorod.github.io/Concepts-Users-Employees/
Now, I wrote all that, and I wasn’t even aware that there was such a thing as “show on employees” checkbox. :dry:
It is not simple to change what happens in the global search, to add that restriction. I found only one relevant example:
https://community.sugarcrm.com/thread/23689
But that sounds difficult to achieve and doesn’t really explain any details, I am afraid…
Hey pgr,
I managed to achieve this customising the standard file however this is not upgrade safe ,
Below is my solution, hope if this helps anyone.
modified the below code at modules/Home/UnifiedSearchAdvanced.php around 324 line
commented below standard code
if (count($where_clauses) > 0)
{
$where = '(('. implode(' ) OR ( ', $where_clauses) . '))';
}and updated as below
if (count($where_clauses) > 0)
{
//custom code for listing only employees with user kind as employee at the global search
if($moduleName!='Employees'){
$where = '(('. implode(' ) OR ( ', $where_clauses) . '))';
}
else{
$where_additional = "and users.show_on_employees = 1'";
$where = '(('. implode(' ) OR ( ', $where_clauses) . '))'.$where_additional;
}
//end -custom code for listing only employees with user kind as employee at the global search
}Thanks,
Sravani
Nice work! B-)
I had a look at that code and I have an idea to make it generic. Then we could put it into core code 
Suppose you would add a line to the searchdefs, to make them look like this:
$searchdefs['Employees'] = array(
'additionalWhereClauses' => 'and users.show_on_employees = 1',
'templateMeta' => array('maxColumns' => '3', 'maxColumnsBasic' => '4',
'widths' => array('label' => '10', 'field' => '30'),
),
'layout' => array(
(...etc...)
And then in modules/Home/UnifiedSearchAdvanced.php around line 324 you would check the searchdefs and add the value there if it exists.
So this would be a great addition, allowing for generic where clauses to be added to Global search, for any module, based on a simple parameter in a definitions file.
What happens when:
count($where_clauses) <= 0and you still want to check for the additional where clause?
Is there elsewhere in the code a place where the WHERE clause is set to NULL or something else?
Two more suggestions:
. since the standard code wraps each WHERE clause within parentheses, I would do the same for the additional WHERE clause.
. the modified code uses AND, while the standard uses OR: in both cases it is not possible to customise OR or AND. (a lot more complex to implement though)
@amariussi you are right that to handle this, the query construction needs to be a bit better designed, although I don’t think it needs to be very complicated in order to be useful.
I think that joining with OR is the correct thing here, because it adds to the results; then you can use AND inside your clauses if you need.
I just noticed that this is for Basic search, isn’t it? You’re not using Lucene advanced search?
And how did you enable “Employees” module in Global Search? In Admin /Global search settings I don’t see that module…
I’ve been playing with this and a generic solution that works is like this:
https://github.com/pgorod/SuiteCRM/commit/8c6de3a59e26d46b97caba9babc1cabe25adccb4
You can use AND or OR as you prefer, inside the clause itself. The clause can contain sub-clauses, no problem.
The string {1} will get replaced by the query string (whatever the user searched for). This is useful so that you can add more results to the search in specific modules. In my example (in the comment on top of that commit) will let you search for phone numbers by prefix, typing just 337 and it will search for (337)%
Do you guys think this is interesting enough that I should open a PR to add this feature?
Have you tested it? succesfully
Pedro,
I think that it could be useful but at the same time it would open a security issue since you are actually allowing to enter some code that, instead of being limited to its purpose, could go well beyond and potentially do anything to the system.
This would also require some little documentation (not complicated though).
If you mean the clause itself, anybody with access to searchdefs.php, or any PHP file that gets included, is already owner of the system. It’s game over for the good guys, at that point.
So I don’t think this is different from this kind of thing:
But you are right that more care would need to be taken for the trick with the “{1}” argument. That is user input and would need to be sanitized, basically throwing away anything that isn’t a simple string, or that has trick-characters (quotes, brackets, etc). We have a function called “quote” in our DBManager classes that does that, I believe.
But that is not finished code, for now I am just asking about if this is practical and works, I can tighten up security when I make a PR.
I am always in favour of additional features! So, from my side, it’s definitely a YES!