[英]vTiger webservice “ACCESS_DENIED : Permission to perform the operation is denied for id”
I want to add SalesOrder through vTiger webservice. 我想通过vTiger Web服务添加SalesOrder。 I'm using for this vtwsclib.
我正在使用此vtwsclib。 Here is the code:
这是代码:
<?php
include_once('vtwsclib/Vtiger/WSClient.php');
$url = 'http://localhost:8888';
$client = new Vtiger_WSClient($url);
$login = $client->doLogin('admin', 'zzzzzzzz');
if(!$login) echo 'Login Failed';
else {
$data = array(
'subject' => 'Test SalesOrder',
'sostatus' => 'Created',
'invoicestatus'=>'AutoCreated',
'account_id'=> '46', // Existing account id
'bill_street' => 'Bill Street',
'ship_street' => 'Ship Street',
);
$record = $client->doCreate('SalesOrder', $data);
$error = $client->lasterror();
if($error) {
echo $error['code'] . ' : ' . $error['message'];
}
if($record) {
$salesorderid = $client->getRecordId($record['id']);
}
}
?>
And I get only: "ACCESS_DENIED : Permission to perform the operation is denied for id". 而且我只会得到:“ ACCESS_DENIED:ID的执行权限被拒绝”。
Account_id exists in database. Account_id存在于数据库中。 Other SalesOrder was added with the same account_id but through webpage.
其他SalesOrder通过网页添加了相同的account_id。 I have also tried variant with accout_id = "6x46" where 6 is module_id.
我还尝试了accout_id =“ 6x46”的变体,其中6是module_id。 It also didn't work.
它也没有用。 Any ideas how to solve this problem?
任何想法如何解决这个问题?
I think you should be trying 11x46 for account id. 我认为您应该尝试使用11x46作为帐户ID。 Vtiger web services entity id's are different from tabids.
Vtiger Web服务实体ID与Tabid不同。
To get a correct list of all entity ids, execute this in your MySQL for the CRM: 要获取所有实体ID的正确列表,请在您的MySQL中为CRM执行此操作:
select id, name from vtiger_ws_entity;
Problem lies in vtiger documentation. 问题出在vtiger文档中。 add entityName parameter in GET request.
在GET请求中添加entityName参数。
var q = "select * from Users;";
"http://vtigercrm/webservice.php?operation=query&sessionName=ABC&entityName=XYZ&query="+q
This worked well for me. 这对我来说很好。 Although still couldn't understand that by giving any entityName or garbage string, program works !!!
尽管仍然无法理解通过提供任何entityName或垃圾字符串,程序仍能正常工作! Please comment if you know more about this.
如果您对此有更多了解,请发表评论。
This is a method that might helps you to generate query q
这是一种可以帮助您生成查询
q
"http://vtigercrm/webservice.php?operation=query&sessionName=ABC&query="+q
for exemple you expect : 例如,您期望:
SELECT * FROM INVOICE WEHRE id='72xxx';
you can do 你可以做
buildVtigerQuery('INVOICE', ['id' => '72xx']);
this is the function : 这是功能:
protected function buildQuery(
string $moduleName,
array $filterData = [],
string $attributes = '*',
int $start = 0,
int $limit = null
): string {
$query = 'SELECT ' . $attributes . ' FROM ' . $moduleName . ' ';
if (!empty($filterData)) {
$query .= 'WHERE ';
foreach ($filterData as $key => $value) {
$whereOperator = (is_numeric($value) === true) ? ' = ' : ' like ';
$value = (is_numeric($value) === true) ? $value : '%' . $value . '%';
$query .= $key . $whereOperator . '\'' . $value . '\'' . ' AND WHERE ';
}
}
if (substr($query, -11) === ' AND WHERE ') {
$query = substr_replace($query, "", -11);
}
if ((!is_null($limit)) && (0 < $start)) {
$query .= ' ORDER BY id LIMIT ' . $start . ',' . $limit;
}
if (!is_null($limit) && (0 >= $start)) {
$query .= ' ORDER BY id LIMIT ' . $limit;
}
return $query . ';';
}
i didn't take XSS injection into consideration because my expected query q
will be written in the url 我没有考虑XSS注入,因为我期望的查询
q
将写在url中
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.