vTiger Web 服务:执行操作的权限被拒绝查询

vTiger web services: Permission to perform the operation is denied for query

我正在使用 vTiger Web 服务通过查询检索包含我的联系人的 VtigerObjects 数组。我正在按照此处给出的说明进行操作:

https://wiki.vtiger.com/index.php/Webservices_tutorials

到目前为止,我得到了一个可以用来登录的质询令牌,所以这是有效的。但是从我尝试通过查询获取数据的那一刻起,我收到以下错误:

"Permission to perform the operation is denied for query"

我是管理员,应该有所有权限吧?这是我的代码,希望有人能帮助我?

$username = 'xxxxxxxxxx';
$userAccessKey = 'xXxXxXxXxXxXxX';

//Create HTTP Client and set url and parameters
$client = new Zend_Http_Client();
$client->setUri('https://example.com/webservice.php');
$client->setParameterGet(array(
    'operation' => 'getchallenge', 
    'username' => $username
));

// Get Response (and decode)
$response = $client->request('GET');
$jsonResponse = Zend_Json::decode($response->getBody());

// Check if operation was successful
if ($jsonResponse['success'] == false)
    die('getchallenge failed:'.$jsonResponse['error']['errorMsg']);

// Get token from response
$challengeToken = $jsonResponse['result']['token'];


//create md5 string concatenating user accesskey from my preference page 
//and the challenge token obtained from get challenge result. 
$generatedKey = md5($challengeToken.$userAccessKey);

//Create HTTP Client and set url and parameters
$client->setUri('https://example.com/webservice.php');
$client->setParameterPost(array(
    'operation' => 'login',
    'username' => $username,
    'accessKey' => $generatedKey
), true);

// Get Response (and decode)
$response = $client->request('POST');
$jsonResponse = Zend_JSON::decode($response->getBody());

// Check if operation was successful
if($jsonResponse['success']==false)
    die('login failed:'.$jsonResponse['error']['errorMsg']);

$session = $jsonResponse['result']['sessionName'];


// Query to select contacts
$query = "select * from contacts";

// Urlencode the query
$encodedQuery = urlencode($query);

//Create HTTP Client and set url and parameters
$client->setUri('https://example.com/webservice.php');
$client->setParameterGet(array(
    'operation' => 'query',
    'sessionName' => $session,
    'query' => $encodedQuery
));

// Get Response (and decode)
$response = $client->request('GET');
$jsonResponse = Zend_JSON::decode($response->getBody());

// Check if operation was successful
if($jsonResponse['success']==false)
    die('query failed:'.$jsonResponse['errorMsg']);

// Return contacts
$retrievedObjects = $jsonResponse['result'];

不要对您的查询进行编码,只需这样做:

// Query to select contacts
$query = "select * from Contacts";

//Create HTTP Client and set url and parameters
$client->setUri('https://example.com/webservice.php');
$client->setParameterGet(array(
    'operation' => 'query',
    'sessionName' => $session,
    'query' => $query
));

我猜 vTiger Web 服务的官方文档是错误的..

我的这段代码工作正常使用这个

<?php

function call($url, $params, $type = "GET") {
    $is_post = 0;
    if ($type == "POST") {
        $is_post = 1;
        $post_data = $params;
    } else {
        $url = $url . "?" . http_build_query($params);
    }
    $ch = curl_init($url);
    if (!$ch) {
        die("Cannot allocate a new PHP-CURL handle");
    }
    if ($is_post) {
        curl_setopt($ch, CURLOPT_POST, $is_post);
        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params));
    }

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $data = curl_exec($ch);

    $return = null;
    if (curl_error($ch)) {
        $return = false;
    } else {
        $return = json_decode($data, true);
    }

    curl_close($ch);

    return $return;
}

$endpointUrl = 'http://url/vtigercrm/webservice.php';
$userName = 'admin';
$userAccessKey = 'dsddsdsdsds';

$sessionData = call($endpointUrl, array("operation" => "getchallenge", "username" => $userName));
$challengeToken = $sessionData['result']['token'];
$generatedKey = md5($challengeToken . $userAccessKey);
$dataDetails = call($endpointUrl, array("operation" => "login", "username" => $userName, "accessKey" => $generatedKey), "POST");

$query = "SELECT * FROM Contacts WHERE cf_771='ajay' and cf_781='ajay';";
$queryParam = urldecode($query);

$sessionid = $dataDetails['result']['sessionName'];
$getUserDetail = call($endpointUrl, array("operation" => "query", "sessionName" => $sessionid, 'query' => $query));
echo "<pre>";
print_r($getUserDetail);
echo "</pre>";
if (!empty($getUserDetail['result'])) {
    echo "success!!!!";
} else {
    echo "fail!!!!";
}
?>

在使用 httpful 解决这个问题后,我最终意识到,在那种情况下,您 do 需要对查询进行编码,因此:

// vTiger: GET Query
// http://vtiger_url/webservice.php?operation=query&sessionName=[session id]&query=[query string] 

$query = urlencode("SELECT * FROM Leads;");
$uri = $vTiger_uri . "?operation=query&sessionName=" . $sessionName . "&query=" . $query;
$response_j = \Httpful\Request::get($uri)->send();

$response = json_decode($response_j, true);

echo "<p>Query: " . $query . "</p>";
echo "<pre>";
print_r($response);
echo "</pre>";