/**
* Does user has sufficient permission for view/edit activity record.
*
* @param int $activityId
* Activity record id.
* @param int $action
* Edit/view.
*
* @return bool
*/
public static function checkPermission($activityId, $action)
{
$allow = FALSE;
if (!$activityId || !in_array($action, array(CRM_Core_Action::UPDATE, CRM_Core_Action::VIEW))) {
return $allow;
}
$activity = new CRM_Activity_DAO_Activity();
$activity->id = $activityId;
if (!$activity->find(TRUE)) {
return $allow;
}
// Component related permissions.
$compPermissions = array('CiviCase' => array('administer CiviCase', 'access my cases and activities', 'access all cases and activities'), 'CiviMail' => array('access CiviMail'), 'CiviEvent' => array('access CiviEvent'), 'CiviGrant' => array('access CiviGrant'), 'CiviPledge' => array('access CiviPledge'), 'CiviMember' => array('access CiviMember'), 'CiviReport' => array('access CiviReport'), 'CiviContribute' => array('access CiviContribute'), 'CiviCampaign' => array('administer CiviCampaign'));
// Return early when it is case activity.
$isCaseActivity = CRM_Case_BAO_Case::isCaseActivity($activityId);
// Check for civicase related permission.
if ($isCaseActivity) {
$allow = FALSE;
foreach ($compPermissions['CiviCase'] as $per) {
if (CRM_Core_Permission::check($per)) {
$allow = TRUE;
break;
}
}
// Check for case specific permissions.
if ($allow) {
$oper = 'view';
if ($action == CRM_Core_Action::UPDATE) {
$oper = 'edit';
}
$allow = CRM_Case_BAO_Case::checkPermission($activityId, $oper, $activity->activity_type_id);
}
return $allow;
}
// First check the component permission.
$sql = "\n SELECT component_id\n FROM civicrm_option_value val\nINNER JOIN civicrm_option_group grp ON ( grp.id = val.option_group_id AND grp.name = %1 )\n WHERE val.value = %2";
$params = array(1 => array('activity_type', 'String'), 2 => array($activity->activity_type_id, 'Integer'));
$componentId = CRM_Core_DAO::singleValueQuery($sql, $params);
if ($componentId) {
$componentName = CRM_Core_Component::getComponentName($componentId);
$compPermission = CRM_Utils_Array::value($componentName, $compPermissions);
// Here we are interesting in any single permission.
if (is_array($compPermission)) {
foreach ($compPermission as $per) {
if (CRM_Core_Permission::check($per)) {
$allow = TRUE;
break;
}
}
}
}
// Check for this permission related to contact.
$permission = CRM_Core_Permission::VIEW;
if ($action == CRM_Core_Action::UPDATE) {
$permission = CRM_Core_Permission::EDIT;
}
$activityContacts = CRM_Core_OptionGroup::values('activity_contacts', FALSE, FALSE, FALSE, NULL, 'name');
$sourceID = CRM_Utils_Array::key('Activity Source', $activityContacts);
$assigneeID = CRM_Utils_Array::key('Activity Assignees', $activityContacts);
$targetID = CRM_Utils_Array::key('Activity Targets', $activityContacts);
// Check for source contact.
if (!$componentId || $allow) {
$sourceContactId = self::getActivityContact($activity->id, $sourceID);
// Account for possibility of activity not having a source contact (as it may have been deleted).
if ($sourceContactId) {
$allow = CRM_Contact_BAO_Contact_Permission::allow($sourceContactId, $permission);
}
}
// Check for target and assignee contacts.
if ($allow) {
// First check for supper permission.
$supPermission = 'view all contacts';
if ($action == CRM_Core_Action::UPDATE) {
$supPermission = 'edit all contacts';
}
$allow = CRM_Core_Permission::check($supPermission);
// User might have sufficient permission, through acls.
if (!$allow) {
$allow = TRUE;
// Get the target contacts.
$targetContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $targetID);
foreach ($targetContacts as $cnt => $contactId) {
if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) {
$allow = FALSE;
break;
}
}
// Get the assignee contacts.
if ($allow) {
$assigneeContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $assigneeID);
foreach ($assigneeContacts as $cnt => $contactId) {
if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) {
$allow = FALSE;
break;
}
}
}
}
}
return $allow;
}
/**
* Browse all price sets
*
* @param string $action the action to be invoked
*
* @return void
* @access public
*/
function browse($action = NULL)
{
// get all price sets
$priceSet = array();
$comps = array('CiviEvent' => ts('Event'), 'CiviContribute' => ts('Contribution'), 'CiviMember' => ts('Membership'));
$dao = new CRM_Price_DAO_PriceSet();
if (CRM_Price_BAO_PriceSet::eventPriceSetDomainID()) {
$dao->domain_id = CRM_Core_Config::domainID();
}
$dao->is_quick_config = 0;
$dao->find();
while ($dao->fetch()) {
$priceSet[$dao->id] = array();
CRM_Core_DAO::storeValues($dao, $priceSet[$dao->id]);
$compIds = explode(CRM_Core_DAO::VALUE_SEPARATOR, CRM_Utils_Array::value('extends', $priceSet[$dao->id]));
$extends = array();
//CRM-10225
foreach ($compIds as $compId) {
if (!empty($comps[CRM_Core_Component::getComponentName($compId)])) {
$extends[] = $comps[CRM_Core_Component::getComponentName($compId)];
}
}
$priceSet[$dao->id]['extends'] = implode(', ', $extends);
// form all action links
$action = array_sum(array_keys($this->actionLinks()));
// update enable/disable links depending on price_set properties.
if ($dao->is_reserved) {
$action -= CRM_Core_Action::UPDATE + CRM_Core_Action::DISABLE + CRM_Core_Action::ENABLE + CRM_Core_Action::DELETE + CRM_Core_Action::COPY;
} else {
if ($dao->is_active) {
$action -= CRM_Core_Action::ENABLE;
} else {
$action -= CRM_Core_Action::DISABLE;
}
}
$actionLinks = self::actionLinks();
//CRM-10117
if ($dao->is_reserved) {
$actionLinks[CRM_Core_Action::BROWSE]['name'] = 'View Price Fields';
}
$priceSet[$dao->id]['action'] = CRM_Core_Action::formLink($actionLinks, $action, array('sid' => $dao->id), ts('more'), FALSE, 'priceSet.row.actions', 'PriceSet', $dao->id);
}
$this->assign('rows', $priceSet);
}
/**
* Browse all price sets
*
* @param string $action the action to be invoked
*
* @return void
* @access public
*/
function browse($action = null)
{
// get all price sets
$priceSet = array();
require_once 'CRM/Core/Component.php';
$comps = array('CiviEvent' => ts('Event'), 'CiviContribute' => ts('Contribution'));
$dao = new CRM_Price_DAO_Set();
if (defined('CIVICRM_EVENT_PRICE_SET_DOMAIN_ID') && CIVICRM_EVENT_PRICE_SET_DOMAIN_ID) {
$dao->domain_id = CRM_Core_Config::domainID();
}
$dao->find();
while ($dao->fetch()) {
$priceSet[$dao->id] = array();
CRM_Core_DAO::storeValues($dao, $priceSet[$dao->id]);
$compIds = explode(CRM_Core_DAO::VALUE_SEPARATOR, CRM_Utils_Array::value('extends', $priceSet[$dao->id]));
$extends = array();
foreach ($compIds as $compId) {
$extends[] = $comps[CRM_Core_Component::getComponentName($compId)];
}
$priceSet[$dao->id]['extends'] = implode(', ', $extends);
// form all action links
$action = array_sum(array_keys($this->actionLinks()));
// update enable/disable links depending on price_set properties.
if ($dao->is_active) {
$action -= CRM_Core_Action::ENABLE;
} else {
$action -= CRM_Core_Action::DISABLE;
}
$priceSet[$dao->id]['action'] = CRM_Core_Action::formLink(self::actionLinks(), $action, array('sid' => $dao->id));
}
$this->assign('rows', $priceSet);
}
/**
* Does user has sufficient permission for view/edit activity record.
*
* @param int $activityId activity record id.
* @param int $action edit/view
*
* @return boolean $allow true/false
* @access public
*/
public function checkPermission($activityId, $action)
{
$allow = false;
if (!$activityId || !in_array($action, array(CRM_Core_Action::UPDATE, CRM_Core_Action::VIEW))) {
return $allow;
}
$activity = new CRM_Activity_DAO_Activity();
$activity->id = $activityId;
if (!$activity->find(true)) {
return $allow;
}
//component related permissions.
$compPermissions = array('CiviCase' => array('administer CiviCase', 'access my cases and activities', 'access all cases and activities'), 'CiviMail' => array('access CiviMail'), 'CiviEvent' => array('access CiviEvent'), 'CiviGrant' => array('access CiviGrant'), 'CiviPledge' => array('access CiviPledge'), 'CiviMember' => array('access CiviMember'), 'CiviReport' => array('access CiviReport'), 'CiviContribute' => array('access CiviContribute'), 'CiviCampaign' => array('administer CiviCampaign'));
//return early when it is case activity.
require_once 'CRM/Case/BAO/Case.php';
$isCaseActivity = CRM_Case_BAO_Case::isCaseActivity($activityId);
//check for civicase related permission.
if ($isCaseActivity) {
$allow = false;
foreach ($compPermissions['CiviCase'] as $per) {
if (CRM_Core_Permission::check($per)) {
$allow = true;
break;
}
}
//check for case specific permissions.
if ($allow) {
$oper = 'view';
if ($action == CRM_Core_Action::UPDATE) {
$oper = 'edit';
}
$allow = CRM_Case_BAO_Case::checkPermission($activityId, $oper, $activity->activity_type_id);
}
return $allow;
}
require_once 'CRM/Core/Permission.php';
require_once 'CRM/Contact/BAO/Contact/Permission.php';
//first check the component permission.
$sql = "\n SELECT component_id\n FROM civicrm_option_value val\nINNER JOIN civicrm_option_group grp ON ( grp.id = val.option_group_id AND grp.name = %1 )\n WHERE val.value = %2";
$params = array(1 => array('activity_type', 'String'), 2 => array($activity->activity_type_id, 'Integer'));
$componentId = CRM_Core_DAO::singleValueQuery($sql, $params);
if ($componentId) {
require_once 'CRM/Core/Component.php';
$componentName = CRM_Core_Component::getComponentName($componentId);
$compPermission = CRM_Utils_Array::value($componentName, $compPermissions);
//here we are interesting in any single permission.
if (is_array($compPermission)) {
foreach ($compPermission as $per) {
if (CRM_Core_Permission::check($per)) {
$allow = true;
break;
}
}
}
}
//check for this permission related to contact.
$permission = CRM_Core_Permission::VIEW;
if ($action == CRM_Core_Action::UPDATE) {
$permission = CRM_Core_Permission::EDIT;
}
//check for source contact.
if (!$componentId || $allow) {
$allow = CRM_Contact_BAO_Contact_Permission::allow($activity->source_contact_id, $permission);
}
//check for target and assignee contacts.
if ($allow) {
//first check for supper permission.
$supPermission = 'view all contacts';
if ($action == CRM_Core_Action::UPDATE) {
$supPermission = 'edit all contacts';
}
$allow = CRM_Core_Permission::check($supPermission);
//user might have sufficient permission, through acls.
if (!$allow) {
$allow = true;
//get the target contacts.
$targetContacts = CRM_Activity_BAO_ActivityTarget::retrieveTargetIdsByActivityId($activity->id);
foreach ($targetContacts as $cnt => $contactId) {
if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) {
$allow = false;
break;
}
}
//get the assignee contacts.
if ($allow) {
$assigneeContacts = CRM_Activity_BAO_ActivityAssignment::retrieveAssigneeIdsByActivityId($activity->id);
foreach ($assigneeContacts as $cnt => $contactId) {
if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) {
$allow = false;
break;
}
}
}
}
}
return $allow;
}
