/**
* TODO: How many checks do we need to do? Should we check to make sure the
* activity is the right type? That the cid and aid are associated? Seems like
* if you are messing with URL params you are kind of asking for trouble...
*/
function preProcess()
{
$this->_aid = CRM_Utils_Request::retrieve('aid', 'Positive', $this, FALSE);
$this->_cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this, FALSE);
$this->_vid = CRM_Utils_Request::retrieve('vid', 'Positive', $this, FALSE);
if (!CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::UPDATE, $this->_vid)) {
CRM_Utils_System::permissionDenied();
}
if (!$this->_aid && !($this->_cid && $this->_vid)) {
CRM_Core_Error::fatal("Form expects an activity ID or both a contact and a volunteer project ID.");
}
$check = array('Activity' => $this->_aid, 'Contact' => $this->_cid, 'VolunteerProject' => $this->_vid);
$errors = array();
foreach ($check as $entityType => $entityID) {
if (!$this->entityExists($entityType, $entityID)) {
$errors[] = "No {$entityType} with ID {$entityID} exists.";
}
}
if (count($errors)) {
CRM_Core_Error::fatal("Invalid parameter(s) passed to commendation form: " . implode(' ', $errors));
}
$contact_display_name = civicrm_api3('Contact', 'getvalue', array('id' => $this->_cid, 'return' => 'display_name'));
CRM_Utils_System::setTitle(ts('Commend %1', array(1 => $contact_display_name, 'domain' => 'org.civicrm.volunteer')));
parent::preProcess();
}
/**
* build all the data structures needed to build the form
*
* @return void
* @access public
*/
function preProcess()
{
$this->_vid = CRM_Utils_Request::retrieve('vid', 'Positive', $this, TRUE);
if (!CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::UPDATE, $this->_vid)) {
CRM_Utils_System::permissionDenied();
}
$this->_batchInfo['item_count'] = 50;
$params = array('project_id' => $this->_vid);
$this->_volunteerData = CRM_Volunteer_BAO_Assignment::retrieve($params);
$projects = CRM_Volunteer_BAO_Project::retrieve(array('id' => $this->_vid));
$project = $projects[$this->_vid];
$this->_entityID = $project->entity_id;
$this->_entityTable = $project->entity_table;
$this->_title = $project->title;
$this->_title .= ' ( ' . CRM_Utils_Date::customFormat($project->start_date);
$this->_start_date = $project->start_date;
if ($project->end_date) {
$this->_title .= ' - ' . CRM_Utils_Date::customFormat($project->end_date) . ' )';
} else {
$this->_title .= ' )';
}
/*
* Because CiviCRM's asset management framework isn't mature yet (e.g., adding
* assets to forms rendered in pop-ups using CRM_Core_Resources doesn't work),
* we pass a URL fragment to the template and include them via HTML.
*/
$this->assign('extResourceURL', CRM_Core_Resources::singleton()->getUrl('org.civicrm.volunteer'));
$this->assign('vid', $this->_vid);
}
/**
* Given a permission string or array, check for access requirements. For
* VOL-71, if this is a permissions-challenged Joomla instance, don't enforce
* CiviVolunteer-defined permissions.
*
* @param mixed $permissions The permission(s) to check as an array or string.
* See parent class for examples.
* @return boolean
*/
public static function check($permissions)
{
$permissions = (array) $permissions;
if (!CRM_Core_Config::singleton()->userPermissionClass->isModulePermissionSupported()) {
array_walk_recursive($permissions, function (&$v, $k) {
if (array_key_exists($v, CRM_Volunteer_Permission::getVolunteerPermissions())) {
$v = CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION;
}
});
}
return parent::check($permissions);
}
/**
* create a Volunteer Need
* takes an associative array and creates a Need object
*
* This function is invoked from within the web form layer and also from the api layer
*
* @param array $params (reference ) an assoc array of name/value pairs
*
* @return CRM_Volunteer_BAO_Need object
* @access public
* @static
*/
static function &create($params)
{
$projectId = CRM_Utils_Array::value('project_id', $params);
$op = CRM_Core_Action::UPDATE;
if (!empty($params['check_permissions']) && !CRM_Volunteer_Permission::checkProjectPerms($op, $projectId)) {
CRM_Utils_System::permissionDenied();
// FIXME: If we don't return here, the script keeps executing. This is not
// what I expect from CRM_Utils_System::permissionDenied().
return FALSE;
}
if (empty($params)) {
return;
}
$need = new CRM_Volunteer_DAO_Need();
$need->copyValues($params);
$need->save();
return $need;
}
/**
* Given a permission string or array, check for access requirements.
*
* @param mixed $permissions
* The permission(s) to check as an array or string. See parent class for examples.
* @return boolean
*/
public static function check($permissions)
{
$permissions = (array) $permissions;
$isModulePermissionSupported = CRM_Core_Config::singleton()->userPermissionClass->isModulePermissionSupported();
array_walk_recursive($permissions, function (&$v, $k) use($isModulePermissionSupported) {
// For VOL-71, if this is a permissions-challenged Joomla instance, don't
// enforce CiviVolunteer-defined permissions.
if (!$isModulePermissionSupported) {
if (array_key_exists($v, CRM_Volunteer_Permission::getVolunteerPermissions())) {
$v = CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION;
}
}
// Ensure that checks for "edit own" pass if user has "edit all."
if ($v === 'edit own volunteer projects' && self::check('edit all volunteer projects')) {
$v = CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION;
}
});
return parent::check($permissions);
}
/**
* This function returns supporting data for various JavaScript-driven interfaces.
*
* The purpose of this API is to provide limited access to general-use APIs to
* facilitate building user interfaces without having to grant users access to
* APIs they otherwise shouldn't be able to access.
*
* @param array $params
* @see _civicrm_api3_volunteer_util_getsupportingdata_spec()
* @return array
*/
function civicrm_api3_volunteer_util_getsupportingdata($params)
{
$results = array();
$controller = CRM_Utils_Array::value('controller', $params);
if ($controller === 'VolunteerProject') {
$relTypes = civicrm_api3('OptionValue', 'get', array('option_group_id' => CRM_Volunteer_BAO_ProjectContact::RELATIONSHIP_OPTION_GROUP));
$results['relationship_types'] = $relTypes['values'];
$results['phone_types'] = CRM_Core_OptionGroup::values("phone_type", FALSE, FALSE, TRUE);
$results['default_profile'] = civicrm_api3('UFGroup', 'getvalue', array("name" => "volunteer_sign_up", "return" => "id"));
}
if ($controller === 'VolOppsCtrl') {
$results['roles'] = CRM_Core_OptionGroup::values('volunteer_role', FALSE, FALSE, TRUE);
}
$results['use_profile_editor'] = CRM_Volunteer_Permission::check(array("access CiviCRM", "profile listings and forms"));
if (!$results['use_profile_editor']) {
$profiles = civicrm_api3('UFGroup', 'get', array("return" => "title", "sequential" => 1, 'options' => array('limit' => 0)));
$results['profile_list'] = $profiles['values'];
}
return civicrm_api3_create_success($results, "VolunteerUtil", "getsupportingdata", $params);
}
/**
* create a Volunteer Need
* takes an associative array and creates a Need object
*
* This function is invoked from within the web form layer and also from the api layer
*
* @param array $params (reference ) an assoc array of name/value pairs
*
* @return CRM_Volunteer_BAO_Need object
* @access public
* @static
*/
static function &create($params)
{
$need = new CRM_Volunteer_BAO_Need();
$need->copyValues($params);
$projectId = $need->getProjectId();
if ($projectId === FALSE) {
CRM_Core_Error::fatal('Missing required Need ID or Project ID');
}
// creating a Need constitutes updating a Project
$op = CRM_Core_Action::UPDATE;
if (!empty($params['check_permissions']) && !CRM_Volunteer_Permission::checkProjectPerms($op, $projectId)) {
CRM_Utils_System::permissionDenied();
// FIXME: If we don't return here, the script keeps executing. This is not
// what I expect from CRM_Utils_System::permissionDenied().
return FALSE;
}
if (empty($params)) {
return;
}
$need->save();
return $need;
}
/**
* Get a list of Projects matching the params.
*
* This function is invoked from within the web form layer and also from the
* API layer. Special params include:
* <ol>
* <li>project_contacts (@see CRM_Volunteer_BAO_Project::create() and
* CRM_Volunteer_BAO_Project::buildContactJoin)</li>
* <li>proximity (@see CRM_Volunteer_BAO_Project::buildProximityWhere)</li>
* </ol>
*
* NOTE: This method does not return data related to the special params
* outlined above; however, these parameters can be used to filter the list
* of Projects that is returned.
*
* @param array $params
* @return array of CRM_Volunteer_BAO_Project objects
*/
public static function retrieve(array $params)
{
$result = array();
$checkPerms = CRM_Utils_Array::value('check_permissions', $params);
if ($checkPerms && !CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::VIEW)) {
CRM_Utils_System::permissionDenied();
return;
}
$query = CRM_Utils_SQL_Select::from('`civicrm_volunteer_project` vp')->select('DISTINCT vp.*');
if (!empty($params['project_contacts'])) {
$contactJoin = self::buildContactJoin($params['project_contacts']);
if ($contactJoin) {
$query->join('vpc', $contactJoin);
}
}
if (!empty($params['proximity'])) {
$query->join('loc', 'INNER JOIN `civicrm_loc_block` loc ON loc.id = vp.loc_block_id')->join('civicrm_address', 'INNER JOIN `civicrm_address` ON civicrm_address.id = loc.address_id')->where(self::buildProximityWhere($params['proximity']));
}
// This step is here to support both naming conventions for specifying params
// (e.g., volunteer_project_id and id) while normalizing how we access them
// (e.g., $project->id)
$project = new CRM_Volunteer_BAO_Project();
$project->copyValues($params);
foreach ($project->fields() as $field) {
$fieldName = $field['name'];
if (!empty($project->{$fieldName})) {
$query->where('!column = @value', array('column' => $fieldName, 'value' => $project->{$fieldName}));
}
}
$dao = self::executeQuery($query->toSQL());
while ($dao->fetch()) {
$fetchedProject = new CRM_Volunteer_BAO_Project();
$fetchedProject->copyValues(clone $dao);
$result[(int) $dao->id] = $fetchedProject;
}
$dao->free();
return $result;
}
/**
* set variables up before form is built
*
* @access public
*/
function preProcess()
{
// VOL-71: permissions check is moved from XML to preProcess function to support
// permissions-challenged Joomla instances
if (CRM_Core_Config::singleton()->userPermissionClass->isModulePermissionSupported() && !CRM_Volunteer_Permission::check('register to volunteer')) {
CRM_Utils_System::permissionDenied();
}
$vid = CRM_Utils_Request::retrieve('vid', 'Positive', $this, TRUE);
$this->_project = CRM_Volunteer_BAO_Project::retrieveByID($vid);
$this->setDestination();
$this->assign('vid', $this->_project->id);
if (empty($this->_project->needs)) {
CRM_Core_Error::fatal('Project has no public volunteer needs enabled');
}
$this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE);
// current mode
$this->_mode = $this->_action == CRM_Core_Action::PREVIEW ? 'test' : 'live';
}
/**
* Delete an existing project contact
*
* This method is used to delete the relationship(s) between a contact and a
* project.
*
* @param array $params array containing id of the project
* to be deleted
*
* @return array returns flag true if successfull, error
* message otherwise
* {@getfields volunteer_project_delete}
* @access public
*/
function civicrm_api3_volunteer_project_contact_delete($params)
{
$projectId = CRM_Core_DAO::getFieldValue("CRM_Volunteer_DAO_ProjectContact", $params['id'], "project_id");
if (!$params['check_permissions'] || CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::UPDATE, $projectId)) {
return _civicrm_api3_basic_delete(_civicrm_api3_get_BAO(__FUNCTION__), $params);
} else {
return civicrm_api3_create_error(ts('You do not have permission to modify contacts for this project'));
}
}
/**
* set variables up before form is built
*
* @access public
*/
function preProcess()
{
// VOL-71: permissions check is moved from XML to preProcess function to support
// permissions-challenged Joomla instances
if (CRM_Core_Config::singleton()->userPermissionClass->isModulePermissionSupported() && !CRM_Volunteer_Permission::check('register to volunteer')) {
CRM_Utils_System::permissionDenied();
}
$validNeedIds = array();
$needs = CRM_Utils_Request::retrieve('needs', 'String', $this, TRUE);
if (!is_array($needs)) {
$needs = explode(',', $needs);
}
foreach ($needs as $need) {
if (CRM_Utils_Type::validate($need, 'Positive', FALSE)) {
$validNeedIds[] = $need;
}
}
$api = civicrm_api3('VolunteerNeed', 'get', array('id' => array('IN' => $validNeedIds)));
$this->_needs = $api['values'];
foreach ($this->_needs as $need) {
$this->_projects[$need['project_id']] = array();
}
$this->fetchProjectDetails();
$this->setDestination();
$this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE);
// current mode
$this->_mode = $this->_action == CRM_Core_Action::PREVIEW ? 'test' : 'live';
}
function volunteer_civicrm_angularModules(&$angularModule)
{
$angularModule['volunteer'] = array('ext' => 'org.civicrm.volunteer', 'js' => array(0 => 'ang/volunteer.js', 1 => 'ang/volunteer/*.js', 2 => 'ang/volunteer/*/*.js'), 'css' => array(0 => 'ang/volunteer.css'), 'partials' => array(0 => 'ang/volunteer'), 'settings' => array(), 'volunteer' => true);
// Perhaps the placement of this code is a little hackish; unless/until we
// extend Civi\Angular\Page\Main, there doesn't appear to be a better
// alternative. This populates CRM.permissions on the client side.
CRM_Core_Resources::singleton()->addPermissions(array_keys(CRM_Volunteer_Permission::getVolunteerPermissions()))->addVars('org.civicrm.volunteer', array('currentContactId' => CRM_Core_Session::singleton()->getLoggedInContactID()));
}
/**
* Create a Volunteer Project
*
* Takes an associative array and creates a Project object. This function is
* invoked from within the web form layer and also from the API layer. Allows
* the creation of project contacts, e.g.:
*
* $params['project_contacts'] = array(
* $relationship_type_name_or_id => $arr_contact_ids,
* );
*
* @param array $params an assoc array of name/value pairs
*
* @return CRM_Volunteer_BAO_Project object
* @access public
* @static
*/
static function create(array $params)
{
$projectId = CRM_Utils_Array::value('id', $params);
$op = empty($projectId) ? CRM_Core_Action::ADD : CRM_Core_Action::UPDATE;
if (!empty($params['check_permissions']) && !CRM_Volunteer_Permission::checkProjectPerms($op, $projectId)) {
CRM_Utils_System::permissionDenied();
// FIXME: If we don't return here, the script keeps executing. This is not
// what I expect from CRM_Utils_System::permissionDenied().
return FALSE;
}
// check required params
if (!self::dataExists($params)) {
CRM_Core_Error::fatal('Not enough data to create volunteer project object.');
}
// default to active unless explicitly turned off
$params['is_active'] = CRM_Utils_Array::value('is_active', $params, TRUE);
$project = new CRM_Volunteer_BAO_Project();
$project->copyValues($params);
$project->save();
$projectContacts = CRM_Utils_Array::value('project_contacts', $params, array());
foreach ($projectContacts as $relationshipType => $contactIds) {
foreach ($contactIds as $id) {
civicrm_api3('VolunteerProjectContact', 'create', array('contact_id' => $id, 'project_id' => $project->id, 'relationship_type_id' => $relationshipType));
}
}
return $project;
}
/**
* This function returns supporting data for various JavaScript-driven interfaces.
*
* The purpose of this API is to provide limited access to general-use APIs to
* facilitate building user interfaces without having to grant users access to
* APIs they otherwise shouldn't be able to access.
*
* @param array $params
* @see _civicrm_api3_volunteer_util_getsupportingdata_spec()
* @return array
*/
function civicrm_api3_volunteer_util_getsupportingdata($params)
{
$results = array();
$controller = CRM_Utils_Array::value('controller', $params);
if ($controller === 'VolunteerProject') {
$relTypes = civicrm_api3('OptionValue', 'get', array('option_group_id' => CRM_Volunteer_BAO_ProjectContact::RELATIONSHIP_OPTION_GROUP, 'options' => array('limit' => 0)));
$results['relationship_types'] = $relTypes['values'];
$results['phone_types'] = CRM_Core_OptionGroup::values("phone_type", FALSE, FALSE, TRUE);
//Fetch the Defaults from saved settings.
$defaults = CRM_Volunteer_BAO_Project::composeDefaultSettingsArray();
//StopGap because the interface for contacts didn't fit into scope
if (!array_key_exists("relationships", $defaults)) {
$defaults['relationships'] = _volunteerGetProjectRelationshipDefaults();
}
//Allow other extensions to modify the defaults
CRM_Volunteer_Hook::projectDefaultSettings($defaults);
$results['defaults'] = $defaults;
}
if ($controller === 'VolOppsCtrl') {
$results['roles'] = CRM_Core_OptionGroup::values('volunteer_role', FALSE, FALSE, TRUE);
}
$results['use_profile_editor'] = CRM_Volunteer_Permission::check(array("access CiviCRM", "profile listings and forms"));
$results['profile_audience_types'] = CRM_Volunteer_BAO_Project::getProjectProfileAudienceTypes();
if (!$results['use_profile_editor']) {
$profiles = civicrm_api3('UFGroup', 'get', array("return" => "title", "sequential" => 1, 'options' => array('limit' => 0)));
$results['profile_list'] = $profiles['values'];
}
return civicrm_api3_create_success($results, "VolunteerUtil", "getsupportingdata", $params);
}
/**
* Implementation of hook_civicrm_permission.
*
* @param array $permissions Does not contain core perms -- only extension-defined perms.
*/
function volunteer_civicrm_permission(array &$permissions)
{
// VOL-71: Until the Joomla/Civi integration is fixed, don't declare new perms
// for Joomla installs
if (CRM_Core_Config::singleton()->userPermissionClass->isModulePermissionSupported()) {
$permissions = array_merge($permissions, CRM_Volunteer_Permission::getVolunteerPermissions());
}
}
/**
* Helper function to determine whether the current user should be allowed
* to retrieve a project.
*
* @param int $projectId
* @return boolean
*/
private static function allowedToRetrieve($projectId = NULL)
{
$userCanView = CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::VIEW);
$userCanViewRoster = FALSE;
if (!$userCanView && !empty($projectId)) {
$userCanViewRoster = CRM_Volunteer_Permission::checkProjectPerms(CRM_Volunteer_Permission::VIEW_ROSTER, $projectId);
}
return $userCanView || $userCanViewRoster;
}
/**
* Function to set variables up before form is built
*
* @access public
*/
function preProcess()
{
// VOL-71: permissions check is moved from XML to preProcess function to support
// permissions-challenged Joomla instances
if (CRM_Core_Config::singleton()->userPermissionClass->isModulePermissionSupported() && !CRM_Volunteer_Permission::check('register to volunteer')) {
CRM_Utils_System::permissionDenied();
}
$vid = CRM_Utils_Request::retrieve('vid', 'Positive', $this, TRUE);
$this->_project = CRM_Volunteer_BAO_Project::retrieveByID($vid);
$this->setDestination();
$this->assign('vid', $this->_project->id);
if (empty($this->_project->needs)) {
CRM_Core_Error::fatal('Project has no public volunteer needs enabled');
}
$this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE);
// current mode
$this->_mode = $this->_action == CRM_Core_Action::PREVIEW ? 'test' : 'live';
// get profile id
try {
$this->_ufgroup_id = civicrm_api3('UFGroup', 'getvalue', array('name' => 'volunteer_sign_up', 'return' => 'id'));
} catch (Exception $e) {
CRM_Core_Error::fatal('CiviVolunteer custom profile could not be found');
}
}
/**
* delete an existing project
*
* This method is used to delete any existing project. id of the project
* to be deleted is required field in $params array
*
* @param array $params array containing id of the project
* to be deleted
*
* @return array returns flag true if successfull, error
* message otherwise
* {@getfields volunteer_project_delete}
* @access public
*/
function civicrm_api3_volunteer_project_delete($params)
{
if (CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::DELETE, $params['id'])) {
return _civicrm_api3_basic_delete(_civicrm_api3_get_BAO(__FUNCTION__), $params);
} else {
return civicrm_api3_create_error(ts('You do not have permission to delete this event'));
}
}
