/**
* This function is called prior to building and submitting the form
*/
function preProcess()
{
// check contact_id
$this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this);
if (empty($this->_contactId)) {
CRM_Core_Error::statusBounce(ts('Could not get a contact id.'), NULL, ts('Lidmaatschap Wijziging - Contact'));
// this also redirects to the default civicrm page
}
// check for permissions
$session = CRM_Core_Session::singleton();
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'), NULL, ts('Lidmaatschap Wijziging - Contact'));
// this also redirects to the default civicrm page
}
// get session
$session = CRM_Core_Session::singleton();
// get values
$this->_configGroup = CRM_Lidmaatschapwijziging_ConfigGroup::singleton($this->_contactId);
$this->_values = $this->_configGroup->getContact();
// set display name
$this->_display_name = $this->_values['display_name'];
// set title
CRM_Utils_System::setTitle('LidmaatschapWijziging - Group - ' . $this->_values['display_name']);
// set contact id
$this->_values['contact_id'] = $this->_contactId;
}
/**
* Function to set variables up before form is built
*
* @return void
* @access public
*/
public function preProcess()
{
$this->_participantId = CRM_Utils_Request::retrieve('participantId', 'Positive', $this);
$this->_cc = CRM_Utils_Request::retrieve('cc', 'String', $this);
//get the contact and event id and assing to session.
$values = array();
$csContactID = NULL;
if ($this->_participantId) {
$params = array('id' => $this->_participantId);
CRM_Core_DAO::commonRetrieve('CRM_Event_DAO_Participant', $params, $values, array('contact_id', 'event_id', 'status_id'));
}
$this->_participantStatusId = CRM_Utils_Array::value('status_id', $values);
$this->_eventId = CRM_Utils_Array::value('event_id', $values);
$csContactId = CRM_Utils_Array::value('contact_id', $values);
// make sure we have right permission to edit this user
$this->_csContactID = NULL;
if ($csContactId && $this->_eventId) {
$session = CRM_Core_Session::singleton();
if ($csContactId == $session->get('userID')) {
$this->_csContactID = $csContactId;
} else {
if (CRM_Contact_BAO_Contact_Permission::validateChecksumContact($csContactId, $this)) {
//since we have landing page so get this contact
//id in session if user really want to walk wizard.
$this->_csContactID = $csContactId;
}
}
}
if (!$this->_csContactID) {
$config = CRM_Core_Config::singleton();
CRM_Core_Error::statusBounce(ts('You do not have permission to access this event registration. Contact the site administrator if you need assistance.'), $config->userFrameworkBaseURL);
}
}
/**
* This function is called prior to building and submitting the form
*/
function preProcess()
{
// check contact_id
$this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this);
if (empty($this->_contactId)) {
CRM_Core_Error::statusBounce(ts('Could not get a contact id.'), NULL, ts('Lidmaatschap Wijziging - Contact'));
// this also redirects to the default civicrm page
}
// check for permissions
$session = CRM_Core_Session::singleton();
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'), NULL, ts('Lidmaatschap Wijziging - Contact'));
// this also redirects to the default civicrm page
}
// get request
$this->_request = CRM_Utils_Request::retrieve('request', 'String', $this, FALSE, 'choose');
// get session
$session = CRM_Core_Session::singleton();
// get values
$this->_configRelationship = CRM_Lidmaatschapwijziging_ConfigRelationship::singleton($this->_contactId);
$this->_values = $this->_configRelationship->getContact();
// set contact id
$this->_values['contact_id'] = $this->_contactId;
// set display name
$this->_display_name = $this->_values['display_name'];
// set request
$this->_values['request'] = $this->_request;
// set title
CRM_Utils_System::setTitle('LidmaatschapWijziging - Relatie - ' . $this->_values['display_name']);
// request
if ('empty' == $this->_request) {
}
if ('choose' == $this->_request) {
// if there is no relatiosnhips then the options are empty, we
// show a message that there are no memebrships and a submit butten to
// go to the relationship, first we redirect them to request empty
$relationships = $this->_configRelationship->getRelationships();
if (empty($relationships)) {
// redirect user
$url = CRM_Utils_System::url('civicrm/lidmaatschapwijziging/relationship', 'reset=1&request=empty&cid=' . $this->_contactId);
CRM_Utils_System::redirect($url);
}
}
if ('update' == $this->_request) {
// get relationship id
$this->_relationshipId = CRM_Utils_Request::retrieve('relationship_id', 'Positive', $this);
$this->_values['relationship_id'] = $this->_relationshipId;
// get relationship
$this->_values = array_merge($this->_values, $this->_configRelationship->getRelationship($this->_relationshipId));
if (!empty($this->_values['contact_a']['display_name'])) {
$this->assign('sort_name_a', $this->_values['contact_a']['display_name']);
}
if (!empty($this->_values['contact_b']['display_name'])) {
$this->assign('sort_name_b', $this->_values['contact_b']['display_name']);
}
// note
$this->_values['note_id'] = $this->_values['notes']['id'];
$this->_values['note'] = $this->_values['notes']['note'];
}
}
/**
* List activities as dashlet
*
* @return none
*
* @access public
*/
function run()
{
$session = CRM_Core_Session::singleton();
$contactID = $session->get('userID');
// a user can always view their own activity
// if they have access CiviCRM permission
$permission = CRM_Core_Permission::VIEW;
// make the permission edit if the user has edit permission on the contact
require_once 'CRM/Contact/BAO/Contact/Permission.php';
if (CRM_Contact_BAO_Contact_Permission::allow($contactID, CRM_Core_Permission::EDIT)) {
$permission = CRM_Core_Permission::EDIT;
}
$admin = CRM_Core_Permission::check('view all activities') || CRM_Core_Permission::check('administer CiviCRM');
require_once 'CRM/Core/Selector/Controller.php';
$output = CRM_Core_Selector_Controller::SESSION;
require_once 'CRM/Activity/Selector/Activity.php';
$selector = new CRM_Activity_Selector_Activity($contactID, $permission, $admin, 'home');
$sortID = null;
if ($this->get(CRM_Utils_Sort::SORT_ID)) {
$sortID = CRM_Utils_Sort::sortIDValue($this->get(CRM_Utils_Sort::SORT_ID), $this->get(CRM_Utils_Sort::SORT_DIRECTION));
}
$controller = new CRM_Core_Selector_Controller($selector, $this->get(CRM_Utils_Pager::PAGE_ID), $sortID, CRM_Core_Action::VIEW, $this, $output);
$controller->setEmbedded(true);
$controller->run();
$controller->moveFromSessionToTemplate();
return parent::run();
}
/**
* build all the data structures needed to build the form
*
* @return void
* @access public
*/
function preProcess()
{
// reset action from the session
$this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, 'update');
$this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this, TRUE);
$rcid = CRM_Utils_Request::retrieve('rcid', 'Positive', $this);
$rcid = $rcid ? "&id={$rcid}" : '';
$session = CRM_Core_Session::singleton();
$session->pushUserContext(CRM_Utils_System::url('civicrm/user', "reset=1{$rcid}"));
if ($this->_contactId) {
$contact = new CRM_Contact_DAO_Contact();
$contact->id = $this->_contactId;
if (!$contact->find(TRUE)) {
CRM_Core_Error::statusBounce(ts('contact does not exist: %1', array(1 => $this->_contactId)));
}
$this->_contactType = $contact->contact_type;
// check for permissions
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'));
}
list($displayName, $contactImage) = CRM_Contact_BAO_Contact::getDisplayAndImage($this->_contactId);
CRM_Utils_System::setTitle($displayName, $contactImage . ' ' . $displayName);
} else {
CRM_Core_Error::statusBounce(ts('Could not get a contact_id and/or contact_type'));
}
}
function __construct()
{
parent::__construct();
$check = CRM_Core_Permission::check('access Contact Dashboard');
if (!$check) {
CRM_Utils_System::redirect(CRM_Utils_System::url('civicrm/dashboard', 'reset=1'));
break;
}
$this->_contactId = CRM_Utils_Request::retrieve('id', 'Positive', $this);
$session =& CRM_Core_Session::singleton();
$userID = $session->get('userID');
if (!$this->_contactId) {
$this->_contactId = $userID;
} else {
if ($this->_contactId != $userID) {
require_once 'CRM/Contact/BAO/Contact/Permission.php';
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::VIEW)) {
CRM_Core_Error::fatal(ts('You do not have permission to view this contact'));
}
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
$this->_edit = false;
}
}
}
}
/**
* build all the data structures needed to build the form
*
* @return void
* @access public
*/
function preProcess()
{
$cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this, FALSE);
$this->_searchKey = CRM_Utils_Request::retrieve('key', 'String', $this);
// sort out whether it’s a delete-to-trash, delete-into-oblivion or restore (and let the template know)
$values = $this->controller->exportValues();
$this->_skipUndelete = (CRM_Core_Permission::check('access deleted contacts') and (CRM_Utils_Request::retrieve('skip_undelete', 'Boolean', $this) or CRM_Utils_Array::value('task', $values) == CRM_Contact_Task::DELETE_PERMANENTLY));
$this->_restore = (CRM_Utils_Request::retrieve('restore', 'Boolean', $this) or CRM_Utils_Array::value('task', $values) == CRM_Contact_Task::RESTORE);
if ($this->_restore && !CRM_Core_Permission::check('access deleted contacts')) {
CRM_Core_Error::fatal(ts('You do not have permission to access this contact.'));
} elseif (!CRM_Core_Permission::check('delete contacts')) {
CRM_Core_Error::fatal(ts('You do not have permission to delete this contact.'));
}
$this->assign('trash', CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'contact_undelete', NULL) and !$this->_skipUndelete);
$this->assign('restore', $this->_restore);
if ($this->_restore) {
CRM_Utils_System::setTitle(ts('Restore Contact'));
}
if ($cid) {
if (!CRM_Contact_BAO_Contact_Permission::allow($cid, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::fatal(ts('You do not have permission to delete this contact. Note: you can delete contacts if you can edit them.'));
} elseif (CRM_Contact_BAO_Contact::checkDomainContact($cid)) {
CRM_Core_Error::fatal(ts('This contact is a special one for the contact information associated with the CiviCRM installation for this domain. No one is allowed to delete it because the information is used for special system purposes.'));
}
$this->_contactIds = array($cid);
$this->_single = TRUE;
$this->assign('totalSelectedContacts', 1);
} else {
parent::preProcess();
}
$this->_sharedAddressMessage = $this->get('sharedAddressMessage');
if (!$this->_restore && !$this->_sharedAddressMessage) {
// we check for each contact for shared contact address
$sharedContactList = array();
$sharedAddressCount = 0;
foreach ($this->_contactIds as $contactId) {
// check if a contact that is being deleted has any shared addresses
$sharedAddressMessage = CRM_Core_BAO_Address::setSharedAddressDeleteStatus(NULL, $contactId, TRUE);
if ($sharedAddressMessage['count'] > 0) {
$sharedAddressCount += $sharedAddressMessage['count'];
$sharedContactList = array_merge($sharedContactList, $sharedAddressMessage['contactList']);
}
}
$this->_sharedAddressMessage = array('count' => $sharedAddressCount, 'contactList' => $sharedContactList);
if ($sharedAddressCount > 0) {
if (count($this->_contactIds) > 1) {
// more than one contact deleted
$message = ts('One of the selected contacts has an address record that is shared with 1 other contact.', array('plural' => 'One or more selected contacts have address records which are shared with %count other contacts.', 'count' => $sharedAddressCount));
} else {
// only one contact deleted
$message = ts('This contact has an address record which is shared with 1 other contact.', array('plural' => 'This contact has an address record which is shared with %count other contacts.', 'count' => $sharedAddressCount));
}
CRM_Core_Session::setStatus($message . ' ' . ts('Shared addresses will not be removed or altered but will no longer be shared.'), ts('Shared Addesses Owner'));
}
// set in form controller so that queries are not fired again
$this->set('sharedAddressMessage', $this->_sharedAddressMessage);
}
}
/**
* build all the data structures needed to build the form
*
* @return void
* @access public
*/
function preProcess()
{
$cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this, FALSE);
$this->_searchKey = CRM_Utils_Request::retrieve('key', 'String', $this);
// sort out whether it’s a delete-to-trash, delete-into-oblivion or restore (and let the template know)
$config = CRM_Core_Config::singleton();
$values = $this->controller->exportValues();
$this->_skipUndelete = (CRM_Core_Permission::check('access deleted contacts') and (CRM_Utils_Request::retrieve('skip_undelete', 'Boolean', $this) or CRM_Utils_Array::value('task', $values) == CRM_Contact_Task::DELETE_PERMANENTLY));
$this->_restore = (CRM_Utils_Request::retrieve('restore', 'Boolean', $this) or CRM_Utils_Array::value('task', $values) == CRM_Contact_Task::RESTORE);
if ($this->_restore && !CRM_Core_Permission::check('access deleted contacts')) {
CRM_Core_Error::fatal(ts('You do not have permission to access this contact.'));
} elseif (!CRM_Core_Permission::check('delete contacts')) {
CRM_Core_Error::fatal(ts('You do not have permission to delete this contact.'));
}
$this->assign('trash', $config->contactUndelete and !$this->_skipUndelete);
$this->assign('restore', $this->_restore);
if ($this->_restore) {
CRM_Utils_System::setTitle(ts('Restore Contact'));
}
if ($cid) {
if (!CRM_Contact_BAO_Contact_Permission::allow($cid, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::fatal(ts('You do not have permission to delete this contact. Note: you can delete contacts if you can edit them.'));
}
$this->_contactIds = array($cid);
$this->_single = TRUE;
$this->assign('totalSelectedContacts', 1);
} else {
parent::preProcess();
}
$this->_sharedAddressMessage = $this->get('sharedAddressMessage');
if (!$this->_restore && !$this->_sharedAddressMessage) {
// we check for each contact for shared contact address
$sharedContactList = array();
$sharedAddressCount = 0;
foreach ($this->_contactIds as $contactId) {
// check if a contact that is being deleted has any shared addresses
$sharedAddressMessage = CRM_Core_BAO_Address::setSharedAddressDeleteStatus(NULL, $contactId, TRUE);
if ($sharedAddressMessage['count'] > 0) {
$sharedAddressCount += $sharedAddressMessage['count'];
$sharedContactList = array_merge($sharedContactList, $sharedAddressMessage['contactList']);
}
}
$this->_sharedAddressMessage = array('count' => $sharedAddressCount, 'contactList' => $sharedContactList);
if ($sharedAddressCount > 0) {
if (count($this->_contactIds) > 1) {
//more than one contact is deleted
CRM_Core_Session::setStatus(ts('Selected contact(s) has an address record which is shared with %1 other contact(s). Shared addresses will not be removed or altered but will no longer be shared.', array(1 => $sharedAddressCount)));
} else {
// only one contact is been deleted
CRM_Core_Session::setStatus(ts('This contact has an address record which is shared with %1 other contact(s). Shared addresses will not be removed or altered but will no longer be shared.', array(1 => $sharedAddressCount)));
}
}
// set in form controller so that queries are not fired again
$this->set('sharedAddressMessage', $this->_sharedAddressMessage);
}
}
/**
* This function is called prior to building and submitting the form
*/
function preProcess()
{
// check contact_id
$this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this);
if (empty($this->_contactId)) {
CRM_Core_Error::statusBounce(ts('Could not get a contact id.'), NULL, ts('Lidmaatschap Wijziging - Contact'));
// this also redirects to the default civicrm page
}
// check for permissions
$session = CRM_Core_Session::singleton();
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'), NULL, ts('Lidmaatschap Wijziging - Contact'));
// this also redirects to the default civicrm page
}
// get session
$session = CRM_Core_Session::singleton();
// redirect user after postProcess
//$urlParams = 'reset=1&cid=' . $this->_contactId;
//$session->pushUserContext(CRM_Utils_System::url('civicrm/lidmaatschapwijziging/contact', $urlParams));
// get values
$this->_configContact = CRM_Lidmaatschapwijziging_ConfigContact::singleton($this->_contactId);
$this->_values = $this->_configContact->getContact();
// set display name
$this->_display_name = $this->_values['display_name'];
// set title
CRM_Utils_System::setTitle('LidmaatschapWijziging - Contact - ' . $this->_values['display_name']);
// set contact id
$this->_values['contact_id'] = $this->_contactId;
// change the default name like huppeldepup_35 to huppeldepup, this
// ensures the we can use the know names for custom fields in the template like
// huppeldepup and not the column_names like huppeldepup_35
$values = $this->_configContact->getVnvInfoCustomValues();
// set vnvn info id, is neede for update or insert in the postProccess
if (isset($values['id']) and !empty($values['id'])) {
$this->_vnvinfoId = $values['id'];
}
foreach ($this->_configContact->getVnvInfoCustomFields() as $key => $field) {
$this->_values[$field['name']] = $values[$field['column_name']];
}
$values = $this->_configContact->getWerkgeverCustomValues();
// set werkgever id, is neede for update or insert in the postProccess
if (isset($values['id']) and !empty($values['id'])) {
$this->_werkgeverId = $values['id'];
}
foreach ($this->_configContact->getWerkgeverCustomFields() as $key => $field) {
$this->_values[$field['name']] = $values[$field['column_name']];
}
$currentEmployer = CRM_Contact_BAO_Relationship::getCurrentEmployer(array($this->_contactId));
$defaults['current_employer_id'] = CRM_Utils_Array::value('org_id', $currentEmployer[$this->_contactId]);
// assign values needed for the template
$this->assign('contactId', $this->_contactId);
$this->assign('employerDataURL', '/civicrm/ajax/rest?className=CRM_Contact_Page_AJAX&fnName=getContactList&json=1&context=contact&org=1&employee_id=' . $this->_contactId);
$this->assign('currentEmployer', $this->_values['employer_id']);
}
static function getContactList(&$config)
{
require_once 'CRM/Core/BAO/Preferences.php';
$name = CRM_Utils_Type::escape($_GET['s'], 'String');
$limit = '10';
$list = array_keys(CRM_Core_BAO_Preferences::valueOptions('contact_autocomplete_options'), '1');
$select = array('sort_name');
$where = '';
$from = array();
foreach ($list as $value) {
$suffix = substr($value, 0, 2) . substr($value, -1);
switch ($value) {
case 'street_address':
case 'city':
$selectText = $value;
$value = "address";
$suffix = 'sts';
case 'phone':
case 'email':
$select[] = $value == 'address' ? $selectText : $value;
$from[$value] = "LEFT JOIN civicrm_{$value} {$suffix} ON ( cc.id = {$suffix}.contact_id AND {$suffix}.is_primary = 1 ) ";
break;
case 'country':
case 'state_province':
$select[] = "{$suffix}.name";
if (!in_array('address', $from)) {
$from['address'] = 'LEFT JOIN civicrm_address sts ON ( cc.id = sts.contact_id AND sts.is_primary = 1) ';
}
$from[$value] = " LEFT JOIN civicrm_{$value} {$suffix} ON ( sts.{$value}_id = {$suffix}.id ) ";
break;
}
}
$select = implode(', ', $select);
$from = implode(' ', $from);
if (CRM_Utils_Array::value('limit', $_GET)) {
$limit = CRM_Utils_Type::escape($_GET['limit'], 'Positive');
}
// add acl clause here
require_once 'CRM/Contact/BAO/Contact/Permission.php';
list($aclFrom, $aclWhere) = CRM_Contact_BAO_Contact_Permission::cacheClause('cc');
if ($aclWhere) {
$where .= " AND {$aclWhere} ";
}
$query = "\nSELECT DISTINCT(cc.id) as id, CONCAT_WS( ' :: ', {$select} ) as data\nFROM civicrm_contact cc {$from}\n{$aclFrom}\nWHERE sort_name LIKE '%{$name}%' {$where} \nORDER BY sort_name\nLIMIT 0, {$limit}\n";
// send query to hook to be modified if needed
require_once 'CRM/Utils/Hook.php';
CRM_Utils_Hook::contactListQuery($query, $name, CRM_Utils_Array::value('context', $_GET), CRM_Utils_Array::value('id', $_GET));
$dao = CRM_Core_DAO::executeQuery($query);
$contactList = null;
while ($dao->fetch()) {
echo $contactList = "{$dao->data}|{$dao->id}\n";
}
exit;
}
/**
* @throws Exception
*/
function __construct()
{
parent::__construct();
$this->_contactId = CRM_Utils_Request::retrieve('id', 'Positive', $this);
$session = CRM_Core_Session::singleton();
$userID = $session->get('userID');
if (!$this->_contactId) {
$this->_contactId = $userID;
} elseif ($this->_contactId != $userID) {
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::VIEW)) {
CRM_Core_Error::fatal(ts('You do not have permission to view this contact'));
}
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
$this->_edit = FALSE;
}
}
}
/**
* Function to set variables up before form is built
*
* @return void
* @access public
*/
public function preProcess()
{
parent::preProcess();
// make sure we have right permission to edit this user
$csContactID = CRM_Utils_Request::retrieve('cid', 'Positive', $this, false, $this->_userID);
require_once 'CRM/Contact/BAO/Contact.php';
if ($csContactID != $this->_userID) {
require_once 'CRM/Contact/BAO/Contact/Permission.php';
if (CRM_Contact_BAO_Contact_Permission::validateChecksumContact($csContactID, $this)) {
$session = CRM_Core_Session::singleton();
$session->set('userID', $csContactID);
$this->_userID = $csContactID;
}
}
if (CRM_Utils_Array::value('id', $this->_pcpInfo) && CRM_Utils_Array::value('intro_text', $this->_pcpInfo)) {
$this->assign('intro_text', $this->_pcpInfo['intro_text']);
} else {
if (CRM_Utils_Array::value('intro_text', $this->_values)) {
$this->assign('intro_text', $this->_values['intro_text']);
}
}
if (CRM_Utils_Array::value('footer_text', $this->_values)) {
$this->assign('footer_text', $this->_values['footer_text']);
}
//CRM-5001
if ($this->_values['is_for_organization']) {
$msg = ts('Mixed profile not allowed for on behalf of registration/sign up.');
require_once 'CRM/Core/BAO/UFGroup.php';
if ($preID = CRM_Utils_Array::value('custom_pre_id', $this->_values)) {
$preProfile = CRM_Core_BAO_UFGroup::profileGroups($preID);
foreach (array('Individual', 'Organization', 'Household') as $contactType) {
if (in_array($contactType, $preProfile) && (in_array('Membership', $preProfile) || in_array('Contribution', $preProfile))) {
CRM_Core_Error::fatal($msg);
}
}
}
if ($postID = CRM_Utils_Array::value('custom_post_id', $this->_values)) {
$postProfile = CRM_Core_BAO_UFGroup::profileGroups($postID);
foreach (array('Individual', 'Organization', 'Household') as $contactType) {
if (in_array($contactType, $postProfile) && (in_array('Membership', $postProfile) || in_array('Contribution', $postProfile))) {
CRM_Core_Error::fatal($msg);
}
}
}
}
}
/**
* pre processing work done here.
*
* @param
* @return void
*
* @access public
*
*/
function preProcess()
{
$this->_mode = CRM_Profile_Form::MODE_CREATE;
//set the context for the profile
$this->_context = CRM_Utils_Request::retrieve('context', 'String', $this);
if ($this->_context) {
$this->assign('context', $this->_context);
}
if ($this->get('skipPermission')) {
$this->_skipPermission = true;
}
if ($this->get('edit')) {
//this is edit mode.
$this->_mode = CRM_Profile_Form::MODE_EDIT;
// make sure we have right permission to edit this user
$session =& CRM_Core_Session::singleton();
$userID = $session->get('userID');
$id = CRM_Utils_Request::retrieve('id', 'Positive', $this, false, $userID);
require_once 'CRM/Contact/BAO/Contact/Utils.php';
if ($id != $userID) {
// do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
require_once 'CRM/Contact/BAO/Contact/Permission.php';
$config =& CRM_Core_Config::singleton();
if ($config->userFrameworkFrontend) {
CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this);
} else {
CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this);
}
$this->_isPermissionedChecksum = true;
}
}
parent::preProcess();
// make sure the gid is set and valid
if (!$this->_gid) {
CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is disabled, OR there is no Profile with that ID, OR a valid \'gid=\' integer value is missing from the URL. Contact the site administrator if you need assistance.', array(1 => $this->_gid)));
}
// and also the profile is of type 'Profile'
$query = "\nSELECT module\n FROM civicrm_uf_join\n WHERE module = 'Profile'\n AND uf_group_id = %1\n";
$params = array(1 => array($this->_gid, 'Integer'));
$dao =& CRM_Core_DAO::executeQuery($query, $params);
if (!$dao->fetch()) {
CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.', array(1 => $this->_gid)));
}
}
/**
* View details of a relationship.
*/
public function view()
{
$viewRelationship = CRM_Contact_BAO_Relationship::getRelationship($this->_contactId, NULL, NULL, NULL, $this->_id);
//To check whether selected contact is a contact_id_a in
//relationship type 'a_b' in relationship table, if yes then
//revert the permissionship text in template
$relationship = new CRM_Contact_DAO_Relationship();
$relationship->id = $viewRelationship[$this->_id]['id'];
if ($relationship->find(TRUE)) {
if ($viewRelationship[$this->_id]['rtype'] == 'a_b' && $this->_contactId == $relationship->contact_id_a) {
$this->assign("is_contact_id_a", TRUE);
}
}
$relType = $viewRelationship[$this->_id]['civicrm_relationship_type_id'];
$this->assign('viewRelationship', $viewRelationship);
$employerId = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_contactId, 'employer_id');
$this->assign('isCurrentEmployer', FALSE);
$relTypes = CRM_Utils_Array::index(array('name_a_b'), CRM_Core_PseudoConstant::relationshipType('name'));
if ($viewRelationship[$this->_id]['employer_id'] == $this->_contactId) {
$this->assign('isCurrentEmployer', TRUE);
} elseif ($relType == $relTypes['Employee of']['id'] && $viewRelationship[$this->_id]['cid'] == $employerId) {
// make sure we are viewing employee of relationship
$this->assign('isCurrentEmployer', TRUE);
}
$viewNote = CRM_Core_BAO_Note::getNote($this->_id);
$this->assign('viewNote', $viewNote);
$groupTree = CRM_Core_BAO_CustomGroup::getTree('Relationship', $this, $this->_id, 0, $relType);
CRM_Core_BAO_CustomGroup::buildCustomDataView($this, $groupTree, FALSE, NULL, NULL, NULL, $this->_id);
$rType = CRM_Utils_Array::value('rtype', $viewRelationship[$this->_id]);
// add viewed contribution to recent items list
$url = CRM_Utils_System::url('civicrm/contact/view/rel', "action=view&reset=1&id={$viewRelationship[$this->_id]['id']}&cid={$this->_contactId}&context=home");
$session = CRM_Core_Session::singleton();
$recentOther = array();
if ($session->get('userID') == $this->_contactId || CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
$recentOther = array('editUrl' => CRM_Utils_System::url('civicrm/contact/view/rel', "action=update&reset=1&id={$viewRelationship[$this->_id]['id']}&cid={$this->_contactId}&rtype={$rType}&context=home"), 'deleteUrl' => CRM_Utils_System::url('civicrm/contact/view/rel', "action=delete&reset=1&id={$viewRelationship[$this->_id]['id']}&cid={$this->_contactId}&rtype={$rType}&context=home"));
}
$displayName = CRM_Contact_BAO_Contact::displayName($this->_contactId);
$this->assign('displayName', $displayName);
CRM_Utils_System::setTitle(ts('View Relationship for') . ' ' . $displayName);
$title = $displayName . ' (' . $viewRelationship[$this->_id]['relation'] . ' ' . CRM_Contact_BAO_Contact::displayName($viewRelationship[$this->_id]['cid']) . ')';
// add the recently viewed Relationship
CRM_Utils_Recent::add($title, $url, $viewRelationship[$this->_id]['id'], 'Relationship', $this->_contactId, NULL, $recentOther);
}
/**
* build all the data structures needed to build the form
*
* @return void
* @access public
*/
function preProcess()
{
//check for delete
if (!CRM_Core_Permission::check('delete contacts')) {
CRM_Core_Error::fatal(ts('You do not have permission to access this page'));
}
$cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this, false);
if ($cid) {
require_once 'CRM/Contact/BAO/Contact/Permission.php';
if (!CRM_Contact_BAO_Contact_Permission::allow($cid, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::fatal(ts('You do not have permission to delete this contact. Note: you can delete contacts if you can edit them.'));
}
$this->_contactIds = array($cid);
$this->_single = true;
$this->assign('totalSelectedContacts', 1);
} else {
parent::preProcess();
}
}
function preProcess()
{
$params = array();
$defaults = array();
$ids = array();
$session =& CRM_Core_Session::singleton();
$uid = $session->get('userID');
if (!$uid) {
require_once 'CRM/Utils/System.php';
CRM_Utils_System::setUFMessage(ts('We could not find a user id. You must be logged in to access the CiviCRM Home Page and menus.'));
CRM_Core_Error::statusBounce(ts('We could not find a user id. You must be logged in to access the CiviCRM Home Page and menus.'));
}
$this->assign('contactId', $uid);
$this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, false, 'view');
$this->assign('action', $this->_action);
// a user can always view their own activity history
// if they have access CiviCRM permission
$this->_permission = CRM_Core_Permission::VIEW;
// make the permission edit if the user has edit permission on the contact
require_once 'CRM/Contact/BAO/Contact/Permission.php';
if (CRM_Contact_BAO_Contact_Permission::allow($uid, CRM_Core_Permission::EDIT)) {
$this->_permission = CRM_Core_Permission::EDIT;
}
$displayName = $this->get('displayName');
list($displayName, $contactImage, $contactType) = CRM_Contact_BAO_Contact::getDisplayAndImage($uid, true);
$this->set('displayName', $displayName);
$this->set('contactImage', $contactImage);
CRM_Utils_System::setTitle($contactImage . ' ' . $displayName, $displayName);
CRM_Utils_Recent::add($displayName, CRM_Utils_System::url('civicrm/contact/view', 'reset=1&cid=' . $uid), $uid, $contactType, $uid, $displayName);
// call hook to get html from other modules
require_once 'CRM/Utils/Hook.php';
$contentPlacement = CRM_Utils_Hook::DASHBOARD_BELOW;
// ignored but needed to prevent warnings
$html = CRM_Utils_Hook::dashboard($uid, $contentPlacement);
if (is_array($html)) {
$this->assign_by_ref('hookContent', $html);
$this->assign('hookContentPlacement', $contentPlacement);
}
}
/**
* This function is called prior to building and submitting the form
*/
function preProcess()
{
// check contact_id
$this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this);
if (empty($this->_contactId)) {
CRM_Core_Error::statusBounce(ts('Could not get a contact id.'), NULL, ts('Lidmaatschap Wijziging - Contact'));
// this also redirects to the default civicrm page
}
// check for permissions
$session = CRM_Core_Session::singleton();
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'), NULL, ts('Lidmaatschap Wijziging - Contact'));
// this also redirects to the default civicrm page
}
// get session
$session = CRM_Core_Session::singleton();
// get values
$this->_configRegiOplBel = CRM_Lidmaatschapwijziging_ConfigRegistratieOpleidingBelangstelling::singleton($this->_contactId);
$this->_values = $this->_configRegiOplBel->getContact();
// set display name
$this->_display_name = $this->_values['display_name'];
// set title
CRM_Utils_System::setTitle('LidmaatschapWijziging - Registratie Opleiding Belangstelling - ' . $this->_values['display_name']);
// set contact id
$this->_values['contact_id'] = $this->_contactId;
// change the default name like huppeldepup_35 to huppeldepup, this
// ensures the we can use the know names for custom fields in the template like
// huppeldepup and not the column_names like huppeldepup_35
$values = $this->_configRegiOplBel->getRegiOplBelCustomValues();
// set vnvn info id, is neede for update or insert in the postProccess
if (isset($values['id']) and !empty($values['id'])) {
$this->_regiOplBelId = $values['id'];
}
$this->_values['regioplbel_id'] = $this->_regiOplBelId;
foreach ($this->_configRegiOplBel->getRegiOplBelCustomFields() as $key => $field) {
$this->_values[$field['name']] = $values[$field['column_name']];
}
}
/**
* List activities as dashlet.
*
* @return void
*/
public function run()
{
$session = CRM_Core_Session::singleton();
$contactID = $session->get('userID');
$this->assign('contactID', $contactID);
$this->assign('contactId', $contactID);
$context = CRM_Utils_Request::retrieve('context', 'String', $this, FALSE, 'dashlet');
$this->assign('context', $context);
// a user can always view their own activity
// if they have access CiviCRM permission
$permission = CRM_Core_Permission::VIEW;
// make the permission edit if the user has edit permission on the contact
if (CRM_Contact_BAO_Contact_Permission::allow($contactID, CRM_Core_Permission::EDIT)) {
$permission = CRM_Core_Permission::EDIT;
}
$admin = CRM_Core_Permission::check('view all activities') || CRM_Core_Permission::check('administer CiviCRM');
$this->assign('admin', $admin);
// also create the form element for the activity filter box
$controller = new CRM_Core_Controller_Simple('CRM_Activity_Form_ActivityFilter', ts('Activity Filter'), NULL);
$controller->setEmbedded(TRUE);
$controller->run();
return parent::run();
}
/**
* Run the page.
*
* This method is called after the page is created. It checks for the
* type of action and executes that action.
*
* @return void
*/
public function run()
{
$template = CRM_Core_Smarty::singleton();
if ($this->_id && $this->_gid) {
// first check that id is part of the limit group id, CRM-4822
$limitListingsGroupsID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'limit_listings_group_id');
$config = CRM_Core_Config::singleton();
if ($limitListingsGroupsID) {
if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id, $limitListingsGroupsID)) {
CRM_Utils_System::setTitle(ts('Profile View - Permission Denied'));
return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.'), ts('Permission Denied'), 'error');
}
}
$session = CRM_Core_Session::singleton();
$userID = $session->get('userID');
$this->_isPermissionedChecksum = $allowPermission = FALSE;
$permissionType = CRM_Core_Permission::VIEW;
if (CRM_Core_Permission::check('administer users') || CRM_Core_Permission::check('view all contacts') || CRM_Contact_BAO_Contact_Permission::allow($this->_id)) {
$allowPermission = TRUE;
}
if ($this->_id != $userID) {
// do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
if ($config->userFrameworkFrontend) {
$this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE);
if (!$this->_isPermissionedChecksum) {
$this->_isPermissionedChecksum = $allowPermission;
}
} else {
$this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE);
}
}
// CRM-10853
// Users with create or edit permission should be allowed to view their own profile
if ($this->_id == $userID || $this->_isPermissionedChecksum) {
if (!CRM_Core_Permission::check('profile view')) {
if (CRM_Core_Permission::check('profile create') || CRM_Core_Permission::check('profile edit')) {
$this->_skipPermission = TRUE;
}
}
}
// make sure we dont expose all fields based on permission
$admin = FALSE;
if (!$config->userFrameworkFrontend && $allowPermission || $this->_id == $userID || $this->_isPermissionedChecksum) {
$admin = TRUE;
}
$values = array();
$fields = CRM_Core_BAO_UFGroup::getFields($this->_profileIds, FALSE, CRM_Core_Action::VIEW, NULL, NULL, FALSE, $this->_restrict, $this->_skipPermission, NULL, $permissionType);
if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) {
CRM_Core_BAO_UFGroup::shiftMultiRecordFields($fields, $multiRecordFields);
$fields = $multiRecordFields;
}
if ($this->_isContactActivityProfile && $this->_gid) {
$errors = CRM_Profile_Form::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid);
if (!empty($errors)) {
CRM_Core_Error::fatal(array_pop($errors));
}
}
//reformat fields array
foreach ($fields as $name => $field) {
// also eliminate all formatting fields
if (CRM_Utils_Array::value('field_type', $field) == 'Formatting') {
unset($fields[$name]);
}
// make sure that there is enough permission to expose this field
if (!$admin && $field['visibility'] == 'User and User Admin Only') {
unset($fields[$name]);
}
}
if ($this->_isContactActivityProfile) {
$contactFields = $activityFields = array();
foreach ($fields as $fieldName => $field) {
if (CRM_Utils_Array::value('field_type', $field) == 'Activity') {
$activityFields[$fieldName] = $field;
} else {
$contactFields[$fieldName] = $field;
}
}
CRM_Core_BAO_UFGroup::getValues($this->_id, $contactFields, $values);
if ($this->_activityId) {
CRM_Core_BAO_UFGroup::getValues(NULL, $activityFields, $values, TRUE, array(array('activity_id', '=', $this->_activityId, 0, 0)));
}
} else {
$customWhereClause = NULL;
if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId) {
if ($this->_allFields) {
$copyFields = $fields;
CRM_Core_BAO_UFGroup::shiftMultiRecordFields($copyFields, $multiRecordFields);
$fieldKey = key($multiRecordFields);
} else {
$fieldKey = key($fields);
}
if ($fieldID = CRM_Core_BAO_CustomField::getKeyID($fieldKey)) {
$tableColumnGroup = CRM_Core_BAO_CustomField::getTableColumnGroup($fieldID);
$columnName = "{$tableColumnGroup[0]}.id";
$customWhereClause = $columnName . ' = ' . $this->_recordId;
}
}
CRM_Core_BAO_UFGroup::getValues($this->_id, $fields, $values, TRUE, NULL, FALSE, $customWhereClause);
}
// $profileFields array can be used for customized display of field labels and values in Profile/View.tpl
$profileFields = array();
$labels = array();
foreach ($fields as $name => $field) {
//CRM-14338
// Create a unique, non-empty index for each field.
$index = $field['title'];
if ($index === '') {
$index = ' ';
}
while (array_key_exists($index, $labels)) {
$index .= ' ';
}
$labels[$index] = preg_replace('/\\s+|\\W+/', '_', $name);
}
foreach ($values as $title => $value) {
$profileFields[$labels[$title]] = array('label' => $title, 'value' => $value);
}
$template->assign_by_ref('row', $values);
$template->assign_by_ref('profileFields', $profileFields);
}
$name = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name');
$this->assign('ufGroupName', $name);
CRM_Utils_Hook::viewProfile($name);
if (strtolower($name) == 'summary_overlay') {
$template->assign('overlayProfile', TRUE);
}
if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) {
$fieldDetail = reset($fields);
$fieldId = CRM_Core_BAO_CustomField::getKeyID($fieldDetail['name']);
$customGroupDetails = CRM_Core_BAO_CustomGroup::getGroupTitles(array($fieldId));
$multiRecTitle = $customGroupDetails[$fieldId]['groupTitle'];
} else {
$title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title');
}
//CRM-4131.
$displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name');
if ($displayName) {
$session = CRM_Core_Session::singleton();
$config = CRM_Core_Config::singleton();
if ($session->get('userID') && CRM_Core_Permission::check('access CiviCRM') && CRM_Contact_BAO_Contact_Permission::allow($session->get('userID'), CRM_Core_Permission::VIEW) && !$config->userFrameworkFrontend) {
$contactViewUrl = CRM_Utils_System::url('civicrm/contact/view', "action=view&reset=1&cid={$this->_id}", TRUE);
$this->assign('displayName', $displayName);
$displayName = "<a href=\"{$contactViewUrl}\">{$displayName}</a>";
}
$title .= ' - ' . $displayName;
}
$title = isset($multiRecTitle) ? ts('View %1 Record', array(1 => $multiRecTitle)) : $title;
CRM_Utils_System::setTitle($title);
// invoke the pagRun hook, CRM-3906
CRM_Utils_Hook::pageRun($this);
return trim($template->fetch($this->getHookedTemplateFileName()));
}
function buildACLClause($tableAlias = 'contact')
{
list($this->_aclFrom, $this->_aclWhere) = CRM_Contact_BAO_Contact_Permission::cacheClause($tableAlias);
}
/**
* Form submission of new/edit contact is processed.
*/
public function postProcess()
{
// check if dedupe button, if so return.
$buttonName = $this->controller->getButtonName();
if ($buttonName == $this->_dedupeButtonName) {
return;
}
//get the submitted values in an array
$params = $this->controller->exportValues($this->_name);
$group = CRM_Utils_Array::value('group', $params);
if (!empty($group) && is_array($group)) {
unset($params['group']);
foreach ($group as $key => $value) {
$params['group'][$value] = 1;
}
}
CRM_Contact_BAO_Contact_Optimizer::edit($params, $this->_preEditValues);
if (!empty($params['image_URL'])) {
CRM_Contact_BAO_Contact::processImageParams($params);
}
if (is_numeric(CRM_Utils_Array::value('current_employer_id', $params)) && !empty($params['current_employer'])) {
$params['current_employer'] = $params['current_employer_id'];
}
// don't carry current_employer_id field,
// since we don't want to directly update DAO object without
// handling related business logic ( eg related membership )
if (isset($params['current_employer_id'])) {
unset($params['current_employer_id']);
}
$params['contact_type'] = $this->_contactType;
if (empty($params['contact_sub_type']) && $this->_isContactSubType) {
$params['contact_sub_type'] = array($this->_contactSubType);
}
if ($this->_contactId) {
$params['contact_id'] = $this->_contactId;
}
//make deceased date null when is_deceased = false
if ($this->_contactType == 'Individual' && !empty($this->_editOptions['Demographics']) && empty($params['is_deceased'])) {
$params['is_deceased'] = FALSE;
$params['deceased_date'] = NULL;
}
if (isset($params['contact_id'])) {
// process membership status for deceased contact
$deceasedParams = array('contact_id' => CRM_Utils_Array::value('contact_id', $params), 'is_deceased' => CRM_Utils_Array::value('is_deceased', $params, FALSE), 'deceased_date' => CRM_Utils_Array::value('deceased_date', $params, NULL));
$updateMembershipMsg = $this->updateMembershipStatus($deceasedParams);
}
// action is taken depending upon the mode
if ($this->_action & CRM_Core_Action::UPDATE) {
CRM_Utils_Hook::pre('edit', $params['contact_type'], $params['contact_id'], $params);
} else {
CRM_Utils_Hook::pre('create', $params['contact_type'], NULL, $params);
}
$customFields = CRM_Core_BAO_CustomField::getFields($params['contact_type'], FALSE, TRUE);
//CRM-5143
//if subtype is set, send subtype as extend to validate subtype customfield
$customFieldExtends = CRM_Utils_Array::value('contact_sub_type', $params) ? $params['contact_sub_type'] : $params['contact_type'];
$params['custom'] = CRM_Core_BAO_CustomField::postProcess($params, $this->_contactId, $customFieldExtends, TRUE);
if ($this->_contactId && !empty($this->_oldSubtypes)) {
CRM_Contact_BAO_ContactType::deleteCustomSetForSubtypeMigration($this->_contactId, $params['contact_type'], $this->_oldSubtypes, $params['contact_sub_type']);
}
if (array_key_exists('CommunicationPreferences', $this->_editOptions)) {
// this is a chekbox, so mark false if we dont get a POST value
$params['is_opt_out'] = CRM_Utils_Array::value('is_opt_out', $params, FALSE);
}
// process shared contact address.
CRM_Contact_BAO_Contact_Utils::processSharedAddress($params['address']);
if (!array_key_exists('TagsAndGroups', $this->_editOptions) && !empty($params['group'])) {
unset($params['group']);
}
if (!empty($params['contact_id']) && $this->_action & CRM_Core_Action::UPDATE && !empty($params['group'])) {
// figure out which all groups are intended to be removed
$contactGroupList = CRM_Contact_BAO_GroupContact::getContactGroup($params['contact_id'], 'Added');
if (is_array($contactGroupList)) {
foreach ($contactGroupList as $key) {
if ((!array_key_exists($key['group_id'], $params['group']) || $params['group'][$key['group_id']] != 1) && empty($key['is_hidden'])) {
$params['group'][$key['group_id']] = -1;
}
}
}
}
// parse street address, CRM-5450
$parseStatusMsg = NULL;
if ($this->_parseStreetAddress) {
$parseResult = self::parseAddress($params);
$parseStatusMsg = self::parseAddressStatusMsg($parseResult);
}
// Allow un-setting of location info, CRM-5969
$params['updateBlankLocInfo'] = TRUE;
$contact = CRM_Contact_BAO_Contact::create($params, TRUE, FALSE, TRUE);
// status message
if ($this->_contactId) {
$message = ts('%1 has been updated.', array(1 => $contact->display_name));
} else {
$message = ts('%1 has been created.', array(1 => $contact->display_name));
}
// set the contact ID
$this->_contactId = $contact->id;
if (array_key_exists('TagsAndGroups', $this->_editOptions)) {
//add contact to tags
CRM_Core_BAO_EntityTag::create($params['tag'], 'civicrm_contact', $params['contact_id']);
//save free tags
if (isset($params['contact_taglist']) && !empty($params['contact_taglist'])) {
CRM_Core_Form_Tag::postProcess($params['contact_taglist'], $params['contact_id'], 'civicrm_contact', $this);
}
}
if (!empty($parseStatusMsg)) {
$message .= "<br />{$parseStatusMsg}";
}
if (!empty($updateMembershipMsg)) {
$message .= "<br />{$updateMembershipMsg}";
}
$session = CRM_Core_Session::singleton();
$session->setStatus($message, ts('Contact Saved'), 'success');
// add the recently viewed contact
$recentOther = array();
if ($session->get('userID') == $contact->id || CRM_Contact_BAO_Contact_Permission::allow($contact->id, CRM_Core_Permission::EDIT)) {
$recentOther['editUrl'] = CRM_Utils_System::url('civicrm/contact/add', 'reset=1&action=update&cid=' . $contact->id);
}
if ($session->get('userID') != $this->_contactId && CRM_Core_Permission::check('delete contacts')) {
$recentOther['deleteUrl'] = CRM_Utils_System::url('civicrm/contact/view/delete', 'reset=1&delete=1&cid=' . $contact->id);
}
CRM_Utils_Recent::add($contact->display_name, CRM_Utils_System::url('civicrm/contact/view', 'reset=1&cid=' . $contact->id), $contact->id, $this->_contactType, $contact->id, $contact->display_name, $recentOther);
// here we replace the user context with the url to view this contact
$buttonName = $this->controller->getButtonName();
if ($buttonName == $this->getButtonName('upload', 'new')) {
$contactSubTypes = array_filter(explode(CRM_Core_DAO::VALUE_SEPARATOR, $this->_contactSubType));
$resetStr = "reset=1&ct={$contact->contact_type}";
$resetStr .= count($contactSubTypes) == 1 ? "&cst=" . array_pop($contactSubTypes) : '';
$session->replaceUserContext(CRM_Utils_System::url('civicrm/contact/add', $resetStr));
} else {
$context = CRM_Utils_Request::retrieve('context', 'String', $this);
$qfKey = CRM_Utils_Request::retrieve('key', 'String', $this);
//validate the qfKey
$urlParams = 'reset=1&cid=' . $contact->id;
if ($context) {
$urlParams .= "&context={$context}";
}
if (CRM_Utils_Rule::qfKey($qfKey)) {
$urlParams .= "&key={$qfKey}";
}
$session->replaceUserContext(CRM_Utils_System::url('civicrm/contact/view', $urlParams));
}
// now invoke the post hook
if ($this->_action & CRM_Core_Action::UPDATE) {
CRM_Utils_Hook::post('edit', $params['contact_type'], $contact->id, $contact);
} else {
CRM_Utils_Hook::post('create', $params['contact_type'], $contact->id, $contact);
}
}
/**
* Given an array of contact ids this function will return array with links to view contact page.
*
* @param array $contactIDs
* Associated contact id's.
* @param bool $addViewLink
* @param bool $addEditLink
* @param int $originalId
* Associated with the contact which is edited.
*
*
* @return array
* returns array with links to contact view
*/
public static function formatContactIDSToLinks($contactIDs, $addViewLink = TRUE, $addEditLink = TRUE, $originalId = NULL)
{
$contactLinks = array();
if (!is_array($contactIDs) || empty($contactIDs)) {
return $contactLinks;
}
// does contact has sufficient permissions.
$permissions = array('view' => 'view all contacts', 'edit' => 'edit all contacts', 'merge' => 'merge duplicate contacts');
$permissionedContactIds = array();
foreach ($permissions as $task => $permission) {
// give permission.
if (CRM_Core_Permission::check($permission)) {
foreach ($contactIDs as $contactId) {
$permissionedContactIds[$contactId][$task] = TRUE;
}
continue;
}
// check permission on acl basis.
if (in_array($task, array('view', 'edit'))) {
$aclPermission = CRM_Core_Permission::VIEW;
if ($task == 'edit') {
$aclPermission = CRM_Core_Permission::EDIT;
}
foreach ($contactIDs as $contactId) {
if (CRM_Contact_BAO_Contact_Permission::allow($contactId, $aclPermission)) {
$permissionedContactIds[$contactId][$task] = TRUE;
}
}
}
}
// retrieve display names for all contacts
$query = '
SELECT c.id, c.display_name, c.contact_type, ce.email
FROM civicrm_contact c
LEFT JOIN civicrm_email ce ON ( ce.contact_id=c.id AND ce.is_primary = 1 )
WHERE c.id IN (' . implode(',', $contactIDs) . ' ) LIMIT 20';
$dao = CRM_Core_DAO::executeQuery($query);
$contactLinks['msg'] = NULL;
$i = 0;
while ($dao->fetch()) {
$contactLinks['rows'][$i]['display_name'] = $dao->display_name;
$contactLinks['rows'][$i]['primary_email'] = $dao->email;
// get the permission for current contact id.
$hasPermissions = CRM_Utils_Array::value($dao->id, $permissionedContactIds);
if (!is_array($hasPermissions) || empty($hasPermissions)) {
$i++;
continue;
}
// do check for view.
if (array_key_exists('view', $hasPermissions)) {
$contactLinks['rows'][$i]['view'] = '<a class="action-item" href="' . CRM_Utils_System::url('civicrm/contact/view', 'reset=1&cid=' . $dao->id) . '" target="_blank">' . ts('View') . '</a>';
if (!$contactLinks['msg']) {
$contactLinks['msg'] = 'view';
}
}
if (array_key_exists('edit', $hasPermissions)) {
$contactLinks['rows'][$i]['edit'] = '<a class="action-item" href="' . CRM_Utils_System::url('civicrm/contact/add', 'reset=1&action=update&cid=' . $dao->id) . '" target="_blank">' . ts('Edit') . '</a>';
if (!$contactLinks['msg'] || $contactLinks['msg'] != 'merge') {
$contactLinks['msg'] = 'edit';
}
}
if (!empty($originalId) && array_key_exists('merge', $hasPermissions)) {
$rgBao = new CRM_Dedupe_BAO_RuleGroup();
$rgBao->contact_type = $dao->contact_type;
$rgBao->used = 'Supervised';
if ($rgBao->find(TRUE)) {
$rgid = $rgBao->id;
}
if ($rgid && isset($dao->id)) {
//get an url to merge the contact
$contactLinks['rows'][$i]['merge'] = '<a class="action-item" href="' . CRM_Utils_System::url('civicrm/contact/merge', "reset=1&cid=" . $originalId . '&oid=' . $dao->id . '&action=update&rgid=' . $rgid) . '">' . ts('Merge') . '</a>';
$contactLinks['msg'] = 'merge';
}
}
$i++;
}
return $contactLinks;
}
/**
* @param $page
* @param int $contactID
*/
public static function checkUserPermission($page, $contactID = NULL)
{
// check for permissions
$page->_permission = NULL;
if (!$contactID) {
$contactID = $page->_contactId;
}
// automatically grant permissin for users on their own record. makes
// things easier in dashboard
$session = CRM_Core_Session::singleton();
if ($session->get('userID') == $contactID && CRM_Core_Permission::check('edit my contact')) {
$page->assign('permission', 'edit');
$page->_permission = CRM_Core_Permission::EDIT;
// deleted contacts’ stuff should be (at best) only viewable
} elseif (CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $contactID, 'is_deleted') and CRM_Core_Permission::check('access deleted contacts')) {
$page->assign('permission', 'view');
$page->_permission = CRM_Core_Permission::VIEW;
} elseif (CRM_Contact_BAO_Contact_Permission::allow($contactID, CRM_Core_Permission::EDIT)) {
$page->assign('permission', 'edit');
$page->_permission = CRM_Core_Permission::EDIT;
} elseif (CRM_Contact_BAO_Contact_Permission::allow($contactID, CRM_Core_Permission::VIEW)) {
$page->assign('permission', 'view');
$page->_permission = CRM_Core_Permission::VIEW;
} else {
$session->pushUserContext(CRM_Utils_System::url('civicrm', 'reset=1'));
CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to view this contact.'));
}
}
/**
* Get a list of relationships.
*
* @param int $contactId
* Contact id.
* @param int $status
* 1: Past 2: Disabled 3: Current.
* @param int $numRelationship
* No of relationships to display (limit).
* @param int $count
* Get the no of relationships.
* @param int $relationshipId
* @param array $links
* the list of links to display
* @param int $permissionMask
* the permission mask to be applied for the actions
* @param bool $permissionedContact
* to return only permissioned Contact
* @param array $params
*
* @return array|int
* relationship records
*/
public static function getRelationship($contactId = NULL, $status = 0, $numRelationship = 0, $count = 0, $relationshipId = 0, $links = NULL, $permissionMask = NULL, $permissionedContact = FALSE, $params = array())
{
$values = array();
if (!$contactId && !$relationshipId) {
return $values;
}
list($select1, $from1, $where1) = self::makeURLClause($contactId, $status, $numRelationship, $count, $relationshipId, 'a_b', $params);
list($select2, $from2, $where2) = self::makeURLClause($contactId, $status, $numRelationship, $count, $relationshipId, 'b_a', $params);
$order = $limit = '';
if (!$count) {
if (empty($params['sort'])) {
$order = ' ORDER BY civicrm_relationship_type_id, sort_name ';
} else {
$order = " ORDER BY {$params['sort']} ";
}
$offset = 0;
if (!empty($params['offset']) && $params['offset'] > 0) {
$offset = $params['offset'];
}
if ($numRelationship) {
$limit = " LIMIT {$offset}, {$numRelationship}";
}
}
// building the query string
$queryString = $select1 . $from1 . $where1 . $select2 . $from2 . $where2 . $order . $limit;
$relationship = new CRM_Contact_DAO_Relationship();
$relationship->query($queryString);
$row = array();
if ($count) {
$relationshipCount = 0;
while ($relationship->fetch()) {
$relationshipCount += $relationship->cnt1 + $relationship->cnt2;
}
return $relationshipCount;
} else {
$mask = NULL;
if ($status != self::INACTIVE) {
if ($links) {
$mask = array_sum(array_keys($links));
if ($mask & CRM_Core_Action::DISABLE) {
$mask -= CRM_Core_Action::DISABLE;
}
if ($mask & CRM_Core_Action::ENABLE) {
$mask -= CRM_Core_Action::ENABLE;
}
if ($status == self::CURRENT) {
$mask |= CRM_Core_Action::DISABLE;
} elseif ($status == self::DISABLED) {
$mask |= CRM_Core_Action::ENABLE;
}
$mask = $mask & $permissionMask;
}
}
while ($relationship->fetch()) {
$rid = $relationship->civicrm_relationship_id;
$cid = $relationship->civicrm_contact_id;
if ($permissionedContact && !CRM_Contact_BAO_Contact_Permission::allow($cid)) {
continue;
}
$values[$rid]['id'] = $rid;
$values[$rid]['cid'] = $cid;
$values[$rid]['contact_id_a'] = $relationship->contact_id_a;
$values[$rid]['contact_id_b'] = $relationship->contact_id_b;
$values[$rid]['contact_type'] = $relationship->contact_type;
$values[$rid]['relationship_type_id'] = $relationship->civicrm_relationship_type_id;
$values[$rid]['relation'] = $relationship->relation;
$values[$rid]['name'] = $relationship->sort_name;
$values[$rid]['display_name'] = $relationship->display_name;
$values[$rid]['job_title'] = $relationship->job_title;
$values[$rid]['email'] = $relationship->email;
$values[$rid]['phone'] = $relationship->phone;
$values[$rid]['employer_id'] = $relationship->employer_id;
$values[$rid]['organization_name'] = $relationship->organization_name;
$values[$rid]['country'] = $relationship->country;
$values[$rid]['city'] = $relationship->city;
$values[$rid]['state'] = $relationship->state;
$values[$rid]['start_date'] = $relationship->start_date;
$values[$rid]['end_date'] = $relationship->end_date;
$values[$rid]['description'] = $relationship->description;
$values[$rid]['is_active'] = $relationship->is_active;
$values[$rid]['is_permission_a_b'] = $relationship->is_permission_a_b;
$values[$rid]['is_permission_b_a'] = $relationship->is_permission_b_a;
$values[$rid]['case_id'] = $relationship->case_id;
if ($status) {
$values[$rid]['status'] = $status;
}
$values[$rid]['civicrm_relationship_type_id'] = $relationship->civicrm_relationship_type_id;
if ($relationship->contact_id_a == $contactId) {
$values[$rid]['rtype'] = 'a_b';
} else {
$values[$rid]['rtype'] = 'b_a';
}
if ($links) {
$replace = array('id' => $rid, 'rtype' => $values[$rid]['rtype'], 'cid' => $contactId, 'cbid' => $values[$rid]['cid'], 'caseid' => $values[$rid]['case_id'], 'clientid' => $contactId);
if ($status == self::INACTIVE) {
// setting links for inactive relationships
$mask = array_sum(array_keys($links));
if (!$values[$rid]['is_active']) {
$mask -= CRM_Core_Action::DISABLE;
} else {
$mask -= CRM_Core_Action::ENABLE;
$mask -= CRM_Core_Action::DISABLE;
}
$mask = $mask & $permissionMask;
}
// Give access to manage case link by copying to MAX_ACTION index temporarily, depending on case permission of user.
if ($values[$rid]['case_id']) {
// Borrowed logic from CRM_Case_Page_Tab
$hasCaseAccess = FALSE;
if (CRM_Core_Permission::check('access all cases and activities')) {
$hasCaseAccess = TRUE;
} else {
$userCases = CRM_Case_BAO_Case::getCases(FALSE);
if (array_key_exists($values[$rid]['case_id'], $userCases)) {
$hasCaseAccess = TRUE;
}
}
if ($hasCaseAccess) {
// give access by copying to MAX_ACTION temporarily, otherwise leave at NONE which won't display
$links[CRM_Core_Action::MAX_ACTION] = $links[CRM_Core_Action::NONE];
$links[CRM_Core_Action::MAX_ACTION]['name'] = ts('Manage Case #%1', array(1 => $values[$rid]['case_id']));
$links[CRM_Core_Action::MAX_ACTION]['class'] = 'no-popup';
// Also make sure we have the right client cid since can get here from multiple relationship tabs.
if ($values[$rid]['rtype'] == 'b_a') {
$replace['clientid'] = $values[$rid]['cid'];
}
}
}
$values[$rid]['action'] = CRM_Core_Action::formLink($links, $mask, $replace, ts('more'), FALSE, 'relationship.selector.row', 'Relationship', $rid);
unset($links[CRM_Core_Action::MAX_ACTION]);
}
}
$relationship->free();
return $values;
}
}
/**
* build all the data structures needed to build the form
*
* @return void
* @access public
*/
function preProcess()
{
$this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, false, 'add');
$this->_dedupeButtonName = $this->getButtonName('refresh', 'dedupe');
$this->_duplicateButtonName = $this->getButtonName('upload', 'duplicate');
$session =& CRM_Core_Session::singleton();
if ($this->_action == CRM_Core_Action::ADD) {
// check for add contacts permissions
require_once 'CRM/Core/Permission.php';
if (!CRM_Core_Permission::check('add contacts')) {
CRM_Utils_System::permissionDenied();
return;
}
$this->_contactType = CRM_Utils_Request::retrieve('ct', 'String', $this, true, null, 'REQUEST');
if (!in_array($this->_contactType, array('Individual', 'Household', 'Organization'))) {
CRM_Core_Error::statusBounce(ts('Could not get a contact_id and/or contact_type'));
}
$this->_contactSubType = CRM_Utils_Request::retrieve('cst', 'String', $this);
$this->_gid = CRM_Utils_Request::retrieve('gid', 'Integer', CRM_Core_DAO::$_nullObject, false, null, 'GET');
$this->_tid = CRM_Utils_Request::retrieve('tid', 'Integer', CRM_Core_DAO::$_nullObject, false, null, 'GET');
if ($this->_contactSubType) {
CRM_Utils_System::setTitle(ts('New %1', array(1 => $this->_contactSubType)));
} else {
$title = ts('New Individual');
if ($this->_contactType == 'Household') {
$title = ts('New Household');
} else {
if ($this->_contactType == 'Organization') {
$title = ts('New Organization');
}
}
CRM_Utils_System::setTitle($title);
}
$session->pushUserContext(CRM_Utils_System::url('civicrm/dashboard', 'reset=1'));
$this->_contactId = null;
} else {
//update mode
if (!$this->_contactId) {
$this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this, true);
}
if ($this->_contactId) {
require_once 'CRM/Contact/BAO/Contact.php';
$contact =& new CRM_Contact_DAO_Contact();
$contact->id = $this->_contactId;
if (!$contact->find(true)) {
CRM_Core_Error::statusBounce(ts('contact does not exist: %1', array(1 => $this->_contactId)));
}
$this->_contactType = $contact->contact_type;
$this->_contactSubType = $contact->contact_sub_type;
// check for permissions
require_once 'CRM/Contact/BAO/Contact/Permission.php';
if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'));
}
list($displayName, $contactImage) = CRM_Contact_BAO_Contact::getDisplayAndImage($this->_contactId);
CRM_Utils_System::setTitle($displayName, $contactImage . ' ' . $displayName);
$session->pushUserContext(CRM_Utils_System::url('civicrm/contact/view', 'reset=1&cid=' . $this->_contactId));
$values = $this->get('values');
// get contact values.
if (!empty($values)) {
$this->_values = $values;
} else {
$params = array('id' => $this->_contactId, 'contact_id' => $this->_contactId);
$contact = CRM_Contact_BAO_Contact::retrieve($params, $this->_values, true);
$this->set('values', $this->_values);
}
} else {
CRM_Core_Error::statusBounce(ts('Could not get a contact_id and/or contact_type'));
}
}
$this->_editOptions = $this->get('contactEditOptions');
if (CRM_Utils_System::isNull($this->_editOptions)) {
require_once 'CRM/Core/BAO/Preferences.php';
$this->_editOptions = CRM_Core_BAO_Preferences::valueOptions('contact_edit_options', true, null, false, 'name', true, 'AND v.filter = 0');
$this->set('contactEditOptions', $this->_editOptions);
}
// build demographics only for Individual contact type
if ($this->_contactType != 'Individual' && array_key_exists('Demographics', $this->_editOptions)) {
unset($this->_editOptions['Demographics']);
}
// in update mode don't show notes
if ($this->_contactId && array_key_exists('Notes', $this->_editOptions)) {
unset($this->_editOptions['Notes']);
}
$this->assign('editOptions', $this->_editOptions);
$this->assign('contactType', $this->_contactType);
$this->assign('contactSubType', $this->_contactSubType);
// get the location blocks.
$this->_blocks = $this->get('blocks');
if (CRM_Utils_System::isNull($this->_blocks)) {
$this->_blocks = CRM_Core_BAO_Preferences::valueOptions('contact_edit_options', true, null, false, 'name', true, 'AND v.filter = 1');
$this->set('blocks', $this->_blocks);
}
$this->assign('blocks', $this->_blocks);
if (array_key_exists('CustomData', $this->_editOptions)) {
//only custom data has preprocess hence directly call it
CRM_Custom_Form_CustomData::preProcess($this, null, $this->_contactSubType, 1, $this->_contactType, $this->_contactId);
}
// this is needed for custom data.
$this->assign('entityID', $this->_contactId);
// also keep the convention.
$this->assign('contactId', $this->_contactId);
// location blocks.
CRM_Contact_Form_Location::preProcess($this);
}
/**
* Retrieve contact relationships.
*/
public static function getContactRelationships()
{
$contactID = CRM_Utils_Type::escape($_GET['cid'], 'Integer');
$context = CRM_Utils_Type::escape($_GET['context'], 'String');
$relationship_type_id = CRM_Utils_Type::escape(CRM_Utils_Array::value('relationship_type_id', $_GET), 'Integer', FALSE);
if (!CRM_Contact_BAO_Contact_Permission::allow($contactID)) {
return CRM_Utils_System::permissionDenied();
}
$params = CRM_Core_Page_AJAX::defaultSortAndPagerParams();
$params['contact_id'] = $contactID;
$params['context'] = $context;
if ($relationship_type_id) {
$params['relationship_type_id'] = $relationship_type_id;
}
// get the contact relationships
$relationships = CRM_Contact_BAO_Relationship::getContactRelationshipSelector($params);
CRM_Utils_JSON::output($relationships);
}
/**
* Retrieve contact relationships.
*/
public static function getContactRelationships()
{
$contactID = CRM_Utils_Type::escape($_GET['cid'], 'Integer');
$context = CRM_Utils_Type::escape($_GET['context'], 'String');
$relationship_type_id = CRM_Utils_Type::escape(CRM_Utils_Array::value('relationship_type_id', $_GET), 'Integer', FALSE);
if (!CRM_Contact_BAO_Contact_Permission::allow($contactID)) {
return CRM_Utils_System::permissionDenied();
}
$sortMapper = array();
foreach ($_GET['columns'] as $key => $value) {
$sortMapper[$key] = $value['data'];
}
$offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0;
$rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25;
$sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL;
$sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc';
$params = $_GET;
if ($sort && $sortOrder) {
$params['sortBy'] = $sort . ' ' . $sortOrder;
}
$params['page'] = $offset / $rowCount + 1;
$params['rp'] = $rowCount;
$params['contact_id'] = $contactID;
$params['context'] = $context;
if ($relationship_type_id) {
$params['relationship_type_id'] = $relationship_type_id;
}
// get the contact relationships
$relationships = CRM_Contact_BAO_Relationship::getContactRelationshipSelector($params);
CRM_Utils_JSON::output($relationships);
}
/**
* Does user has sufficient permission for view/edit activity record.
*
* @param int $activityId
* Activity record id.
* @param int $action
* Edit/view.
*
* @return bool
*/
public static function checkPermission($activityId, $action)
{
$allow = FALSE;
if (!$activityId || !in_array($action, array(CRM_Core_Action::UPDATE, CRM_Core_Action::VIEW))) {
return $allow;
}
$activity = new CRM_Activity_DAO_Activity();
$activity->id = $activityId;
if (!$activity->find(TRUE)) {
return $allow;
}
// Component related permissions.
$compPermissions = array('CiviCase' => array('administer CiviCase', 'access my cases and activities', 'access all cases and activities'), 'CiviMail' => array('access CiviMail'), 'CiviEvent' => array('access CiviEvent'), 'CiviGrant' => array('access CiviGrant'), 'CiviPledge' => array('access CiviPledge'), 'CiviMember' => array('access CiviMember'), 'CiviReport' => array('access CiviReport'), 'CiviContribute' => array('access CiviContribute'), 'CiviCampaign' => array('administer CiviCampaign'));
// Return early when it is case activity.
$isCaseActivity = CRM_Case_BAO_Case::isCaseActivity($activityId);
// Check for civicase related permission.
if ($isCaseActivity) {
$allow = FALSE;
foreach ($compPermissions['CiviCase'] as $per) {
if (CRM_Core_Permission::check($per)) {
$allow = TRUE;
break;
}
}
// Check for case specific permissions.
if ($allow) {
$oper = 'view';
if ($action == CRM_Core_Action::UPDATE) {
$oper = 'edit';
}
$allow = CRM_Case_BAO_Case::checkPermission($activityId, $oper, $activity->activity_type_id);
}
return $allow;
}
// First check the component permission.
$sql = "\n SELECT component_id\n FROM civicrm_option_value val\nINNER JOIN civicrm_option_group grp ON ( grp.id = val.option_group_id AND grp.name = %1 )\n WHERE val.value = %2";
$params = array(1 => array('activity_type', 'String'), 2 => array($activity->activity_type_id, 'Integer'));
$componentId = CRM_Core_DAO::singleValueQuery($sql, $params);
if ($componentId) {
$componentName = CRM_Core_Component::getComponentName($componentId);
$compPermission = CRM_Utils_Array::value($componentName, $compPermissions);
// Here we are interesting in any single permission.
if (is_array($compPermission)) {
foreach ($compPermission as $per) {
if (CRM_Core_Permission::check($per)) {
$allow = TRUE;
break;
}
}
}
}
// Check for this permission related to contact.
$permission = CRM_Core_Permission::VIEW;
if ($action == CRM_Core_Action::UPDATE) {
$permission = CRM_Core_Permission::EDIT;
}
$activityContacts = CRM_Core_OptionGroup::values('activity_contacts', FALSE, FALSE, FALSE, NULL, 'name');
$sourceID = CRM_Utils_Array::key('Activity Source', $activityContacts);
$assigneeID = CRM_Utils_Array::key('Activity Assignees', $activityContacts);
$targetID = CRM_Utils_Array::key('Activity Targets', $activityContacts);
// Check for source contact.
if (!$componentId || $allow) {
$sourceContactId = self::getActivityContact($activity->id, $sourceID);
// Account for possibility of activity not having a source contact (as it may have been deleted).
if ($sourceContactId) {
$allow = CRM_Contact_BAO_Contact_Permission::allow($sourceContactId, $permission);
}
}
// Check for target and assignee contacts.
if ($allow) {
// First check for supper permission.
$supPermission = 'view all contacts';
if ($action == CRM_Core_Action::UPDATE) {
$supPermission = 'edit all contacts';
}
$allow = CRM_Core_Permission::check($supPermission);
// User might have sufficient permission, through acls.
if (!$allow) {
$allow = TRUE;
// Get the target contacts.
$targetContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $targetID);
foreach ($targetContacts as $cnt => $contactId) {
if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) {
$allow = FALSE;
break;
}
}
// Get the assignee contacts.
if ($allow) {
$assigneeContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $assigneeID);
foreach ($assigneeContacts as $cnt => $contactId) {
if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) {
$allow = FALSE;
break;
}
}
}
}
}
return $allow;
}
/**
* Get contact if for a form object. Prioritise
* - cid in URL if 0 (on behalf on someoneelse)
* (@todo consider setting a variable if onbehalf for clarity of downstream 'if's
* - logged in user id if it matches the one in the cid in the URL
* - contact id validated from a checksum from a checksum
* - cid from the url if the caller has ACL permission to view
* - fallback is logged in user (or ? NULL if no logged in user) (@todo wouldn't 0 be more intuitive?)
*
* @return NULL|int
*/
protected function setContactID()
{
$tempID = CRM_Utils_Request::retrieve('cid', 'Positive', $this);
if (isset($this->_params) && isset($this->_params['select_contact_id'])) {
$tempID = $this->_params['select_contact_id'];
}
if (isset($this->_params, $this->_params[0]) && !empty($this->_params[0]['select_contact_id'])) {
// event form stores as an indexed array, contribution form not so much...
$tempID = $this->_params[0]['select_contact_id'];
}
// force to ignore the authenticated user
if ($tempID === '0' || $tempID === 0) {
// we set the cid on the form so that this will be retained for the Confirm page
// in the multi-page form & prevent us returning the $userID when this is called
// from that page
// we don't really need to set it when $tempID is set because the params have that stored
$this->set('cid', 0);
CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $tempID));
return (int) $tempID;
}
$userID = $this->getLoggedInUserContactID();
if (!is_null($tempID) && $tempID === $userID) {
CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $tempID));
return (int) $userID;
}
//check if this is a checksum authentication
$userChecksum = CRM_Utils_Request::retrieve('cs', 'String', $this);
if ($userChecksum) {
//check for anonymous user.
$validUser = CRM_Contact_BAO_Contact_Utils::validChecksum($tempID, $userChecksum);
if ($validUser) {
CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $tempID));
CRM_Core_Resources::singleton()->addVars('coreForm', array('checksum' => (int) $tempID));
return $tempID;
}
} elseif ($tempID && CRM_Contact_BAO_Contact_Permission::allow($tempID)) {
CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $tempID));
return $tempID;
}
if (is_numeric($userID)) {
CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $userID));
}
return is_numeric($userID) ? $userID : NULL;
}
/**
* This method should initialize auth sources.
*/
public function authenticate()
{
// make sure session is always initialised
$session = CRM_Core_Session::singleton();
// for logging purposes, pass the userID to the db
$userID = $session->get('userID');
if ($userID) {
CRM_Core_DAO::executeQuery('SET @civicrm_user_id = %1', array(1 => array($userID, 'Integer')));
}
if ($session->get('userID') && !$session->get('authSrc')) {
$session->set('authSrc', CRM_Core_Permission::AUTH_SRC_LOGIN);
}
// checksum source
CRM_Contact_BAO_Contact_Permission::initChecksumAuthSrc();
}
