/** * Does user has sufficient permission for view/edit activity record. * * @param int $activityId * Activity record id. * @param int $action * Edit/view. * * @return bool */ public static function checkPermission($activityId, $action) { $allow = FALSE; if (!$activityId || !in_array($action, array(CRM_Core_Action::UPDATE, CRM_Core_Action::VIEW))) { return $allow; } $activity = new CRM_Activity_DAO_Activity(); $activity->id = $activityId; if (!$activity->find(TRUE)) { return $allow; } // Component related permissions. $compPermissions = array('CiviCase' => array('administer CiviCase', 'access my cases and activities', 'access all cases and activities'), 'CiviMail' => array('access CiviMail'), 'CiviEvent' => array('access CiviEvent'), 'CiviGrant' => array('access CiviGrant'), 'CiviPledge' => array('access CiviPledge'), 'CiviMember' => array('access CiviMember'), 'CiviReport' => array('access CiviReport'), 'CiviContribute' => array('access CiviContribute'), 'CiviCampaign' => array('administer CiviCampaign')); // Return early when it is case activity. $isCaseActivity = CRM_Case_BAO_Case::isCaseActivity($activityId); // Check for civicase related permission. if ($isCaseActivity) { $allow = FALSE; foreach ($compPermissions['CiviCase'] as $per) { if (CRM_Core_Permission::check($per)) { $allow = TRUE; break; } } // Check for case specific permissions. if ($allow) { $oper = 'view'; if ($action == CRM_Core_Action::UPDATE) { $oper = 'edit'; } $allow = CRM_Case_BAO_Case::checkPermission($activityId, $oper, $activity->activity_type_id); } return $allow; } // First check the component permission. $sql = "\n SELECT component_id\n FROM civicrm_option_value val\nINNER JOIN civicrm_option_group grp ON ( grp.id = val.option_group_id AND grp.name = %1 )\n WHERE val.value = %2"; $params = array(1 => array('activity_type', 'String'), 2 => array($activity->activity_type_id, 'Integer')); $componentId = CRM_Core_DAO::singleValueQuery($sql, $params); if ($componentId) { $componentName = CRM_Core_Component::getComponentName($componentId); $compPermission = CRM_Utils_Array::value($componentName, $compPermissions); // Here we are interesting in any single permission. if (is_array($compPermission)) { foreach ($compPermission as $per) { if (CRM_Core_Permission::check($per)) { $allow = TRUE; break; } } } } // Check for this permission related to contact. $permission = CRM_Core_Permission::VIEW; if ($action == CRM_Core_Action::UPDATE) { $permission = CRM_Core_Permission::EDIT; } $activityContacts = CRM_Core_OptionGroup::values('activity_contacts', FALSE, FALSE, FALSE, NULL, 'name'); $sourceID = CRM_Utils_Array::key('Activity Source', $activityContacts); $assigneeID = CRM_Utils_Array::key('Activity Assignees', $activityContacts); $targetID = CRM_Utils_Array::key('Activity Targets', $activityContacts); // Check for source contact. if (!$componentId || $allow) { $sourceContactId = self::getActivityContact($activity->id, $sourceID); // Account for possibility of activity not having a source contact (as it may have been deleted). if ($sourceContactId) { $allow = CRM_Contact_BAO_Contact_Permission::allow($sourceContactId, $permission); } } // Check for target and assignee contacts. if ($allow) { // First check for supper permission. $supPermission = 'view all contacts'; if ($action == CRM_Core_Action::UPDATE) { $supPermission = 'edit all contacts'; } $allow = CRM_Core_Permission::check($supPermission); // User might have sufficient permission, through acls. if (!$allow) { $allow = TRUE; // Get the target contacts. $targetContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $targetID); foreach ($targetContacts as $cnt => $contactId) { if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) { $allow = FALSE; break; } } // Get the assignee contacts. if ($allow) { $assigneeContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $assigneeID); foreach ($assigneeContacts as $cnt => $contactId) { if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) { $allow = FALSE; break; } } } } } return $allow; }
/** * Browse all price sets * * @param string $action the action to be invoked * * @return void * @access public */ function browse($action = NULL) { // get all price sets $priceSet = array(); $comps = array('CiviEvent' => ts('Event'), 'CiviContribute' => ts('Contribution'), 'CiviMember' => ts('Membership')); $dao = new CRM_Price_DAO_PriceSet(); if (CRM_Price_BAO_PriceSet::eventPriceSetDomainID()) { $dao->domain_id = CRM_Core_Config::domainID(); } $dao->is_quick_config = 0; $dao->find(); while ($dao->fetch()) { $priceSet[$dao->id] = array(); CRM_Core_DAO::storeValues($dao, $priceSet[$dao->id]); $compIds = explode(CRM_Core_DAO::VALUE_SEPARATOR, CRM_Utils_Array::value('extends', $priceSet[$dao->id])); $extends = array(); //CRM-10225 foreach ($compIds as $compId) { if (!empty($comps[CRM_Core_Component::getComponentName($compId)])) { $extends[] = $comps[CRM_Core_Component::getComponentName($compId)]; } } $priceSet[$dao->id]['extends'] = implode(', ', $extends); // form all action links $action = array_sum(array_keys($this->actionLinks())); // update enable/disable links depending on price_set properties. if ($dao->is_reserved) { $action -= CRM_Core_Action::UPDATE + CRM_Core_Action::DISABLE + CRM_Core_Action::ENABLE + CRM_Core_Action::DELETE + CRM_Core_Action::COPY; } else { if ($dao->is_active) { $action -= CRM_Core_Action::ENABLE; } else { $action -= CRM_Core_Action::DISABLE; } } $actionLinks = self::actionLinks(); //CRM-10117 if ($dao->is_reserved) { $actionLinks[CRM_Core_Action::BROWSE]['name'] = 'View Price Fields'; } $priceSet[$dao->id]['action'] = CRM_Core_Action::formLink($actionLinks, $action, array('sid' => $dao->id), ts('more'), FALSE, 'priceSet.row.actions', 'PriceSet', $dao->id); } $this->assign('rows', $priceSet); }
/** * Browse all price sets * * @param string $action the action to be invoked * * @return void * @access public */ function browse($action = null) { // get all price sets $priceSet = array(); require_once 'CRM/Core/Component.php'; $comps = array('CiviEvent' => ts('Event'), 'CiviContribute' => ts('Contribution')); $dao = new CRM_Price_DAO_Set(); if (defined('CIVICRM_EVENT_PRICE_SET_DOMAIN_ID') && CIVICRM_EVENT_PRICE_SET_DOMAIN_ID) { $dao->domain_id = CRM_Core_Config::domainID(); } $dao->find(); while ($dao->fetch()) { $priceSet[$dao->id] = array(); CRM_Core_DAO::storeValues($dao, $priceSet[$dao->id]); $compIds = explode(CRM_Core_DAO::VALUE_SEPARATOR, CRM_Utils_Array::value('extends', $priceSet[$dao->id])); $extends = array(); foreach ($compIds as $compId) { $extends[] = $comps[CRM_Core_Component::getComponentName($compId)]; } $priceSet[$dao->id]['extends'] = implode(', ', $extends); // form all action links $action = array_sum(array_keys($this->actionLinks())); // update enable/disable links depending on price_set properties. if ($dao->is_active) { $action -= CRM_Core_Action::ENABLE; } else { $action -= CRM_Core_Action::DISABLE; } $priceSet[$dao->id]['action'] = CRM_Core_Action::formLink(self::actionLinks(), $action, array('sid' => $dao->id)); } $this->assign('rows', $priceSet); }
/** * Does user has sufficient permission for view/edit activity record. * * @param int $activityId activity record id. * @param int $action edit/view * * @return boolean $allow true/false * @access public */ public function checkPermission($activityId, $action) { $allow = false; if (!$activityId || !in_array($action, array(CRM_Core_Action::UPDATE, CRM_Core_Action::VIEW))) { return $allow; } $activity = new CRM_Activity_DAO_Activity(); $activity->id = $activityId; if (!$activity->find(true)) { return $allow; } //component related permissions. $compPermissions = array('CiviCase' => array('administer CiviCase', 'access my cases and activities', 'access all cases and activities'), 'CiviMail' => array('access CiviMail'), 'CiviEvent' => array('access CiviEvent'), 'CiviGrant' => array('access CiviGrant'), 'CiviPledge' => array('access CiviPledge'), 'CiviMember' => array('access CiviMember'), 'CiviReport' => array('access CiviReport'), 'CiviContribute' => array('access CiviContribute'), 'CiviCampaign' => array('administer CiviCampaign')); //return early when it is case activity. require_once 'CRM/Case/BAO/Case.php'; $isCaseActivity = CRM_Case_BAO_Case::isCaseActivity($activityId); //check for civicase related permission. if ($isCaseActivity) { $allow = false; foreach ($compPermissions['CiviCase'] as $per) { if (CRM_Core_Permission::check($per)) { $allow = true; break; } } //check for case specific permissions. if ($allow) { $oper = 'view'; if ($action == CRM_Core_Action::UPDATE) { $oper = 'edit'; } $allow = CRM_Case_BAO_Case::checkPermission($activityId, $oper, $activity->activity_type_id); } return $allow; } require_once 'CRM/Core/Permission.php'; require_once 'CRM/Contact/BAO/Contact/Permission.php'; //first check the component permission. $sql = "\n SELECT component_id\n FROM civicrm_option_value val\nINNER JOIN civicrm_option_group grp ON ( grp.id = val.option_group_id AND grp.name = %1 )\n WHERE val.value = %2"; $params = array(1 => array('activity_type', 'String'), 2 => array($activity->activity_type_id, 'Integer')); $componentId = CRM_Core_DAO::singleValueQuery($sql, $params); if ($componentId) { require_once 'CRM/Core/Component.php'; $componentName = CRM_Core_Component::getComponentName($componentId); $compPermission = CRM_Utils_Array::value($componentName, $compPermissions); //here we are interesting in any single permission. if (is_array($compPermission)) { foreach ($compPermission as $per) { if (CRM_Core_Permission::check($per)) { $allow = true; break; } } } } //check for this permission related to contact. $permission = CRM_Core_Permission::VIEW; if ($action == CRM_Core_Action::UPDATE) { $permission = CRM_Core_Permission::EDIT; } //check for source contact. if (!$componentId || $allow) { $allow = CRM_Contact_BAO_Contact_Permission::allow($activity->source_contact_id, $permission); } //check for target and assignee contacts. if ($allow) { //first check for supper permission. $supPermission = 'view all contacts'; if ($action == CRM_Core_Action::UPDATE) { $supPermission = 'edit all contacts'; } $allow = CRM_Core_Permission::check($supPermission); //user might have sufficient permission, through acls. if (!$allow) { $allow = true; //get the target contacts. $targetContacts = CRM_Activity_BAO_ActivityTarget::retrieveTargetIdsByActivityId($activity->id); foreach ($targetContacts as $cnt => $contactId) { if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) { $allow = false; break; } } //get the assignee contacts. if ($allow) { $assigneeContacts = CRM_Activity_BAO_ActivityAssignment::retrieveAssigneeIdsByActivityId($activity->id); foreach ($assigneeContacts as $cnt => $contactId) { if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) { $allow = false; break; } } } } } return $allow; }