/**
* Process the view.
*
*
* @return void
*/
public function preProcess()
{
$contactID = CRM_Utils_Request::retrieve('cid', 'Integer', $this, TRUE);
$activityID = CRM_Utils_Request::retrieve('aid', 'Integer', $this, TRUE);
$revs = CRM_Utils_Request::retrieve('revs', 'Boolean', CRM_Core_DAO::$_nullObject);
$caseID = CRM_Utils_Request::retrieve('caseID', 'Boolean', CRM_Core_DAO::$_nullObject);
$activitySubject = CRM_Core_DAO::getFieldValue('CRM_Activity_DAO_Activity', $activityID, 'subject');
//check for required permissions, CRM-6264
if ($activityID && !CRM_Activity_BAO_Activity::checkPermission($activityID, CRM_Core_Action::VIEW)) {
CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
}
$this->assign('contactID', $contactID);
$this->assign('caseID', $caseID);
// CRM-9145
$this->assign('activityID', $activityID);
$xmlProcessor = new CRM_Case_XMLProcessor_Report();
$report = $xmlProcessor->getActivityInfo($contactID, $activityID, TRUE);
$attachmentUrl = CRM_Core_BAO_File::attachmentInfo('civicrm_activity', $activityID);
if ($attachmentUrl) {
$report['fields'][] = array('label' => 'Attachment(s)', 'value' => $attachmentUrl, 'type' => 'Link');
}
$tags = CRM_Core_BAO_EntityTag::getTag($activityID, 'civicrm_activity');
if (!empty($tags)) {
$allTag = CRM_Core_PseudoConstant::get('CRM_Core_DAO_EntityTag', 'tag_id', array('onlyActive' => FALSE));
foreach ($tags as $tid) {
$tags[$tid] = $allTag[$tid];
}
$report['fields'][] = array('label' => 'Tags', 'value' => implode('<br />', $tags), 'type' => 'String');
}
$this->assign('report', $report);
$latestRevisionID = CRM_Activity_BAO_Activity::getLatestActivityId($activityID);
$viewPriorActivities = array();
$priorActivities = CRM_Activity_BAO_Activity::getPriorAcitivities($activityID);
foreach ($priorActivities as $activityId => $activityValues) {
if (CRM_Case_BAO_Case::checkPermission($activityId, 'view', NULL, $contactID)) {
$viewPriorActivities[$activityId] = $activityValues;
}
}
if ($revs) {
CRM_Utils_System::setTitle(ts('Activity Revision History'));
$this->assign('revs', $revs);
$this->assign('result', $viewPriorActivities);
$this->assign('subject', $activitySubject);
$this->assign('latestRevisionID', $latestRevisionID);
} else {
if (count($viewPriorActivities) > 1) {
$this->assign('activityID', $activityID);
}
if ($latestRevisionID != $activityID) {
$this->assign('latestRevisionID', $latestRevisionID);
}
}
$parentID = CRM_Activity_BAO_Activity::getParentActivity($activityID);
if ($parentID) {
$this->assign('parentID', $parentID);
}
//viewing activity should get diplayed in recent list.CRM-4670
$activityTypeID = CRM_Core_DAO::getFieldValue('CRM_Activity_DAO_Activity', $activityID, 'activity_type_id');
$activityContacts = CRM_Core_OptionGroup::values('activity_contacts', FALSE, FALSE, FALSE, NULL, 'name');
$targetID = CRM_Utils_Array::key('Activity Targets', $activityContacts);
$activityTargetContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activityID, $targetID);
if (!empty($activityTargetContacts)) {
$recentContactId = $activityTargetContacts[0];
} else {
$recentContactId = $contactID;
}
if (!isset($caseID)) {
$caseID = CRM_Core_DAO::getFieldValue('CRM_Case_DAO_CaseActivity', $activityID, 'case_id', 'activity_id');
}
$url = CRM_Utils_System::url('civicrm/case/activity/view', "reset=1&aid={$activityID}&cid={$recentContactId}&caseID={$caseID}&context=home");
$recentContactDisplay = CRM_Contact_BAO_Contact::displayName($recentContactId);
// add the recently created Activity
$activityTypes = CRM_Core_PseudoConstant::activityType(TRUE, TRUE);
$title = "";
if (isset($activitySubject)) {
$title = $activitySubject . ' - ';
}
$title = $title . $recentContactDisplay . ' (' . $activityTypes[$activityTypeID] . ')';
$recentOther = array();
if (CRM_Case_BAO_Case::checkPermission($activityID, 'edit')) {
$recentOther['editUrl'] = CRM_Utils_System::url('civicrm/case/activity', "reset=1&action=update&id={$activityID}&cid={$recentContactId}&caseid={$caseID}&context=home");
}
if (CRM_Case_BAO_Case::checkPermission($activityID, 'delete')) {
$recentOther['deleteUrl'] = CRM_Utils_System::url('civicrm/case/activity', "reset=1&action=delete&id={$activityID}&cid={$recentContactId}&caseid={$caseID}&context=home");
}
CRM_Utils_Recent::add($title, $url, $activityID, 'Activity', $recentContactId, $recentContactDisplay, $recentOther);
}
/**
* Does user has sufficient permission for view/edit activity record.
*
* @param int $activityId
* Activity record id.
* @param int $action
* Edit/view.
*
* @return bool
*/
public static function checkPermission($activityId, $action)
{
$allow = FALSE;
if (!$activityId || !in_array($action, array(CRM_Core_Action::UPDATE, CRM_Core_Action::VIEW))) {
return $allow;
}
$activity = new CRM_Activity_DAO_Activity();
$activity->id = $activityId;
if (!$activity->find(TRUE)) {
return $allow;
}
// Component related permissions.
$compPermissions = array('CiviCase' => array('administer CiviCase', 'access my cases and activities', 'access all cases and activities'), 'CiviMail' => array('access CiviMail'), 'CiviEvent' => array('access CiviEvent'), 'CiviGrant' => array('access CiviGrant'), 'CiviPledge' => array('access CiviPledge'), 'CiviMember' => array('access CiviMember'), 'CiviReport' => array('access CiviReport'), 'CiviContribute' => array('access CiviContribute'), 'CiviCampaign' => array('administer CiviCampaign'));
// Return early when it is case activity.
$isCaseActivity = CRM_Case_BAO_Case::isCaseActivity($activityId);
// Check for civicase related permission.
if ($isCaseActivity) {
$allow = FALSE;
foreach ($compPermissions['CiviCase'] as $per) {
if (CRM_Core_Permission::check($per)) {
$allow = TRUE;
break;
}
}
// Check for case specific permissions.
if ($allow) {
$oper = 'view';
if ($action == CRM_Core_Action::UPDATE) {
$oper = 'edit';
}
$allow = CRM_Case_BAO_Case::checkPermission($activityId, $oper, $activity->activity_type_id);
}
return $allow;
}
// First check the component permission.
$sql = "\n SELECT component_id\n FROM civicrm_option_value val\nINNER JOIN civicrm_option_group grp ON ( grp.id = val.option_group_id AND grp.name = %1 )\n WHERE val.value = %2";
$params = array(1 => array('activity_type', 'String'), 2 => array($activity->activity_type_id, 'Integer'));
$componentId = CRM_Core_DAO::singleValueQuery($sql, $params);
if ($componentId) {
$componentName = CRM_Core_Component::getComponentName($componentId);
$compPermission = CRM_Utils_Array::value($componentName, $compPermissions);
// Here we are interesting in any single permission.
if (is_array($compPermission)) {
foreach ($compPermission as $per) {
if (CRM_Core_Permission::check($per)) {
$allow = TRUE;
break;
}
}
}
}
// Check for this permission related to contact.
$permission = CRM_Core_Permission::VIEW;
if ($action == CRM_Core_Action::UPDATE) {
$permission = CRM_Core_Permission::EDIT;
}
$activityContacts = CRM_Core_OptionGroup::values('activity_contacts', FALSE, FALSE, FALSE, NULL, 'name');
$sourceID = CRM_Utils_Array::key('Activity Source', $activityContacts);
$assigneeID = CRM_Utils_Array::key('Activity Assignees', $activityContacts);
$targetID = CRM_Utils_Array::key('Activity Targets', $activityContacts);
// Check for source contact.
if (!$componentId || $allow) {
$sourceContactId = self::getActivityContact($activity->id, $sourceID);
// Account for possibility of activity not having a source contact (as it may have been deleted).
if ($sourceContactId) {
$allow = CRM_Contact_BAO_Contact_Permission::allow($sourceContactId, $permission);
}
}
// Check for target and assignee contacts.
if ($allow) {
// First check for supper permission.
$supPermission = 'view all contacts';
if ($action == CRM_Core_Action::UPDATE) {
$supPermission = 'edit all contacts';
}
$allow = CRM_Core_Permission::check($supPermission);
// User might have sufficient permission, through acls.
if (!$allow) {
$allow = TRUE;
// Get the target contacts.
$targetContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $targetID);
foreach ($targetContacts as $cnt => $contactId) {
if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) {
$allow = FALSE;
break;
}
}
// Get the assignee contacts.
if ($allow) {
$assigneeContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $assigneeID);
foreach ($assigneeContacts as $cnt => $contactId) {
if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) {
$allow = FALSE;
break;
}
}
}
}
}
return $allow;
}
