/**
* Set variables up before form is built.
*
* @return void
*/
public function preProcess()
{
$this->_addProfileBottom = CRM_Utils_Array::value('addProfileBottom', $_GET, FALSE);
$this->_profileBottomNum = CRM_Utils_Array::value('addProfileNum', $_GET, 0);
$this->_addProfileBottomAdd = CRM_Utils_Array::value('addProfileBottomAdd', $_GET, FALSE);
$this->_profileBottomNumAdd = CRM_Utils_Array::value('addProfileNumAdd', $_GET, 0);
parent::preProcess();
$this->assign('addProfileBottom', $this->_addProfileBottom);
$this->assign('profileBottomNum', $this->_profileBottomNum);
$urlParams = "id={$this->_id}&addProfileBottom=1&qfKey={$this->controller->_key}";
$this->assign('addProfileParams', $urlParams);
if ($addProfileBottom = CRM_Utils_Array::value('custom_post_id_multiple', $_POST)) {
foreach (array_keys($addProfileBottom) as $profileNum) {
self::buildMultipleProfileBottom($this, $profileNum);
}
}
$this->assign('perm', 0);
$ufGroups = CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id');
$ufCreate = CRM_ACL_API::group(CRM_Core_Permission::CREATE, NULL, 'civicrm_uf_group', $ufGroups);
$ufEdit = CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', $ufGroups);
$checkPermission = array(array('administer CiviCRM', 'manage event profiles'));
if (CRM_Core_Permission::check($checkPermission) || !empty($ufCreate) || !empty($ufEdit)) {
$this->assign('perm', 1);
}
$this->assign('addProfileBottomAdd', $this->_addProfileBottomAdd);
$this->assign('profileBottomNumAdd', $this->_profileBottomNumAdd);
$urlParamsAdd = "id={$this->_id}&addProfileBottomAdd=1&qfKey={$this->controller->_key}";
$this->assign('addProfileParamsAdd', $urlParamsAdd);
if ($addProfileBottomAdd = CRM_Utils_Array::value('additional_custom_post_id_multiple', $_POST)) {
foreach (array_keys($addProfileBottomAdd) as $profileNum) {
self::buildMultipleProfileBottom($this, $profileNum, 'additional_', ts('Profile for Additional Participants'));
}
}
}
/**
* make sure that the user has permission to access this event
*
* @param int $id the id of the event
* @param int $name the name or title of the event
*
* @return string the permission that the user has (or null)
* @access public
* @static
*/
static function checkPermission($eventId = null, $type = CRM_Core_Permission::VIEW)
{
static $permissions = null;
if (empty($permissions)) {
require_once 'CRM/ACL/API.php';
require_once 'CRM/Event/PseudoConstant.php';
$allEvents = CRM_Event_PseudoConstant::event(null, true);
$createdEvents = array();
$session =& CRM_Core_Session::singleton();
if ($userID = $session->get('userID')) {
$createdEvents = array_keys(CRM_Event_PseudoConstant::event(null, true, "created_id={$userID}"));
}
// Note: for a multisite setup, a user with edit all events, can edit all events
// including those from other sites
if (CRM_Core_Permission::check('edit all events')) {
$permissions[CRM_Core_Permission::EDIT] = array_keys($allEvents);
} else {
$permissions[CRM_Core_Permission::EDIT] =& CRM_ACL_API::group(CRM_Core_Permission::EDIT, null, 'civicrm_event', $allEvents, $createdEvents);
}
if (CRM_Core_Permission::check('edit all events')) {
$permissions[CRM_Core_Permission::VIEW] = array_keys($allEvents);
} else {
if (CRM_Core_Permission::check('access CiviEvent') && CRM_Core_Permission::check('view event participants')) {
// use case: allow "view all events" but NOT "edit all events"
// so for a normal site allow users with these two permissions to view all events AND
// at the same time also allow any hook to override if needed.
$createdEvents = array_keys($allEvents);
}
$permissions[CRM_Core_Permission::VIEW] =& CRM_ACL_API::group(CRM_Core_Permission::VIEW, null, 'civicrm_event', $allEvents, $createdEvents);
}
$permissions[CRM_Core_Permission::DELETE] = array();
if (CRM_Core_Permission::check('delete in CiviEvent')) {
// Note: we want to restrict the scope of delete permission to
// events that are editable/viewable (usecase multisite).
// We can remove array_intersect once we have ACL support for delete functionality.
$permissions[CRM_Core_Permission::DELETE] = array_intersect($permissions[CRM_Core_Permission::EDIT], $permissions[CRM_Core_Permission::VIEW]);
}
}
if ($eventId) {
return in_array($eventId, $permissions[$type]) ? true : false;
}
return $permissions;
}
/**
* Class constructor.
*/
public function __construct()
{
parent::__construct();
$this->addClass('crm-report-form');
if ($this->_tagFilter) {
$this->buildTagFilter();
}
if ($this->_exposeContactID) {
if (array_key_exists('civicrm_contact', $this->_columns)) {
$this->_columns['civicrm_contact']['fields']['exposed_id'] = array('name' => 'id', 'title' => 'Contact ID', 'no_repeat' => TRUE);
}
}
if ($this->_groupFilter) {
$this->buildGroupFilter();
}
// Get all custom groups
$allGroups = CRM_Core_PseudoConstant::get('CRM_Core_DAO_CustomField', 'custom_group_id');
// Get the custom groupIds for which the user has VIEW permission
// If the user has 'access all custom data' permission, we'll leave $permCustomGroupIds empty
// and addCustomDataToColumns() will allow access to all custom groups.
$permCustomGroupIds = array();
if (!CRM_Core_Permission::check('access all custom data')) {
$permCustomGroupIds = CRM_ACL_API::group(CRM_Core_Permission::VIEW, NULL, 'civicrm_custom_group', $allGroups, NULL);
// do not allow custom data for reports if user doesn't have
// permission to access custom data.
if (!empty($this->_customGroupExtends) && empty($permCustomGroupIds)) {
$this->_customGroupExtends = array();
}
}
// merge custom data columns to _columns list, if any
$this->addCustomDataToColumns(TRUE, $permCustomGroupIds);
// add / modify display columns, filters ..etc
CRM_Utils_Hook::alterReportVar('columns', $this->_columns, $this);
//assign currencyColumn variable to tpl
$this->assign('currencyColumn', $this->_currencyColumn);
}
/**
* Build the form object.
*
* @return void
*/
public function buildQuickForm()
{
$this->add('hidden', 'gid', $this->_gid);
switch ($this->_mode) {
case self::MODE_CREATE:
case self::MODE_EDIT:
case self::MODE_REGISTER:
CRM_Utils_Hook::buildProfile($this->_ufGroup['name']);
break;
case self::MODE_SEARCH:
CRM_Utils_Hook::searchProfile($this->_ufGroup['name']);
break;
default:
}
//lets have single status message, CRM-4363
$return = FALSE;
$statusMessage = NULL;
if ($this->_multiRecord & CRM_Core_Action::ADD && $this->_maxRecordLimit) {
return;
}
if ($this->_multiRecord & CRM_Core_Action::DELETE) {
if (!$this->_recordExists) {
CRM_Core_Session::setStatus(ts('The record %1 doesnot exists', array(1 => $this->_recordId)), ts('Record doesnot exists'), 'alert');
} else {
$this->assign('deleteRecord', TRUE);
}
return;
}
CRM_Core_BAO_Address::checkContactSharedAddressFields($this->_fields, $this->_id);
// we should not allow component and mix profiles in search mode
if ($this->_mode != self::MODE_REGISTER) {
//check for mix profile fields (eg: individual + other contact type)
if (CRM_Core_BAO_UFField::checkProfileType($this->_gid)) {
if ($this->_mode & self::MODE_EDIT && $this->_isContactActivityProfile) {
$errors = self::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid);
if (!empty($errors)) {
$statusMessage = array_pop($errors);
$return = TRUE;
}
} else {
$statusMessage = ts('Profile search, view and edit are not supported for Profiles which include fields for more than one record type.');
$return = TRUE;
}
}
$profileType = CRM_Core_BAO_UFField::getProfileType($this->_gid);
if ($this->_id) {
$contactTypes = CRM_Contact_BAO_Contact::getContactTypes($this->_id);
$contactType = $contactTypes[0];
array_shift($contactTypes);
$contactSubtypes = $contactTypes;
$profileSubType = FALSE;
if (CRM_Contact_BAO_ContactType::isaSubType($profileType)) {
$profileSubType = $profileType;
$profileType = CRM_Contact_BAO_ContactType::getBasicType($profileType);
}
if ($profileType != 'Contact' && !$this->_isContactActivityProfile && ($profileSubType && !empty($contactSubtypes) && !in_array($profileSubType, $contactSubtypes) || $profileType != $contactType)) {
$return = TRUE;
if (!$statusMessage) {
$statusMessage = ts("This profile is configured for contact type '%1'. It cannot be used to edit contacts of other types.", array(1 => $profileSubType ? $profileSubType : $profileType));
}
}
}
if (in_array($profileType, array("Membership", "Participant", "Contribution"))) {
$return = TRUE;
if (!$statusMessage) {
$statusMessage = ts('Profile is not configured for the selected action.');
}
}
}
//lets have single status message,
$this->assign('statusMessage', $statusMessage);
if ($return) {
return FALSE;
}
$this->assign('id', $this->_id);
$this->assign('mode', $this->_mode);
$this->assign('action', $this->_action);
$this->assign('fields', $this->_fields);
$this->assign('fieldset', isset($this->_fieldset) ? $this->_fieldset : "");
// should we restrict what we display
$admin = TRUE;
if ($this->_mode == self::MODE_EDIT) {
$admin = FALSE;
// show all fields that are visibile:
// if we are a admin OR the same user OR acl-user with access to the profile
// or we have checksum access to this contact (i.e. the user without a login) - CRM-5909
if (CRM_Core_Permission::check('administer users') || $this->_id == $this->_currentUserID || $this->_isPermissionedChecksum || in_array($this->_gid, CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id')))) {
$admin = TRUE;
}
}
// if false, user is not logged-in.
$anonUser = FALSE;
if (!$this->_currentUserID) {
$defaultLocationType = CRM_Core_BAO_LocationType::getDefault();
$primaryLocationType = $defaultLocationType->id;
$anonUser = TRUE;
}
$this->assign('anonUser', $anonUser);
$addCaptcha = array();
$emailPresent = FALSE;
// add the form elements
foreach ($this->_fields as $name => $field) {
// make sure that there is enough permission to expose this field
if (!$admin && $field['visibility'] == 'User and User Admin Only') {
unset($this->_fields[$name]);
continue;
}
// since the CMS manages the email field, suppress the email display if in
// register mode which occur within the CMS form
if ($this->_mode == self::MODE_REGISTER && substr($name, 0, 5) == 'email') {
unset($this->_fields[$name]);
continue;
}
list($prefixName, $index) = CRM_Utils_System::explode('-', $name, 2);
CRM_Core_BAO_UFGroup::buildProfile($this, $field, $this->_mode);
if ($field['add_to_group_id']) {
$addToGroupId = $field['add_to_group_id'];
}
//build array for captcha
if ($field['add_captcha']) {
$addCaptcha[$field['group_id']] = $field['add_captcha'];
}
if ($name == 'email-Primary' || ($name == 'email-' . isset($primaryLocationType) ? $primaryLocationType : "")) {
$emailPresent = TRUE;
$this->_mail = $name;
}
}
// add captcha only for create mode.
if ($this->_mode == self::MODE_CREATE) {
// suppress captcha for logged in users only
if ($this->_currentUserID) {
$this->_isAddCaptcha = FALSE;
} elseif (!$this->_isAddCaptcha && !empty($addCaptcha)) {
$this->_isAddCaptcha = TRUE;
}
if ($this->_gid) {
$dao = new CRM_Core_DAO_UFGroup();
$dao->id = $this->_gid;
$dao->addSelect();
$dao->addSelect('is_update_dupe');
if ($dao->find(TRUE)) {
if ($dao->is_update_dupe) {
$this->_isUpdateDupe = $dao->is_update_dupe;
}
}
}
} else {
$this->_isAddCaptcha = FALSE;
}
//finally add captcha to form.
if ($this->_isAddCaptcha) {
$captcha = CRM_Utils_ReCAPTCHA::singleton();
$captcha->add($this);
}
$this->assign("isCaptcha", $this->_isAddCaptcha);
if ($this->_mode != self::MODE_SEARCH) {
if (isset($addToGroupId)) {
$this->_ufGroup['add_to_group_id'] = $addToGroupId;
}
}
//let's do set defaults for the profile
$this->setDefaultsValues();
$action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, NULL);
if ($this->_mode == self::MODE_CREATE) {
CRM_Core_BAO_CMSUser::buildForm($this, $this->_gid, $emailPresent, $action);
} else {
$this->assign('showCMS', FALSE);
}
$this->assign('groupId', $this->_gid);
// if view mode pls freeze it with the done button.
if ($this->_action & CRM_Core_Action::VIEW) {
$this->freeze();
}
if ($this->_context == 'dialog') {
$this->addElement('submit', $this->_duplicateButtonName, ts('Save Matching Contact'));
}
}
/**
* Get permission relevant clauses.
* CRM-12209
*
* @param bool $force
*
* @return array
*/
public static function getPermissionClause($force = FALSE)
{
static $clause = 1;
static $retrieved = FALSE;
if ((!$retrieved || $force) && !CRM_Core_Permission::check('view all contacts') && !CRM_Core_Permission::check('edit all contacts')) {
//get the allowed groups for the current user
$groups = CRM_ACL_API::group(CRM_ACL_API::VIEW);
if (!empty($groups)) {
$groupList = implode(', ', array_values($groups));
$clause = "groups.id IN ( {$groupList} ) ";
} else {
$clause = '1 = 0';
}
}
$retrieved = TRUE;
return $clause;
}
public static function event($type = CRM_Core_Permission::VIEW, $eventID = NULL)
{
$events = CRM_Event_PseudoConstant::event(NULL, TRUE);
$includeEvents = array();
// check if user has all powerful permission
if (self::check('register for events')) {
$includeEvents = array_keys($events);
}
if ($type == CRM_Core_Permission::VIEW && self::check('view event info')) {
$includeEvents = array_keys($events);
}
$permissionedEvents = CRM_ACL_API::group($type, NULL, 'civicrm_event', $events, $includeEvents);
if (!$eventID) {
return $permissionedEvents;
}
return array_search($eventID, $permissionedEvents) === FALSE ? NULL : $eventID;
}
/**
* Get all groups from database, filtered by permissions
* for this user
*
* @param string $groupType
* Type of group(Access/Mailing).
* @param bool $excludeHidden
* Exclude hidden groups.
*
*
* @return array
* array reference of all groups.
*/
public function group($groupType = NULL, $excludeHidden = TRUE)
{
if (!isset($this->_viewPermissionedGroups)) {
$this->_viewPermissionedGroups = $this->_editPermissionedGroups = array();
}
$groupKey = $groupType ? $groupType : 'all';
if (!isset($this->_viewPermissionedGroups[$groupKey])) {
$this->_viewPermissionedGroups[$groupKey] = $this->_editPermissionedGroups[$groupKey] = array();
$groups = CRM_Core_PseudoConstant::allGroup($groupType, $excludeHidden);
if ($this->check('edit all contacts')) {
// this is the most powerful permission, so we return
// immediately rather than dilute it further
$this->_editAdminUser = $this->_viewAdminUser = TRUE;
$this->_editPermission = $this->_viewPermission = TRUE;
$this->_editPermissionedGroups[$groupKey] = $groups;
$this->_viewPermissionedGroups[$groupKey] = $groups;
return $this->_viewPermissionedGroups[$groupKey];
} elseif ($this->check('view all contacts')) {
$this->_viewAdminUser = TRUE;
$this->_viewPermission = TRUE;
$this->_viewPermissionedGroups[$groupKey] = $groups;
}
$ids = CRM_ACL_API::group(CRM_Core_Permission::VIEW, NULL, 'civicrm_saved_search', $groups);
if (!empty($ids)) {
foreach (array_values($ids) as $id) {
$title = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
$this->_viewPermissionedGroups[$groupKey][$id] = $title;
$this->_viewPermission = TRUE;
}
}
$ids = CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_saved_search', $groups);
if (!empty($ids)) {
foreach (array_values($ids) as $id) {
$title = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
$this->_editPermissionedGroups[$groupKey][$id] = $title;
$this->_viewPermissionedGroups[$groupKey][$id] = $title;
$this->_editPermission = TRUE;
$this->_viewPermission = TRUE;
}
}
}
return $this->_viewPermissionedGroups[$groupKey];
}
/**
* Get all groups from database, filtered by permissions
* for this user
*
* @param string $groupType type of group(Access/Mailing)
* @param boolen $excludeHidden exclude hidden groups.
*
* @access public
* @static
*
* @return array - array reference of all groups.
*
*/
public static function &group($groupType = null, $excludeHidden = true)
{
if (!isset(self::$_viewPermissionedGroups)) {
self::$_viewPermissionedGroups = self::$_editPermissionedGroups = array();
$groups =& CRM_Core_PseudoConstant::allGroup($groupType, $excludeHidden);
if (self::check('edit all contacts')) {
// this is the most powerful permission, so we return
// immediately rather than dilute it further
self::$_editAdminUser = self::$_viewAdminUser = true;
self::$_editPermission = self::$_viewPermission = true;
self::$_editPermissionedGroups = $groups;
self::$_viewPermissionedGroups = $groups;
return self::$_viewPermissionedGroups;
} else {
if (self::check('view all contacts')) {
self::$_viewAdminUser = true;
self::$_viewPermission = true;
self::$_viewPermissionedGroups = $groups;
}
}
require_once 'CRM/ACL/API.php';
$ids = CRM_ACL_API::group(CRM_Core_Permission::VIEW, null, 'civicrm_saved_search', $groups);
foreach (array_values($ids) as $id) {
$title = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
self::$_viewPermissionedGroups[$id] = $title;
self::$_viewPermission = true;
}
$ids = CRM_ACL_API::group(CRM_Core_Permission::EDIT, null, 'civicrm_saved_search', $groups);
foreach (array_values($ids) as $id) {
$title = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
self::$_editPermissionedGroups[$id] = $title;
self::$_viewPermissionedGroups[$id] = $title;
self::$_editPermission = true;
self::$_viewPermission = true;
}
}
return self::$_viewPermissionedGroups;
}
/**
* Check API for ACL permission.
*
* @param array $apiRequest
*
* @return bool
*/
public function checkACLPermission($apiRequest)
{
switch ($apiRequest['entity']) {
case 'UFGroup':
case 'UFField':
$ufGroups = \CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id');
$aclCreate = \CRM_ACL_API::group(\CRM_Core_Permission::CREATE, NULL, 'civicrm_uf_group', $ufGroups);
$aclEdit = \CRM_ACL_API::group(\CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', $ufGroups);
$ufGroupId = $apiRequest['entity'] == 'UFGroup' ? $apiRequest['params']['id'] : $apiRequest['params']['uf_group_id'];
if (in_array($ufGroupId, $aclEdit) or $aclCreate) {
return TRUE;
}
break;
//CRM-16777: Disable schedule reminder with ACLs.
//CRM-16777: Disable schedule reminder with ACLs.
case 'ActionSchedule':
$events = \CRM_Event_BAO_Event::getEvents();
$aclEdit = \CRM_ACL_API::group(\CRM_Core_Permission::EDIT, NULL, 'civicrm_event', $events);
$param = array('id' => $apiRequest['params']['id']);
$eventId = \CRM_Core_BAO_ActionSchedule::retrieve($param, $value = array());
if (in_array($eventId->entity_value, $aclEdit)) {
return TRUE;
}
break;
}
return FALSE;
}
/**
* Set variables up before form is built.
*
* @return void
*/
public function preProcess()
{
$config = CRM_Core_Config::singleton();
if (in_array('CiviEvent', $config->enableComponents)) {
$this->assign('CiviEvent', TRUE);
}
CRM_Core_Form_RecurringEntity::preProcess('civicrm_event');
$this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, 'add', 'REQUEST');
$this->assign('action', $this->_action);
$this->_id = CRM_Utils_Request::retrieve('id', 'Positive', $this, FALSE, NULL, 'GET');
if ($this->_id) {
$this->_isRepeatingEvent = CRM_Core_BAO_RecurringEntity::getParentFor($this->_id, 'civicrm_event');
$this->assign('eventId', $this->_id);
if (!empty($this->_addBlockName) && empty($this->_addProfileBottom) && empty($this->_addProfileBottomAdd)) {
$this->add('hidden', 'id', $this->_id);
}
$this->_single = TRUE;
$params = array('id' => $this->_id);
CRM_Event_BAO_Event::retrieve($params, $eventInfo);
// its an update mode, do a permission check
if (!CRM_Event_BAO_Event::checkPermission($this->_id, CRM_Core_Permission::EDIT)) {
CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
}
$participantListingID = CRM_Utils_Array::value('participant_listing_id', $eventInfo);
//CRM_Core_DAO::getFieldValue( 'CRM_Event_DAO_Event', $this->_id, 'participant_listing_id' );
if ($participantListingID) {
$participantListingURL = CRM_Utils_System::url('civicrm/event/participant', "reset=1&id={$this->_id}", TRUE, NULL, TRUE, TRUE);
$this->assign('participantListingURL', $participantListingURL);
}
$this->assign('isOnlineRegistration', CRM_Utils_Array::value('is_online_registration', $eventInfo));
$this->assign('id', $this->_id);
}
// figure out whether we’re handling an event or an event template
if ($this->_id) {
$this->_isTemplate = CRM_Utils_Array::value('is_template', $eventInfo);
} elseif ($this->_action & CRM_Core_Action::ADD) {
$this->_isTemplate = CRM_Utils_Request::retrieve('is_template', 'Boolean', $this);
}
$this->assign('isTemplate', $this->_isTemplate);
if ($this->_id) {
if ($this->_isTemplate) {
$title = CRM_Utils_Array::value('template_title', $eventInfo);
CRM_Utils_System::setTitle(ts('Edit Event Template') . " - {$title}");
} else {
$configureText = ts('Configure Event');
$title = CRM_Utils_Array::value('title', $eventInfo);
//If it is a repeating event change title
if ($this->_isRepeatingEvent) {
$configureText = 'Configure Repeating Event';
}
CRM_Utils_System::setTitle($configureText . " - {$title}");
}
$this->assign('title', $title);
} elseif ($this->_action & CRM_Core_Action::ADD) {
if ($this->_isTemplate) {
$title = ts('New Event Template');
CRM_Utils_System::setTitle($title);
} else {
$title = ts('New Event');
CRM_Utils_System::setTitle($title);
}
$this->assign('title', $title);
}
if (CRM_Core_Permission::check('view event participants') && CRM_Core_Permission::check('view all contacts')) {
$statusTypes = CRM_Event_PseudoConstant::participantStatus(NULL, 'is_counted = 1', 'label');
$statusTypesPending = CRM_Event_PseudoConstant::participantStatus(NULL, 'is_counted = 0', 'label');
$findParticipants['statusCounted'] = implode(', ', array_values($statusTypes));
$findParticipants['statusNotCounted'] = implode(', ', array_values($statusTypesPending));
$this->assign('findParticipants', $findParticipants);
}
$this->_templateId = (int) CRM_Utils_Request::retrieve('template_id', 'Integer', $this);
//Is a repeating event
if ($this->_isRepeatingEvent) {
$isRepeatingEntity = TRUE;
$this->assign('isRepeatingEntity', $isRepeatingEntity);
}
// CRM-16776 - show edit/copy/create buttons for Profiles if user has required permission.
$ufGroups = CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id');
$ufCreate = CRM_ACL_API::group(CRM_Core_Permission::CREATE, NULL, 'civicrm_uf_group', $ufGroups);
$ufEdit = CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', $ufGroups);
$checkPermission = array(array('administer CiviCRM', 'manage event profiles'));
if (CRM_Core_Permission::check($checkPermission) || !empty($ufCreate) || !empty($ufEdit)) {
$this->assign('perm', TRUE);
}
// also set up tabs
CRM_Event_Form_ManageEvent_TabHeader::build($this);
// Set Done button URL and breadcrumb. Templates go back to Manage Templates,
// otherwise go to Manage Event for new event or ManageEventEdit if event if exists.
$breadCrumb = array();
if (!$this->_isTemplate) {
if ($this->_id) {
$this->_doneUrl = CRM_Utils_System::url(CRM_Utils_System::currentPath(), "action=update&reset=1&id={$this->_id}");
} else {
$this->_doneUrl = CRM_Utils_System::url('civicrm/event/manage', 'reset=1');
$breadCrumb = array(array('title' => ts('Manage Events'), 'url' => $this->_doneUrl));
}
} else {
$this->_doneUrl = CRM_Utils_System::url('civicrm/admin/eventTemplate', 'reset=1');
$breadCrumb = array(array('title' => ts('Manage Event Templates'), 'url' => $this->_doneUrl));
}
CRM_Utils_System::appendBreadCrumb($breadCrumb);
}
public static function event($type = CRM_Core_Permission::VIEW, $eventID = null)
{
require_once 'CRM/Event/PseudoConstant.php';
$events = CRM_Event_PseudoConstant::event(null, true);
$includeEvents = array();
// check if user has all powerful permission
if (self::check('register for events')) {
$includeEvents = array_keys($events);
}
if ($type == CRM_Core_Permission::VIEW && self::check('view event info')) {
$includeEvents = array_keys($events);
}
require_once 'CRM/ACL/API.php';
$permissionedEvents = CRM_ACL_API::group($type, null, 'civicrm_event', $events, $includeEvents);
if (!$eventID) {
return $permissionedEvents;
}
return array_search($eventID, $permissionedEvents) === false ? null : $eventID;
}
static function whereClause(&$params, $sortBy = TRUE, $excludeHidden = TRUE)
{
$values = array();
$clauses = array();
$title = CRM_Utils_Array::value('title', $params);
if ($title) {
$clauses[] = "groups.title LIKE %1";
if (strpos($title, '%') !== FALSE) {
$params[1] = array($title, 'String', FALSE);
} else {
$params[1] = array($title, 'String', TRUE);
}
}
$groupType = CRM_Utils_Array::value('group_type', $params);
if ($groupType) {
$types = explode(',', $groupType);
if (!empty($types)) {
$clauses[] = 'groups.group_type LIKE %2';
$typeString = CRM_Core_DAO::VALUE_SEPARATOR . implode(CRM_Core_DAO::VALUE_SEPARATOR, $types) . CRM_Core_DAO::VALUE_SEPARATOR;
$params[2] = array($typeString, 'String', TRUE);
}
}
$visibility = CRM_Utils_Array::value('visibility', $params);
if ($visibility) {
$clauses[] = 'groups.visibility = %3';
$params[3] = array($visibility, 'String');
}
$groupStatus = CRM_Utils_Array::value('status', $params);
if ($groupStatus) {
switch ($groupStatus) {
case 1:
$clauses[] = 'groups.is_active = 1';
$params[4] = array($groupStatus, 'Integer');
break;
case 2:
$clauses[] = 'groups.is_active = 0';
$params[4] = array($groupStatus, 'Integer');
break;
case 3:
$clauses[] = '(groups.is_active = 0 OR groups.is_active = 1 )';
break;
}
}
$parentsOnly = CRM_Utils_Array::value('parentsOnly', $params);
if ($parentsOnly) {
$clauses[] = 'groups.parents IS NULL';
}
// only show child groups of a specific parent group
$parent_id = CRM_Utils_Array::value('parent_id', $params);
if ($parent_id) {
$clauses[] = 'groups.id IN (SELECT child_group_id FROM civicrm_group_nesting WHERE parent_group_id = %5)';
$params[5] = array($parent_id, 'Integer');
}
if ($createdBy = CRM_Utils_Array::value('created_by', $params)) {
$clauses[] = "createdBy.sort_name LIKE %6";
if (strpos($createdBy, '%') !== FALSE) {
$params[6] = array($createdBy, 'String', FALSE);
} else {
$params[6] = array($createdBy, 'String', TRUE);
}
}
/*
if ( $sortBy &&
$this->_sortByCharacter !== null ) {
$clauses[] =
"groups.title LIKE '" .
strtolower(CRM_Core_DAO::escapeWildCardString($this->_sortByCharacter)) .
"%'";
}
// dont do a the below assignement when doing a
// AtoZ pager clause
if ( $sortBy ) {
if ( count( $clauses ) > 1 ) {
$this->assign( 'isSearch', 1 );
} else {
$this->assign( 'isSearch', 0 );
}
}
*/
if (empty($clauses)) {
$clauses[] = 'groups.is_active = 1';
}
if ($excludeHidden) {
$clauses[] = 'groups.is_hidden = 0';
}
//CRM-12209
if (!CRM_Core_Permission::check('view all contacts')) {
//get the allowed groups for the current user
$groups = CRM_ACL_API::group(CRM_ACL_API::VIEW);
if (!empty($groups)) {
$groupList = implode(', ', array_values($groups));
$clauses[] = "groups.id IN ( {$groupList} ) ";
}
}
return implode(' AND ', $clauses);
}
/**
* Function to actually build the form
*
* @return void
* @access public
*/
public function buildQuickForm()
{
//lets have single status message, CRM-4363
$return = false;
$statusMessage = null;
//we should not allow component and mix profiles in search mode
if ($this->_mode != self::MODE_REGISTER) {
//check for mix profile fields (eg: individual + other contact type)
if (CRM_Core_BAO_UFField::checkProfileType($this->_gid)) {
$statusMessage = ts('Profile search, view and edit are not supported for Profiles which include fields for more than one record type.');
}
$profileType = CRM_Core_BAO_UFField::getProfileType($this->_gid);
if ($this->_id) {
list($contactType, $contactSubType) = CRM_Contact_BAO_Contact::getContactTypes($this->_id);
$profileSubType = false;
if (CRM_Contact_BAO_ContactType::isaSubType($profileType)) {
$profileSubType = $profileType;
$profileType = CRM_Contact_BAO_ContactType::getBasicType($profileType);
}
if ($profileType != 'Contact' && ($profileSubType && $contactSubType && $profileSubType != $contactSubType || $profileType != $contactType)) {
$return = true;
if (!$statusMessage) {
$statusMessage = ts("This profile is configured for contact type '%1'. It cannot be used to edit contacts of other types.", array(1 => $profileSubType ? $profileSubType : $profileType));
}
}
}
if (in_array($profileType, array("Membership", "Participant", "Contribution"))) {
$return = true;
if (!$statusMessage) {
$statusMessage = ts('Profile is not configured for the selected action.');
}
}
}
//lets have sigle status message,
$this->assign('statusMessage', $statusMessage);
if ($return) {
return false;
}
$sBlocks = array();
$hBlocks = array();
$config =& CRM_Core_Config::singleton();
$this->assign('id', $this->_id);
$this->assign('mode', $this->_mode);
$this->assign('action', $this->_action);
$this->assign_by_ref('fields', $this->_fields);
$this->assign('fieldset', isset($this->_fieldset) ? $this->_fieldset : "");
// do we need inactive options ?
if ($this->_action & CRM_Core_Action::VIEW) {
$inactiveNeeded = true;
} else {
$inactiveNeeded = false;
}
$session =& CRM_Core_Session::singleton();
// should we restrict what we display
$admin = true;
if ($this->_mode == self::MODE_EDIT) {
$admin = false;
// show all fields that are visibile:
// if we are a admin OR the same user OR acl-user with access to the profile
require_once 'CRM/ACL/API.php';
if (CRM_Core_Permission::check('administer users') || $this->_id == $session->get('userID') || in_array($this->_gid, CRM_ACL_API::group(CRM_Core_Permission::EDIT, null, 'civicrm_uf_group', CRM_Core_PseudoConstant::ufGroup()))) {
$admin = true;
}
}
$userID = $session->get('userID');
$anonUser = false;
// if false, user is not logged-in.
if (!$userID) {
require_once 'CRM/Core/BAO/LocationType.php';
$defaultLocationType =& CRM_Core_BAO_LocationType::getDefault();
$primaryLocationType = $defaultLocationType->id;
$anonUser = true;
$this->assign('anonUser', true);
}
$addCaptcha = array();
$emailPresent = false;
// cache the state country fields. based on the results, we could use our javascript solution
// in create or register mode
$stateCountryMap = array();
// add the form elements
foreach ($this->_fields as $name => $field) {
// make sure that there is enough permission to expose this field
if (!$admin && $field['visibility'] == 'User and User Admin Only' || CRM_Utils_Array::value('is_view', $field)) {
unset($this->_fields[$name]);
continue;
}
// since the CMS manages the email field, suppress the email display if in
// register mode which occur within the CMS form
if ($this->_mode == self::MODE_REGISTER && substr($name, 0, 5) == 'email') {
unset($this->_fields[$name]);
continue;
}
list($prefixName, $index) = CRM_Utils_System::explode('-', $name, 2);
if ($prefixName == 'state_province' || $prefixName == 'country') {
if (!array_key_exists($index, $stateCountryMap)) {
$stateCountryMap[$index] = array();
}
$stateCountryMap[$index][$prefixName] = $name;
}
CRM_Core_BAO_UFGroup::buildProfile($this, $field, $this->_mode);
if ($field['add_to_group_id']) {
$addToGroupId = $field['add_to_group_id'];
}
//build array for captcha
if ($field['add_captcha']) {
$addCaptcha[$field['group_id']] = $field['add_captcha'];
}
if ($name == 'email-Primary' || ($name == 'email-' . isset($primaryLocationType) ? $primaryLocationType : "")) {
$emailPresent = true;
$this->_mail = $name;
}
}
// add captcha only for create mode.
if ($this->_mode == self::MODE_CREATE) {
if (!$this->_isAddCaptcha && !empty($addCaptcha)) {
$this->_isAddCaptcha = true;
}
} else {
$this->_isAddCaptcha = false;
}
//finally add captcha to form.
if ($this->_isAddCaptcha) {
require_once 'CRM/Utils/ReCAPTCHA.php';
$captcha =& CRM_Utils_ReCAPTCHA::singleton();
$captcha->add($this);
}
$this->assign("isCaptcha", $this->_isAddCaptcha);
if ($this->_mode != self::MODE_SEARCH) {
if (isset($addToGroupId)) {
$this->add('hidden', "group[{$addToGroupId}]", 1);
$this->_addToGroupID = $addToGroupId;
}
}
// also do state country js
require_once 'CRM/Core/BAO/Address.php';
CRM_Core_BAO_Address::addStateCountryMap($stateCountryMap, $this->_defaults);
$action = CRM_Utils_Request::retrieve('action', 'String', $this, false, null);
if ($this->_mode == self::MODE_CREATE) {
require_once 'CRM/Core/BAO/CMSUser.php';
CRM_Core_BAO_CMSUser::buildForm($this, $this->_gid, $emailPresent, $action);
} else {
$this->assign('showCMS', false);
}
$this->assign('groupId', $this->_gid);
// now fix all state country selectors
require_once 'CRM/Core/BAO/Address.php';
CRM_Core_BAO_Address::fixAllStateSelects($this, $this->_defaults);
// if view mode pls freeze it with the done button.
if ($this->_action & CRM_Core_Action::VIEW) {
$this->freeze();
}
if ($this->_context == 'dialog') {
$this->addElement('submit', $this->_duplicateButtonName, ts('Save Matching Contact'));
}
}
