Esempio n. 1
0
 /**
  * Set variables up before form is built.
  *
  * @return void
  */
 public function preProcess()
 {
     $this->_addProfileBottom = CRM_Utils_Array::value('addProfileBottom', $_GET, FALSE);
     $this->_profileBottomNum = CRM_Utils_Array::value('addProfileNum', $_GET, 0);
     $this->_addProfileBottomAdd = CRM_Utils_Array::value('addProfileBottomAdd', $_GET, FALSE);
     $this->_profileBottomNumAdd = CRM_Utils_Array::value('addProfileNumAdd', $_GET, 0);
     parent::preProcess();
     $this->assign('addProfileBottom', $this->_addProfileBottom);
     $this->assign('profileBottomNum', $this->_profileBottomNum);
     $urlParams = "id={$this->_id}&addProfileBottom=1&qfKey={$this->controller->_key}";
     $this->assign('addProfileParams', $urlParams);
     if ($addProfileBottom = CRM_Utils_Array::value('custom_post_id_multiple', $_POST)) {
         foreach (array_keys($addProfileBottom) as $profileNum) {
             self::buildMultipleProfileBottom($this, $profileNum);
         }
     }
     $this->assign('perm', 0);
     $ufGroups = CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id');
     $ufCreate = CRM_ACL_API::group(CRM_Core_Permission::CREATE, NULL, 'civicrm_uf_group', $ufGroups);
     $ufEdit = CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', $ufGroups);
     $checkPermission = array(array('administer CiviCRM', 'manage event profiles'));
     if (CRM_Core_Permission::check($checkPermission) || !empty($ufCreate) || !empty($ufEdit)) {
         $this->assign('perm', 1);
     }
     $this->assign('addProfileBottomAdd', $this->_addProfileBottomAdd);
     $this->assign('profileBottomNumAdd', $this->_profileBottomNumAdd);
     $urlParamsAdd = "id={$this->_id}&addProfileBottomAdd=1&qfKey={$this->controller->_key}";
     $this->assign('addProfileParamsAdd', $urlParamsAdd);
     if ($addProfileBottomAdd = CRM_Utils_Array::value('additional_custom_post_id_multiple', $_POST)) {
         foreach (array_keys($addProfileBottomAdd) as $profileNum) {
             self::buildMultipleProfileBottom($this, $profileNum, 'additional_', ts('Profile for Additional Participants'));
         }
     }
 }
Esempio n. 2
0
 /**
  * make sure that the user has permission to access this event
  *
  * @param int $id   the id of the event
  * @param int $name the name or title of the event
  *
  * @return string   the permission that the user has (or null)
  * @access public
  * @static
  */
 static function checkPermission($eventId = null, $type = CRM_Core_Permission::VIEW)
 {
     static $permissions = null;
     if (empty($permissions)) {
         require_once 'CRM/ACL/API.php';
         require_once 'CRM/Event/PseudoConstant.php';
         $allEvents = CRM_Event_PseudoConstant::event(null, true);
         $createdEvents = array();
         $session =& CRM_Core_Session::singleton();
         if ($userID = $session->get('userID')) {
             $createdEvents = array_keys(CRM_Event_PseudoConstant::event(null, true, "created_id={$userID}"));
         }
         // Note: for a multisite setup, a user with edit all events, can edit all events
         // including those from other sites
         if (CRM_Core_Permission::check('edit all events')) {
             $permissions[CRM_Core_Permission::EDIT] = array_keys($allEvents);
         } else {
             $permissions[CRM_Core_Permission::EDIT] =& CRM_ACL_API::group(CRM_Core_Permission::EDIT, null, 'civicrm_event', $allEvents, $createdEvents);
         }
         if (CRM_Core_Permission::check('edit all events')) {
             $permissions[CRM_Core_Permission::VIEW] = array_keys($allEvents);
         } else {
             if (CRM_Core_Permission::check('access CiviEvent') && CRM_Core_Permission::check('view event participants')) {
                 // use case: allow "view all events" but NOT "edit all events"
                 // so for a normal site allow users with these two permissions to view all events AND
                 // at the same time also allow any hook to override if needed.
                 $createdEvents = array_keys($allEvents);
             }
             $permissions[CRM_Core_Permission::VIEW] =& CRM_ACL_API::group(CRM_Core_Permission::VIEW, null, 'civicrm_event', $allEvents, $createdEvents);
         }
         $permissions[CRM_Core_Permission::DELETE] = array();
         if (CRM_Core_Permission::check('delete in CiviEvent')) {
             // Note: we want to restrict the scope of delete permission to
             // events that are editable/viewable (usecase multisite).
             // We can remove array_intersect once we have ACL support for delete functionality.
             $permissions[CRM_Core_Permission::DELETE] = array_intersect($permissions[CRM_Core_Permission::EDIT], $permissions[CRM_Core_Permission::VIEW]);
         }
     }
     if ($eventId) {
         return in_array($eventId, $permissions[$type]) ? true : false;
     }
     return $permissions;
 }
Esempio n. 3
0
 /**
  * Class constructor.
  */
 public function __construct()
 {
     parent::__construct();
     $this->addClass('crm-report-form');
     if ($this->_tagFilter) {
         $this->buildTagFilter();
     }
     if ($this->_exposeContactID) {
         if (array_key_exists('civicrm_contact', $this->_columns)) {
             $this->_columns['civicrm_contact']['fields']['exposed_id'] = array('name' => 'id', 'title' => 'Contact ID', 'no_repeat' => TRUE);
         }
     }
     if ($this->_groupFilter) {
         $this->buildGroupFilter();
     }
     // Get all custom groups
     $allGroups = CRM_Core_PseudoConstant::get('CRM_Core_DAO_CustomField', 'custom_group_id');
     // Get the custom groupIds for which the user has VIEW permission
     // If the user has 'access all custom data' permission, we'll leave $permCustomGroupIds empty
     // and addCustomDataToColumns() will allow access to all custom groups.
     $permCustomGroupIds = array();
     if (!CRM_Core_Permission::check('access all custom data')) {
         $permCustomGroupIds = CRM_ACL_API::group(CRM_Core_Permission::VIEW, NULL, 'civicrm_custom_group', $allGroups, NULL);
         // do not allow custom data for reports if user doesn't have
         // permission to access custom data.
         if (!empty($this->_customGroupExtends) && empty($permCustomGroupIds)) {
             $this->_customGroupExtends = array();
         }
     }
     // merge custom data columns to _columns list, if any
     $this->addCustomDataToColumns(TRUE, $permCustomGroupIds);
     // add / modify display columns, filters ..etc
     CRM_Utils_Hook::alterReportVar('columns', $this->_columns, $this);
     //assign currencyColumn variable to tpl
     $this->assign('currencyColumn', $this->_currencyColumn);
 }
Esempio n. 4
0
 /**
  * Build the form object.
  *
  * @return void
  */
 public function buildQuickForm()
 {
     $this->add('hidden', 'gid', $this->_gid);
     switch ($this->_mode) {
         case self::MODE_CREATE:
         case self::MODE_EDIT:
         case self::MODE_REGISTER:
             CRM_Utils_Hook::buildProfile($this->_ufGroup['name']);
             break;
         case self::MODE_SEARCH:
             CRM_Utils_Hook::searchProfile($this->_ufGroup['name']);
             break;
         default:
     }
     //lets have single status message, CRM-4363
     $return = FALSE;
     $statusMessage = NULL;
     if ($this->_multiRecord & CRM_Core_Action::ADD && $this->_maxRecordLimit) {
         return;
     }
     if ($this->_multiRecord & CRM_Core_Action::DELETE) {
         if (!$this->_recordExists) {
             CRM_Core_Session::setStatus(ts('The record %1 doesnot exists', array(1 => $this->_recordId)), ts('Record doesnot exists'), 'alert');
         } else {
             $this->assign('deleteRecord', TRUE);
         }
         return;
     }
     CRM_Core_BAO_Address::checkContactSharedAddressFields($this->_fields, $this->_id);
     // we should not allow component and mix profiles in search mode
     if ($this->_mode != self::MODE_REGISTER) {
         //check for mix profile fields (eg:  individual + other contact type)
         if (CRM_Core_BAO_UFField::checkProfileType($this->_gid)) {
             if ($this->_mode & self::MODE_EDIT && $this->_isContactActivityProfile) {
                 $errors = self::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid);
                 if (!empty($errors)) {
                     $statusMessage = array_pop($errors);
                     $return = TRUE;
                 }
             } else {
                 $statusMessage = ts('Profile search, view and edit are not supported for Profiles which include fields for more than one record type.');
                 $return = TRUE;
             }
         }
         $profileType = CRM_Core_BAO_UFField::getProfileType($this->_gid);
         if ($this->_id) {
             $contactTypes = CRM_Contact_BAO_Contact::getContactTypes($this->_id);
             $contactType = $contactTypes[0];
             array_shift($contactTypes);
             $contactSubtypes = $contactTypes;
             $profileSubType = FALSE;
             if (CRM_Contact_BAO_ContactType::isaSubType($profileType)) {
                 $profileSubType = $profileType;
                 $profileType = CRM_Contact_BAO_ContactType::getBasicType($profileType);
             }
             if ($profileType != 'Contact' && !$this->_isContactActivityProfile && ($profileSubType && !empty($contactSubtypes) && !in_array($profileSubType, $contactSubtypes) || $profileType != $contactType)) {
                 $return = TRUE;
                 if (!$statusMessage) {
                     $statusMessage = ts("This profile is configured for contact type '%1'. It cannot be used to edit contacts of other types.", array(1 => $profileSubType ? $profileSubType : $profileType));
                 }
             }
         }
         if (in_array($profileType, array("Membership", "Participant", "Contribution"))) {
             $return = TRUE;
             if (!$statusMessage) {
                 $statusMessage = ts('Profile is not configured for the selected action.');
             }
         }
     }
     //lets have single status message,
     $this->assign('statusMessage', $statusMessage);
     if ($return) {
         return FALSE;
     }
     $this->assign('id', $this->_id);
     $this->assign('mode', $this->_mode);
     $this->assign('action', $this->_action);
     $this->assign('fields', $this->_fields);
     $this->assign('fieldset', isset($this->_fieldset) ? $this->_fieldset : "");
     // should we restrict what we display
     $admin = TRUE;
     if ($this->_mode == self::MODE_EDIT) {
         $admin = FALSE;
         // show all fields that are visibile:
         // if we are a admin OR the same user OR acl-user with access to the profile
         // or we have checksum access to this contact (i.e. the user without a login) - CRM-5909
         if (CRM_Core_Permission::check('administer users') || $this->_id == $this->_currentUserID || $this->_isPermissionedChecksum || in_array($this->_gid, CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id')))) {
             $admin = TRUE;
         }
     }
     // if false, user is not logged-in.
     $anonUser = FALSE;
     if (!$this->_currentUserID) {
         $defaultLocationType = CRM_Core_BAO_LocationType::getDefault();
         $primaryLocationType = $defaultLocationType->id;
         $anonUser = TRUE;
     }
     $this->assign('anonUser', $anonUser);
     $addCaptcha = array();
     $emailPresent = FALSE;
     // add the form elements
     foreach ($this->_fields as $name => $field) {
         // make sure that there is enough permission to expose this field
         if (!$admin && $field['visibility'] == 'User and User Admin Only') {
             unset($this->_fields[$name]);
             continue;
         }
         // since the CMS manages the email field, suppress the email display if in
         // register mode which occur within the CMS form
         if ($this->_mode == self::MODE_REGISTER && substr($name, 0, 5) == 'email') {
             unset($this->_fields[$name]);
             continue;
         }
         list($prefixName, $index) = CRM_Utils_System::explode('-', $name, 2);
         CRM_Core_BAO_UFGroup::buildProfile($this, $field, $this->_mode);
         if ($field['add_to_group_id']) {
             $addToGroupId = $field['add_to_group_id'];
         }
         //build array for captcha
         if ($field['add_captcha']) {
             $addCaptcha[$field['group_id']] = $field['add_captcha'];
         }
         if ($name == 'email-Primary' || ($name == 'email-' . isset($primaryLocationType) ? $primaryLocationType : "")) {
             $emailPresent = TRUE;
             $this->_mail = $name;
         }
     }
     // add captcha only for create mode.
     if ($this->_mode == self::MODE_CREATE) {
         // suppress captcha for logged in users only
         if ($this->_currentUserID) {
             $this->_isAddCaptcha = FALSE;
         } elseif (!$this->_isAddCaptcha && !empty($addCaptcha)) {
             $this->_isAddCaptcha = TRUE;
         }
         if ($this->_gid) {
             $dao = new CRM_Core_DAO_UFGroup();
             $dao->id = $this->_gid;
             $dao->addSelect();
             $dao->addSelect('is_update_dupe');
             if ($dao->find(TRUE)) {
                 if ($dao->is_update_dupe) {
                     $this->_isUpdateDupe = $dao->is_update_dupe;
                 }
             }
         }
     } else {
         $this->_isAddCaptcha = FALSE;
     }
     //finally add captcha to form.
     if ($this->_isAddCaptcha) {
         $captcha = CRM_Utils_ReCAPTCHA::singleton();
         $captcha->add($this);
     }
     $this->assign("isCaptcha", $this->_isAddCaptcha);
     if ($this->_mode != self::MODE_SEARCH) {
         if (isset($addToGroupId)) {
             $this->_ufGroup['add_to_group_id'] = $addToGroupId;
         }
     }
     //let's do set defaults for the profile
     $this->setDefaultsValues();
     $action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, NULL);
     if ($this->_mode == self::MODE_CREATE) {
         CRM_Core_BAO_CMSUser::buildForm($this, $this->_gid, $emailPresent, $action);
     } else {
         $this->assign('showCMS', FALSE);
     }
     $this->assign('groupId', $this->_gid);
     // if view mode pls freeze it with the done button.
     if ($this->_action & CRM_Core_Action::VIEW) {
         $this->freeze();
     }
     if ($this->_context == 'dialog') {
         $this->addElement('submit', $this->_duplicateButtonName, ts('Save Matching Contact'));
     }
 }
Esempio n. 5
0
 /**
  * Get permission relevant clauses.
  * CRM-12209
  *
  * @param bool $force
  *
  * @return array
  */
 public static function getPermissionClause($force = FALSE)
 {
     static $clause = 1;
     static $retrieved = FALSE;
     if ((!$retrieved || $force) && !CRM_Core_Permission::check('view all contacts') && !CRM_Core_Permission::check('edit all contacts')) {
         //get the allowed groups for the current user
         $groups = CRM_ACL_API::group(CRM_ACL_API::VIEW);
         if (!empty($groups)) {
             $groupList = implode(', ', array_values($groups));
             $clause = "groups.id IN ( {$groupList} ) ";
         } else {
             $clause = '1 = 0';
         }
     }
     $retrieved = TRUE;
     return $clause;
 }
 public static function event($type = CRM_Core_Permission::VIEW, $eventID = NULL)
 {
     $events = CRM_Event_PseudoConstant::event(NULL, TRUE);
     $includeEvents = array();
     // check if user has all powerful permission
     if (self::check('register for events')) {
         $includeEvents = array_keys($events);
     }
     if ($type == CRM_Core_Permission::VIEW && self::check('view event info')) {
         $includeEvents = array_keys($events);
     }
     $permissionedEvents = CRM_ACL_API::group($type, NULL, 'civicrm_event', $events, $includeEvents);
     if (!$eventID) {
         return $permissionedEvents;
     }
     return array_search($eventID, $permissionedEvents) === FALSE ? NULL : $eventID;
 }
Esempio n. 7
0
 /**
  * Get all groups from database, filtered by permissions
  * for this user
  *
  * @param string $groupType
  *   Type of group(Access/Mailing).
  * @param bool $excludeHidden
  *   Exclude hidden groups.
  *
  *
  * @return array
  *   array reference of all groups.
  */
 public function group($groupType = NULL, $excludeHidden = TRUE)
 {
     if (!isset($this->_viewPermissionedGroups)) {
         $this->_viewPermissionedGroups = $this->_editPermissionedGroups = array();
     }
     $groupKey = $groupType ? $groupType : 'all';
     if (!isset($this->_viewPermissionedGroups[$groupKey])) {
         $this->_viewPermissionedGroups[$groupKey] = $this->_editPermissionedGroups[$groupKey] = array();
         $groups = CRM_Core_PseudoConstant::allGroup($groupType, $excludeHidden);
         if ($this->check('edit all contacts')) {
             // this is the most powerful permission, so we return
             // immediately rather than dilute it further
             $this->_editAdminUser = $this->_viewAdminUser = TRUE;
             $this->_editPermission = $this->_viewPermission = TRUE;
             $this->_editPermissionedGroups[$groupKey] = $groups;
             $this->_viewPermissionedGroups[$groupKey] = $groups;
             return $this->_viewPermissionedGroups[$groupKey];
         } elseif ($this->check('view all contacts')) {
             $this->_viewAdminUser = TRUE;
             $this->_viewPermission = TRUE;
             $this->_viewPermissionedGroups[$groupKey] = $groups;
         }
         $ids = CRM_ACL_API::group(CRM_Core_Permission::VIEW, NULL, 'civicrm_saved_search', $groups);
         if (!empty($ids)) {
             foreach (array_values($ids) as $id) {
                 $title = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
                 $this->_viewPermissionedGroups[$groupKey][$id] = $title;
                 $this->_viewPermission = TRUE;
             }
         }
         $ids = CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_saved_search', $groups);
         if (!empty($ids)) {
             foreach (array_values($ids) as $id) {
                 $title = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
                 $this->_editPermissionedGroups[$groupKey][$id] = $title;
                 $this->_viewPermissionedGroups[$groupKey][$id] = $title;
                 $this->_editPermission = TRUE;
                 $this->_viewPermission = TRUE;
             }
         }
     }
     return $this->_viewPermissionedGroups[$groupKey];
 }
Esempio n. 8
0
 /**
  * Get all groups from database, filtered by permissions
  * for this user
  *
  * @param string $groupType     type of group(Access/Mailing) 
  * @param boolen $excludeHidden exclude hidden groups.
  *
  * @access public
  * @static
  *
  * @return array - array reference of all groups.
  *
  */
 public static function &group($groupType = null, $excludeHidden = true)
 {
     if (!isset(self::$_viewPermissionedGroups)) {
         self::$_viewPermissionedGroups = self::$_editPermissionedGroups = array();
         $groups =& CRM_Core_PseudoConstant::allGroup($groupType, $excludeHidden);
         if (self::check('edit all contacts')) {
             // this is the most powerful permission, so we return
             // immediately rather than dilute it further
             self::$_editAdminUser = self::$_viewAdminUser = true;
             self::$_editPermission = self::$_viewPermission = true;
             self::$_editPermissionedGroups = $groups;
             self::$_viewPermissionedGroups = $groups;
             return self::$_viewPermissionedGroups;
         } else {
             if (self::check('view all contacts')) {
                 self::$_viewAdminUser = true;
                 self::$_viewPermission = true;
                 self::$_viewPermissionedGroups = $groups;
             }
         }
         require_once 'CRM/ACL/API.php';
         $ids = CRM_ACL_API::group(CRM_Core_Permission::VIEW, null, 'civicrm_saved_search', $groups);
         foreach (array_values($ids) as $id) {
             $title = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
             self::$_viewPermissionedGroups[$id] = $title;
             self::$_viewPermission = true;
         }
         $ids = CRM_ACL_API::group(CRM_Core_Permission::EDIT, null, 'civicrm_saved_search', $groups);
         foreach (array_values($ids) as $id) {
             $title = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
             self::$_editPermissionedGroups[$id] = $title;
             self::$_viewPermissionedGroups[$id] = $title;
             self::$_editPermission = true;
             self::$_viewPermission = true;
         }
     }
     return self::$_viewPermissionedGroups;
 }
 /**
  * Check API for ACL permission.
  *
  * @param array $apiRequest
  *
  * @return bool
  */
 public function checkACLPermission($apiRequest)
 {
     switch ($apiRequest['entity']) {
         case 'UFGroup':
         case 'UFField':
             $ufGroups = \CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id');
             $aclCreate = \CRM_ACL_API::group(\CRM_Core_Permission::CREATE, NULL, 'civicrm_uf_group', $ufGroups);
             $aclEdit = \CRM_ACL_API::group(\CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', $ufGroups);
             $ufGroupId = $apiRequest['entity'] == 'UFGroup' ? $apiRequest['params']['id'] : $apiRequest['params']['uf_group_id'];
             if (in_array($ufGroupId, $aclEdit) or $aclCreate) {
                 return TRUE;
             }
             break;
             //CRM-16777: Disable schedule reminder with ACLs.
         //CRM-16777: Disable schedule reminder with ACLs.
         case 'ActionSchedule':
             $events = \CRM_Event_BAO_Event::getEvents();
             $aclEdit = \CRM_ACL_API::group(\CRM_Core_Permission::EDIT, NULL, 'civicrm_event', $events);
             $param = array('id' => $apiRequest['params']['id']);
             $eventId = \CRM_Core_BAO_ActionSchedule::retrieve($param, $value = array());
             if (in_array($eventId->entity_value, $aclEdit)) {
                 return TRUE;
             }
             break;
     }
     return FALSE;
 }
Esempio n. 10
0
 /**
  * Set variables up before form is built.
  *
  * @return void
  */
 public function preProcess()
 {
     $config = CRM_Core_Config::singleton();
     if (in_array('CiviEvent', $config->enableComponents)) {
         $this->assign('CiviEvent', TRUE);
     }
     CRM_Core_Form_RecurringEntity::preProcess('civicrm_event');
     $this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, 'add', 'REQUEST');
     $this->assign('action', $this->_action);
     $this->_id = CRM_Utils_Request::retrieve('id', 'Positive', $this, FALSE, NULL, 'GET');
     if ($this->_id) {
         $this->_isRepeatingEvent = CRM_Core_BAO_RecurringEntity::getParentFor($this->_id, 'civicrm_event');
         $this->assign('eventId', $this->_id);
         if (!empty($this->_addBlockName) && empty($this->_addProfileBottom) && empty($this->_addProfileBottomAdd)) {
             $this->add('hidden', 'id', $this->_id);
         }
         $this->_single = TRUE;
         $params = array('id' => $this->_id);
         CRM_Event_BAO_Event::retrieve($params, $eventInfo);
         // its an update mode, do a permission check
         if (!CRM_Event_BAO_Event::checkPermission($this->_id, CRM_Core_Permission::EDIT)) {
             CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
         }
         $participantListingID = CRM_Utils_Array::value('participant_listing_id', $eventInfo);
         //CRM_Core_DAO::getFieldValue( 'CRM_Event_DAO_Event', $this->_id, 'participant_listing_id' );
         if ($participantListingID) {
             $participantListingURL = CRM_Utils_System::url('civicrm/event/participant', "reset=1&id={$this->_id}", TRUE, NULL, TRUE, TRUE);
             $this->assign('participantListingURL', $participantListingURL);
         }
         $this->assign('isOnlineRegistration', CRM_Utils_Array::value('is_online_registration', $eventInfo));
         $this->assign('id', $this->_id);
     }
     // figure out whether we’re handling an event or an event template
     if ($this->_id) {
         $this->_isTemplate = CRM_Utils_Array::value('is_template', $eventInfo);
     } elseif ($this->_action & CRM_Core_Action::ADD) {
         $this->_isTemplate = CRM_Utils_Request::retrieve('is_template', 'Boolean', $this);
     }
     $this->assign('isTemplate', $this->_isTemplate);
     if ($this->_id) {
         if ($this->_isTemplate) {
             $title = CRM_Utils_Array::value('template_title', $eventInfo);
             CRM_Utils_System::setTitle(ts('Edit Event Template') . " - {$title}");
         } else {
             $configureText = ts('Configure Event');
             $title = CRM_Utils_Array::value('title', $eventInfo);
             //If it is a repeating event change title
             if ($this->_isRepeatingEvent) {
                 $configureText = 'Configure Repeating Event';
             }
             CRM_Utils_System::setTitle($configureText . " - {$title}");
         }
         $this->assign('title', $title);
     } elseif ($this->_action & CRM_Core_Action::ADD) {
         if ($this->_isTemplate) {
             $title = ts('New Event Template');
             CRM_Utils_System::setTitle($title);
         } else {
             $title = ts('New Event');
             CRM_Utils_System::setTitle($title);
         }
         $this->assign('title', $title);
     }
     if (CRM_Core_Permission::check('view event participants') && CRM_Core_Permission::check('view all contacts')) {
         $statusTypes = CRM_Event_PseudoConstant::participantStatus(NULL, 'is_counted = 1', 'label');
         $statusTypesPending = CRM_Event_PseudoConstant::participantStatus(NULL, 'is_counted = 0', 'label');
         $findParticipants['statusCounted'] = implode(', ', array_values($statusTypes));
         $findParticipants['statusNotCounted'] = implode(', ', array_values($statusTypesPending));
         $this->assign('findParticipants', $findParticipants);
     }
     $this->_templateId = (int) CRM_Utils_Request::retrieve('template_id', 'Integer', $this);
     //Is a repeating event
     if ($this->_isRepeatingEvent) {
         $isRepeatingEntity = TRUE;
         $this->assign('isRepeatingEntity', $isRepeatingEntity);
     }
     // CRM-16776 - show edit/copy/create buttons for Profiles if user has required permission.
     $ufGroups = CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id');
     $ufCreate = CRM_ACL_API::group(CRM_Core_Permission::CREATE, NULL, 'civicrm_uf_group', $ufGroups);
     $ufEdit = CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', $ufGroups);
     $checkPermission = array(array('administer CiviCRM', 'manage event profiles'));
     if (CRM_Core_Permission::check($checkPermission) || !empty($ufCreate) || !empty($ufEdit)) {
         $this->assign('perm', TRUE);
     }
     // also set up tabs
     CRM_Event_Form_ManageEvent_TabHeader::build($this);
     // Set Done button URL and breadcrumb. Templates go back to Manage Templates,
     // otherwise go to Manage Event for new event or ManageEventEdit if event if exists.
     $breadCrumb = array();
     if (!$this->_isTemplate) {
         if ($this->_id) {
             $this->_doneUrl = CRM_Utils_System::url(CRM_Utils_System::currentPath(), "action=update&reset=1&id={$this->_id}");
         } else {
             $this->_doneUrl = CRM_Utils_System::url('civicrm/event/manage', 'reset=1');
             $breadCrumb = array(array('title' => ts('Manage Events'), 'url' => $this->_doneUrl));
         }
     } else {
         $this->_doneUrl = CRM_Utils_System::url('civicrm/admin/eventTemplate', 'reset=1');
         $breadCrumb = array(array('title' => ts('Manage Event Templates'), 'url' => $this->_doneUrl));
     }
     CRM_Utils_System::appendBreadCrumb($breadCrumb);
 }
Esempio n. 11
0
 public static function event($type = CRM_Core_Permission::VIEW, $eventID = null)
 {
     require_once 'CRM/Event/PseudoConstant.php';
     $events = CRM_Event_PseudoConstant::event(null, true);
     $includeEvents = array();
     // check if user has all powerful permission
     if (self::check('register for events')) {
         $includeEvents = array_keys($events);
     }
     if ($type == CRM_Core_Permission::VIEW && self::check('view event info')) {
         $includeEvents = array_keys($events);
     }
     require_once 'CRM/ACL/API.php';
     $permissionedEvents = CRM_ACL_API::group($type, null, 'civicrm_event', $events, $includeEvents);
     if (!$eventID) {
         return $permissionedEvents;
     }
     return array_search($eventID, $permissionedEvents) === false ? null : $eventID;
 }
Esempio n. 12
0
 static function whereClause(&$params, $sortBy = TRUE, $excludeHidden = TRUE)
 {
     $values = array();
     $clauses = array();
     $title = CRM_Utils_Array::value('title', $params);
     if ($title) {
         $clauses[] = "groups.title LIKE %1";
         if (strpos($title, '%') !== FALSE) {
             $params[1] = array($title, 'String', FALSE);
         } else {
             $params[1] = array($title, 'String', TRUE);
         }
     }
     $groupType = CRM_Utils_Array::value('group_type', $params);
     if ($groupType) {
         $types = explode(',', $groupType);
         if (!empty($types)) {
             $clauses[] = 'groups.group_type LIKE %2';
             $typeString = CRM_Core_DAO::VALUE_SEPARATOR . implode(CRM_Core_DAO::VALUE_SEPARATOR, $types) . CRM_Core_DAO::VALUE_SEPARATOR;
             $params[2] = array($typeString, 'String', TRUE);
         }
     }
     $visibility = CRM_Utils_Array::value('visibility', $params);
     if ($visibility) {
         $clauses[] = 'groups.visibility = %3';
         $params[3] = array($visibility, 'String');
     }
     $groupStatus = CRM_Utils_Array::value('status', $params);
     if ($groupStatus) {
         switch ($groupStatus) {
             case 1:
                 $clauses[] = 'groups.is_active = 1';
                 $params[4] = array($groupStatus, 'Integer');
                 break;
             case 2:
                 $clauses[] = 'groups.is_active = 0';
                 $params[4] = array($groupStatus, 'Integer');
                 break;
             case 3:
                 $clauses[] = '(groups.is_active = 0 OR groups.is_active = 1 )';
                 break;
         }
     }
     $parentsOnly = CRM_Utils_Array::value('parentsOnly', $params);
     if ($parentsOnly) {
         $clauses[] = 'groups.parents IS NULL';
     }
     // only show child groups of a specific parent group
     $parent_id = CRM_Utils_Array::value('parent_id', $params);
     if ($parent_id) {
         $clauses[] = 'groups.id IN (SELECT child_group_id FROM civicrm_group_nesting WHERE parent_group_id = %5)';
         $params[5] = array($parent_id, 'Integer');
     }
     if ($createdBy = CRM_Utils_Array::value('created_by', $params)) {
         $clauses[] = "createdBy.sort_name LIKE %6";
         if (strpos($createdBy, '%') !== FALSE) {
             $params[6] = array($createdBy, 'String', FALSE);
         } else {
             $params[6] = array($createdBy, 'String', TRUE);
         }
     }
     /*
       if ( $sortBy &&
       $this->_sortByCharacter !== null ) {
       $clauses[] =
       "groups.title LIKE '" .
       strtolower(CRM_Core_DAO::escapeWildCardString($this->_sortByCharacter)) .
       "%'";
       }
     
       // dont do a the below assignement when doing a
       // AtoZ pager clause
       if ( $sortBy ) {
       if ( count( $clauses ) > 1 ) {
       $this->assign( 'isSearch', 1 );
       } else {
       $this->assign( 'isSearch', 0 );
       }
       }
     */
     if (empty($clauses)) {
         $clauses[] = 'groups.is_active = 1';
     }
     if ($excludeHidden) {
         $clauses[] = 'groups.is_hidden = 0';
     }
     //CRM-12209
     if (!CRM_Core_Permission::check('view all contacts')) {
         //get the allowed groups for the current user
         $groups = CRM_ACL_API::group(CRM_ACL_API::VIEW);
         if (!empty($groups)) {
             $groupList = implode(', ', array_values($groups));
             $clauses[] = "groups.id IN ( {$groupList} ) ";
         }
     }
     return implode(' AND ', $clauses);
 }
Esempio n. 13
0
 /**
  * Function to actually build the form
  *
  * @return void
  * @access public
  */
 public function buildQuickForm()
 {
     //lets have single status message, CRM-4363
     $return = false;
     $statusMessage = null;
     //we should not allow component and mix profiles in search mode
     if ($this->_mode != self::MODE_REGISTER) {
         //check for mix profile fields (eg:  individual + other contact type)
         if (CRM_Core_BAO_UFField::checkProfileType($this->_gid)) {
             $statusMessage = ts('Profile search, view and edit are not supported for Profiles which include fields for more than one record type.');
         }
         $profileType = CRM_Core_BAO_UFField::getProfileType($this->_gid);
         if ($this->_id) {
             list($contactType, $contactSubType) = CRM_Contact_BAO_Contact::getContactTypes($this->_id);
             $profileSubType = false;
             if (CRM_Contact_BAO_ContactType::isaSubType($profileType)) {
                 $profileSubType = $profileType;
                 $profileType = CRM_Contact_BAO_ContactType::getBasicType($profileType);
             }
             if ($profileType != 'Contact' && ($profileSubType && $contactSubType && $profileSubType != $contactSubType || $profileType != $contactType)) {
                 $return = true;
                 if (!$statusMessage) {
                     $statusMessage = ts("This profile is configured for contact type '%1'. It cannot be used to edit contacts of other types.", array(1 => $profileSubType ? $profileSubType : $profileType));
                 }
             }
         }
         if (in_array($profileType, array("Membership", "Participant", "Contribution"))) {
             $return = true;
             if (!$statusMessage) {
                 $statusMessage = ts('Profile is not configured for the selected action.');
             }
         }
     }
     //lets have sigle status message,
     $this->assign('statusMessage', $statusMessage);
     if ($return) {
         return false;
     }
     $sBlocks = array();
     $hBlocks = array();
     $config =& CRM_Core_Config::singleton();
     $this->assign('id', $this->_id);
     $this->assign('mode', $this->_mode);
     $this->assign('action', $this->_action);
     $this->assign_by_ref('fields', $this->_fields);
     $this->assign('fieldset', isset($this->_fieldset) ? $this->_fieldset : "");
     // do we need inactive options ?
     if ($this->_action & CRM_Core_Action::VIEW) {
         $inactiveNeeded = true;
     } else {
         $inactiveNeeded = false;
     }
     $session =& CRM_Core_Session::singleton();
     // should we restrict what we display
     $admin = true;
     if ($this->_mode == self::MODE_EDIT) {
         $admin = false;
         // show all fields that are visibile:
         // if we are a admin OR the same user OR acl-user with access to the profile
         require_once 'CRM/ACL/API.php';
         if (CRM_Core_Permission::check('administer users') || $this->_id == $session->get('userID') || in_array($this->_gid, CRM_ACL_API::group(CRM_Core_Permission::EDIT, null, 'civicrm_uf_group', CRM_Core_PseudoConstant::ufGroup()))) {
             $admin = true;
         }
     }
     $userID = $session->get('userID');
     $anonUser = false;
     // if false, user is not logged-in.
     if (!$userID) {
         require_once 'CRM/Core/BAO/LocationType.php';
         $defaultLocationType =& CRM_Core_BAO_LocationType::getDefault();
         $primaryLocationType = $defaultLocationType->id;
         $anonUser = true;
         $this->assign('anonUser', true);
     }
     $addCaptcha = array();
     $emailPresent = false;
     // cache the state country fields. based on the results, we could use our javascript solution
     // in create or register mode
     $stateCountryMap = array();
     // add the form elements
     foreach ($this->_fields as $name => $field) {
         // make sure that there is enough permission to expose this field
         if (!$admin && $field['visibility'] == 'User and User Admin Only' || CRM_Utils_Array::value('is_view', $field)) {
             unset($this->_fields[$name]);
             continue;
         }
         // since the CMS manages the email field, suppress the email display if in
         // register mode which occur within the CMS form
         if ($this->_mode == self::MODE_REGISTER && substr($name, 0, 5) == 'email') {
             unset($this->_fields[$name]);
             continue;
         }
         list($prefixName, $index) = CRM_Utils_System::explode('-', $name, 2);
         if ($prefixName == 'state_province' || $prefixName == 'country') {
             if (!array_key_exists($index, $stateCountryMap)) {
                 $stateCountryMap[$index] = array();
             }
             $stateCountryMap[$index][$prefixName] = $name;
         }
         CRM_Core_BAO_UFGroup::buildProfile($this, $field, $this->_mode);
         if ($field['add_to_group_id']) {
             $addToGroupId = $field['add_to_group_id'];
         }
         //build array for captcha
         if ($field['add_captcha']) {
             $addCaptcha[$field['group_id']] = $field['add_captcha'];
         }
         if ($name == 'email-Primary' || ($name == 'email-' . isset($primaryLocationType) ? $primaryLocationType : "")) {
             $emailPresent = true;
             $this->_mail = $name;
         }
     }
     // add captcha only for create mode.
     if ($this->_mode == self::MODE_CREATE) {
         if (!$this->_isAddCaptcha && !empty($addCaptcha)) {
             $this->_isAddCaptcha = true;
         }
     } else {
         $this->_isAddCaptcha = false;
     }
     //finally add captcha to form.
     if ($this->_isAddCaptcha) {
         require_once 'CRM/Utils/ReCAPTCHA.php';
         $captcha =& CRM_Utils_ReCAPTCHA::singleton();
         $captcha->add($this);
     }
     $this->assign("isCaptcha", $this->_isAddCaptcha);
     if ($this->_mode != self::MODE_SEARCH) {
         if (isset($addToGroupId)) {
             $this->add('hidden', "group[{$addToGroupId}]", 1);
             $this->_addToGroupID = $addToGroupId;
         }
     }
     // also do state country js
     require_once 'CRM/Core/BAO/Address.php';
     CRM_Core_BAO_Address::addStateCountryMap($stateCountryMap, $this->_defaults);
     $action = CRM_Utils_Request::retrieve('action', 'String', $this, false, null);
     if ($this->_mode == self::MODE_CREATE) {
         require_once 'CRM/Core/BAO/CMSUser.php';
         CRM_Core_BAO_CMSUser::buildForm($this, $this->_gid, $emailPresent, $action);
     } else {
         $this->assign('showCMS', false);
     }
     $this->assign('groupId', $this->_gid);
     // now fix all state country selectors
     require_once 'CRM/Core/BAO/Address.php';
     CRM_Core_BAO_Address::fixAllStateSelects($this, $this->_defaults);
     // if view mode pls freeze it with the done button.
     if ($this->_action & CRM_Core_Action::VIEW) {
         $this->freeze();
     }
     if ($this->_context == 'dialog') {
         $this->addElement('submit', $this->_duplicateButtonName, ts('Save Matching Contact'));
     }
 }