/**
* TODO: How many checks do we need to do? Should we check to make sure the
* activity is the right type? That the cid and aid are associated? Seems like
* if you are messing with URL params you are kind of asking for trouble...
*/
function preProcess()
{
$this->_aid = CRM_Utils_Request::retrieve('aid', 'Positive', $this, FALSE);
$this->_cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this, FALSE);
$this->_vid = CRM_Utils_Request::retrieve('vid', 'Positive', $this, FALSE);
if (!CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::UPDATE, $this->_vid)) {
CRM_Utils_System::permissionDenied();
}
if (!$this->_aid && !($this->_cid && $this->_vid)) {
CRM_Core_Error::fatal("Form expects an activity ID or both a contact and a volunteer project ID.");
}
$check = array('Activity' => $this->_aid, 'Contact' => $this->_cid, 'VolunteerProject' => $this->_vid);
$errors = array();
foreach ($check as $entityType => $entityID) {
if (!$this->entityExists($entityType, $entityID)) {
$errors[] = "No {$entityType} with ID {$entityID} exists.";
}
}
if (count($errors)) {
CRM_Core_Error::fatal("Invalid parameter(s) passed to commendation form: " . implode(' ', $errors));
}
$contact_display_name = civicrm_api3('Contact', 'getvalue', array('id' => $this->_cid, 'return' => 'display_name'));
CRM_Utils_System::setTitle(ts('Commend %1', array(1 => $contact_display_name, 'domain' => 'org.civicrm.volunteer')));
parent::preProcess();
}
/**
* build all the data structures needed to build the form
*
* @return void
* @access public
*/
function preProcess()
{
$this->_vid = CRM_Utils_Request::retrieve('vid', 'Positive', $this, TRUE);
if (!CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::UPDATE, $this->_vid)) {
CRM_Utils_System::permissionDenied();
}
$this->_batchInfo['item_count'] = 50;
$params = array('project_id' => $this->_vid);
$this->_volunteerData = CRM_Volunteer_BAO_Assignment::retrieve($params);
$projects = CRM_Volunteer_BAO_Project::retrieve(array('id' => $this->_vid));
$project = $projects[$this->_vid];
$this->_entityID = $project->entity_id;
$this->_entityTable = $project->entity_table;
$this->_title = $project->title;
$this->_title .= ' ( ' . CRM_Utils_Date::customFormat($project->start_date);
$this->_start_date = $project->start_date;
if ($project->end_date) {
$this->_title .= ' - ' . CRM_Utils_Date::customFormat($project->end_date) . ' )';
} else {
$this->_title .= ' )';
}
/*
* Because CiviCRM's asset management framework isn't mature yet (e.g., adding
* assets to forms rendered in pop-ups using CRM_Core_Resources doesn't work),
* we pass a URL fragment to the template and include them via HTML.
*/
$this->assign('extResourceURL', CRM_Core_Resources::singleton()->getUrl('org.civicrm.volunteer'));
$this->assign('vid', $this->_vid);
}
/**
* create a Volunteer Need
* takes an associative array and creates a Need object
*
* This function is invoked from within the web form layer and also from the api layer
*
* @param array $params (reference ) an assoc array of name/value pairs
*
* @return CRM_Volunteer_BAO_Need object
* @access public
* @static
*/
static function &create($params)
{
$projectId = CRM_Utils_Array::value('project_id', $params);
$op = CRM_Core_Action::UPDATE;
if (!empty($params['check_permissions']) && !CRM_Volunteer_Permission::checkProjectPerms($op, $projectId)) {
CRM_Utils_System::permissionDenied();
// FIXME: If we don't return here, the script keeps executing. This is not
// what I expect from CRM_Utils_System::permissionDenied().
return FALSE;
}
if (empty($params)) {
return;
}
$need = new CRM_Volunteer_DAO_Need();
$need->copyValues($params);
$need->save();
return $need;
}
/**
* create a Volunteer Need
* takes an associative array and creates a Need object
*
* This function is invoked from within the web form layer and also from the api layer
*
* @param array $params (reference ) an assoc array of name/value pairs
*
* @return CRM_Volunteer_BAO_Need object
* @access public
* @static
*/
static function &create($params)
{
$need = new CRM_Volunteer_BAO_Need();
$need->copyValues($params);
$projectId = $need->getProjectId();
if ($projectId === FALSE) {
CRM_Core_Error::fatal('Missing required Need ID or Project ID');
}
// creating a Need constitutes updating a Project
$op = CRM_Core_Action::UPDATE;
if (!empty($params['check_permissions']) && !CRM_Volunteer_Permission::checkProjectPerms($op, $projectId)) {
CRM_Utils_System::permissionDenied();
// FIXME: If we don't return here, the script keeps executing. This is not
// what I expect from CRM_Utils_System::permissionDenied().
return FALSE;
}
if (empty($params)) {
return;
}
$need->save();
return $need;
}
/**
* Delete an existing project contact
*
* This method is used to delete the relationship(s) between a contact and a
* project.
*
* @param array $params array containing id of the project
* to be deleted
*
* @return array returns flag true if successfull, error
* message otherwise
* {@getfields volunteer_project_delete}
* @access public
*/
function civicrm_api3_volunteer_project_contact_delete($params)
{
$projectId = CRM_Core_DAO::getFieldValue("CRM_Volunteer_DAO_ProjectContact", $params['id'], "project_id");
if (!$params['check_permissions'] || CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::UPDATE, $projectId)) {
return _civicrm_api3_basic_delete(_civicrm_api3_get_BAO(__FUNCTION__), $params);
} else {
return civicrm_api3_create_error(ts('You do not have permission to modify contacts for this project'));
}
}
/**
* Implements hook_civicrm_alterAPIPermissions
*/
function volunteer_civicrm_alterAPIPermissions($entity, $action, &$params, &$permissions)
{
// note: unsetting the below would require the default 'administer CiviCRM' permission
$permissions['volunteer_need']['default'] = array('create volunteer projects');
$permissions['volunteer_need']['getsearchresult'] = array('register to volunteer');
$permissions['volunteer_assignment']['default'] = array('edit own volunteer projects');
$permissions['volunteer_commendation']['default'] = array('edit own volunteer projects');
$permissions['volunteer_project']['default'] = array('create volunteer projects');
$permissions['volunteer_project']['get'] = array('register to volunteer');
$permissions['volunteer_project']['getlocblockdata'] = array('edit own volunteer projects');
$permissions['volunteer_util']['default'] = array('edit own volunteer projects');
$permissions['volunteer_project_contact']['default'] = array('edit own volunteer projects');
// allow fairly liberal access to the volunteer opp listing UI, which uses lots of API calls
if (_isVolListingApiCall($entity, $action) && CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::VIEW)) {
$params['check_permissions'] = FALSE;
}
}
/**
* Create a Volunteer Project
*
* Takes an associative array and creates a Project object. This function is
* invoked from within the web form layer and also from the API layer. Allows
* the creation of project contacts, e.g.:
*
* $params['project_contacts'] = array(
* $relationship_type_name_or_id => $arr_contact_ids,
* );
*
* @param array $params an assoc array of name/value pairs
*
* @return CRM_Volunteer_BAO_Project object
* @access public
* @static
*/
static function create(array $params)
{
$projectId = CRM_Utils_Array::value('id', $params);
$op = empty($projectId) ? CRM_Core_Action::ADD : CRM_Core_Action::UPDATE;
if (!empty($params['check_permissions']) && !CRM_Volunteer_Permission::checkProjectPerms($op, $projectId)) {
CRM_Utils_System::permissionDenied();
// FIXME: If we don't return here, the script keeps executing. This is not
// what I expect from CRM_Utils_System::permissionDenied().
return FALSE;
}
// check required params
if (!self::dataExists($params)) {
CRM_Core_Error::fatal('Not enough data to create volunteer project object.');
}
// default to active unless explicitly turned off
$params['is_active'] = CRM_Utils_Array::value('is_active', $params, TRUE);
$project = new CRM_Volunteer_BAO_Project();
$project->copyValues($params);
$project->save();
$projectContacts = CRM_Utils_Array::value('project_contacts', $params, array());
foreach ($projectContacts as $relationshipType => $contactIds) {
foreach ($contactIds as $id) {
civicrm_api3('VolunteerProjectContact', 'create', array('contact_id' => $id, 'project_id' => $project->id, 'relationship_type_id' => $relationshipType));
}
}
return $project;
}
/**
* delete an existing project
*
* This method is used to delete any existing project. id of the project
* to be deleted is required field in $params array
*
* @param array $params array containing id of the project
* to be deleted
*
* @return array returns flag true if successfull, error
* message otherwise
* {@getfields volunteer_project_delete}
* @access public
*/
function civicrm_api3_volunteer_project_delete($params)
{
if (CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::DELETE, $params['id'])) {
return _civicrm_api3_basic_delete(_civicrm_api3_get_BAO(__FUNCTION__), $params);
} else {
return civicrm_api3_create_error(ts('You do not have permission to delete this event'));
}
}
/**
* Helper function to determine whether the current user should be allowed
* to retrieve a project.
*
* @param int $projectId
* @return boolean
*/
private static function allowedToRetrieve($projectId = NULL)
{
$userCanView = CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::VIEW);
$userCanViewRoster = FALSE;
if (!$userCanView && !empty($projectId)) {
$userCanViewRoster = CRM_Volunteer_Permission::checkProjectPerms(CRM_Volunteer_Permission::VIEW_ROSTER, $projectId);
}
return $userCanView || $userCanViewRoster;
}
/**
* Get a list of Projects matching the params.
*
* This function is invoked from within the web form layer and also from the
* API layer. Special params include:
* <ol>
* <li>project_contacts (@see CRM_Volunteer_BAO_Project::create() and
* CRM_Volunteer_BAO_Project::buildContactJoin)</li>
* <li>proximity (@see CRM_Volunteer_BAO_Project::buildProximityWhere)</li>
* </ol>
*
* NOTE: This method does not return data related to the special params
* outlined above; however, these parameters can be used to filter the list
* of Projects that is returned.
*
* @param array $params
* @return array of CRM_Volunteer_BAO_Project objects
*/
public static function retrieve(array $params)
{
$result = array();
$checkPerms = CRM_Utils_Array::value('check_permissions', $params);
if ($checkPerms && !CRM_Volunteer_Permission::checkProjectPerms(CRM_Core_Action::VIEW)) {
CRM_Utils_System::permissionDenied();
return;
}
$query = CRM_Utils_SQL_Select::from('`civicrm_volunteer_project` vp')->select('DISTINCT vp.*');
if (!empty($params['project_contacts'])) {
$contactJoin = self::buildContactJoin($params['project_contacts']);
if ($contactJoin) {
$query->join('vpc', $contactJoin);
}
}
if (!empty($params['proximity'])) {
$query->join('loc', 'INNER JOIN `civicrm_loc_block` loc ON loc.id = vp.loc_block_id')->join('civicrm_address', 'INNER JOIN `civicrm_address` ON civicrm_address.id = loc.address_id')->where(self::buildProximityWhere($params['proximity']));
}
// This step is here to support both naming conventions for specifying params
// (e.g., volunteer_project_id and id) while normalizing how we access them
// (e.g., $project->id)
$project = new CRM_Volunteer_BAO_Project();
$project->copyValues($params);
foreach ($project->fields() as $field) {
$fieldName = $field['name'];
if (!empty($project->{$fieldName})) {
$query->where('!column = @value', array('column' => $fieldName, 'value' => $project->{$fieldName}));
}
}
$dao = self::executeQuery($query->toSQL());
while ($dao->fetch()) {
$fetchedProject = new CRM_Volunteer_BAO_Project();
$fetchedProject->copyValues(clone $dao);
$result[(int) $dao->id] = $fetchedProject;
}
$dao->free();
return $result;
}
