function preProcess() { CRM_Core_Resources::singleton()->addScriptFile('uk.co.vedaconsulting.pcpteams', 'packages/jquery-circle-progress/dist/circle-progress.js', CRM_Core_Resources::DEFAULT_WEIGHT, 'html-header')->addStyleFile('uk.co.vedaconsulting.pcpteams', 'css/manage.css'); $session = CRM_Core_Session::singleton(); $this->_userID = $session->get('userID'); if (!$this->_userID) { CRM_Core_Error::fatal(ts('You must be logged in to view this page.')); } else { $pcpId = CRM_Utils_Request::retrieve('id', 'Positive', CRM_Core_DAO::$_nullArray, TRUE); if (!CRM_Pcpteams_Utils::hasPermission($pcpId, $this->_userID, CRM_Core_Permission::VIEW)) { CRM_Core_Error::fatal(ts('You do not have permission to view this Page.')); } } //set user can edit or view page. $isEdit = CRM_Pcpteams_Utils::hasPermission($pcpId, $this->_userID, CRM_Core_Permission::EDIT); $isMember = CRM_Pcpteams_Utils::hasPermission($pcpId, $this->_userID, CRM_Pcpteams_Constant::C_PERMISSION_MEMBER); $this->assign("is_edit_page", $isEdit); $this->_isEditPermission = $isEdit; $this->assign("is_member", $isMember); $this->assign('userId', $this->_userID); }
function civicrm_api3_pcpteams_customcreate($params) { $customParams = array(); $isEditPermission = CRM_Pcpteams_Utils::hasPermission($params['entity_id'], NULL, CRM_Core_Permission::EDIT); foreach ($params as $key => $value) { if ($key && !in_array($key, array('entity_id', 'version'))) { $customFieldId = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_CustomField', $key, 'id', 'column_name'); if (!$customFieldId) { continue; } if ($key == 'team_pcp_id') { if ($value) { // we don't want pcp-owners to control / update setting of team_pcp_id. // Lets make sure its the admin who is doing it by checking if logged in user has edit permission on team_pcp_id ($value here) if (!CRM_Pcpteams_Utils::hasPermission($value, NULL, CRM_Core_Permission::EDIT)) { continue; } } else { if (!(CRM_Pcpteams_Utils::hasPermission($params['entity_id'], NULL, CRM_Pcpteams_Constant::C_PERMISSION_TEAM_ADMIN) || $isEditPermission)) { // this is the case when somebody is setting team_pcp_id to NULL // if the logged in user is (A) admin for pcp ($params['entity_id']) being updated OR (B) owner of pcp being updated, // we allow it to unset continue; } } } else { if (!$isEditPermission) { continue; } } $customParams["custom_{$customFieldId}"] = $value; } } if (empty($customParams)) { return civicrm_api3_create_error('insufficient permission to edit this record'); } $customParams['version'] = 3; $customParams['entity_id'] = $params['entity_id']; return civicrm_api3('CustomValue', 'create', $customParams); }
static function withdrawJoinRequest() { $entity_id = CRM_Utils_Type::escape($_POST['entity_id'], 'Integer'); $op = CRM_Utils_Type::escape($_POST['op'], 'String'); $pcp_id = CRM_Utils_Type::escape($_POST['pcp_id'], 'Integer'); $team_pcp_id = CRM_Utils_Type::escape($_POST['team_pcp_id'], 'Integer'); $targetId = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Relationship', $entity_id, 'contact_id_b'); $userID = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Relationship', $entity_id, 'contact_id_a'); //check user permission if (!CRM_Pcpteams_Utils::hasPermission($pcp_id, $userID)) { CRM_Core_Session::setStatus(ts("Sorry! You dont have right permission to withdraw this request")); CRM_Utils_System::civiExit(); } $teamAdminID = CRM_Pcpteams_Utils::getTeamAdmin($team_pcp_id); $getUserPcpQuery = "SELECT pcp_a_b FROM civicrm_value_pcp_relationship_set WHERE entity_id = {$entity_id}"; $userPcpId = CRM_Core_DAO::singleValueQuery($getUserPcpQuery); $updatedResult = civicrm_api3('Relationship', 'delete', array('sequential' => 1, 'id' => $entity_id)); if (!civicrm_error($updatedResult)) { //create Activity - Join Team Request withdraw $actParams = array('assignee_contact_id' => $teamAdminID, 'target_contact_id' => $targetId); //FIXME: Make sure the activity type., doesn't have seperate activity type for withdraw at the moment. CRM_Pcpteams_Utils::createPcpActivity($actParams, CRM_Pcpteams_Constant::C_AT_REQ_DECLINED); list($userName, $userEmail) = CRM_Contact_BAO_Contact::getContactDetails($userID); $contactDetails = civicrm_api('Contact', 'get', array('version' => 3, 'sequential' => 1, 'id' => $userID)); $emailParams = array('tplParams' => array('userFirstName' => $contactDetails['values'][0]['first_name'], 'userLastName' => $contactDetails['values'][0]['last_name'], 'teamName' => CRM_Contact_BAO_Contact::displayName($targetId), 'pageURL' => CRM_Utils_System::url('civicrm/pcp/manage', "reset=1&id={$userPcpId}", TRUE, NULL, FALSE, TRUE)), 'email' => array($userName => array('first_name' => $contactDetails['values'][0]['first_name'], 'last_name' => $contactDetails['values'][0]['last_name'], 'email-Primary' => $userEmail, 'display_name' => $userName)), 'valueName' => CRM_Pcpteams_Constant::C_MSG_TPL_JOIN_REQ_DECLINE_TEAM); $sendEmail = CRM_Pcpteams_Utils::sendMail($teamAdminID, $emailParams); //end echo 'declined'; } else { echo $updatedResult['error_message']; } CRM_Utils_System::civiExit(); }
static function adjustTeamTarget($pcpId) { if (empty($pcpId)) { return NULL; } $pcpType = CRM_Pcpteams_Utils::checkPcpType($pcpId); // only for indiviual pcp if ($pcpType != CRM_Pcpteams_Constant::C_CONTACT_SUB_TYPE_TEAM) { $selectTeamPcpQuery = "SELECT team_pcp_id FROM civicrm_value_pcp_custom_set WHERE entity_id ={$pcpId}"; $teamPcpId = CRM_Core_DAO::singleValueQuery($selectTeamPcpQuery); $isEdit = CRM_Pcpteams_Utils::hasPermission($teamPcpId, NULL, CRM_Core_Permission::EDIT); if ($isEdit) { $query = "\n UPDATE civicrm_pcp p1 \n INNER JOIN civicrm_value_pcp_custom_set cs ON cs.team_pcp_id = p1.id\n INNER JOIN civicrm_pcp p2 ON p2.id = cs.entity_id\n SET p1.goal_amount = p2.goal_amount\n WHERE cs.entity_id = %1 AND (p1.goal_amount is NULL OR p1.goal_amount = 0) AND (p2.goal_amount IS NOT NULL OR p2.goal_amount <> 0)"; $queryParams = array(1 => array($pcpId, 'String')); CRM_Core_DAO::executeQuery($query, $queryParams); } } }