/** * This function is called prior to building and submitting the form */ function preProcess() { // check contact_id $this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this); if (empty($this->_contactId)) { CRM_Core_Error::statusBounce(ts('Could not get a contact id.'), NULL, ts('Lidmaatschap Wijziging - Contact')); // this also redirects to the default civicrm page } // check for permissions $session = CRM_Core_Session::singleton(); if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'), NULL, ts('Lidmaatschap Wijziging - Contact')); // this also redirects to the default civicrm page } // get session $session = CRM_Core_Session::singleton(); // get values $this->_configGroup = CRM_Lidmaatschapwijziging_ConfigGroup::singleton($this->_contactId); $this->_values = $this->_configGroup->getContact(); // set display name $this->_display_name = $this->_values['display_name']; // set title CRM_Utils_System::setTitle('LidmaatschapWijziging - Group - ' . $this->_values['display_name']); // set contact id $this->_values['contact_id'] = $this->_contactId; }
/** * Function to set variables up before form is built * * @return void * @access public */ public function preProcess() { $this->_participantId = CRM_Utils_Request::retrieve('participantId', 'Positive', $this); $this->_cc = CRM_Utils_Request::retrieve('cc', 'String', $this); //get the contact and event id and assing to session. $values = array(); $csContactID = NULL; if ($this->_participantId) { $params = array('id' => $this->_participantId); CRM_Core_DAO::commonRetrieve('CRM_Event_DAO_Participant', $params, $values, array('contact_id', 'event_id', 'status_id')); } $this->_participantStatusId = CRM_Utils_Array::value('status_id', $values); $this->_eventId = CRM_Utils_Array::value('event_id', $values); $csContactId = CRM_Utils_Array::value('contact_id', $values); // make sure we have right permission to edit this user $this->_csContactID = NULL; if ($csContactId && $this->_eventId) { $session = CRM_Core_Session::singleton(); if ($csContactId == $session->get('userID')) { $this->_csContactID = $csContactId; } else { if (CRM_Contact_BAO_Contact_Permission::validateChecksumContact($csContactId, $this)) { //since we have landing page so get this contact //id in session if user really want to walk wizard. $this->_csContactID = $csContactId; } } } if (!$this->_csContactID) { $config = CRM_Core_Config::singleton(); CRM_Core_Error::statusBounce(ts('You do not have permission to access this event registration. Contact the site administrator if you need assistance.'), $config->userFrameworkBaseURL); } }
/** * This function is called prior to building and submitting the form */ function preProcess() { // check contact_id $this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this); if (empty($this->_contactId)) { CRM_Core_Error::statusBounce(ts('Could not get a contact id.'), NULL, ts('Lidmaatschap Wijziging - Contact')); // this also redirects to the default civicrm page } // check for permissions $session = CRM_Core_Session::singleton(); if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'), NULL, ts('Lidmaatschap Wijziging - Contact')); // this also redirects to the default civicrm page } // get request $this->_request = CRM_Utils_Request::retrieve('request', 'String', $this, FALSE, 'choose'); // get session $session = CRM_Core_Session::singleton(); // get values $this->_configRelationship = CRM_Lidmaatschapwijziging_ConfigRelationship::singleton($this->_contactId); $this->_values = $this->_configRelationship->getContact(); // set contact id $this->_values['contact_id'] = $this->_contactId; // set display name $this->_display_name = $this->_values['display_name']; // set request $this->_values['request'] = $this->_request; // set title CRM_Utils_System::setTitle('LidmaatschapWijziging - Relatie - ' . $this->_values['display_name']); // request if ('empty' == $this->_request) { } if ('choose' == $this->_request) { // if there is no relatiosnhips then the options are empty, we // show a message that there are no memebrships and a submit butten to // go to the relationship, first we redirect them to request empty $relationships = $this->_configRelationship->getRelationships(); if (empty($relationships)) { // redirect user $url = CRM_Utils_System::url('civicrm/lidmaatschapwijziging/relationship', 'reset=1&request=empty&cid=' . $this->_contactId); CRM_Utils_System::redirect($url); } } if ('update' == $this->_request) { // get relationship id $this->_relationshipId = CRM_Utils_Request::retrieve('relationship_id', 'Positive', $this); $this->_values['relationship_id'] = $this->_relationshipId; // get relationship $this->_values = array_merge($this->_values, $this->_configRelationship->getRelationship($this->_relationshipId)); if (!empty($this->_values['contact_a']['display_name'])) { $this->assign('sort_name_a', $this->_values['contact_a']['display_name']); } if (!empty($this->_values['contact_b']['display_name'])) { $this->assign('sort_name_b', $this->_values['contact_b']['display_name']); } // note $this->_values['note_id'] = $this->_values['notes']['id']; $this->_values['note'] = $this->_values['notes']['note']; } }
/** * List activities as dashlet * * @return none * * @access public */ function run() { $session = CRM_Core_Session::singleton(); $contactID = $session->get('userID'); // a user can always view their own activity // if they have access CiviCRM permission $permission = CRM_Core_Permission::VIEW; // make the permission edit if the user has edit permission on the contact require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (CRM_Contact_BAO_Contact_Permission::allow($contactID, CRM_Core_Permission::EDIT)) { $permission = CRM_Core_Permission::EDIT; } $admin = CRM_Core_Permission::check('view all activities') || CRM_Core_Permission::check('administer CiviCRM'); require_once 'CRM/Core/Selector/Controller.php'; $output = CRM_Core_Selector_Controller::SESSION; require_once 'CRM/Activity/Selector/Activity.php'; $selector = new CRM_Activity_Selector_Activity($contactID, $permission, $admin, 'home'); $sortID = null; if ($this->get(CRM_Utils_Sort::SORT_ID)) { $sortID = CRM_Utils_Sort::sortIDValue($this->get(CRM_Utils_Sort::SORT_ID), $this->get(CRM_Utils_Sort::SORT_DIRECTION)); } $controller = new CRM_Core_Selector_Controller($selector, $this->get(CRM_Utils_Pager::PAGE_ID), $sortID, CRM_Core_Action::VIEW, $this, $output); $controller->setEmbedded(true); $controller->run(); $controller->moveFromSessionToTemplate(); return parent::run(); }
/** * build all the data structures needed to build the form * * @return void * @access public */ function preProcess() { // reset action from the session $this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, 'update'); $this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this, TRUE); $rcid = CRM_Utils_Request::retrieve('rcid', 'Positive', $this); $rcid = $rcid ? "&id={$rcid}" : ''; $session = CRM_Core_Session::singleton(); $session->pushUserContext(CRM_Utils_System::url('civicrm/user', "reset=1{$rcid}")); if ($this->_contactId) { $contact = new CRM_Contact_DAO_Contact(); $contact->id = $this->_contactId; if (!$contact->find(TRUE)) { CRM_Core_Error::statusBounce(ts('contact does not exist: %1', array(1 => $this->_contactId))); } $this->_contactType = $contact->contact_type; // check for permissions if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.')); } list($displayName, $contactImage) = CRM_Contact_BAO_Contact::getDisplayAndImage($this->_contactId); CRM_Utils_System::setTitle($displayName, $contactImage . ' ' . $displayName); } else { CRM_Core_Error::statusBounce(ts('Could not get a contact_id and/or contact_type')); } }
function __construct() { parent::__construct(); $check = CRM_Core_Permission::check('access Contact Dashboard'); if (!$check) { CRM_Utils_System::redirect(CRM_Utils_System::url('civicrm/dashboard', 'reset=1')); break; } $this->_contactId = CRM_Utils_Request::retrieve('id', 'Positive', $this); $session =& CRM_Core_Session::singleton(); $userID = $session->get('userID'); if (!$this->_contactId) { $this->_contactId = $userID; } else { if ($this->_contactId != $userID) { require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::VIEW)) { CRM_Core_Error::fatal(ts('You do not have permission to view this contact')); } if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { $this->_edit = false; } } } }
/** * build all the data structures needed to build the form * * @return void * @access public */ function preProcess() { $cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this, FALSE); $this->_searchKey = CRM_Utils_Request::retrieve('key', 'String', $this); // sort out whether it’s a delete-to-trash, delete-into-oblivion or restore (and let the template know) $values = $this->controller->exportValues(); $this->_skipUndelete = (CRM_Core_Permission::check('access deleted contacts') and (CRM_Utils_Request::retrieve('skip_undelete', 'Boolean', $this) or CRM_Utils_Array::value('task', $values) == CRM_Contact_Task::DELETE_PERMANENTLY)); $this->_restore = (CRM_Utils_Request::retrieve('restore', 'Boolean', $this) or CRM_Utils_Array::value('task', $values) == CRM_Contact_Task::RESTORE); if ($this->_restore && !CRM_Core_Permission::check('access deleted contacts')) { CRM_Core_Error::fatal(ts('You do not have permission to access this contact.')); } elseif (!CRM_Core_Permission::check('delete contacts')) { CRM_Core_Error::fatal(ts('You do not have permission to delete this contact.')); } $this->assign('trash', CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'contact_undelete', NULL) and !$this->_skipUndelete); $this->assign('restore', $this->_restore); if ($this->_restore) { CRM_Utils_System::setTitle(ts('Restore Contact')); } if ($cid) { if (!CRM_Contact_BAO_Contact_Permission::allow($cid, CRM_Core_Permission::EDIT)) { CRM_Core_Error::fatal(ts('You do not have permission to delete this contact. Note: you can delete contacts if you can edit them.')); } elseif (CRM_Contact_BAO_Contact::checkDomainContact($cid)) { CRM_Core_Error::fatal(ts('This contact is a special one for the contact information associated with the CiviCRM installation for this domain. No one is allowed to delete it because the information is used for special system purposes.')); } $this->_contactIds = array($cid); $this->_single = TRUE; $this->assign('totalSelectedContacts', 1); } else { parent::preProcess(); } $this->_sharedAddressMessage = $this->get('sharedAddressMessage'); if (!$this->_restore && !$this->_sharedAddressMessage) { // we check for each contact for shared contact address $sharedContactList = array(); $sharedAddressCount = 0; foreach ($this->_contactIds as $contactId) { // check if a contact that is being deleted has any shared addresses $sharedAddressMessage = CRM_Core_BAO_Address::setSharedAddressDeleteStatus(NULL, $contactId, TRUE); if ($sharedAddressMessage['count'] > 0) { $sharedAddressCount += $sharedAddressMessage['count']; $sharedContactList = array_merge($sharedContactList, $sharedAddressMessage['contactList']); } } $this->_sharedAddressMessage = array('count' => $sharedAddressCount, 'contactList' => $sharedContactList); if ($sharedAddressCount > 0) { if (count($this->_contactIds) > 1) { // more than one contact deleted $message = ts('One of the selected contacts has an address record that is shared with 1 other contact.', array('plural' => 'One or more selected contacts have address records which are shared with %count other contacts.', 'count' => $sharedAddressCount)); } else { // only one contact deleted $message = ts('This contact has an address record which is shared with 1 other contact.', array('plural' => 'This contact has an address record which is shared with %count other contacts.', 'count' => $sharedAddressCount)); } CRM_Core_Session::setStatus($message . ' ' . ts('Shared addresses will not be removed or altered but will no longer be shared.'), ts('Shared Addesses Owner')); } // set in form controller so that queries are not fired again $this->set('sharedAddressMessage', $this->_sharedAddressMessage); } }
/** * build all the data structures needed to build the form * * @return void * @access public */ function preProcess() { $cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this, FALSE); $this->_searchKey = CRM_Utils_Request::retrieve('key', 'String', $this); // sort out whether it’s a delete-to-trash, delete-into-oblivion or restore (and let the template know) $config = CRM_Core_Config::singleton(); $values = $this->controller->exportValues(); $this->_skipUndelete = (CRM_Core_Permission::check('access deleted contacts') and (CRM_Utils_Request::retrieve('skip_undelete', 'Boolean', $this) or CRM_Utils_Array::value('task', $values) == CRM_Contact_Task::DELETE_PERMANENTLY)); $this->_restore = (CRM_Utils_Request::retrieve('restore', 'Boolean', $this) or CRM_Utils_Array::value('task', $values) == CRM_Contact_Task::RESTORE); if ($this->_restore && !CRM_Core_Permission::check('access deleted contacts')) { CRM_Core_Error::fatal(ts('You do not have permission to access this contact.')); } elseif (!CRM_Core_Permission::check('delete contacts')) { CRM_Core_Error::fatal(ts('You do not have permission to delete this contact.')); } $this->assign('trash', $config->contactUndelete and !$this->_skipUndelete); $this->assign('restore', $this->_restore); if ($this->_restore) { CRM_Utils_System::setTitle(ts('Restore Contact')); } if ($cid) { if (!CRM_Contact_BAO_Contact_Permission::allow($cid, CRM_Core_Permission::EDIT)) { CRM_Core_Error::fatal(ts('You do not have permission to delete this contact. Note: you can delete contacts if you can edit them.')); } $this->_contactIds = array($cid); $this->_single = TRUE; $this->assign('totalSelectedContacts', 1); } else { parent::preProcess(); } $this->_sharedAddressMessage = $this->get('sharedAddressMessage'); if (!$this->_restore && !$this->_sharedAddressMessage) { // we check for each contact for shared contact address $sharedContactList = array(); $sharedAddressCount = 0; foreach ($this->_contactIds as $contactId) { // check if a contact that is being deleted has any shared addresses $sharedAddressMessage = CRM_Core_BAO_Address::setSharedAddressDeleteStatus(NULL, $contactId, TRUE); if ($sharedAddressMessage['count'] > 0) { $sharedAddressCount += $sharedAddressMessage['count']; $sharedContactList = array_merge($sharedContactList, $sharedAddressMessage['contactList']); } } $this->_sharedAddressMessage = array('count' => $sharedAddressCount, 'contactList' => $sharedContactList); if ($sharedAddressCount > 0) { if (count($this->_contactIds) > 1) { //more than one contact is deleted CRM_Core_Session::setStatus(ts('Selected contact(s) has an address record which is shared with %1 other contact(s). Shared addresses will not be removed or altered but will no longer be shared.', array(1 => $sharedAddressCount))); } else { // only one contact is been deleted CRM_Core_Session::setStatus(ts('This contact has an address record which is shared with %1 other contact(s). Shared addresses will not be removed or altered but will no longer be shared.', array(1 => $sharedAddressCount))); } } // set in form controller so that queries are not fired again $this->set('sharedAddressMessage', $this->_sharedAddressMessage); } }
/** * This function is called prior to building and submitting the form */ function preProcess() { // check contact_id $this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this); if (empty($this->_contactId)) { CRM_Core_Error::statusBounce(ts('Could not get a contact id.'), NULL, ts('Lidmaatschap Wijziging - Contact')); // this also redirects to the default civicrm page } // check for permissions $session = CRM_Core_Session::singleton(); if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'), NULL, ts('Lidmaatschap Wijziging - Contact')); // this also redirects to the default civicrm page } // get session $session = CRM_Core_Session::singleton(); // redirect user after postProcess //$urlParams = 'reset=1&cid=' . $this->_contactId; //$session->pushUserContext(CRM_Utils_System::url('civicrm/lidmaatschapwijziging/contact', $urlParams)); // get values $this->_configContact = CRM_Lidmaatschapwijziging_ConfigContact::singleton($this->_contactId); $this->_values = $this->_configContact->getContact(); // set display name $this->_display_name = $this->_values['display_name']; // set title CRM_Utils_System::setTitle('LidmaatschapWijziging - Contact - ' . $this->_values['display_name']); // set contact id $this->_values['contact_id'] = $this->_contactId; // change the default name like huppeldepup_35 to huppeldepup, this // ensures the we can use the know names for custom fields in the template like // huppeldepup and not the column_names like huppeldepup_35 $values = $this->_configContact->getVnvInfoCustomValues(); // set vnvn info id, is neede for update or insert in the postProccess if (isset($values['id']) and !empty($values['id'])) { $this->_vnvinfoId = $values['id']; } foreach ($this->_configContact->getVnvInfoCustomFields() as $key => $field) { $this->_values[$field['name']] = $values[$field['column_name']]; } $values = $this->_configContact->getWerkgeverCustomValues(); // set werkgever id, is neede for update or insert in the postProccess if (isset($values['id']) and !empty($values['id'])) { $this->_werkgeverId = $values['id']; } foreach ($this->_configContact->getWerkgeverCustomFields() as $key => $field) { $this->_values[$field['name']] = $values[$field['column_name']]; } $currentEmployer = CRM_Contact_BAO_Relationship::getCurrentEmployer(array($this->_contactId)); $defaults['current_employer_id'] = CRM_Utils_Array::value('org_id', $currentEmployer[$this->_contactId]); // assign values needed for the template $this->assign('contactId', $this->_contactId); $this->assign('employerDataURL', '/civicrm/ajax/rest?className=CRM_Contact_Page_AJAX&fnName=getContactList&json=1&context=contact&org=1&employee_id=' . $this->_contactId); $this->assign('currentEmployer', $this->_values['employer_id']); }
static function getContactList(&$config) { require_once 'CRM/Core/BAO/Preferences.php'; $name = CRM_Utils_Type::escape($_GET['s'], 'String'); $limit = '10'; $list = array_keys(CRM_Core_BAO_Preferences::valueOptions('contact_autocomplete_options'), '1'); $select = array('sort_name'); $where = ''; $from = array(); foreach ($list as $value) { $suffix = substr($value, 0, 2) . substr($value, -1); switch ($value) { case 'street_address': case 'city': $selectText = $value; $value = "address"; $suffix = 'sts'; case 'phone': case 'email': $select[] = $value == 'address' ? $selectText : $value; $from[$value] = "LEFT JOIN civicrm_{$value} {$suffix} ON ( cc.id = {$suffix}.contact_id AND {$suffix}.is_primary = 1 ) "; break; case 'country': case 'state_province': $select[] = "{$suffix}.name"; if (!in_array('address', $from)) { $from['address'] = 'LEFT JOIN civicrm_address sts ON ( cc.id = sts.contact_id AND sts.is_primary = 1) '; } $from[$value] = " LEFT JOIN civicrm_{$value} {$suffix} ON ( sts.{$value}_id = {$suffix}.id ) "; break; } } $select = implode(', ', $select); $from = implode(' ', $from); if (CRM_Utils_Array::value('limit', $_GET)) { $limit = CRM_Utils_Type::escape($_GET['limit'], 'Positive'); } // add acl clause here require_once 'CRM/Contact/BAO/Contact/Permission.php'; list($aclFrom, $aclWhere) = CRM_Contact_BAO_Contact_Permission::cacheClause('cc'); if ($aclWhere) { $where .= " AND {$aclWhere} "; } $query = "\nSELECT DISTINCT(cc.id) as id, CONCAT_WS( ' :: ', {$select} ) as data\nFROM civicrm_contact cc {$from}\n{$aclFrom}\nWHERE sort_name LIKE '%{$name}%' {$where} \nORDER BY sort_name\nLIMIT 0, {$limit}\n"; // send query to hook to be modified if needed require_once 'CRM/Utils/Hook.php'; CRM_Utils_Hook::contactListQuery($query, $name, CRM_Utils_Array::value('context', $_GET), CRM_Utils_Array::value('id', $_GET)); $dao = CRM_Core_DAO::executeQuery($query); $contactList = null; while ($dao->fetch()) { echo $contactList = "{$dao->data}|{$dao->id}\n"; } exit; }
/** * @throws Exception */ function __construct() { parent::__construct(); $this->_contactId = CRM_Utils_Request::retrieve('id', 'Positive', $this); $session = CRM_Core_Session::singleton(); $userID = $session->get('userID'); if (!$this->_contactId) { $this->_contactId = $userID; } elseif ($this->_contactId != $userID) { if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::VIEW)) { CRM_Core_Error::fatal(ts('You do not have permission to view this contact')); } if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { $this->_edit = FALSE; } } }
/** * Function to set variables up before form is built * * @return void * @access public */ public function preProcess() { parent::preProcess(); // make sure we have right permission to edit this user $csContactID = CRM_Utils_Request::retrieve('cid', 'Positive', $this, false, $this->_userID); require_once 'CRM/Contact/BAO/Contact.php'; if ($csContactID != $this->_userID) { require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (CRM_Contact_BAO_Contact_Permission::validateChecksumContact($csContactID, $this)) { $session = CRM_Core_Session::singleton(); $session->set('userID', $csContactID); $this->_userID = $csContactID; } } if (CRM_Utils_Array::value('id', $this->_pcpInfo) && CRM_Utils_Array::value('intro_text', $this->_pcpInfo)) { $this->assign('intro_text', $this->_pcpInfo['intro_text']); } else { if (CRM_Utils_Array::value('intro_text', $this->_values)) { $this->assign('intro_text', $this->_values['intro_text']); } } if (CRM_Utils_Array::value('footer_text', $this->_values)) { $this->assign('footer_text', $this->_values['footer_text']); } //CRM-5001 if ($this->_values['is_for_organization']) { $msg = ts('Mixed profile not allowed for on behalf of registration/sign up.'); require_once 'CRM/Core/BAO/UFGroup.php'; if ($preID = CRM_Utils_Array::value('custom_pre_id', $this->_values)) { $preProfile = CRM_Core_BAO_UFGroup::profileGroups($preID); foreach (array('Individual', 'Organization', 'Household') as $contactType) { if (in_array($contactType, $preProfile) && (in_array('Membership', $preProfile) || in_array('Contribution', $preProfile))) { CRM_Core_Error::fatal($msg); } } } if ($postID = CRM_Utils_Array::value('custom_post_id', $this->_values)) { $postProfile = CRM_Core_BAO_UFGroup::profileGroups($postID); foreach (array('Individual', 'Organization', 'Household') as $contactType) { if (in_array($contactType, $postProfile) && (in_array('Membership', $postProfile) || in_array('Contribution', $postProfile))) { CRM_Core_Error::fatal($msg); } } } } }
/** * pre processing work done here. * * @param * @return void * * @access public * */ function preProcess() { $this->_mode = CRM_Profile_Form::MODE_CREATE; //set the context for the profile $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this); if ($this->_context) { $this->assign('context', $this->_context); } if ($this->get('skipPermission')) { $this->_skipPermission = true; } if ($this->get('edit')) { //this is edit mode. $this->_mode = CRM_Profile_Form::MODE_EDIT; // make sure we have right permission to edit this user $session =& CRM_Core_Session::singleton(); $userID = $session->get('userID'); $id = CRM_Utils_Request::retrieve('id', 'Positive', $this, false, $userID); require_once 'CRM/Contact/BAO/Contact/Utils.php'; if ($id != $userID) { // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 require_once 'CRM/Contact/BAO/Contact/Permission.php'; $config =& CRM_Core_Config::singleton(); if ($config->userFrameworkFrontend) { CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this); } else { CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this); } $this->_isPermissionedChecksum = true; } } parent::preProcess(); // make sure the gid is set and valid if (!$this->_gid) { CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is disabled, OR there is no Profile with that ID, OR a valid \'gid=\' integer value is missing from the URL. Contact the site administrator if you need assistance.', array(1 => $this->_gid))); } // and also the profile is of type 'Profile' $query = "\nSELECT module\n FROM civicrm_uf_join\n WHERE module = 'Profile'\n AND uf_group_id = %1\n"; $params = array(1 => array($this->_gid, 'Integer')); $dao =& CRM_Core_DAO::executeQuery($query, $params); if (!$dao->fetch()) { CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.', array(1 => $this->_gid))); } }
/** * View details of a relationship. */ public function view() { $viewRelationship = CRM_Contact_BAO_Relationship::getRelationship($this->_contactId, NULL, NULL, NULL, $this->_id); //To check whether selected contact is a contact_id_a in //relationship type 'a_b' in relationship table, if yes then //revert the permissionship text in template $relationship = new CRM_Contact_DAO_Relationship(); $relationship->id = $viewRelationship[$this->_id]['id']; if ($relationship->find(TRUE)) { if ($viewRelationship[$this->_id]['rtype'] == 'a_b' && $this->_contactId == $relationship->contact_id_a) { $this->assign("is_contact_id_a", TRUE); } } $relType = $viewRelationship[$this->_id]['civicrm_relationship_type_id']; $this->assign('viewRelationship', $viewRelationship); $employerId = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_contactId, 'employer_id'); $this->assign('isCurrentEmployer', FALSE); $relTypes = CRM_Utils_Array::index(array('name_a_b'), CRM_Core_PseudoConstant::relationshipType('name')); if ($viewRelationship[$this->_id]['employer_id'] == $this->_contactId) { $this->assign('isCurrentEmployer', TRUE); } elseif ($relType == $relTypes['Employee of']['id'] && $viewRelationship[$this->_id]['cid'] == $employerId) { // make sure we are viewing employee of relationship $this->assign('isCurrentEmployer', TRUE); } $viewNote = CRM_Core_BAO_Note::getNote($this->_id); $this->assign('viewNote', $viewNote); $groupTree = CRM_Core_BAO_CustomGroup::getTree('Relationship', $this, $this->_id, 0, $relType); CRM_Core_BAO_CustomGroup::buildCustomDataView($this, $groupTree, FALSE, NULL, NULL, NULL, $this->_id); $rType = CRM_Utils_Array::value('rtype', $viewRelationship[$this->_id]); // add viewed contribution to recent items list $url = CRM_Utils_System::url('civicrm/contact/view/rel', "action=view&reset=1&id={$viewRelationship[$this->_id]['id']}&cid={$this->_contactId}&context=home"); $session = CRM_Core_Session::singleton(); $recentOther = array(); if ($session->get('userID') == $this->_contactId || CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { $recentOther = array('editUrl' => CRM_Utils_System::url('civicrm/contact/view/rel', "action=update&reset=1&id={$viewRelationship[$this->_id]['id']}&cid={$this->_contactId}&rtype={$rType}&context=home"), 'deleteUrl' => CRM_Utils_System::url('civicrm/contact/view/rel', "action=delete&reset=1&id={$viewRelationship[$this->_id]['id']}&cid={$this->_contactId}&rtype={$rType}&context=home")); } $displayName = CRM_Contact_BAO_Contact::displayName($this->_contactId); $this->assign('displayName', $displayName); CRM_Utils_System::setTitle(ts('View Relationship for') . ' ' . $displayName); $title = $displayName . ' (' . $viewRelationship[$this->_id]['relation'] . ' ' . CRM_Contact_BAO_Contact::displayName($viewRelationship[$this->_id]['cid']) . ')'; // add the recently viewed Relationship CRM_Utils_Recent::add($title, $url, $viewRelationship[$this->_id]['id'], 'Relationship', $this->_contactId, NULL, $recentOther); }
/** * build all the data structures needed to build the form * * @return void * @access public */ function preProcess() { //check for delete if (!CRM_Core_Permission::check('delete contacts')) { CRM_Core_Error::fatal(ts('You do not have permission to access this page')); } $cid = CRM_Utils_Request::retrieve('cid', 'Positive', $this, false); if ($cid) { require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (!CRM_Contact_BAO_Contact_Permission::allow($cid, CRM_Core_Permission::EDIT)) { CRM_Core_Error::fatal(ts('You do not have permission to delete this contact. Note: you can delete contacts if you can edit them.')); } $this->_contactIds = array($cid); $this->_single = true; $this->assign('totalSelectedContacts', 1); } else { parent::preProcess(); } }
function preProcess() { $params = array(); $defaults = array(); $ids = array(); $session =& CRM_Core_Session::singleton(); $uid = $session->get('userID'); if (!$uid) { require_once 'CRM/Utils/System.php'; CRM_Utils_System::setUFMessage(ts('We could not find a user id. You must be logged in to access the CiviCRM Home Page and menus.')); CRM_Core_Error::statusBounce(ts('We could not find a user id. You must be logged in to access the CiviCRM Home Page and menus.')); } $this->assign('contactId', $uid); $this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, false, 'view'); $this->assign('action', $this->_action); // a user can always view their own activity history // if they have access CiviCRM permission $this->_permission = CRM_Core_Permission::VIEW; // make the permission edit if the user has edit permission on the contact require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (CRM_Contact_BAO_Contact_Permission::allow($uid, CRM_Core_Permission::EDIT)) { $this->_permission = CRM_Core_Permission::EDIT; } $displayName = $this->get('displayName'); list($displayName, $contactImage, $contactType) = CRM_Contact_BAO_Contact::getDisplayAndImage($uid, true); $this->set('displayName', $displayName); $this->set('contactImage', $contactImage); CRM_Utils_System::setTitle($contactImage . ' ' . $displayName, $displayName); CRM_Utils_Recent::add($displayName, CRM_Utils_System::url('civicrm/contact/view', 'reset=1&cid=' . $uid), $uid, $contactType, $uid, $displayName); // call hook to get html from other modules require_once 'CRM/Utils/Hook.php'; $contentPlacement = CRM_Utils_Hook::DASHBOARD_BELOW; // ignored but needed to prevent warnings $html = CRM_Utils_Hook::dashboard($uid, $contentPlacement); if (is_array($html)) { $this->assign_by_ref('hookContent', $html); $this->assign('hookContentPlacement', $contentPlacement); } }
/** * This function is called prior to building and submitting the form */ function preProcess() { // check contact_id $this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this); if (empty($this->_contactId)) { CRM_Core_Error::statusBounce(ts('Could not get a contact id.'), NULL, ts('Lidmaatschap Wijziging - Contact')); // this also redirects to the default civicrm page } // check for permissions $session = CRM_Core_Session::singleton(); if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.'), NULL, ts('Lidmaatschap Wijziging - Contact')); // this also redirects to the default civicrm page } // get session $session = CRM_Core_Session::singleton(); // get values $this->_configRegiOplBel = CRM_Lidmaatschapwijziging_ConfigRegistratieOpleidingBelangstelling::singleton($this->_contactId); $this->_values = $this->_configRegiOplBel->getContact(); // set display name $this->_display_name = $this->_values['display_name']; // set title CRM_Utils_System::setTitle('LidmaatschapWijziging - Registratie Opleiding Belangstelling - ' . $this->_values['display_name']); // set contact id $this->_values['contact_id'] = $this->_contactId; // change the default name like huppeldepup_35 to huppeldepup, this // ensures the we can use the know names for custom fields in the template like // huppeldepup and not the column_names like huppeldepup_35 $values = $this->_configRegiOplBel->getRegiOplBelCustomValues(); // set vnvn info id, is neede for update or insert in the postProccess if (isset($values['id']) and !empty($values['id'])) { $this->_regiOplBelId = $values['id']; } $this->_values['regioplbel_id'] = $this->_regiOplBelId; foreach ($this->_configRegiOplBel->getRegiOplBelCustomFields() as $key => $field) { $this->_values[$field['name']] = $values[$field['column_name']]; } }
/** * List activities as dashlet. * * @return void */ public function run() { $session = CRM_Core_Session::singleton(); $contactID = $session->get('userID'); $this->assign('contactID', $contactID); $this->assign('contactId', $contactID); $context = CRM_Utils_Request::retrieve('context', 'String', $this, FALSE, 'dashlet'); $this->assign('context', $context); // a user can always view their own activity // if they have access CiviCRM permission $permission = CRM_Core_Permission::VIEW; // make the permission edit if the user has edit permission on the contact if (CRM_Contact_BAO_Contact_Permission::allow($contactID, CRM_Core_Permission::EDIT)) { $permission = CRM_Core_Permission::EDIT; } $admin = CRM_Core_Permission::check('view all activities') || CRM_Core_Permission::check('administer CiviCRM'); $this->assign('admin', $admin); // also create the form element for the activity filter box $controller = new CRM_Core_Controller_Simple('CRM_Activity_Form_ActivityFilter', ts('Activity Filter'), NULL); $controller->setEmbedded(TRUE); $controller->run(); return parent::run(); }
/** * Run the page. * * This method is called after the page is created. It checks for the * type of action and executes that action. * * @return void */ public function run() { $template = CRM_Core_Smarty::singleton(); if ($this->_id && $this->_gid) { // first check that id is part of the limit group id, CRM-4822 $limitListingsGroupsID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'limit_listings_group_id'); $config = CRM_Core_Config::singleton(); if ($limitListingsGroupsID) { if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id, $limitListingsGroupsID)) { CRM_Utils_System::setTitle(ts('Profile View - Permission Denied')); return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.'), ts('Permission Denied'), 'error'); } } $session = CRM_Core_Session::singleton(); $userID = $session->get('userID'); $this->_isPermissionedChecksum = $allowPermission = FALSE; $permissionType = CRM_Core_Permission::VIEW; if (CRM_Core_Permission::check('administer users') || CRM_Core_Permission::check('view all contacts') || CRM_Contact_BAO_Contact_Permission::allow($this->_id)) { $allowPermission = TRUE; } if ($this->_id != $userID) { // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 if ($config->userFrameworkFrontend) { $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE); if (!$this->_isPermissionedChecksum) { $this->_isPermissionedChecksum = $allowPermission; } } else { $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE); } } // CRM-10853 // Users with create or edit permission should be allowed to view their own profile if ($this->_id == $userID || $this->_isPermissionedChecksum) { if (!CRM_Core_Permission::check('profile view')) { if (CRM_Core_Permission::check('profile create') || CRM_Core_Permission::check('profile edit')) { $this->_skipPermission = TRUE; } } } // make sure we dont expose all fields based on permission $admin = FALSE; if (!$config->userFrameworkFrontend && $allowPermission || $this->_id == $userID || $this->_isPermissionedChecksum) { $admin = TRUE; } $values = array(); $fields = CRM_Core_BAO_UFGroup::getFields($this->_profileIds, FALSE, CRM_Core_Action::VIEW, NULL, NULL, FALSE, $this->_restrict, $this->_skipPermission, NULL, $permissionType); if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) { CRM_Core_BAO_UFGroup::shiftMultiRecordFields($fields, $multiRecordFields); $fields = $multiRecordFields; } if ($this->_isContactActivityProfile && $this->_gid) { $errors = CRM_Profile_Form::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid); if (!empty($errors)) { CRM_Core_Error::fatal(array_pop($errors)); } } //reformat fields array foreach ($fields as $name => $field) { // also eliminate all formatting fields if (CRM_Utils_Array::value('field_type', $field) == 'Formatting') { unset($fields[$name]); } // make sure that there is enough permission to expose this field if (!$admin && $field['visibility'] == 'User and User Admin Only') { unset($fields[$name]); } } if ($this->_isContactActivityProfile) { $contactFields = $activityFields = array(); foreach ($fields as $fieldName => $field) { if (CRM_Utils_Array::value('field_type', $field) == 'Activity') { $activityFields[$fieldName] = $field; } else { $contactFields[$fieldName] = $field; } } CRM_Core_BAO_UFGroup::getValues($this->_id, $contactFields, $values); if ($this->_activityId) { CRM_Core_BAO_UFGroup::getValues(NULL, $activityFields, $values, TRUE, array(array('activity_id', '=', $this->_activityId, 0, 0))); } } else { $customWhereClause = NULL; if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId) { if ($this->_allFields) { $copyFields = $fields; CRM_Core_BAO_UFGroup::shiftMultiRecordFields($copyFields, $multiRecordFields); $fieldKey = key($multiRecordFields); } else { $fieldKey = key($fields); } if ($fieldID = CRM_Core_BAO_CustomField::getKeyID($fieldKey)) { $tableColumnGroup = CRM_Core_BAO_CustomField::getTableColumnGroup($fieldID); $columnName = "{$tableColumnGroup[0]}.id"; $customWhereClause = $columnName . ' = ' . $this->_recordId; } } CRM_Core_BAO_UFGroup::getValues($this->_id, $fields, $values, TRUE, NULL, FALSE, $customWhereClause); } // $profileFields array can be used for customized display of field labels and values in Profile/View.tpl $profileFields = array(); $labels = array(); foreach ($fields as $name => $field) { //CRM-14338 // Create a unique, non-empty index for each field. $index = $field['title']; if ($index === '') { $index = ' '; } while (array_key_exists($index, $labels)) { $index .= ' '; } $labels[$index] = preg_replace('/\\s+|\\W+/', '_', $name); } foreach ($values as $title => $value) { $profileFields[$labels[$title]] = array('label' => $title, 'value' => $value); } $template->assign_by_ref('row', $values); $template->assign_by_ref('profileFields', $profileFields); } $name = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name'); $this->assign('ufGroupName', $name); CRM_Utils_Hook::viewProfile($name); if (strtolower($name) == 'summary_overlay') { $template->assign('overlayProfile', TRUE); } if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) { $fieldDetail = reset($fields); $fieldId = CRM_Core_BAO_CustomField::getKeyID($fieldDetail['name']); $customGroupDetails = CRM_Core_BAO_CustomGroup::getGroupTitles(array($fieldId)); $multiRecTitle = $customGroupDetails[$fieldId]['groupTitle']; } else { $title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title'); } //CRM-4131. $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name'); if ($displayName) { $session = CRM_Core_Session::singleton(); $config = CRM_Core_Config::singleton(); if ($session->get('userID') && CRM_Core_Permission::check('access CiviCRM') && CRM_Contact_BAO_Contact_Permission::allow($session->get('userID'), CRM_Core_Permission::VIEW) && !$config->userFrameworkFrontend) { $contactViewUrl = CRM_Utils_System::url('civicrm/contact/view', "action=view&reset=1&cid={$this->_id}", TRUE); $this->assign('displayName', $displayName); $displayName = "<a href=\"{$contactViewUrl}\">{$displayName}</a>"; } $title .= ' - ' . $displayName; } $title = isset($multiRecTitle) ? ts('View %1 Record', array(1 => $multiRecTitle)) : $title; CRM_Utils_System::setTitle($title); // invoke the pagRun hook, CRM-3906 CRM_Utils_Hook::pageRun($this); return trim($template->fetch($this->getHookedTemplateFileName())); }
function buildACLClause($tableAlias = 'contact') { list($this->_aclFrom, $this->_aclWhere) = CRM_Contact_BAO_Contact_Permission::cacheClause($tableAlias); }
/** * Form submission of new/edit contact is processed. */ public function postProcess() { // check if dedupe button, if so return. $buttonName = $this->controller->getButtonName(); if ($buttonName == $this->_dedupeButtonName) { return; } //get the submitted values in an array $params = $this->controller->exportValues($this->_name); $group = CRM_Utils_Array::value('group', $params); if (!empty($group) && is_array($group)) { unset($params['group']); foreach ($group as $key => $value) { $params['group'][$value] = 1; } } CRM_Contact_BAO_Contact_Optimizer::edit($params, $this->_preEditValues); if (!empty($params['image_URL'])) { CRM_Contact_BAO_Contact::processImageParams($params); } if (is_numeric(CRM_Utils_Array::value('current_employer_id', $params)) && !empty($params['current_employer'])) { $params['current_employer'] = $params['current_employer_id']; } // don't carry current_employer_id field, // since we don't want to directly update DAO object without // handling related business logic ( eg related membership ) if (isset($params['current_employer_id'])) { unset($params['current_employer_id']); } $params['contact_type'] = $this->_contactType; if (empty($params['contact_sub_type']) && $this->_isContactSubType) { $params['contact_sub_type'] = array($this->_contactSubType); } if ($this->_contactId) { $params['contact_id'] = $this->_contactId; } //make deceased date null when is_deceased = false if ($this->_contactType == 'Individual' && !empty($this->_editOptions['Demographics']) && empty($params['is_deceased'])) { $params['is_deceased'] = FALSE; $params['deceased_date'] = NULL; } if (isset($params['contact_id'])) { // process membership status for deceased contact $deceasedParams = array('contact_id' => CRM_Utils_Array::value('contact_id', $params), 'is_deceased' => CRM_Utils_Array::value('is_deceased', $params, FALSE), 'deceased_date' => CRM_Utils_Array::value('deceased_date', $params, NULL)); $updateMembershipMsg = $this->updateMembershipStatus($deceasedParams); } // action is taken depending upon the mode if ($this->_action & CRM_Core_Action::UPDATE) { CRM_Utils_Hook::pre('edit', $params['contact_type'], $params['contact_id'], $params); } else { CRM_Utils_Hook::pre('create', $params['contact_type'], NULL, $params); } $customFields = CRM_Core_BAO_CustomField::getFields($params['contact_type'], FALSE, TRUE); //CRM-5143 //if subtype is set, send subtype as extend to validate subtype customfield $customFieldExtends = CRM_Utils_Array::value('contact_sub_type', $params) ? $params['contact_sub_type'] : $params['contact_type']; $params['custom'] = CRM_Core_BAO_CustomField::postProcess($params, $this->_contactId, $customFieldExtends, TRUE); if ($this->_contactId && !empty($this->_oldSubtypes)) { CRM_Contact_BAO_ContactType::deleteCustomSetForSubtypeMigration($this->_contactId, $params['contact_type'], $this->_oldSubtypes, $params['contact_sub_type']); } if (array_key_exists('CommunicationPreferences', $this->_editOptions)) { // this is a chekbox, so mark false if we dont get a POST value $params['is_opt_out'] = CRM_Utils_Array::value('is_opt_out', $params, FALSE); } // process shared contact address. CRM_Contact_BAO_Contact_Utils::processSharedAddress($params['address']); if (!array_key_exists('TagsAndGroups', $this->_editOptions) && !empty($params['group'])) { unset($params['group']); } if (!empty($params['contact_id']) && $this->_action & CRM_Core_Action::UPDATE && !empty($params['group'])) { // figure out which all groups are intended to be removed $contactGroupList = CRM_Contact_BAO_GroupContact::getContactGroup($params['contact_id'], 'Added'); if (is_array($contactGroupList)) { foreach ($contactGroupList as $key) { if ((!array_key_exists($key['group_id'], $params['group']) || $params['group'][$key['group_id']] != 1) && empty($key['is_hidden'])) { $params['group'][$key['group_id']] = -1; } } } } // parse street address, CRM-5450 $parseStatusMsg = NULL; if ($this->_parseStreetAddress) { $parseResult = self::parseAddress($params); $parseStatusMsg = self::parseAddressStatusMsg($parseResult); } // Allow un-setting of location info, CRM-5969 $params['updateBlankLocInfo'] = TRUE; $contact = CRM_Contact_BAO_Contact::create($params, TRUE, FALSE, TRUE); // status message if ($this->_contactId) { $message = ts('%1 has been updated.', array(1 => $contact->display_name)); } else { $message = ts('%1 has been created.', array(1 => $contact->display_name)); } // set the contact ID $this->_contactId = $contact->id; if (array_key_exists('TagsAndGroups', $this->_editOptions)) { //add contact to tags CRM_Core_BAO_EntityTag::create($params['tag'], 'civicrm_contact', $params['contact_id']); //save free tags if (isset($params['contact_taglist']) && !empty($params['contact_taglist'])) { CRM_Core_Form_Tag::postProcess($params['contact_taglist'], $params['contact_id'], 'civicrm_contact', $this); } } if (!empty($parseStatusMsg)) { $message .= "<br />{$parseStatusMsg}"; } if (!empty($updateMembershipMsg)) { $message .= "<br />{$updateMembershipMsg}"; } $session = CRM_Core_Session::singleton(); $session->setStatus($message, ts('Contact Saved'), 'success'); // add the recently viewed contact $recentOther = array(); if ($session->get('userID') == $contact->id || CRM_Contact_BAO_Contact_Permission::allow($contact->id, CRM_Core_Permission::EDIT)) { $recentOther['editUrl'] = CRM_Utils_System::url('civicrm/contact/add', 'reset=1&action=update&cid=' . $contact->id); } if ($session->get('userID') != $this->_contactId && CRM_Core_Permission::check('delete contacts')) { $recentOther['deleteUrl'] = CRM_Utils_System::url('civicrm/contact/view/delete', 'reset=1&delete=1&cid=' . $contact->id); } CRM_Utils_Recent::add($contact->display_name, CRM_Utils_System::url('civicrm/contact/view', 'reset=1&cid=' . $contact->id), $contact->id, $this->_contactType, $contact->id, $contact->display_name, $recentOther); // here we replace the user context with the url to view this contact $buttonName = $this->controller->getButtonName(); if ($buttonName == $this->getButtonName('upload', 'new')) { $contactSubTypes = array_filter(explode(CRM_Core_DAO::VALUE_SEPARATOR, $this->_contactSubType)); $resetStr = "reset=1&ct={$contact->contact_type}"; $resetStr .= count($contactSubTypes) == 1 ? "&cst=" . array_pop($contactSubTypes) : ''; $session->replaceUserContext(CRM_Utils_System::url('civicrm/contact/add', $resetStr)); } else { $context = CRM_Utils_Request::retrieve('context', 'String', $this); $qfKey = CRM_Utils_Request::retrieve('key', 'String', $this); //validate the qfKey $urlParams = 'reset=1&cid=' . $contact->id; if ($context) { $urlParams .= "&context={$context}"; } if (CRM_Utils_Rule::qfKey($qfKey)) { $urlParams .= "&key={$qfKey}"; } $session->replaceUserContext(CRM_Utils_System::url('civicrm/contact/view', $urlParams)); } // now invoke the post hook if ($this->_action & CRM_Core_Action::UPDATE) { CRM_Utils_Hook::post('edit', $params['contact_type'], $contact->id, $contact); } else { CRM_Utils_Hook::post('create', $params['contact_type'], $contact->id, $contact); } }
/** * Given an array of contact ids this function will return array with links to view contact page. * * @param array $contactIDs * Associated contact id's. * @param bool $addViewLink * @param bool $addEditLink * @param int $originalId * Associated with the contact which is edited. * * * @return array * returns array with links to contact view */ public static function formatContactIDSToLinks($contactIDs, $addViewLink = TRUE, $addEditLink = TRUE, $originalId = NULL) { $contactLinks = array(); if (!is_array($contactIDs) || empty($contactIDs)) { return $contactLinks; } // does contact has sufficient permissions. $permissions = array('view' => 'view all contacts', 'edit' => 'edit all contacts', 'merge' => 'merge duplicate contacts'); $permissionedContactIds = array(); foreach ($permissions as $task => $permission) { // give permission. if (CRM_Core_Permission::check($permission)) { foreach ($contactIDs as $contactId) { $permissionedContactIds[$contactId][$task] = TRUE; } continue; } // check permission on acl basis. if (in_array($task, array('view', 'edit'))) { $aclPermission = CRM_Core_Permission::VIEW; if ($task == 'edit') { $aclPermission = CRM_Core_Permission::EDIT; } foreach ($contactIDs as $contactId) { if (CRM_Contact_BAO_Contact_Permission::allow($contactId, $aclPermission)) { $permissionedContactIds[$contactId][$task] = TRUE; } } } } // retrieve display names for all contacts $query = ' SELECT c.id, c.display_name, c.contact_type, ce.email FROM civicrm_contact c LEFT JOIN civicrm_email ce ON ( ce.contact_id=c.id AND ce.is_primary = 1 ) WHERE c.id IN (' . implode(',', $contactIDs) . ' ) LIMIT 20'; $dao = CRM_Core_DAO::executeQuery($query); $contactLinks['msg'] = NULL; $i = 0; while ($dao->fetch()) { $contactLinks['rows'][$i]['display_name'] = $dao->display_name; $contactLinks['rows'][$i]['primary_email'] = $dao->email; // get the permission for current contact id. $hasPermissions = CRM_Utils_Array::value($dao->id, $permissionedContactIds); if (!is_array($hasPermissions) || empty($hasPermissions)) { $i++; continue; } // do check for view. if (array_key_exists('view', $hasPermissions)) { $contactLinks['rows'][$i]['view'] = '<a class="action-item" href="' . CRM_Utils_System::url('civicrm/contact/view', 'reset=1&cid=' . $dao->id) . '" target="_blank">' . ts('View') . '</a>'; if (!$contactLinks['msg']) { $contactLinks['msg'] = 'view'; } } if (array_key_exists('edit', $hasPermissions)) { $contactLinks['rows'][$i]['edit'] = '<a class="action-item" href="' . CRM_Utils_System::url('civicrm/contact/add', 'reset=1&action=update&cid=' . $dao->id) . '" target="_blank">' . ts('Edit') . '</a>'; if (!$contactLinks['msg'] || $contactLinks['msg'] != 'merge') { $contactLinks['msg'] = 'edit'; } } if (!empty($originalId) && array_key_exists('merge', $hasPermissions)) { $rgBao = new CRM_Dedupe_BAO_RuleGroup(); $rgBao->contact_type = $dao->contact_type; $rgBao->used = 'Supervised'; if ($rgBao->find(TRUE)) { $rgid = $rgBao->id; } if ($rgid && isset($dao->id)) { //get an url to merge the contact $contactLinks['rows'][$i]['merge'] = '<a class="action-item" href="' . CRM_Utils_System::url('civicrm/contact/merge', "reset=1&cid=" . $originalId . '&oid=' . $dao->id . '&action=update&rgid=' . $rgid) . '">' . ts('Merge') . '</a>'; $contactLinks['msg'] = 'merge'; } } $i++; } return $contactLinks; }
/** * @param $page * @param int $contactID */ public static function checkUserPermission($page, $contactID = NULL) { // check for permissions $page->_permission = NULL; if (!$contactID) { $contactID = $page->_contactId; } // automatically grant permissin for users on their own record. makes // things easier in dashboard $session = CRM_Core_Session::singleton(); if ($session->get('userID') == $contactID && CRM_Core_Permission::check('edit my contact')) { $page->assign('permission', 'edit'); $page->_permission = CRM_Core_Permission::EDIT; // deleted contacts’ stuff should be (at best) only viewable } elseif (CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $contactID, 'is_deleted') and CRM_Core_Permission::check('access deleted contacts')) { $page->assign('permission', 'view'); $page->_permission = CRM_Core_Permission::VIEW; } elseif (CRM_Contact_BAO_Contact_Permission::allow($contactID, CRM_Core_Permission::EDIT)) { $page->assign('permission', 'edit'); $page->_permission = CRM_Core_Permission::EDIT; } elseif (CRM_Contact_BAO_Contact_Permission::allow($contactID, CRM_Core_Permission::VIEW)) { $page->assign('permission', 'view'); $page->_permission = CRM_Core_Permission::VIEW; } else { $session->pushUserContext(CRM_Utils_System::url('civicrm', 'reset=1')); CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to view this contact.')); } }
/** * Get a list of relationships. * * @param int $contactId * Contact id. * @param int $status * 1: Past 2: Disabled 3: Current. * @param int $numRelationship * No of relationships to display (limit). * @param int $count * Get the no of relationships. * @param int $relationshipId * @param array $links * the list of links to display * @param int $permissionMask * the permission mask to be applied for the actions * @param bool $permissionedContact * to return only permissioned Contact * @param array $params * * @return array|int * relationship records */ public static function getRelationship($contactId = NULL, $status = 0, $numRelationship = 0, $count = 0, $relationshipId = 0, $links = NULL, $permissionMask = NULL, $permissionedContact = FALSE, $params = array()) { $values = array(); if (!$contactId && !$relationshipId) { return $values; } list($select1, $from1, $where1) = self::makeURLClause($contactId, $status, $numRelationship, $count, $relationshipId, 'a_b', $params); list($select2, $from2, $where2) = self::makeURLClause($contactId, $status, $numRelationship, $count, $relationshipId, 'b_a', $params); $order = $limit = ''; if (!$count) { if (empty($params['sort'])) { $order = ' ORDER BY civicrm_relationship_type_id, sort_name '; } else { $order = " ORDER BY {$params['sort']} "; } $offset = 0; if (!empty($params['offset']) && $params['offset'] > 0) { $offset = $params['offset']; } if ($numRelationship) { $limit = " LIMIT {$offset}, {$numRelationship}"; } } // building the query string $queryString = $select1 . $from1 . $where1 . $select2 . $from2 . $where2 . $order . $limit; $relationship = new CRM_Contact_DAO_Relationship(); $relationship->query($queryString); $row = array(); if ($count) { $relationshipCount = 0; while ($relationship->fetch()) { $relationshipCount += $relationship->cnt1 + $relationship->cnt2; } return $relationshipCount; } else { $mask = NULL; if ($status != self::INACTIVE) { if ($links) { $mask = array_sum(array_keys($links)); if ($mask & CRM_Core_Action::DISABLE) { $mask -= CRM_Core_Action::DISABLE; } if ($mask & CRM_Core_Action::ENABLE) { $mask -= CRM_Core_Action::ENABLE; } if ($status == self::CURRENT) { $mask |= CRM_Core_Action::DISABLE; } elseif ($status == self::DISABLED) { $mask |= CRM_Core_Action::ENABLE; } $mask = $mask & $permissionMask; } } while ($relationship->fetch()) { $rid = $relationship->civicrm_relationship_id; $cid = $relationship->civicrm_contact_id; if ($permissionedContact && !CRM_Contact_BAO_Contact_Permission::allow($cid)) { continue; } $values[$rid]['id'] = $rid; $values[$rid]['cid'] = $cid; $values[$rid]['contact_id_a'] = $relationship->contact_id_a; $values[$rid]['contact_id_b'] = $relationship->contact_id_b; $values[$rid]['contact_type'] = $relationship->contact_type; $values[$rid]['relationship_type_id'] = $relationship->civicrm_relationship_type_id; $values[$rid]['relation'] = $relationship->relation; $values[$rid]['name'] = $relationship->sort_name; $values[$rid]['display_name'] = $relationship->display_name; $values[$rid]['job_title'] = $relationship->job_title; $values[$rid]['email'] = $relationship->email; $values[$rid]['phone'] = $relationship->phone; $values[$rid]['employer_id'] = $relationship->employer_id; $values[$rid]['organization_name'] = $relationship->organization_name; $values[$rid]['country'] = $relationship->country; $values[$rid]['city'] = $relationship->city; $values[$rid]['state'] = $relationship->state; $values[$rid]['start_date'] = $relationship->start_date; $values[$rid]['end_date'] = $relationship->end_date; $values[$rid]['description'] = $relationship->description; $values[$rid]['is_active'] = $relationship->is_active; $values[$rid]['is_permission_a_b'] = $relationship->is_permission_a_b; $values[$rid]['is_permission_b_a'] = $relationship->is_permission_b_a; $values[$rid]['case_id'] = $relationship->case_id; if ($status) { $values[$rid]['status'] = $status; } $values[$rid]['civicrm_relationship_type_id'] = $relationship->civicrm_relationship_type_id; if ($relationship->contact_id_a == $contactId) { $values[$rid]['rtype'] = 'a_b'; } else { $values[$rid]['rtype'] = 'b_a'; } if ($links) { $replace = array('id' => $rid, 'rtype' => $values[$rid]['rtype'], 'cid' => $contactId, 'cbid' => $values[$rid]['cid'], 'caseid' => $values[$rid]['case_id'], 'clientid' => $contactId); if ($status == self::INACTIVE) { // setting links for inactive relationships $mask = array_sum(array_keys($links)); if (!$values[$rid]['is_active']) { $mask -= CRM_Core_Action::DISABLE; } else { $mask -= CRM_Core_Action::ENABLE; $mask -= CRM_Core_Action::DISABLE; } $mask = $mask & $permissionMask; } // Give access to manage case link by copying to MAX_ACTION index temporarily, depending on case permission of user. if ($values[$rid]['case_id']) { // Borrowed logic from CRM_Case_Page_Tab $hasCaseAccess = FALSE; if (CRM_Core_Permission::check('access all cases and activities')) { $hasCaseAccess = TRUE; } else { $userCases = CRM_Case_BAO_Case::getCases(FALSE); if (array_key_exists($values[$rid]['case_id'], $userCases)) { $hasCaseAccess = TRUE; } } if ($hasCaseAccess) { // give access by copying to MAX_ACTION temporarily, otherwise leave at NONE which won't display $links[CRM_Core_Action::MAX_ACTION] = $links[CRM_Core_Action::NONE]; $links[CRM_Core_Action::MAX_ACTION]['name'] = ts('Manage Case #%1', array(1 => $values[$rid]['case_id'])); $links[CRM_Core_Action::MAX_ACTION]['class'] = 'no-popup'; // Also make sure we have the right client cid since can get here from multiple relationship tabs. if ($values[$rid]['rtype'] == 'b_a') { $replace['clientid'] = $values[$rid]['cid']; } } } $values[$rid]['action'] = CRM_Core_Action::formLink($links, $mask, $replace, ts('more'), FALSE, 'relationship.selector.row', 'Relationship', $rid); unset($links[CRM_Core_Action::MAX_ACTION]); } } $relationship->free(); return $values; } }
/** * build all the data structures needed to build the form * * @return void * @access public */ function preProcess() { $this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, false, 'add'); $this->_dedupeButtonName = $this->getButtonName('refresh', 'dedupe'); $this->_duplicateButtonName = $this->getButtonName('upload', 'duplicate'); $session =& CRM_Core_Session::singleton(); if ($this->_action == CRM_Core_Action::ADD) { // check for add contacts permissions require_once 'CRM/Core/Permission.php'; if (!CRM_Core_Permission::check('add contacts')) { CRM_Utils_System::permissionDenied(); return; } $this->_contactType = CRM_Utils_Request::retrieve('ct', 'String', $this, true, null, 'REQUEST'); if (!in_array($this->_contactType, array('Individual', 'Household', 'Organization'))) { CRM_Core_Error::statusBounce(ts('Could not get a contact_id and/or contact_type')); } $this->_contactSubType = CRM_Utils_Request::retrieve('cst', 'String', $this); $this->_gid = CRM_Utils_Request::retrieve('gid', 'Integer', CRM_Core_DAO::$_nullObject, false, null, 'GET'); $this->_tid = CRM_Utils_Request::retrieve('tid', 'Integer', CRM_Core_DAO::$_nullObject, false, null, 'GET'); if ($this->_contactSubType) { CRM_Utils_System::setTitle(ts('New %1', array(1 => $this->_contactSubType))); } else { $title = ts('New Individual'); if ($this->_contactType == 'Household') { $title = ts('New Household'); } else { if ($this->_contactType == 'Organization') { $title = ts('New Organization'); } } CRM_Utils_System::setTitle($title); } $session->pushUserContext(CRM_Utils_System::url('civicrm/dashboard', 'reset=1')); $this->_contactId = null; } else { //update mode if (!$this->_contactId) { $this->_contactId = CRM_Utils_Request::retrieve('cid', 'Positive', $this, true); } if ($this->_contactId) { require_once 'CRM/Contact/BAO/Contact.php'; $contact =& new CRM_Contact_DAO_Contact(); $contact->id = $this->_contactId; if (!$contact->find(true)) { CRM_Core_Error::statusBounce(ts('contact does not exist: %1', array(1 => $this->_contactId))); } $this->_contactType = $contact->contact_type; $this->_contactSubType = $contact->contact_sub_type; // check for permissions require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { CRM_Core_Error::statusBounce(ts('You do not have the necessary permission to edit this contact.')); } list($displayName, $contactImage) = CRM_Contact_BAO_Contact::getDisplayAndImage($this->_contactId); CRM_Utils_System::setTitle($displayName, $contactImage . ' ' . $displayName); $session->pushUserContext(CRM_Utils_System::url('civicrm/contact/view', 'reset=1&cid=' . $this->_contactId)); $values = $this->get('values'); // get contact values. if (!empty($values)) { $this->_values = $values; } else { $params = array('id' => $this->_contactId, 'contact_id' => $this->_contactId); $contact = CRM_Contact_BAO_Contact::retrieve($params, $this->_values, true); $this->set('values', $this->_values); } } else { CRM_Core_Error::statusBounce(ts('Could not get a contact_id and/or contact_type')); } } $this->_editOptions = $this->get('contactEditOptions'); if (CRM_Utils_System::isNull($this->_editOptions)) { require_once 'CRM/Core/BAO/Preferences.php'; $this->_editOptions = CRM_Core_BAO_Preferences::valueOptions('contact_edit_options', true, null, false, 'name', true, 'AND v.filter = 0'); $this->set('contactEditOptions', $this->_editOptions); } // build demographics only for Individual contact type if ($this->_contactType != 'Individual' && array_key_exists('Demographics', $this->_editOptions)) { unset($this->_editOptions['Demographics']); } // in update mode don't show notes if ($this->_contactId && array_key_exists('Notes', $this->_editOptions)) { unset($this->_editOptions['Notes']); } $this->assign('editOptions', $this->_editOptions); $this->assign('contactType', $this->_contactType); $this->assign('contactSubType', $this->_contactSubType); // get the location blocks. $this->_blocks = $this->get('blocks'); if (CRM_Utils_System::isNull($this->_blocks)) { $this->_blocks = CRM_Core_BAO_Preferences::valueOptions('contact_edit_options', true, null, false, 'name', true, 'AND v.filter = 1'); $this->set('blocks', $this->_blocks); } $this->assign('blocks', $this->_blocks); if (array_key_exists('CustomData', $this->_editOptions)) { //only custom data has preprocess hence directly call it CRM_Custom_Form_CustomData::preProcess($this, null, $this->_contactSubType, 1, $this->_contactType, $this->_contactId); } // this is needed for custom data. $this->assign('entityID', $this->_contactId); // also keep the convention. $this->assign('contactId', $this->_contactId); // location blocks. CRM_Contact_Form_Location::preProcess($this); }
/** * Retrieve contact relationships. */ public static function getContactRelationships() { $contactID = CRM_Utils_Type::escape($_GET['cid'], 'Integer'); $context = CRM_Utils_Type::escape($_GET['context'], 'String'); $relationship_type_id = CRM_Utils_Type::escape(CRM_Utils_Array::value('relationship_type_id', $_GET), 'Integer', FALSE); if (!CRM_Contact_BAO_Contact_Permission::allow($contactID)) { return CRM_Utils_System::permissionDenied(); } $params = CRM_Core_Page_AJAX::defaultSortAndPagerParams(); $params['contact_id'] = $contactID; $params['context'] = $context; if ($relationship_type_id) { $params['relationship_type_id'] = $relationship_type_id; } // get the contact relationships $relationships = CRM_Contact_BAO_Relationship::getContactRelationshipSelector($params); CRM_Utils_JSON::output($relationships); }
/** * Retrieve contact relationships. */ public static function getContactRelationships() { $contactID = CRM_Utils_Type::escape($_GET['cid'], 'Integer'); $context = CRM_Utils_Type::escape($_GET['context'], 'String'); $relationship_type_id = CRM_Utils_Type::escape(CRM_Utils_Array::value('relationship_type_id', $_GET), 'Integer', FALSE); if (!CRM_Contact_BAO_Contact_Permission::allow($contactID)) { return CRM_Utils_System::permissionDenied(); } $sortMapper = array(); foreach ($_GET['columns'] as $key => $value) { $sortMapper[$key] = $value['data']; } $offset = isset($_GET['start']) ? CRM_Utils_Type::escape($_GET['start'], 'Integer') : 0; $rowCount = isset($_GET['length']) ? CRM_Utils_Type::escape($_GET['length'], 'Integer') : 25; $sort = isset($_GET['order'][0]['column']) ? CRM_Utils_Array::value(CRM_Utils_Type::escape($_GET['order'][0]['column'], 'Integer'), $sortMapper) : NULL; $sortOrder = isset($_GET['order'][0]['dir']) ? CRM_Utils_Type::escape($_GET['order'][0]['dir'], 'String') : 'asc'; $params = $_GET; if ($sort && $sortOrder) { $params['sortBy'] = $sort . ' ' . $sortOrder; } $params['page'] = $offset / $rowCount + 1; $params['rp'] = $rowCount; $params['contact_id'] = $contactID; $params['context'] = $context; if ($relationship_type_id) { $params['relationship_type_id'] = $relationship_type_id; } // get the contact relationships $relationships = CRM_Contact_BAO_Relationship::getContactRelationshipSelector($params); CRM_Utils_JSON::output($relationships); }
/** * Does user has sufficient permission for view/edit activity record. * * @param int $activityId * Activity record id. * @param int $action * Edit/view. * * @return bool */ public static function checkPermission($activityId, $action) { $allow = FALSE; if (!$activityId || !in_array($action, array(CRM_Core_Action::UPDATE, CRM_Core_Action::VIEW))) { return $allow; } $activity = new CRM_Activity_DAO_Activity(); $activity->id = $activityId; if (!$activity->find(TRUE)) { return $allow; } // Component related permissions. $compPermissions = array('CiviCase' => array('administer CiviCase', 'access my cases and activities', 'access all cases and activities'), 'CiviMail' => array('access CiviMail'), 'CiviEvent' => array('access CiviEvent'), 'CiviGrant' => array('access CiviGrant'), 'CiviPledge' => array('access CiviPledge'), 'CiviMember' => array('access CiviMember'), 'CiviReport' => array('access CiviReport'), 'CiviContribute' => array('access CiviContribute'), 'CiviCampaign' => array('administer CiviCampaign')); // Return early when it is case activity. $isCaseActivity = CRM_Case_BAO_Case::isCaseActivity($activityId); // Check for civicase related permission. if ($isCaseActivity) { $allow = FALSE; foreach ($compPermissions['CiviCase'] as $per) { if (CRM_Core_Permission::check($per)) { $allow = TRUE; break; } } // Check for case specific permissions. if ($allow) { $oper = 'view'; if ($action == CRM_Core_Action::UPDATE) { $oper = 'edit'; } $allow = CRM_Case_BAO_Case::checkPermission($activityId, $oper, $activity->activity_type_id); } return $allow; } // First check the component permission. $sql = "\n SELECT component_id\n FROM civicrm_option_value val\nINNER JOIN civicrm_option_group grp ON ( grp.id = val.option_group_id AND grp.name = %1 )\n WHERE val.value = %2"; $params = array(1 => array('activity_type', 'String'), 2 => array($activity->activity_type_id, 'Integer')); $componentId = CRM_Core_DAO::singleValueQuery($sql, $params); if ($componentId) { $componentName = CRM_Core_Component::getComponentName($componentId); $compPermission = CRM_Utils_Array::value($componentName, $compPermissions); // Here we are interesting in any single permission. if (is_array($compPermission)) { foreach ($compPermission as $per) { if (CRM_Core_Permission::check($per)) { $allow = TRUE; break; } } } } // Check for this permission related to contact. $permission = CRM_Core_Permission::VIEW; if ($action == CRM_Core_Action::UPDATE) { $permission = CRM_Core_Permission::EDIT; } $activityContacts = CRM_Core_OptionGroup::values('activity_contacts', FALSE, FALSE, FALSE, NULL, 'name'); $sourceID = CRM_Utils_Array::key('Activity Source', $activityContacts); $assigneeID = CRM_Utils_Array::key('Activity Assignees', $activityContacts); $targetID = CRM_Utils_Array::key('Activity Targets', $activityContacts); // Check for source contact. if (!$componentId || $allow) { $sourceContactId = self::getActivityContact($activity->id, $sourceID); // Account for possibility of activity not having a source contact (as it may have been deleted). if ($sourceContactId) { $allow = CRM_Contact_BAO_Contact_Permission::allow($sourceContactId, $permission); } } // Check for target and assignee contacts. if ($allow) { // First check for supper permission. $supPermission = 'view all contacts'; if ($action == CRM_Core_Action::UPDATE) { $supPermission = 'edit all contacts'; } $allow = CRM_Core_Permission::check($supPermission); // User might have sufficient permission, through acls. if (!$allow) { $allow = TRUE; // Get the target contacts. $targetContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $targetID); foreach ($targetContacts as $cnt => $contactId) { if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) { $allow = FALSE; break; } } // Get the assignee contacts. if ($allow) { $assigneeContacts = CRM_Activity_BAO_ActivityContact::retrieveContactIdsByActivityId($activity->id, $assigneeID); foreach ($assigneeContacts as $cnt => $contactId) { if (!CRM_Contact_BAO_Contact_Permission::allow($contactId, $permission)) { $allow = FALSE; break; } } } } } return $allow; }
/** * Get contact if for a form object. Prioritise * - cid in URL if 0 (on behalf on someoneelse) * (@todo consider setting a variable if onbehalf for clarity of downstream 'if's * - logged in user id if it matches the one in the cid in the URL * - contact id validated from a checksum from a checksum * - cid from the url if the caller has ACL permission to view * - fallback is logged in user (or ? NULL if no logged in user) (@todo wouldn't 0 be more intuitive?) * * @return NULL|int */ protected function setContactID() { $tempID = CRM_Utils_Request::retrieve('cid', 'Positive', $this); if (isset($this->_params) && isset($this->_params['select_contact_id'])) { $tempID = $this->_params['select_contact_id']; } if (isset($this->_params, $this->_params[0]) && !empty($this->_params[0]['select_contact_id'])) { // event form stores as an indexed array, contribution form not so much... $tempID = $this->_params[0]['select_contact_id']; } // force to ignore the authenticated user if ($tempID === '0' || $tempID === 0) { // we set the cid on the form so that this will be retained for the Confirm page // in the multi-page form & prevent us returning the $userID when this is called // from that page // we don't really need to set it when $tempID is set because the params have that stored $this->set('cid', 0); CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $tempID)); return (int) $tempID; } $userID = $this->getLoggedInUserContactID(); if (!is_null($tempID) && $tempID === $userID) { CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $tempID)); return (int) $userID; } //check if this is a checksum authentication $userChecksum = CRM_Utils_Request::retrieve('cs', 'String', $this); if ($userChecksum) { //check for anonymous user. $validUser = CRM_Contact_BAO_Contact_Utils::validChecksum($tempID, $userChecksum); if ($validUser) { CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $tempID)); CRM_Core_Resources::singleton()->addVars('coreForm', array('checksum' => (int) $tempID)); return $tempID; } } elseif ($tempID && CRM_Contact_BAO_Contact_Permission::allow($tempID)) { CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $tempID)); return $tempID; } if (is_numeric($userID)) { CRM_Core_Resources::singleton()->addVars('coreForm', array('contact_id' => (int) $userID)); } return is_numeric($userID) ? $userID : NULL; }
/** * This method should initialize auth sources. */ public function authenticate() { // make sure session is always initialised $session = CRM_Core_Session::singleton(); // for logging purposes, pass the userID to the db $userID = $session->get('userID'); if ($userID) { CRM_Core_DAO::executeQuery('SET @civicrm_user_id = %1', array(1 => array($userID, 'Integer'))); } if ($session->get('userID') && !$session->get('authSrc')) { $session->set('authSrc', CRM_Core_Permission::AUTH_SRC_LOGIN); } // checksum source CRM_Contact_BAO_Contact_Permission::initChecksumAuthSrc(); }