/**
* Function to check dashlet permission for current user
*
* @param string permission string
*
* @return boolean true if use has permission else false
*/
static function checkPermission($permission, $operator)
{
if ($permission) {
$permissions = explode(',', $permission);
$config = CRM_Core_Config::singleton();
static $allComponents;
if (!$allComponents) {
$allComponents = CRM_Core_Component::getNames();
}
$hasPermission = false;
foreach ($permissions as $key) {
$showDashlet = true;
$componentName = null;
if (strpos($key, 'access') === 0) {
$componentName = trim(substr($key, 6));
if (!in_array($componentName, $allComponents)) {
$componentName = null;
}
}
// hack to handle case permissions
if (!$componentName && in_array($key, array('access my cases and activities', 'access all cases and activities'))) {
$componentName = 'CiviCase';
}
//hack to determine if it's a component related permission
if ($componentName) {
if (!in_array($componentName, $config->enableComponents) || !CRM_Core_Permission::check($key)) {
$showDashlet = false;
if ($operator == 'AND') {
return $showDashlet;
}
} else {
$hasPermission = true;
}
} else {
if (!CRM_Core_Permission::check($key)) {
$showDashlet = false;
if ($operator == 'AND') {
return $showDashlet;
}
} else {
$hasPermission = true;
}
}
}
if (!$showDashlet && !$hasPermission) {
return false;
} else {
return true;
}
} else {
// if permission is not set consider everyone has permission to access it.
return true;
}
}
/**
* Class constructor.
*
* @param array $queryParams
* Array of parameters for query.
* @param \const|int $action - action of search basic or advanced.
* @param string $activityClause
* If the caller wants to further restrict the search (used in activities).
* @param bool $single
* Are we dealing only with one contact?.
* @param int $limit
* How many activities do we want returned.
*
* @param string $context
* @param null $compContext
*
* @return \CRM_Activity_Selector_Search
*/
public function __construct(&$queryParams, $action = CRM_Core_Action::NONE, $activityClause = NULL, $single = FALSE, $limit = NULL, $context = 'search', $compContext = NULL)
{
// submitted form values
$this->_queryParams =& $queryParams;
$this->_single = $single;
$this->_limit = $limit;
$this->_context = $context;
$this->_compContext = $compContext;
$this->_activityClause = $activityClause;
// CRM-12675
$components = CRM_Core_Component::getNames();
$componentClause = array();
foreach ($components as $componentID => $componentName) {
if (!CRM_Core_Permission::check("access {$componentName}")) {
$componentClause[] = " (activity_type.component_id IS NULL OR activity_type.component_id <> {$componentID}) ";
}
}
if (!empty($componentClause)) {
$componentRestriction = implode(' AND ', $componentClause);
if (empty($this->_activityClause)) {
$this->_activityClause = $componentRestriction;
} else {
$this->_activityClause .= ' AND ' . $componentRestriction;
}
}
// type of selector
$this->_action = $action;
$this->_query = new CRM_Contact_BAO_Query($this->_queryParams, CRM_Activity_BAO_Query::defaultReturnProperties(CRM_Contact_BAO_Query::MODE_ACTIVITY, FALSE), NULL, FALSE, FALSE, CRM_Contact_BAO_Query::MODE_ACTIVITY);
$this->_query->_distinctComponentClause = '( civicrm_activity.id )';
$this->_query->_groupByComponentClause = " GROUP BY civicrm_activity.id ";
}
/**
* Return option-values of a particular group
*
* @param array $groupParams
* Array containing group fields whose option-values is to retrieved.
* @param array $links
* Has links like edit, delete, disable ..etc.
* @param string $orderBy
* For orderBy clause.
*
* @return array
* Array of option-values
*
*/
public static function getRows($groupParams, $links, $orderBy = 'weight')
{
$optionValue = array();
$optionGroupID = NULL;
if (!isset($groupParams['id']) || !$groupParams['id']) {
if ($groupParams['name']) {
$config = CRM_Core_Config::singleton();
$optionGroup = CRM_Core_BAO_OptionGroup::retrieve($groupParams, $dnc);
$optionGroupID = $optionGroup->id;
}
} else {
$optionGroupID = $groupParams['id'];
}
$groupName = CRM_Utils_Array::value('name', $groupParams);
if (!$groupName && $optionGroupID) {
$groupName = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_OptionGroup', $optionGroupID, 'name', 'id');
}
$dao = new CRM_Core_DAO_OptionValue();
if ($optionGroupID) {
$dao->option_group_id = $optionGroupID;
if (in_array($groupName, CRM_Core_OptionGroup::$_domainIDGroups)) {
$dao->domain_id = CRM_Core_Config::domainID();
}
$dao->orderBy($orderBy);
$dao->find();
}
if ($groupName == 'case_type') {
$caseTypeIds = CRM_Case_BAO_Case::getUsedCaseType();
} elseif ($groupName == 'case_status') {
$caseStatusIds = CRM_Case_BAO_Case::getUsedCaseStatuses();
}
$componentNames = CRM_Core_Component::getNames();
$visibilityLabels = CRM_Core_PseudoConstant::visibility();
while ($dao->fetch()) {
$optionValue[$dao->id] = array();
CRM_Core_DAO::storeValues($dao, $optionValue[$dao->id]);
// form all action links
$action = array_sum(array_keys($links));
// update enable/disable links depending on if it is is_reserved or is_active
if ($dao->is_reserved) {
$action = CRM_Core_Action::UPDATE;
} else {
if ($dao->is_active) {
$action -= CRM_Core_Action::ENABLE;
} else {
$action -= CRM_Core_Action::DISABLE;
}
if ($groupName == 'case_type' && in_array($dao->value, $caseTypeIds) || $groupName == 'case_status' && in_array($dao->value, $caseStatusIds)) {
$action -= CRM_Core_Action::DELETE;
}
}
$optionValue[$dao->id]['label'] = htmlspecialchars($optionValue[$dao->id]['label']);
$optionValue[$dao->id]['order'] = $optionValue[$dao->id]['weight'];
$optionValue[$dao->id]['action'] = CRM_Core_Action::formLink($links, $action, array('id' => $dao->id, 'gid' => $optionGroupID, 'value' => $dao->value), ts('more'), FALSE, 'optionValue.row.actions', 'optionValue', $dao->id);
if (!empty($optionValue[$dao->id]['component_id'])) {
$optionValue[$dao->id]['component_name'] = $componentNames[$optionValue[$dao->id]['component_id']];
} else {
$optionValue[$dao->id]['component_name'] = 'Contact';
}
if (!empty($optionValue[$dao->id]['visibility_id'])) {
$optionValue[$dao->id]['visibility_label'] = $visibilityLabels[$optionValue[$dao->id]['visibility_id']];
}
}
return $optionValue;
}
/**
* Common pre-process function.
*
* @param CRM_Core_Form $form
* @param bool $useTable
*/
public static function preProcessCommon(&$form, $useTable = FALSE)
{
$form->_activityHolderIds = array();
$values = $form->controller->exportValues($form->get('searchFormName'));
$form->_task = $values['task'];
$activityTasks = CRM_Activity_Task::tasks();
$form->assign('taskName', $activityTasks[$form->_task]);
$ids = array();
if ($values['radio_ts'] == 'ts_sel') {
foreach ($values as $name => $value) {
if (substr($name, 0, CRM_Core_Form::CB_PREFIX_LEN) == CRM_Core_Form::CB_PREFIX) {
$ids[] = substr($name, CRM_Core_Form::CB_PREFIX_LEN);
}
}
} else {
$queryParams = $form->get('queryParams');
$query = new CRM_Contact_BAO_Query($queryParams, NULL, NULL, FALSE, FALSE, CRM_Contact_BAO_Query::MODE_ACTIVITY);
$query->_distinctComponentClause = '( civicrm_activity.id )';
$query->_groupByComponentClause = " GROUP BY civicrm_activity.id ";
// CRM-12675
$activityClause = NULL;
$components = CRM_Core_Component::getNames();
$componentClause = array();
foreach ($components as $componentID => $componentName) {
if (!CRM_Core_Permission::check("access {$componentName}")) {
$componentClause[] = " (activity_type.component_id IS NULL OR activity_type.component_id <> {$componentID}) ";
}
}
if (!empty($componentClause)) {
$activityClause = implode(' AND ', $componentClause);
}
$result = $query->searchQuery(0, 0, NULL, FALSE, FALSE, FALSE, FALSE, FALSE, $activityClause);
while ($result->fetch()) {
if (!empty($result->activity_id)) {
$ids[] = $result->activity_id;
}
}
}
if (!empty($ids)) {
$form->_componentClause = ' civicrm_activity.id IN ( ' . implode(',', $ids) . ' ) ';
$form->assign('totalSelectedActivities', count($ids));
}
$form->_activityHolderIds = $form->_componentIds = $ids;
// Set the context for redirection for any task actions.
$qfKey = CRM_Utils_Request::retrieve('qfKey', 'String', $form);
$urlParams = 'force=1';
if (CRM_Utils_Rule::qfKey($qfKey)) {
$urlParams .= "&qfKey={$qfKey}";
}
$session = CRM_Core_Session::singleton();
$searchFormName = strtolower($form->get('searchFormName'));
if ($searchFormName == 'search') {
$session->replaceUserContext(CRM_Utils_System::url('civicrm/activity/search', $urlParams));
} else {
$session->replaceUserContext(CRM_Utils_System::url("civicrm/contact/search/{$searchFormName}", $urlParams));
}
}
/**
* Class constructor.
*
* @param array $queryParams
* Array of parameters for query.
* @param \const|int $action - action of search basic or advanced.
* @param string $activityClause
* If the caller wants to further restrict the search (used in activities).
* @param bool $single
* Are we dealing only with one contact?.
* @param int $limit
* How many activities do we want returned.
*
* @param string $context
* @param null $compContext
*
* @return \CRM_Activity_Selector_Search
*/
public function __construct(&$queryParams, $action = CRM_Core_Action::NONE, $activityClause = NULL, $single = FALSE, $limit = NULL, $context = 'search', $compContext = NULL)
{
// submitted form values
$this->_queryParams =& $queryParams;
$this->_single = $single;
$this->_limit = $limit;
$this->_context = $context;
$this->_compContext = $compContext;
$this->_activityClause = $activityClause;
// CRM-12675
$components = CRM_Core_Component::getNames();
$componentClause = array();
foreach ($components as $componentID => $componentName) {
// CRM-19201: Add support for searching CiviCampaign and CiviCase
// activities. For CiviCase, "access all cases and activities" is
// required here rather than "access my cases and activities" to
// prevent those with only the later permission from seeing a list
// of all cases which might present a privacy issue.
if (!CRM_Core_Permission::access($componentName, TRUE, TRUE)) {
$componentClause[] = " (activity_type.component_id IS NULL OR activity_type.component_id <> {$componentID}) ";
}
}
if (!empty($componentClause)) {
$componentRestriction = implode(' AND ', $componentClause);
if (empty($this->_activityClause)) {
$this->_activityClause = $componentRestriction;
} else {
$this->_activityClause .= ' AND ' . $componentRestriction;
}
}
// type of selector
$this->_action = $action;
$this->_query = new CRM_Contact_BAO_Query($this->_queryParams, CRM_Activity_BAO_Query::defaultReturnProperties(CRM_Contact_BAO_Query::MODE_ACTIVITY, FALSE), NULL, FALSE, FALSE, CRM_Contact_BAO_Query::MODE_ACTIVITY);
$this->_query->_distinctComponentClause = '( civicrm_activity.id )';
$this->_query->_groupByComponentClause = " GROUP BY civicrm_activity.id ";
}
/**
* Get Menu name
*
* @param $value
* @param $skipMenuItems
* @return bool|string
*/
static function getMenuName(&$value, &$skipMenuItems)
{
// we need to localise the menu labels (CRM-5456) and don’t
// want to use ts() as it would throw the ts-extractor off
$i18n = CRM_Core_I18n::singleton();
$name = $i18n->crm_translate($value['attributes']['label'], array('context' => 'menu'));
$url = $value['attributes']['url'];
$permission = $value['attributes']['permission'];
$operator = $value['attributes']['operator'];
$parentID = $value['attributes']['parentID'];
$navID = $value['attributes']['navID'];
$active = $value['attributes']['active'];
$menuName = $value['attributes']['name'];
$target = CRM_Utils_Array::value('target', $value['attributes']);
if (in_array($parentID, $skipMenuItems) || !$active) {
$skipMenuItems[] = $navID;
return FALSE;
}
//we need to check core view/edit or supported acls.
if (in_array($menuName, array('Search...', 'Contacts'))) {
if (!CRM_Core_Permission::giveMeAllACLs()) {
$skipMenuItems[] = $navID;
return FALSE;
}
}
$config = CRM_Core_Config::singleton();
$makeLink = FALSE;
if (isset($url) && $url) {
if (substr($url, 0, 4) === 'http') {
$url = $url;
} else {
//CRM-7656 --make sure to separate out url path from url params,
//as we'r going to validate url path across cross-site scripting.
$urlParam = CRM_Utils_System::explode('&', str_replace('?', '&', $url), 2);
$url = CRM_Utils_System::url($urlParam[0], $urlParam[1], FALSE, NULL, TRUE);
}
$makeLink = TRUE;
}
static $allComponents;
if (!$allComponents) {
$allComponents = CRM_Core_Component::getNames();
}
if (isset($permission) && $permission) {
$permissions = explode(',', $permission);
$hasPermission = FALSE;
foreach ($permissions as $key) {
$key = trim($key);
$showItem = TRUE;
//get the component name from permission.
$componentName = CRM_Core_Permission::getComponentName($key);
if ($componentName) {
if (!in_array($componentName, $config->enableComponents) || !CRM_Core_Permission::check($key)) {
$showItem = FALSE;
if ($operator == 'AND') {
$skipMenuItems[] = $navID;
return $showItem;
}
} else {
$hasPermission = TRUE;
}
} elseif (!CRM_Core_Permission::check($key)) {
$showItem = FALSE;
if ($operator == 'AND') {
$skipMenuItems[] = $navID;
return $showItem;
}
} else {
$hasPermission = TRUE;
}
}
if (!$showItem && !$hasPermission) {
$skipMenuItems[] = $navID;
return FALSE;
}
}
if ($makeLink) {
if ($target) {
$name = "<a href=\"{$url}\" target=\"{$target}\">{$name}</a>";
} else {
$name = "<a href=\"{$url}\">{$name}</a>";
}
}
return $name;
}
/**
* Build where clause.
*
* @param string $recordType
*/
public function where($recordType = NULL)
{
$this->_where = " WHERE {$this->_aliases['civicrm_activity']}.is_test = 0 AND\n {$this->_aliases['civicrm_activity']}.is_deleted = 0 AND\n {$this->_aliases['civicrm_activity']}.is_current_revision = 1";
$clauses = array();
foreach ($this->_columns as $tableName => $table) {
if (array_key_exists('filters', $table)) {
foreach ($table['filters'] as $fieldName => $field) {
$clause = NULL;
if ($fieldName != 'contact_' . $recordType && (strstr($fieldName, '_target') || strstr($fieldName, '_assignee') || strstr($fieldName, '_source'))) {
continue;
}
if (CRM_Utils_Array::value('type', $field) & CRM_Utils_Type::T_DATE) {
$relative = CRM_Utils_Array::value("{$fieldName}_relative", $this->_params);
$from = CRM_Utils_Array::value("{$fieldName}_from", $this->_params);
$to = CRM_Utils_Array::value("{$fieldName}_to", $this->_params);
$clause = $this->dateClause($field['name'], $relative, $from, $to, $field['type']);
} else {
$op = CRM_Utils_Array::value("{$fieldName}_op", $this->_params);
if ($op && ($op != 'nnll' || $op != 'nll')) {
$clause = $this->whereClause($field, $op, CRM_Utils_Array::value("{$fieldName}_value", $this->_params), CRM_Utils_Array::value("{$fieldName}_min", $this->_params), CRM_Utils_Array::value("{$fieldName}_max", $this->_params));
if ($fieldName == 'activity_type_id' && empty($this->_params['activity_type_id_value'])) {
$actTypes = array_flip(CRM_Core_PseudoConstant::activityType(TRUE, FALSE, FALSE, 'label', TRUE));
$clause = "( {$this->_aliases['civicrm_activity']}.activity_type_id IN (" . implode(',', $actTypes) . ") )";
}
}
}
if ($field['name'] == 'current_user') {
if (CRM_Utils_Array::value("{$fieldName}_value", $this->_params) == 1) {
// get current user
$session = CRM_Core_Session::singleton();
if ($contactID = $session->get('userID')) {
$clause = "{$this->_aliases['civicrm_activity_contact']}.activity_id IN\n (SELECT activity_id FROM civicrm_activity_contact WHERE contact_id = {$contactID})";
} else {
$clause = NULL;
}
} else {
$clause = NULL;
}
}
if (!empty($clause)) {
$clauses[] = $clause;
}
}
}
}
// CRM-12675
$components = CRM_Core_Component::getNames();
foreach ($components as $componentID => $componentName) {
if (!CRM_Core_Permission::check("access {$componentName}")) {
$clauses[] = " ({$this->_aliases['civicrm_option_value']}.component_id IS NULL OR {$this->_aliases['civicrm_option_value']}.component_id <> {$componentID}) ";
}
}
if (empty($clauses)) {
$this->_where .= " ";
} else {
$this->_where .= " AND " . implode(' AND ', $clauses);
}
if ($this->_aclWhere) {
$this->_where .= " AND {$this->_aclWhere} ";
}
}
/**
* Function to return option-values of a particular group
*
* @param array $groupParams Array containing group fields whose option-values is to retrieved.
* @param string $orderBy for orderBy clause
* @param array $links has links like edit, delete, disable ..etc
*
* @return array of option-values
*
* @access public
* @static
*/
static function getRows($groupParams, $links, $orderBy = 'weight')
{
$optionValue = array();
if (!isset($groupParams['id']) || !$groupParams['id']) {
if ($groupParams['name']) {
$config =& CRM_Core_Config::singleton();
$optionGroup = CRM_Core_BAO_OptionGroup::retrieve($groupParams, $dnc);
$optionGroupID = $optionGroup->id;
}
} else {
$optionGroupID = $groupParams['id'];
}
$dao =& new CRM_Core_DAO_OptionValue();
if ($optionGroupID) {
$dao->option_group_id = $optionGroupID;
$dao->orderBy($orderBy);
$dao->find();
}
require_once 'CRM/Core/Component.php';
$componentNames = CRM_Core_Component::getNames();
$visibilityLabels = CRM_Core_PseudoConstant::visibility();
while ($dao->fetch()) {
$optionValue[$dao->id] = array();
CRM_Core_DAO::storeValues($dao, $optionValue[$dao->id]);
// form all action links
$action = array_sum(array_keys($links));
// update enable/disable links depending on if it is is_reserved or is_active
if ($dao->is_reserved) {
$action = CRM_Core_Action::UPDATE;
} else {
if ($dao->is_active) {
$action -= CRM_Core_Action::ENABLE;
} else {
$action -= CRM_Core_Action::DISABLE;
}
}
$optionValue[$dao->id]['label'] = htmlspecialchars($optionValue[$dao->id]['label']);
$optionValue[$dao->id]['order'] = $optionValue[$dao->id]['weight'];
$optionValue[$dao->id]['action'] = CRM_Core_Action::formLink($links, $action, array('id' => $dao->id, 'gid' => $optionGroupID, 'value' => $dao->value));
if (CRM_Utils_Array::value('component_id', $optionValue[$dao->id])) {
$optionValue[$dao->id]['component_name'] = $componentNames[$optionValue[$dao->id]['component_id']];
} else {
$optionValue[$dao->id]['component_name'] = 'Contact';
}
if (CRM_Utils_Array::value('visibility_id', $optionValue[$dao->id])) {
$optionValue[$dao->id]['visibility_label'] = $visibilityLabels[$optionValue[$dao->id]['visibility_id']];
}
}
return $optionValue;
}
/**
* Get Menu name
*/
function getMenuName(&$value, &$skipMenuItems)
{
// we need to localise the menu labels (CRM-5456) and don’t
// want to use ts() as it would throw the ts-extractor off
$i18n =& CRM_Core_I18n::singleton();
$name = $i18n->crm_translate($value['attributes']['label'], array('context' => 'menu'));
$url = str_replace('&', '&', $value['attributes']['url']);
$permission = $value['attributes']['permission'];
$operator = $value['attributes']['operator'];
$parentID = $value['attributes']['parentID'];
$navID = $value['attributes']['navID'];
$active = $value['attributes']['active'];
$menuName = $value['attributes']['name'];
if (in_array($parentID, $skipMenuItems) || !$active) {
$skipMenuItems[] = $navID;
return false;
}
//we need to check core view/edit or supported acls.
require_once 'CRM/Core/Permission.php';
if (in_array($menuName, array('Search...', 'Contacts'))) {
if (!CRM_Core_Permission::giveMeAllACLs()) {
$skipMenuItems[] = $navID;
return false;
}
}
$config = CRM_Core_Config::singleton();
$makeLink = false;
if (isset($url) && $url) {
if (substr($url, 0, 4) === 'http') {
$url = $url;
} else {
$url = CRM_Utils_System::url($url);
}
$makeLink = true;
}
static $allComponents;
if (!$allComponents) {
$allComponents = CRM_Core_Component::getNames();
}
if (isset($permission) && $permission) {
$permissions = explode(',', $permission);
$hasPermission = false;
foreach ($permissions as $key) {
$key = trim($key);
$showItem = true;
//get the component name from permission.
$componentName = CRM_Core_Permission::getComponentName($key);
if ($componentName) {
if (!in_array($componentName, $config->enableComponents) || !CRM_Core_Permission::check($key)) {
$showItem = false;
if ($operator == 'AND') {
$skipMenuItems[] = $navID;
return $showItem;
}
} else {
$hasPermission = true;
}
} else {
if (!CRM_Core_Permission::check($key)) {
$showItem = false;
if ($operator == 'AND') {
$skipMenuItems[] = $navID;
return $showItem;
}
} else {
$hasPermission = true;
}
}
}
if (!$showItem && !$hasPermission) {
$skipMenuItems[] = $navID;
return false;
}
}
if ($makeLink) {
return $name = "<a href=\"{$url}\">{$name}</a>";
}
return $name;
}
