/** * @param int $id * * @return mixed */ public static function &build($id) { if (!self::$_cache) { self::$_cache = array(); } if (array_key_exists($id, self::$_cache)) { return self::$_cache[$id]; } // check if this entry exists in db // if so retrieve and return self::$_cache[$id] = self::retrieve($id); if (self::$_cache[$id]) { return self::$_cache[$id]; } self::$_cache[$id] = CRM_ACL_BAO_ACL::getAllByContact($id); self::store($id, self::$_cache[$id]); return self::$_cache[$id]; }
/** * Get all of the ACLs for a contact through ACL groups owned by Contact * groups. * * @param int $contact_id - ID of a contact to search for * * @return array - Array of assoc. arrays of ACL rules * @access public * @static */ public static function &getGroupACLRoles($contact_id) { $contact_id = CRM_Utils_Type::escape($contact_id, 'Integer'); $rule = new CRM_ACL_BAO_ACL(); $acl = self::getTableName(); $aclRole = 'civicrm_acl_role'; $aclER = CRM_ACL_DAO_EntityRole::getTableName(); $c2g = CRM_Contact_BAO_GroupContact::getTableName(); $group = CRM_Contact_BAO_Group::getTableName(); $query = " SELECT {$acl}.*\n FROM {$acl}\n INNER JOIN civicrm_option_group og\n ON og.name = 'acl_role'\n INNER JOIN civicrm_option_value ov\n ON {$acl}.entity_table = '{$aclRole}'\n AND ov.option_group_id = og.id\n AND {$acl}.entity_id = ov.value\n AND ov.is_active = 1\n INNER JOIN {$aclER}\n ON {$aclER}.acl_role_id = {$acl}.entity_id\n AND {$aclER}.is_active = 1\n INNER JOIN {$c2g}\n ON {$aclER}.entity_id = {$c2g}.group_id\n AND {$aclER}.entity_table = 'civicrm_group'\n WHERE {$acl}.entity_table = '{$aclRole}'\n AND {$acl}.is_active = 1\n AND {$c2g}.contact_id = {$contact_id}\n AND {$c2g}.status = 'Added'"; $results = array(); $rule->query($query); while ($rule->fetch()) { $results[$rule->id] =& $rule->toArray(); } // also get all acls for "Any Role" case // and authenticated User Role if present $roles = "0"; $session = CRM_Core_Session::singleton(); if ($session->get('ufID') > 0) { $roles .= ",2"; } $query = "\nSELECT {$acl}.*\n FROM {$acl}\n WHERE {$acl}.entity_id IN ( {$roles} )\n AND {$acl}.entity_table = 'civicrm_acl_role'\n"; $rule->query($query); while ($rule->fetch()) { $results[$rule->id] =& $rule->toArray(); } return $results; }
/** * get all the groups the user has access to for the given operation * * @param int $type the type of permission needed * @param int $contactID the contactID for whom the check is made * * @return array the ids of the groups for which the user has permissions * @access public */ public static function group($type, $contactID = null, $tableName = 'civicrm_saved_search', $allGroups = null, $includedGroups = null) { if ($contactID == null) { $session = CRM_Core_Session::singleton(); $contactID = $session->get('userID'); } if (!$contactID) { $contactID = 0; // anonymous user } require_once 'CRM/ACL/BAO/ACL.php'; return CRM_ACL_BAO_ACL::group($type, $contactID, $tableName, $allGroups, $includedGroups); }
/** * Get all the groups the user has access to for the given operation. * * @param int $type * The type of permission needed. * @param int $contactID * The contactID for whom the check is made. * * @param string $tableName * @param null $allGroups * @param null $includedGroups * * @return array * the ids of the groups for which the user has permissions */ public static function group($type, $contactID = NULL, $tableName = 'civicrm_saved_search', $allGroups = NULL, $includedGroups = NULL) { if ($contactID == NULL) { $session = CRM_Core_Session::singleton(); $contactID = $session->get('userID'); } if (!$contactID) { // anonymous user $contactID = 0; } return CRM_ACL_BAO_ACL::group($type, $contactID, $tableName, $allGroups, $includedGroups); }
/** * Function to process the form * * @access public * * @return None */ public function postProcess() { CRM_ACL_BAO_Cache::resetCache(); $params = $this->controller->exportValues($this->_name); if ($this->_id || $this->_id === '0') { $query = "\nDELETE\n FROM civicrm_acl\n WHERE entity_id = %1\n AND ( object_table NOT IN ( 'civicrm_saved_search', 'civicrm_uf_group', 'civicrm_custom_group' ) )\n"; $deleteParams = array(1 => array($this->_id, 'Integer')); $dao = CRM_Core_DAO::executeQuery($query, $deleteParams); if ($this->_action & CRM_Core_Action::DELETE) { CRM_Core_Session::setStatus(ts('Selected ACL has been deleted.')); return; } } $params['operation'] = 'All'; $params['deny'] = 0; $params['is_active'] = 1; $params['entity_table'] = 'civicrm_acl_role'; $params['name'] = 'Core ACL'; foreach ($params['object_table'] as $object_table => $value) { if ($value) { $newParams = $params; unset($newParams['object_table']); $newParams['object_table'] = $object_table; CRM_ACL_BAO_ACL::create($newParams); } } }
/** * Function to process the form * * @access public * * @return None */ public function postProcess() { // note this also resets any ACL cache CRM_Core_BAO_Cache::deleteGroup('contact fields'); if ($this->_action & CRM_Core_Action::DELETE) { CRM_ACL_BAO_ACL::del($this->_id); CRM_Core_Session::setStatus(ts('Selected ACL has been deleted.')); } else { $params = $this->controller->exportValues($this->_name); $params['is_active'] = CRM_Utils_Array::value('is_active', $params, FALSE); $params['deny'] = 0; $params['entity_table'] = 'civicrm_acl_role'; // Figure out which type of object we're permissioning on and set object_table and object_id. switch ($params['object_type']) { case 1: $params['object_table'] = 'civicrm_saved_search'; $params['object_id'] = $params['group_id']; break; case 2: $params['object_table'] = 'civicrm_uf_group'; $params['object_id'] = $params['uf_group_id']; break; case 3: $params['object_table'] = 'civicrm_custom_group'; $params['object_id'] = $params['custom_group_id']; break; case 4: $params['object_table'] = 'civicrm_event'; $params['object_id'] = $params['event_id']; break; } if ($this->_id) { $params['id'] = $this->_id; } CRM_ACL_BAO_ACL::create($params); } }
/** * Should we be adding ACLs in this instance. If we don't add them the user * will not be able to see anything. We check if the install has the permissions * hook implemented correctly & if so only allow view & edit based on those. * * Otherwise all users get these permissions added (4.2 vs 4.3 / other CMS issues) * * @param integer $type type of operation * * @return bool */ function _multisite_add_permissions($type) { $hookclass = 'CRM_Utils_Hook'; if (!method_exists($hookclass, 'permissions')) { // ie. unpatched 4.2 so we can't check for extra declared permissions // & default to applying this to all return TRUE; } // extra check to make sure that hook is properly implemented // if not we won't check for it. NB view all contacts in domain is enough checking $declaredPermissions = CRM_Core_Permission::getCorePermissions(); if (!array_key_exists('view all contacts in domain', $declaredPermissions)) { drupal_set_message('here'); return TRUE; } if (CRM_ACL_BAO_ACL::matchType($type, 'View') && CRM_Core_Permission::check('view all contacts in domain')) { return TRUE; } if (CRM_ACL_BAO_ACL::matchType($type, 'Edit') && CRM_Core_Permission::check('edit all contacts in domain')) { return TRUE; } return FALSE; }
/** * Get all the groups the user has access to for the given operation. * * @param int $type * The type of permission needed. * @param int $contactID * The contactID for whom the check is made. * * @param string $tableName * @param null $allGroups * @param null $includedGroups * * @return array * the ids of the groups for which the user has permissions */ public static function group($type, $contactID = NULL, $tableName = 'civicrm_saved_search', $allGroups = NULL, $includedGroups = NULL) { if ($contactID == NULL) { $contactID = CRM_Core_Session::getLoggedInContactID(); } if (!$contactID) { // anonymous user $contactID = 0; } return CRM_ACL_BAO_ACL::group($type, $contactID, $tableName, $allGroups, $includedGroups); }
/** * Should we be adding ACLs in this instance. If we don't add them the user * will not be able to see anything. We check if the install has the permissions * hook implemented correctly & if so only allow view & edit based on those. * * Otherwise all users get these permissions added (4.2 vs 4.3 / other CMS issues) * * @param integer $type type of operation */ function _multisite_add_permissions($type) { $hookclass = 'CRM_Utils_Hook'; if (!method_exists($hookclass, 'permissions') && !method_exists($hookclass, 'permission')) { // ie. unpatched 4.2 so we can't check for extra declared permissions // & default to applying this to all return TRUE; } if ($type == 'group') { // @fixme only handling we have for this at the moment return TRUE; } // extra check to make sure that hook is properly implemented // if not we won't check for it. NB view all contacts in domain is enough checking $declaredPermissions = CRM_Core_Permission::basicPermissions(); if (!array_key_exists('view all contacts in domain', $declaredPermissions)) { return TRUE; } if (CRM_ACL_BAO_ACL::matchType($type, 'View') && CRM_Core_Permission::check('view all contacts in domain')) { return TRUE; } if (CRM_ACL_BAO_ACL::matchType($type, 'Edit') && CRM_Core_Permission::check('edit all contacts in domain')) { return TRUE; } return FALSE; }
/** * Generate an event queue for a test job. * * @param array $testParams * Contains form values. * * @return void */ public function getTestRecipients($testParams) { $session = CRM_Core_Session::singleton(); $senderId = $session->get('userID'); list($aclJoin, $aclWhere) = CRM_ACL_BAO_ACL::buildAcl($senderId); if (array_key_exists($testParams['test_group'], CRM_Core_PseudoConstant::group())) { $contacts = civicrm_api('contact', 'get', array('version' => 3, 'group' => $testParams['test_group'], 'return' => 'id', 'options' => array('limit' => 100000000000))); foreach (array_keys($contacts['values']) as $groupContact) { $query = "\nSELECT civicrm_email.id AS email_id,\n civicrm_email.is_primary as is_primary,\n civicrm_email.is_bulkmail as is_bulkmail\nFROM civicrm_email\nINNER JOIN civicrm_contact contact_a ON civicrm_email.contact_id = contact_a.id\n{$aclJoin}\nWHERE (civicrm_email.is_bulkmail = 1 OR civicrm_email.is_primary = 1)\nAND contact_a.id = {$groupContact}\nAND contact_a.do_not_email = 0\nAND contact_a.is_deceased <> 1\nAND civicrm_email.on_hold = 0\nAND contact_a.is_opt_out = 0\n{$aclWhere}\nGROUP BY civicrm_email.id\nORDER BY civicrm_email.is_bulkmail DESC\n"; $dao = CRM_Core_DAO::executeQuery($query); if ($dao->fetch()) { $params = array('job_id' => $testParams['job_id'], 'email_id' => $dao->email_id, 'contact_id' => $groupContact); CRM_Mailing_Event_BAO_Queue::create($params); } } } }
/** * Build a join and where part for a query * * @param int $contactId * @return array - the first key is join part of the query and the second key is the where part of the query */ public static function buildAcl($contactId) { // If there is no $contactId passed return empty ACL join and where clause if (empty($contactId)) { return array('', ''); } $tables = array(); $whereTables = array(); $whereClause = CRM_ACL_BAO_ACL::whereClause(CRM_Core_Permission::VIEW, $tables, $whereTables, $contactId, TRUE); if (strlen($whereClause)) { $whereClause = " AND (" . $whereClause . ")"; } $join = ""; foreach ($whereTables as $name => $value) { if (!$value) { continue; } if ($value != 1) { // if there is already a join statement in value, use value itself if (strpos($value, 'JOIN')) { $join .= " {$value} "; } continue; } } return array($join, $whereClause); }
/** * Construct an associative array of an ACL rule's properties * * @param * @return array - Assoc. array of the ACL rule's properties * @access public */ public function toArray() { $result = array(); if (!self::$_fieldKeys) { $fields =& CRM_ACL_DAO_ACL::fields(); self::$_fieldKeys = array_keys($fields); } foreach (self::$_fieldKeys as $field) { $result[$field] = $this->{$field}; } return $result; }
/** * Send the mailing. * * @param object $mailer * A Mail object to send the messages. * * @param array $testParams */ public function deliver(&$mailer, $testParams = NULL) { $mailing = new CRM_Mailing_BAO_Mailing(); $mailing->id = $this->mailing_id; $mailing->find(TRUE); $mailing->free(); $eq = new CRM_Mailing_Event_BAO_Queue(); $eqTable = CRM_Mailing_Event_BAO_Queue::getTableName(); $emailTable = CRM_Core_BAO_Email::getTableName(); $phoneTable = CRM_Core_DAO_Phone::getTableName(); $contactTable = CRM_Contact_BAO_Contact::getTableName(); $edTable = CRM_Mailing_Event_BAO_Delivered::getTableName(); $ebTable = CRM_Mailing_Event_BAO_Bounce::getTableName(); list($aclJoin, $aclWhere) = CRM_ACL_BAO_ACL::buildAcl($mailing->created_id); $query = " SELECT {$eqTable}.id,\n {$emailTable}.email as email,\n {$eqTable}.contact_id,\n {$eqTable}.hash,\n NULL as phone\n FROM {$eqTable}\n INNER JOIN {$emailTable}\n ON {$eqTable}.email_id = {$emailTable}.id\n INNER JOIN {$contactTable} contact_a\n ON contact_a.id = {$emailTable}.contact_id\n LEFT JOIN {$edTable}\n ON {$eqTable}.id = {$edTable}.event_queue_id\n LEFT JOIN {$ebTable}\n ON {$eqTable}.id = {$ebTable}.event_queue_id\n {$aclJoin}\n WHERE {$eqTable}.job_id = " . $this->id . "\n AND {$edTable}.id IS null\n AND {$ebTable}.id IS null\n AND contact_a.is_opt_out = 0 \n {$aclWhere}"; if ($mailing->sms_provider_id) { $query = "\n SELECT {$eqTable}.id,\n {$phoneTable}.phone as phone,\n {$eqTable}.contact_id,\n {$eqTable}.hash,\n NULL as email\n FROM {$eqTable}\n INNER JOIN {$phoneTable}\n ON {$eqTable}.phone_id = {$phoneTable}.id\n INNER JOIN {$contactTable} contact_a\n ON contact_a.id = {$phoneTable}.contact_id\n LEFT JOIN {$edTable}\n ON {$eqTable}.id = {$edTable}.event_queue_id\n LEFT JOIN {$ebTable}\n ON {$eqTable}.id = {$ebTable}.event_queue_id\n {$aclJoin}\n WHERE {$eqTable}.job_id = " . $this->id . "\n AND {$edTable}.id IS null\n AND {$ebTable}.id IS null\n AND ( contact_a.is_opt_out = 0\n OR contact_a.do_not_sms = 0 )\n {$aclWhere}"; } $eq->query($query); $config = NULL; if ($config == NULL) { $config = CRM_Core_Config::singleton(); } if (property_exists($mailing, 'language') && $mailing->language && $mailing->language != 'en_US') { $swapLang = CRM_Utils_AutoClean::swap('global://dbLocale?getter', 'call://i18n/setLocale', $mailing->language); } $job_date = CRM_Utils_Date::isoToMysql($this->scheduled_date); $fields = array(); if (!empty($testParams)) { $mailing->subject = ts('[CiviMail Draft]') . ' ' . $mailing->subject; } CRM_Mailing_BAO_Mailing::tokenReplace($mailing); // get and format attachments $attachments = CRM_Core_BAO_File::getEntityFile('civicrm_mailing', $mailing->id); if (defined('CIVICRM_MAIL_SMARTY') && CIVICRM_MAIL_SMARTY) { CRM_Core_Smarty::registerStringResource(); } // CRM-12376 // This handles the edge case scenario where all the mails // have been delivered in prior jobs. $isDelivered = TRUE; // make sure that there's no more than $mailerBatchLimit mails processed in a run $mailerBatchLimit = Civi::settings()->get('mailerBatchLimit'); while ($eq->fetch()) { // if ( ( $mailsProcessed % 100 ) == 0 ) { // CRM_Utils_System::xMemory( "$mailsProcessed: " ); // } if ($mailerBatchLimit > 0 && self::$mailsProcessed >= $mailerBatchLimit) { if (!empty($fields)) { $this->deliverGroup($fields, $mailing, $mailer, $job_date, $attachments); } $eq->free(); return FALSE; } self::$mailsProcessed++; $fields[] = array('id' => $eq->id, 'hash' => $eq->hash, 'contact_id' => $eq->contact_id, 'email' => $eq->email, 'phone' => $eq->phone); if (count($fields) == self::MAX_CONTACTS_TO_PROCESS) { $isDelivered = $this->deliverGroup($fields, $mailing, $mailer, $job_date, $attachments); if (!$isDelivered) { $eq->free(); return $isDelivered; } $fields = array(); } } $eq->free(); if (!empty($fields)) { $isDelivered = $this->deliverGroup($fields, $mailing, $mailer, $job_date, $attachments); } return $isDelivered; }