function buildACLClause($tableAlias) { //override for ACL( Since Cotact may be source //contact/assignee or target also it may be null ) require_once 'CRM/Core/Permission.php'; require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (CRM_Core_Permission::check('view all contacts')) { $this->_aclFrom = $this->_aclWhere = null; return; } $session = CRM_Core_Session::singleton(); $contactID = $session->get('userID'); if (!$contactID) { $contactID = 0; } $contactID = CRM_Utils_Type::escape($contactID, 'Integer'); CRM_Contact_BAO_Contact_Permission::cache($contactID); $clauses = array(); foreach ($tableAlias as $k => $alias) { $clauses[] = " INNER JOIN civicrm_acl_contact_cache aclContactCache_{$k} ON ( {$alias}.id = aclContactCache_{$k}.contact_id OR {$alias}.id IS NULL ) AND aclContactCache_{$k}.user_id = {$contactID} "; } $this->_aclFrom = implode(" ", $clauses); $this->_aclWhere = null; }
static function updateEntry($id) { // rebuilds civicrm_acl_cache self::deleteEntry($id); self::build($id); // rebuilds civicrm_acl_contact_cache require_once "CRM/Contact/BAO/Contact/Permission.php"; CRM_Contact_BAO_Contact_Permission::cache($id, CRM_Core_Permission::VIEW, true); }
/** * Test that getquick applies ACLs. */ public function testGetQuickFirstNameACLs() { $this->getQuickSearchSampleData(); $userID = $this->createLoggedInUser(); $this->callAPISuccess('Setting', 'create', array('includeOrderByClause' => TRUE)); CRM_Core_Config::singleton()->userPermissionClass->permissions = array(); $result = $this->callAPISuccess('contact', 'getquick', array('name' => 'Bob', 'field_name' => 'first_name', 'table_name' => 'cc')); $this->assertEquals(0, $result['count']); $this->hookClass->setHook('civicrm_aclWhereClause', array($this, 'aclWhereNoBobH')); CRM_Contact_BAO_Contact_Permission::cache($userID, CRM_Core_Permission::VIEW, TRUE); $result = $this->callAPISuccess('contact', 'getquick', array('name' => 'Bob', 'field_name' => 'first_name', 'table_name' => 'cc')); $this->assertEquals('K Bobby, Bob', $result['values'][1]['sort_name']); // Without the ACL 9 would be bob@h.com. $this->assertEquals('I Bobby, Bobby', $result['values'][9]['sort_name']); }
public function filterACLContacts() { if (CRM_Core_Permission::check('view all contacts')) { CRM_Core_DAO::executeQuery("DELETE FROM {$this->_tableName} WHERE contact_id IN (SELECT id FROM civicrm_contact WHERE is_deleted = 1)"); return; } $session = CRM_Core_Session::singleton(); $contactID = $session->get('userID'); if (!$contactID) { $contactID = 0; } CRM_Contact_BAO_Contact_Permission::cache($contactID); $params = array(1 => array($contactID, 'Integer')); $sql = "\nDELETE t.*\nFROM {$this->_tableName} t\nWHERE NOT EXISTS ( SELECT c.id\n FROM civicrm_acl_contact_cache c\n WHERE c.user_id = %1 AND t.contact_id = c.contact_id )\n"; CRM_Core_DAO::executeQuery($sql, $params); $sql = "\nDELETE t.*\nFROM {$this->_tableName} t\nWHERE t.table_name = 'Activity' AND\n NOT EXISTS ( SELECT c.id\n FROM civicrm_acl_contact_cache c\n WHERE c.user_id = %1 AND ( t.target_contact_id = c.contact_id OR t.target_contact_id IS NULL ) )\n"; CRM_Core_DAO::executeQuery($sql, $params); $sql = "\nDELETE t.*\nFROM {$this->_tableName} t\nWHERE t.table_name = 'Activity' AND\n NOT EXISTS ( SELECT c.id\n FROM civicrm_acl_contact_cache c\n WHERE c.user_id = %1 AND ( t.assignee_contact_id = c.contact_id OR t.assignee_contact_id IS NULL ) )\n"; CRM_Core_DAO::executeQuery($sql, $params); }
/** * @param int $id */ public static function updateEntry($id) { // rebuilds civicrm_acl_cache self::deleteEntry($id); self::build($id); // rebuilds civicrm_acl_contact_cache CRM_Contact_BAO_Contact_Permission::cache($id, CRM_Core_Permission::VIEW, TRUE); }
function buildACLClause($tableAlias = array()) { if (CRM_Core_Permission::check('view all contacts')) { $this->_aclFrom = $this->_aclWhere = NULL; return; } $session = CRM_Core_Session::singleton(); $contactID = $session->get('userID'); if (!$contactID) { $contactID = 0; } $contactID = CRM_Utils_Type::escape($contactID, 'Integer'); CRM_Contact_BAO_Contact_Permission::cache($contactID); $clauses = array(); foreach ($tableAlias as $k => $alias) { $clauses[] = " INNER JOIN civicrm_acl_contact_cache aclContactCache_{$k} ON ( {$alias}.contact_id = aclContactCache_{$k}.contact_id OR {$alias}.contact_id IS NULL ) AND aclContactCache_{$k}.user_id = {$contactID} "; } $this->_aclFrom = implode(" ", $clauses); }
function filterACLContacts() { if (CRM_Core_Permission::check('view all contacts')) { return; } $session = CRM_Core_Session::singleton(); $contactID = $session->get('userID'); if (!$contactID) { $contactID = 0; } require_once 'CRM/Contact/BAO/Contact/Permission.php'; CRM_Contact_BAO_Contact_Permission::cache($contactID); $params = array(1 => array($contactID, 'Integer')); $sql = "\r\nDELETE t.*\r\nFROM {$this->_tableName} t\r\nWHERE NOT EXISTS ( SELECT c.id \r\n FROM civicrm_acl_contact_cache c\r\n WHERE c.user_id = %1 AND t.contact_id = c.contact_id )\r\n"; CRM_Core_DAO::executeQuery($sql, $params); $sql = "\r\nDELETE t.*\r\nFROM {$this->_tableName} t\r\nWHERE t.table_name = 'Activity' AND\r\n NOT EXISTS ( SELECT c.id \r\n FROM civicrm_acl_contact_cache c\r\n WHERE c.user_id = %1 AND ( t.target_contact_id = c.contact_id OR t.target_contact_id IS NULL ) )\r\n"; CRM_Core_DAO::executeQuery($sql, $params); $sql = "\r\nDELETE t.*\r\nFROM {$this->_tableName} t\r\nWHERE t.table_name = 'Activity' AND\r\n NOT EXISTS ( SELECT c.id \r\n FROM civicrm_acl_contact_cache c\r\n WHERE c.user_id = %1 AND ( t.assignee_contact_id = c.contact_id OR t.assignee_contact_id IS NULL ) )\r\n"; CRM_Core_DAO::executeQuery($sql, $params); }