[civicrm-core.git] / CRM / Mailing / Page / View.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 5                                                  |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2019                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License and the CiviCRM Licensing Exception along                  |
 | with this program; if not, contact CiviCRM LLC                     |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
 */

/**
 *
 * @package CRM
 * @copyright CiviCRM LLC (c) 2004-2019
 */

/**
 * A page for mailing preview.
 */
class CRM_Mailing_Page_View extends CRM_Core_Page {

  /**
   * Signal to Flexmailer that this version of the class is usable.
   *
   * @var bool
   */
  const USES_MAILING_PREVIEW_API = 1;

  protected $_mailingID;
  protected $_mailing;
  protected $_contactID;

  /**
   * Lets do permission checking here.
   * First check for valid mailing, if false return fatal.
   * Second check for visibility.
   * Call a hook to see if hook wants to override visibility setting.
   */
  public function checkPermission() {
    if (!$this->_mailing) {
      return FALSE;
    }

    // check for visibility, if visibility is Public Pages and they have the permission
    // return true
    if ($this->_mailing->visibility == 'Public Pages' &&
      CRM_Core_Permission::check('view public CiviMail content')
    ) {
      return TRUE;
    }

    // if user is an admin, return true
    if (CRM_Core_Permission::check('administer CiviCRM') ||
      CRM_Core_Permission::check('approve mailings') ||
      CRM_Core_Permission::check('access CiviMail')
    ) {
      return TRUE;
    }

    return FALSE;
  }

  /**
   * Run this page (figure out the action needed and perform it).
   *
   * @param int $id
   * @param int $contactID
   * @param bool $print
   * @param bool $allowID
   *
   * @return null|string
   *   Not really sure if anything should be returned - parent doesn't
   */
  public function run($id = NULL, $contactID = NULL, $print = TRUE, $allowID = FALSE) {
    if (is_numeric($id)) {
      $this->_mailingID = $id;
    }
    else {
      $print = TRUE;
      $this->_mailingID = CRM_Utils_Request::retrieve('id', 'String', CRM_Core_DAO::$_nullObject, TRUE);
    }

    // # CRM-7651
    // override contactID from the function level if passed in
    if (isset($contactID) &&
      is_numeric($contactID)
    ) {
      $this->_contactID = $contactID;
    }
    else {
      $this->_contactID = CRM_Core_Session::getLoggedInContactID();
    }

    // mailing key check
    if (Civi::settings()->get('hash_mailing_url')) {
      $this->_mailing = new CRM_Mailing_BAO_Mailing();

      if (!is_numeric($this->_mailingID)) {
        $this->_mailing->hash = $this->_mailingID;
      }
      elseif (is_numeric($this->_mailingID)) {
        $this->_mailing->id = $this->_mailingID;
        // if mailing is present and associated hash is present
        // while 'hash' is not been used for mailing view : throw 'permissionDenied'
        if ($this->_mailing->find() &&
          CRM_Core_DAO::getFieldValue('CRM_Mailing_BAO_Mailing', $this->_mailingID, 'hash', 'id') &&
          !$allowID
        ) {
          CRM_Utils_System::permissionDenied();
          return NULL;
        }
      }
    }
    else {
      $this->_mailing = new CRM_Mailing_BAO_Mailing();
      $this->_mailing->id = $this->_mailingID;
    }

    if (!$this->_mailing->find(TRUE) ||
      !$this->checkPermission()
    ) {
      CRM_Utils_System::permissionDenied();
      return NULL;
    }

    $contactId = isset($this->_contactID) ? $this->_contactID : 0;

    $result = civicrm_api3('Mailing', 'preview', [
      'id' => $this->_mailingID,
      'contact_id' => $contactId,
    ]);
    $mailing = \CRM_Utils_Array::value('values', $result);

    $title = NULL;
    if (isset($mailing['body_html']) && empty($_GET['text'])) {
      $header = 'text/html; charset=utf-8';
      $content = $mailing['body_html'];
      if (strpos($content, '<head>') === FALSE && strpos($content, '<title>') === FALSE) {
        $title = '<head><title>' . $mailing['subject'] . '</title></head>';
      }
    }
    else {
      $header = 'text/plain; charset=utf-8';
      $content = $mailing['body_text'];
    }
    CRM_Utils_System::setTitle($mailing['subject']);

    if (CRM_Utils_Array::value('snippet', $_GET) === 'json') {
      CRM_Core_Page_AJAX::returnJsonResponse($content);
    }
    if ($print) {
      CRM_Utils_System::setHttpHeader('Content-Type', $header);
      print $title;
      print $content;
      CRM_Utils_System::civiExit();
    }
    else {
      return $content;
    }
  }

}
Commit	Line	Data
6a488035 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
fee14197	4	\| CiviCRM version 5 \|
6a488035	5	+--------------------------------------------------------------------+
6b83d5bd	6	\| Copyright CiviCRM LLC (c) 2004-2019 \|
6a488035 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License and the CiviCRM Licensing Exception along \|
	21	\| with this program; if not, contact CiviCRM LLC \|
	22	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	23	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	24	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	25	+--------------------------------------------------------------------+
d25dd0ee	26	*/
6a488035 TO	27
	28	/**
	29	*
	30	* @package CRM
6b83d5bd	31	* @copyright CiviCRM LLC (c) 2004-2019
6a488035 TO	32	*/
	33
	34	/**
25606795	35	* A page for mailing preview.
6a488035 TO	36	*/
6a488035 TO	37	class CRM_Mailing_Page_View extends CRM_Core_Page {
640d3ea6 TO	38
640d3ea6 TO	39	/**
9f266042	40	* Signal to Flexmailer that this version of the class is usable.
	41	*
	42	* @var bool
640d3ea6 TO	43	*/
	44	const USES_MAILING_PREVIEW_API = 1;
	45
6a488035 TO	46	protected $_mailingID;
	47	protected $_mailing;
	48	protected $_contactID;
	49
	50	/**
fe482240	51	* Lets do permission checking here.
25606795 SB	52	* First check for valid mailing, if false return fatal.
	53	* Second check for visibility.
	54	* Call a hook to see if hook wants to override visibility setting.
6a488035	55	*/
00be9182	56	public function checkPermission() {
6a488035 TO	57	if (!$this->_mailing) {
	58	return FALSE;
	59	}
	60
	61	// check for visibility, if visibility is Public Pages and they have the permission
	62	// return true
	63	if ($this->_mailing->visibility == 'Public Pages' &&
	64	CRM_Core_Permission::check('view public CiviMail content')
	65	) {
	66	return TRUE;
	67	}
	68
	69	// if user is an admin, return true
	70	if (CRM_Core_Permission::check('administer CiviCRM') \|\|
cb7b73f0	71	CRM_Core_Permission::check('approve mailings') \|\|
6a488035 TO	72	CRM_Core_Permission::check('access CiviMail')
	73	) {
	74	return TRUE;
	75	}
	76
	77	return FALSE;
	78	}
	79
	80	/**
100fef9d	81	* Run this page (figure out the action needed and perform it).
6a488035	82	*
100fef9d CW	83	* @param int $id
100fef9d CW	84	* @param int $contactID
77b97be7 EM	85	* @param bool $print
77b97be7 EM	86	* @param bool $allowID
7535623a	87	*
7535623a	88	* @return null\|string
3b2bf3b5	89	* Not really sure if anything should be returned - parent doesn't
6a488035	90	*/
00be9182	91	public function run($id = NULL, $contactID = NULL, $print = TRUE, $allowID = FALSE) {
6a488035 TO	92	if (is_numeric($id)) {
	93	$this->_mailingID = $id;
	94	}
	95	else {
	96	$print = TRUE;
c57f36a1	97	$this->_mailingID = CRM_Utils_Request::retrieve('id', 'String', CRM_Core_DAO::$_nullObject, TRUE);
6a488035 TO	98	}
	99
	100	// # CRM-7651
	101	// override contactID from the function level if passed in
	102	if (isset($contactID) &&
	103	is_numeric($contactID)
	104	) {
	105	$this->_contactID = $contactID;
	106	}
	107	else {
3bdcd4ec	108	$this->_contactID = CRM_Core_Session::getLoggedInContactID();
6a488035 TO	109	}
6a488035 TO	110
c57f36a1	111	// mailing key check
aaffa79f	112	if (Civi::settings()->get('hash_mailing_url')) {
c57f36a1 PJ	113	$this->_mailing = new CRM_Mailing_BAO_Mailing();
	114
	115	if (!is_numeric($this->_mailingID)) {
	116	$this->_mailing->hash = $this->_mailingID;
	117	}
	118	elseif (is_numeric($this->_mailingID)) {
	119	$this->_mailing->id = $this->_mailingID;
	120	// if mailing is present and associated hash is present
	121	// while 'hash' is not been used for mailing view : throw 'permissionDenied'
	122	if ($this->_mailing->find() &&
303aa3b3	123	CRM_Core_DAO::getFieldValue('CRM_Mailing_BAO_Mailing', $this->_mailingID, 'hash', 'id') &&
c57f36a1 PJ	124	!$allowID
	125	) {
	126	CRM_Utils_System::permissionDenied();
3b2bf3b5	127	return NULL;
c57f36a1 PJ	128	}
	129	}
	130	}
	131	else {
	132	$this->_mailing = new CRM_Mailing_BAO_Mailing();
	133	$this->_mailing->id = $this->_mailingID;
	134	}
6a488035 TO	135
	136	if (!$this->_mailing->find(TRUE) \|\|
	137	!$this->checkPermission()
	138	) {
	139	CRM_Utils_System::permissionDenied();
3b2bf3b5	140	return NULL;
6a488035 TO	141	}
6a488035 TO	142
640d3ea6 TO	143	$contactId = isset($this->_contactID) ? $this->_contactID : 0;
	144
	145	$result = civicrm_api3('Mailing', 'preview', [
	146	'id' => $this->_mailingID,
	147	'contact_id' => $contactId,
	148	]);
	149	$mailing = \CRM_Utils_Array::value('values', $result);
6a488035	150
3f32bb8b	151	$title = NULL;
640d3ea6	152	if (isset($mailing['body_html']) && empty($_GET['text'])) {
956d2f84	153	$header = 'text/html; charset=utf-8';
640d3ea6	154	$content = $mailing['body_html'];
3f32bb8b	155	if (strpos($content, '<head>') === FALSE && strpos($content, '<title>') === FALSE) {
640d3ea6	156	$title = '<head><title>' . $mailing['subject'] . '</title></head>';
3f32bb8b	157	}
6a488035 TO	158	}
6a488035 TO	159	else {
956d2f84	160	$header = 'text/plain; charset=utf-8';
640d3ea6	161	$content = $mailing['body_text'];
6a488035	162	}
640d3ea6	163	CRM_Utils_System::setTitle($mailing['subject']);
6a488035	164
fc164be7 CW	165	if (CRM_Utils_Array::value('snippet', $_GET) === 'json') {
	166	CRM_Core_Page_AJAX::returnJsonResponse($content);
	167	}
6a488035	168	if ($print) {
956d2f84	169	CRM_Utils_System::setHttpHeader('Content-Type', $header);
3f32bb8b	170	print $title;
6a488035 TO	171	print $content;
	172	CRM_Utils_System::civiExit();
	173	}
	174	else {
	175	return $content;
	176	}
	177	}
96025800	178
6a488035	179	}