Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
06b69b18 | 4 | | CiviCRM version 4.5 | |
6a488035 | 5 | +--------------------------------------------------------------------+ |
06b69b18 | 6 | | Copyright CiviCRM LLC (c) 2004-2014 | |
6a488035 TO |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
26 | */ | |
27 | ||
28 | /** | |
29 | * | |
30 | * @package CRM | |
06b69b18 | 31 | * @copyright CiviCRM LLC (c) 2004-2014 |
6a488035 TO |
32 | * $Id$ |
33 | * | |
34 | */ | |
35 | ||
36 | /** | |
37 | * Create a page for displaying CiviCRM Profile Fields. | |
38 | * | |
39 | * Heart of this class is the run method which checks | |
40 | * for action type and then displays the appropriate | |
41 | * page. | |
42 | * | |
43 | */ | |
44 | class CRM_Profile_Page_Dynamic extends CRM_Core_Page { | |
45 | ||
46 | /** | |
47 | * The contact id of the person we are viewing | |
48 | * | |
49 | * @var int | |
50 | * @access protected | |
51 | */ | |
52 | protected $_id; | |
53 | ||
54 | /** | |
55 | * the profile group are are interested in | |
56 | * | |
57 | * @var int | |
58 | * @access protected | |
59 | */ | |
60 | protected $_gid; | |
61 | ||
62 | /** | |
63 | * The profile types we restrict this page to display | |
64 | * | |
65 | * @var string | |
66 | * @access protected | |
67 | */ | |
68 | protected $_restrict; | |
69 | ||
70 | /** | |
71 | * Should we bypass permissions | |
72 | * | |
73 | * @var boolean | |
74 | * @access protected | |
75 | */ | |
76 | protected $_skipPermission; | |
77 | ||
78 | /** | |
79 | * Store profile ids if multiple profile ids are passed using comma separated. | |
80 | * Currently lets implement this functionality only for dialog mode | |
81 | */ | |
82 | protected $_profileIds = array(); | |
83 | ||
84 | /** | |
85 | * Contact profile having activity fields? | |
86 | * | |
87 | * @var string | |
88 | */ | |
89 | protected $_isContactActivityProfile = FALSE; | |
90 | ||
91 | /** | |
92 | * Activity Id connected to the profile | |
93 | * | |
94 | * @var string | |
95 | */ | |
96 | protected $_activityId = NULL; | |
97 | ||
98 | protected $_multiRecord = NULL; | |
99 | ||
100 | protected $_recordId = NULL; | |
366fe2a3 | 101 | |
6a488035 TO |
102 | /* |
103 | * fetch multirecord as well as non-multirecord fields | |
104 | */ | |
105 | protected $_allFields = NULL; | |
106 | ||
107 | /** | |
108 | * class constructor | |
109 | * | |
77b97be7 | 110 | * @param int $id the contact id |
6a488035 TO |
111 | * @param int $gid the group id |
112 | * | |
77b97be7 EM |
113 | * @param $restrict |
114 | * @param bool $skipPermission | |
115 | * @param null $profileIds | |
116 | * | |
117 | * @return \CRM_Profile_Page_Dynamic | |
f9d8a5d1 | 118 | * @access public |
6a488035 TO |
119 | */ |
120 | function __construct($id, $gid, $restrict, $skipPermission = FALSE, $profileIds = NULL) { | |
121 | parent::__construct(); | |
122 | ||
123 | $this->_id = $id; | |
124 | $this->_gid = $gid; | |
125 | $this->_restrict = $restrict; | |
126 | $this->_skipPermission = $skipPermission; | |
127 | ||
128 | if (!array_key_exists('multiRecord', $_GET)) { | |
129 | $this->set('multiRecord', NULL); | |
130 | } | |
131 | if (!array_key_exists('recordId', $_GET)) { | |
132 | $this->set('recordId', NULL); | |
133 | } | |
134 | if (!array_key_exists('allFields', $_GET)) { | |
135 | $this->set('allFields', NULL); | |
136 | } | |
366fe2a3 | 137 | |
6a488035 TO |
138 | //specifies the action being done on a multi record field |
139 | $multiRecordAction = CRM_Utils_Request::retrieve('multiRecord', 'String', $this); | |
366fe2a3 | 140 | |
141 | $this->_multiRecord = (!is_numeric($multiRecordAction)) ? | |
6a488035 TO |
142 | CRM_Core_Action::resolve($multiRecordAction) : $multiRecordAction; |
143 | if ($this->_multiRecord) { | |
144 | $this->set('multiRecord', $this->_multiRecord); | |
145 | } | |
366fe2a3 | 146 | |
6a488035 TO |
147 | if ($this->_multiRecord & CRM_Core_Action::VIEW) { |
148 | $this->_recordId = CRM_Utils_Request::retrieve('recordId', 'Positive', $this); | |
149 | $this->_allFields = CRM_Utils_Request::retrieve('allFields', 'Integer', $this); | |
150 | } | |
366fe2a3 | 151 | |
6a488035 TO |
152 | if ($profileIds) { |
153 | $this->_profileIds = $profileIds; | |
154 | } | |
155 | else { | |
156 | $this->_profileIds = array($gid); | |
157 | } | |
158 | ||
159 | $this->_activityId = CRM_Utils_Request::retrieve('aid', 'Positive', $this, FALSE, 0, 'GET'); | |
160 | if (is_numeric($this->_activityId)) { | |
161 | $latestRevisionId = CRM_Activity_BAO_Activity::getLatestActivityId($this->_activityId); | |
162 | if ($latestRevisionId) { | |
163 | $this->_activityId = $latestRevisionId; | |
164 | } | |
165 | } | |
166 | $this->_isContactActivityProfile = CRM_Core_BAO_UFField::checkContactActivityProfileType($this->_gid); | |
167 | } | |
168 | ||
169 | /** | |
170 | * Get the action links for this page. | |
171 | * | |
172 | * @return array $_actionLinks | |
173 | * | |
174 | */ | |
175 | function &actionLinks() { | |
176 | return NULL; | |
177 | } | |
178 | ||
179 | /** | |
180 | * Run the page. | |
181 | * | |
182 | * This method is called after the page is created. It checks for the | |
183 | * type of action and executes that action. | |
184 | * | |
185 | * @return void | |
186 | * @access public | |
187 | * | |
188 | */ | |
189 | function run() { | |
190 | $template = CRM_Core_Smarty::singleton(); | |
191 | if ($this->_id && $this->_gid) { | |
192 | ||
193 | // first check that id is part of the limit group id, CRM-4822 | |
194 | $limitListingsGroupsID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', | |
195 | $this->_gid, | |
196 | 'limit_listings_group_id' | |
197 | ); | |
198 | $config = CRM_Core_Config::singleton(); | |
199 | if ($limitListingsGroupsID) { | |
200 | ||
201 | if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id, | |
202 | $limitListingsGroupsID | |
203 | )) { | |
204 | CRM_Utils_System::setTitle(ts('Profile View - Permission Denied')); | |
205 | return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.'), ts('Permission Denied'), 'error'); | |
206 | } | |
207 | } | |
208 | ||
209 | $session = CRM_Core_Session::singleton(); | |
210 | $userID = $session->get('userID'); | |
211 | ||
212 | $this->_isPermissionedChecksum = FALSE; | |
213 | $permissionType = CRM_Core_Permission::VIEW; | |
214 | if ($this->_id != $userID) { | |
215 | // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 | |
216 | if ($config->userFrameworkFrontend) { | |
217 | $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE); | |
218 | } | |
219 | else { | |
220 | $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE); | |
221 | } | |
222 | } | |
223 | // CRM-10853 | |
224 | // Users with create or edit permission should be allowed to view their own profile | |
225 | if ($this->_id == $userID || $this->_isPermissionedChecksum) { | |
226 | if (!CRM_Core_Permission::check('profile view')) { | |
227 | if (CRM_Core_Permission::check('profile create') || CRM_Core_Permission::check('profile edit')) { | |
228 | $this->_skipPermission = TRUE; | |
229 | } | |
230 | } | |
231 | } | |
232 | ||
233 | // make sure we dont expose all fields based on permission | |
234 | $admin = FALSE; | |
235 | if ((!$config->userFrameworkFrontend && | |
236 | (CRM_Core_Permission::check('administer users') || | |
237 | CRM_Core_Permission::check('view all contacts') || | |
238 | CRM_Contact_BAO_Contact_Permission::allow($this->_id) | |
239 | ) | |
240 | ) || | |
241 | $this->_id == $userID || | |
242 | $this->_isPermissionedChecksum | |
243 | ) { | |
244 | $admin = TRUE; | |
245 | } | |
246 | ||
247 | $values = array(); | |
248 | $fields = CRM_Core_BAO_UFGroup::getFields($this->_profileIds, FALSE, CRM_Core_Action::VIEW, | |
249 | NULL, NULL, FALSE, $this->_restrict, | |
250 | $this->_skipPermission, NULL, | |
251 | $permissionType | |
252 | ); | |
253 | ||
254 | if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) { | |
255 | CRM_Core_BAO_UFGroup::shiftMultiRecordFields($fields, $multiRecordFields); | |
256 | $fields = $multiRecordFields; | |
257 | } | |
258 | if ($this->_isContactActivityProfile && $this->_gid) { | |
259 | $errors = CRM_Profile_Form::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid); | |
260 | if (!empty($errors)) { | |
261 | CRM_Core_Error::fatal(array_pop($errors)); | |
262 | } | |
263 | } | |
264 | ||
265 | //reformat fields array | |
266 | foreach ($fields as $name => $field) { | |
267 | // also eliminate all formatting fields | |
268 | if (CRM_Utils_Array::value('field_type', $field) == 'Formatting') { | |
269 | unset($fields[$name]); | |
270 | } | |
271 | ||
272 | // make sure that there is enough permission to expose this field | |
273 | if (!$admin && $field['visibility'] == 'User and User Admin Only') { | |
274 | unset($fields[$name]); | |
275 | } | |
276 | } | |
277 | ||
278 | if ($this->_isContactActivityProfile) { | |
279 | $contactFields = $activityFields = array(); | |
280 | ||
281 | foreach ($fields as $fieldName => $field) { | |
282 | if (CRM_Utils_Array::value('field_type', $field) == 'Activity') { | |
283 | $activityFields[$fieldName] = $field; | |
284 | } | |
285 | else { | |
286 | $contactFields[$fieldName] = $field; | |
287 | } | |
288 | } | |
289 | ||
290 | CRM_Core_BAO_UFGroup::getValues($this->_id, $contactFields, $values); | |
291 | if ($this->_activityId) { | |
292 | CRM_Core_BAO_UFGroup::getValues( | |
293 | NULL, | |
294 | $activityFields, | |
295 | $values, | |
296 | TRUE, | |
297 | array(array('activity_id', '=', $this->_activityId, 0, 0)) | |
298 | ); | |
299 | } | |
300 | } | |
301 | else { | |
302 | $customWhereClause = NULL; | |
303 | if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId) { | |
304 | if ($this->_allFields) { | |
305 | $copyFields = $fields; | |
306 | CRM_Core_BAO_UFGroup::shiftMultiRecordFields($copyFields, $multiRecordFields); | |
307 | $fieldKey = key($multiRecordFields); | |
308 | } else { | |
309 | $fieldKey = key($fields); | |
310 | } | |
311 | if ($fieldID = CRM_Core_BAO_CustomField::getKeyID($fieldKey)) { | |
312 | $tableColumnGroup = CRM_Core_BAO_CustomField::getTableColumnGroup($fieldID); | |
313 | $columnName = "{$tableColumnGroup[0]}.id"; | |
314 | $customWhereClause = $columnName . ' = ' . $this->_recordId; | |
315 | } | |
316 | } | |
317 | CRM_Core_BAO_UFGroup::getValues($this->_id, $fields, $values, TRUE, NULL, FALSE, $customWhereClause); | |
318 | } | |
319 | ||
320 | // $profileFields array can be used for customized display of field labels and values in Profile/View.tpl | |
321 | $profileFields = array(); | |
322 | $labels = array(); | |
323 | ||
324 | foreach ($fields as $name => $field) { | |
50bf705c KJ |
325 | //CRM-14338 |
326 | // Create a unique, non-empty index for each field. | |
327 | $index = $field['title']; | |
328 | if ($index === '') $index = ' '; | |
329 | while (array_key_exists($index, $labels)) | |
330 | $index .= ' '; | |
331 | ||
332 | $labels[$index] = preg_replace('/\s+|\W+/', '_', $name); | |
6a488035 TO |
333 | } |
334 | ||
335 | foreach ($values as $title => $value) { | |
336 | $profileFields[$labels[$title]] = array( | |
337 | 'label' => $title, | |
338 | 'value' => $value, | |
339 | ); | |
340 | } | |
341 | ||
342 | $template->assign_by_ref('row', $values); | |
343 | $template->assign_by_ref('profileFields', $profileFields); | |
344 | } | |
345 | ||
346 | $name = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name'); | |
46312a4d | 347 | $this->assign('ufGroupName', $name); |
a8387f19 | 348 | CRM_Utils_Hook::viewProfile($name); |
6a488035 TO |
349 | |
350 | if (strtolower($name) == 'summary_overlay') { | |
351 | $template->assign('overlayProfile', TRUE); | |
352 | } | |
353 | ||
354 | if (($this->_multiRecord & CRM_Core_Action::VIEW) && $this->_recordId && !$this->_allFields) { | |
355 | $fieldDetail = reset($fields); | |
356 | $fieldId = CRM_Core_BAO_CustomField::getKeyID($fieldDetail['name']); | |
357 | $customGroupDetails = CRM_Core_BAO_CustomGroup::getGroupTitles(array($fieldId)); | |
fcc8f207 | 358 | $multiRecTitle = $customGroupDetails[$fieldId]['groupTitle']; |
6a488035 TO |
359 | } else { |
360 | $title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title'); | |
361 | } | |
362 | ||
363 | //CRM-4131. | |
364 | $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name'); | |
365 | if ($displayName) { | |
366 | $session = CRM_Core_Session::singleton(); | |
367 | $config = CRM_Core_Config::singleton(); | |
368 | if ($session->get('userID') && | |
369 | CRM_Core_Permission::check('access CiviCRM') && | |
370 | CRM_Contact_BAO_Contact_Permission::allow($session->get('userID'), CRM_Core_Permission::VIEW) && | |
371 | !$config->userFrameworkFrontend | |
372 | ) { | |
373 | $contactViewUrl = CRM_Utils_System::url('civicrm/contact/view', "action=view&reset=1&cid={$this->_id}", TRUE); | |
374 | $this->assign('displayName', $displayName); | |
375 | $displayName = "<a href=\"$contactViewUrl\">{$displayName}</a>"; | |
376 | } | |
377 | $title .= ' - ' . $displayName; | |
378 | } | |
379 | ||
fcc8f207 | 380 | $title = isset($multiRecTitle) ? ts('View %1 Record', array(1 => $multiRecTitle)) : $title; |
6a488035 TO |
381 | CRM_Utils_System::setTitle($title); |
382 | ||
383 | // invoke the pagRun hook, CRM-3906 | |
384 | CRM_Utils_Hook::pageRun($this); | |
385 | ||
8aac22c8 | 386 | return trim($template->fetch($this->getHookedTemplateFileName())); |
6a488035 TO |
387 | } |
388 | ||
ffd93213 EM |
389 | /** |
390 | * @param string $suffix | |
391 | * | |
392 | * @return null|string | |
393 | */ | |
6a488035 TO |
394 | function checkTemplateFileExists($suffix = '') { |
395 | if ($this->_gid) { | |
396 | $templateFile = "CRM/Profile/Page/{$this->_gid}/Dynamic.{$suffix}tpl"; | |
397 | $template = CRM_Core_Page::getTemplate(); | |
398 | if ($template->template_exists($templateFile)) { | |
399 | return $templateFile; | |
400 | } | |
401 | ||
402 | // lets see if we have customized by name | |
403 | $ufGroupName = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name'); | |
404 | if ($ufGroupName) { | |
405 | $templateFile = "CRM/Profile/Page/{$ufGroupName}/Dynamic.{$suffix}tpl"; | |
406 | if ($template->template_exists($templateFile)) { | |
407 | return $templateFile; | |
408 | } | |
409 | } | |
410 | } | |
411 | return NULL; | |
412 | } | |
413 | ||
ffd93213 EM |
414 | /** |
415 | * Use the form name to create the tpl file name | |
416 | * | |
417 | * @return string | |
418 | * @access public | |
419 | */ | |
420 | /** | |
421 | * @return string | |
422 | */ | |
6a488035 TO |
423 | function getTemplateFileName() { |
424 | $fileName = $this->checkTemplateFileExists(); | |
425 | return $fileName ? $fileName : parent::getTemplateFileName(); | |
426 | } | |
427 | ||
ffd93213 EM |
428 | /** |
429 | * Default extra tpl file basically just replaces .tpl with .extra.tpl | |
430 | * i.e. we dont override | |
431 | * | |
432 | * @return string | |
433 | * @access public | |
434 | */ | |
435 | /** | |
436 | * @return string | |
437 | */ | |
6a488035 TO |
438 | function overrideExtraTemplateFileName() { |
439 | $fileName = $this->checkTemplateFileExists('extra.'); | |
440 | return $fileName ? $fileName : parent::overrideExtraTemplateFileName(); | |
441 | } | |
442 | } | |
443 |