[civicrm-core.git] / tools / extensions / org.civicrm.multisite / multisite.php

<?php

require_once 'multisite.civix.php';

/**
 * Implementation of hook_civicrm_config
 */
function multisite_civicrm_config(&$config) {
  _multisite_civix_civicrm_config($config);
}

/**
 * Implementation of hook_civicrm_xmlMenu
 *
 * @param $files array(string)
 */
function multisite_civicrm_xmlMenu(&$files) {
  _multisite_civix_civicrm_xmlMenu($files);
}

/**
 * Implementation of hook_civicrm_install
 */
function multisite_civicrm_install() {
  return _multisite_civix_civicrm_install();
}

/**
 * Implementation of hook_civicrm_uninstall
 */
function multisite_civicrm_uninstall() {
  return _multisite_civix_civicrm_uninstall();
}

/**
 * Implementation of hook_civicrm_enable
 */
function multisite_civicrm_enable() {
  return _multisite_civix_civicrm_enable();
}

/**
 * Implementation of hook_civicrm_disable
 */
function multisite_civicrm_disable() {
  return _multisite_civix_civicrm_disable();
}

/**
 * Implementation of hook_civicrm_upgrade
 *
 * @param $op string, the type of operation being performed; 'check' or 'enqueue'
 * @param $queue CRM_Queue_Queue, (for 'enqueue') the modifiable list of pending up upgrade tasks
 *
 * @return mixed  based on op. for 'check', returns array(boolean) (TRUE if upgrades are pending)
 *                for 'enqueue', returns void
 */
function multisite_civicrm_upgrade($op, CRM_Queue_Queue $queue = NULL) {
  return _multisite_civix_civicrm_upgrade($op, $queue);
}

/**
 * Implementation of hook_civicrm_managed
 *
 * Generate a list of entities to create/deactivate/delete when this module
 * is installed, disabled, uninstalled.
 */
function multisite_civicrm_managed(&$entities) {
  return _multisite_civix_civicrm_managed($entities);
}

/**
 *  * Implementation of hook_civicrm_post
 *
 * Current implemtation assumes shared user table for all sites -
 * a more sophisticated version will be able to cope with a combination of shared user tables
 * and separate user tables
 *
 * @param string $op
 * @param string $objectName
 * @param integer $objectId
 * @param object $objectRef
 */
function multisite_civicrm_post($op, $objectName, $objectId, &$objectRef) {
  if ($op == 'edit' && $objectName == 'UFMatch') {
    static $updating = FALSE;
    if ($updating) {
      return; // prevent recursion
    }
    $updating = TRUE;
    $ufs = civicrm_api('uf_match', 'get', array(
      'version' => 3,
      'contact_id' => $objectRef->contact_id,
      'uf_id' => $objectRef->uf_id,
      'id' => array(
        '!=' => $objectRef->id
      )
    ));
    foreach ($ufs['values'] as $ufMatch) {
      civicrm_api('UFMatch', 'create', array(
        'version' => 3,
        'id' => $ufMatch['id'],
        'uf_name' => $objectRef->uf_name
      ));
    }
  }
}
/**
 *
 * @param unknown_type $type
 * @param unknown_type $contactID
 * @param unknown_type $tableName
 * @param unknown_type $allGroups
 * @param unknown_type $currentGroups
 */
function multisite_civicrm_aclGroup($type, $contactID, $tableName, &$allGroups, &$currentGroups) {
  // only process saved search
  if ($tableName != 'civicrm_saved_search') {
    return;
  }
  $groupID = _multisite_get_domain_group();
  if(!$groupID){
    return;
  }
  $currentGroups = _multisite_get_all_child_groups($groupID, FALSE);
}

/**
 *
 * @param string $type
 * @param array $tables tables to be included in query
 * @param array $whereTables tables required for where portion of query
 * @param integer $contactID contact for whom where clause is being composed
 * @param string $where Where clause The completed clause will look like
 *   (multisiteGroupTable.group_id IN ("1,2,3,4,5") AND multisiteGroupTable.status IN ('Added') AND contact_a.is_deleted = 0)
 *   where the child groups are groups the contact is potentially a member of
 *
 */
function multisite_civicrm_aclWhereClause($type, &$tables, &$whereTables, &$contactID, &$where) {
  if (! $contactID) {
    return;
  }
  if(!_multisite_add_permissions($type)){
    return;
  }
  $groupID = _multisite_get_domain_group();
  if(!$groupID){
    return;
  }
  $childOrgs = _multisite_get_all_child_groups($groupID);

  if (! empty($childOrgs)) {
    $groupTable = 'civicrm_group_contact';
    $tables[$groupTable] = $whereTables[$groupTable] = "LEFT JOIN {$groupTable} multisiteGroupTable ON contact_a.id = multisiteGroupTable.contact_id";

    $where = "(multisiteGroupTable.group_id IN (" . implode(',', $childOrgs) . ") AND multisiteGroupTable.status IN ('Added') AND contact_a.is_deleted = 0)";
  }
}
/**
 *
 * @param array $permissions
 */
function multisite_civicrm_permissions(&$permissions){
  $prefix = ts('CiviCRM Multisite') . ': ';
  $permissions = $permissions + array(
    'view all contacts in domain' => $prefix . ts('view all contacts in domain'),
    'edit all contacts in domain' => $prefix . ts('edit all contacts in domain'),
  );
}

/**
 * Implementation of hook_civicrm_config
 */
function multisite_civicrm_alterSettingsFolders(&$metaDataFolders = NULL){
  _multisite_civix_civicrm_alterSettingsFolders($metaDataFolders);
}

/**
 * Get all groups that are children of the parent group
 * (iterate through all levels)
 *
 * @param integer $groupID
 * @param boolean $includeParent
 * @return array:child groups
 */
function _multisite_get_all_child_groups($groupID, $includeParent = TRUE) {
  static $_cache = array();

  if (! array_key_exists($groupID, $_cache)) {
    $childGroups = &CRM_Core_BAO_Cache::getItem('descendant groups for an org', $groupID);

    if (empty($childGroups)) {
      $childGroups = array();

      $query = "
SELECT children
FROM   civicrm_group
WHERE  children IS NOT NULL
AND    id IN ";

      if (! is_array($groupID)) {
        $groupIDs = array(
          $groupID
        );
      }

      while (! empty($groupIDs)) {
        $groupIDString = implode(',', $groupIDs);

        $realQuery = $query . " ( $groupIDString )";
        $dao = CRM_Core_DAO::executeQuery($realQuery);
        $groupIDs = array();
        while ($dao->fetch()) {
          if ($dao->children) {
            $childIDs = explode(',', $dao->children);
            foreach ($childIDs as $childID) {
              if (! array_key_exists($childID, $childGroups)) {
                $childGroups[$childID] = 1;
                $groupIDs[] = $childID;
              }
            }
          }
        }
      }

      CRM_Core_BAO_Cache::setItem($childGroups, 'descendant groups for an org', $groupID);
    }
    $_cache[$groupID] = $childGroups;
  }

  if ($includeParent || CRM_Core_Permission::check('administer Multiple Organizations')) {
    return array_keys(array(
      $groupID => 1
    ) + $_cache[$groupID]);
  }
  else {
    return array_keys($_cache[$groupID]);
  }
}

/**
 *
 * @param int $permission
 *
 * @return NULL|integer $groupID
 */
function _multisite_get_domain_group($permission = 1) {
    $groupID = CRM_Core_BAO_Domain::getGroupId();
    if(empty($groupID) || !is_numeric($groupID)){
      /* domain group not defined - we could let people know but
       * it is acceptable for some domains not to be in the multisite
      * so should probably check enabled before we spring an error
      */
      return NULL;
    }
    // We will check for the possiblility of the acl_enabled setting being deliberately set to 0
    if($permission){
     $aclsEnabled = civicrm_api('setting', 'getvalue', array(
      'version' => 3,
      'name' => 'multisite_acl_enabled',
      'group' => 'Multi Site Preferences')
     );
     if(is_numeric($aclsEnabled) && !$aclsEnabled){
       return NULL;
     }
    }

    return $groupID;
  }

/**
 * Should we be adding ACLs in this instance. If we don't add them the user
 * will not be able to see anything. We check if the install has the permissions
 * hook implemented correctly & if so only allow view & edit based on those.
 *
 * Otherwise all users get these permissions added (4.2 vs 4.3 / other CMS issues)
 *
 * @param integer $type type of operation
 *
 * @return bool
 */
  function _multisite_add_permissions($type){
    $hookclass = 'CRM_Utils_Hook';
    if(!method_exists($hookclass, 'permissions')){
      // ie. unpatched 4.2 so we can't check for extra declared permissions
      // & default to applying this to all
      return TRUE;
    }
    // extra check to make sure that hook is properly implemented
    // if not we won't check for it. NB view all contacts in domain is enough checking
    $declaredPermissions = CRM_Core_Permission::getCorePermissions();
    if(!array_key_exists('view all contacts in domain', $declaredPermissions)){
      drupal_set_message('here');
      return TRUE;
    }

    if(CRM_ACL_BAO_ACL::matchType($type, 'View') &&
      CRM_Core_Permission::check('view all contacts in domain')) {
      return TRUE;
    }

    if(CRM_ACL_BAO_ACL::matchType($type, 'Edit') &&
      CRM_Core_Permission::check('edit all contacts in domain')) {
      return TRUE;
    }
    return FALSE;
  }
Commit	Line	Data
6a488035 TO	1	<?php
	2
	3	require_once 'multisite.civix.php';
	4
	5	/**
	6	* Implementation of hook_civicrm_config
	7	*/
	8	function multisite_civicrm_config(&$config) {
	9	_multisite_civix_civicrm_config($config);
	10	}
	11
	12	/**
	13	* Implementation of hook_civicrm_xmlMenu
	14	*
	15	* @param $files array(string)
	16	*/
	17	function multisite_civicrm_xmlMenu(&$files) {
	18	_multisite_civix_civicrm_xmlMenu($files);
	19	}
	20
	21	/**
	22	* Implementation of hook_civicrm_install
	23	*/
	24	function multisite_civicrm_install() {
	25	return _multisite_civix_civicrm_install();
	26	}
	27
	28	/**
	29	* Implementation of hook_civicrm_uninstall
	30	*/
	31	function multisite_civicrm_uninstall() {
	32	return _multisite_civix_civicrm_uninstall();
	33	}
	34
	35	/**
	36	* Implementation of hook_civicrm_enable
	37	*/
	38	function multisite_civicrm_enable() {
	39	return _multisite_civix_civicrm_enable();
	40	}
	41
	42	/**
	43	* Implementation of hook_civicrm_disable
	44	*/
	45	function multisite_civicrm_disable() {
	46	return _multisite_civix_civicrm_disable();
	47	}
	48
	49	/**
	50	* Implementation of hook_civicrm_upgrade
	51	*
	52	* @param $op string, the type of operation being performed; 'check' or 'enqueue'
	53	* @param $queue CRM_Queue_Queue, (for 'enqueue') the modifiable list of pending up upgrade tasks
	54	*
	55	* @return mixed based on op. for 'check', returns array(boolean) (TRUE if upgrades are pending)
	56	* for 'enqueue', returns void
	57	*/
	58	function multisite_civicrm_upgrade($op, CRM_Queue_Queue $queue = NULL) {
	59	return _multisite_civix_civicrm_upgrade($op, $queue);
	60	}
	61
	62	/**
	63	* Implementation of hook_civicrm_managed
	64	*
65	* Generate a list of entities to create/deactivate/delete when this module
66	* is installed, disabled, uninstalled.
67	*/
68	function multisite_civicrm_managed(&$entities) {
69	return _multisite_civix_civicrm_managed($entities);
70	}
71
72	/**
73	* * Implementation of hook_civicrm_post
74	*
75	* Current implemtation assumes shared user table for all sites -
76	* a more sophisticated version will be able to cope with a combination of shared user tables
77	* and separate user tables
78	*
79	* @param string $op
80	* @param string $objectName
81	* @param integer $objectId
82	* @param object $objectRef
83	*/
84	function multisite_civicrm_post($op, $objectName, $objectId, &$objectRef) {
85	if ($op == 'edit' && $objectName == 'UFMatch') {
86	static $updating = FALSE;
87	if ($updating) {
88	return; // prevent recursion
89	}
90	$updating = TRUE;
91	$ufs = civicrm_api('uf_match', 'get', array(
92	'version' => 3,
93	'contact_id' => $objectRef->contact_id,
94	'uf_id' => $objectRef->uf_id,
95	'id' => array(
96	'!=' => $objectRef->id
97	)
98	));
99	foreach ($ufs['values'] as $ufMatch) {
100	civicrm_api('UFMatch', 'create', array(
101	'version' => 3,
102	'id' => $ufMatch['id'],
103	'uf_name' => $objectRef->uf_name
104	));
105	}
106	}
107	}
108	/**
109	*
110	* @param unknown_type $type
111	* @param unknown_type $contactID
112	* @param unknown_type $tableName
113	* @param unknown_type $allGroups
114	* @param unknown_type $currentGroups
115	*/
116	function multisite_civicrm_aclGroup($type, $contactID, $tableName, &$allGroups, &$currentGroups) {
117	// only process saved search
118	if ($tableName != 'civicrm_saved_search') {
119	return;
120	}
121	$groupID = _multisite_get_domain_group();
122	if(!$groupID){
123	return;
124	}
125	$currentGroups = _multisite_get_all_child_groups($groupID, FALSE);
126	}
127
128	/**
129	*
130	* @param string $type
131	* @param array $tables tables to be included in query
132	* @param array $whereTables tables required for where portion of query
133	* @param integer $contactID contact for whom where clause is being composed
134	* @param string $where Where clause The completed clause will look like
135	* (multisiteGroupTable.group_id IN ("1,2,3,4,5") AND multisiteGroupTable.status IN ('Added') AND contact_a.is_deleted = 0)
136	* where the child groups are groups the contact is potentially a member of
137	*
138	*/
139	function multisite_civicrm_aclWhereClause($type, &$tables, &$whereTables, &$contactID, &$where) {
140	if (! $contactID) {
141	return;
142	}
143	if(!_multisite_add_permissions($type)){
144	return;
145	}
146	$groupID = _multisite_get_domain_group();
147	if(!$groupID){
148	return;
149	}
150	$childOrgs = _multisite_get_all_child_groups($groupID);
151
152	if (! empty($childOrgs)) {
153	$groupTable = 'civicrm_group_contact';
154	$tables[$groupTable] = $whereTables[$groupTable] = "LEFT JOIN {$groupTable} multisiteGroupTable ON contact_a.id = multisiteGroupTable.contact_id";
155
156	$where = "(multisiteGroupTable.group_id IN (" . implode(',', $childOrgs) . ") AND multisiteGroupTable.status IN ('Added') AND contact_a.is_deleted = 0)";
157	}
158	}
159	/**
160	*
161	* @param array $permissions
162	*/
163	function multisite_civicrm_permissions(&$permissions){
164	$prefix = ts('CiviCRM Multisite') . ': ';
165	$permissions = $permissions + array(
166	'view all contacts in domain' => $prefix . ts('view all contacts in domain'),
167	'edit all contacts in domain' => $prefix . ts('edit all contacts in domain'),
168	);
169	}
170
171	/**
172	* Implementation of hook_civicrm_config
173	*/
174	function multisite_civicrm_alterSettingsFolders(&$metaDataFolders = NULL){
175	_multisite_civix_civicrm_alterSettingsFolders($metaDataFolders);
176	}
177
178	/**
179	* Get all groups that are children of the parent group
180	* (iterate through all levels)
181	*
182	* @param integer $groupID
183	* @param boolean $includeParent
184	* @return array:child groups
185	*/
186	function _multisite_get_all_child_groups($groupID, $includeParent = TRUE) {
187	static $_cache = array();
188
189	if (! array_key_exists($groupID, $_cache)) {
190	$childGroups = &CRM_Core_BAO_Cache::getItem('descendant groups for an org', $groupID);
191
192	if (empty($childGroups)) {
193	$childGroups = array();
194
195	$query = "
196	SELECT children
197	FROM civicrm_group
198	WHERE children IS NOT NULL
199	AND id IN ";
200
201	if (! is_array($groupID)) {
202	$groupIDs = array(
203	$groupID
204	);
205	}
206
207	while (! empty($groupIDs)) {
208	$groupIDString = implode(',', $groupIDs);
209
210	$realQuery = $query . " ( $groupIDString )";
211	$dao = CRM_Core_DAO::executeQuery($realQuery);
212	$groupIDs = array();
213	while ($dao->fetch()) {
214	if ($dao->children) {
215	$childIDs = explode(',', $dao->children);
216	foreach ($childIDs as $childID) {
217	if (! array_key_exists($childID, $childGroups)) {
218	$childGroups[$childID] = 1;
219	$groupIDs[] = $childID;
220	}
221	}
222	}
223	}
224	}
225
226	CRM_Core_BAO_Cache::setItem($childGroups, 'descendant groups for an org', $groupID);
227	}
228	$_cache[$groupID] = $childGroups;
229	}
230
231	if ($includeParent \|\| CRM_Core_Permission::check('administer Multiple Organizations')) {
232	return array_keys(array(
233	$groupID => 1
234	) + $_cache[$groupID]);
235	}
236	else {
237	return array_keys($_cache[$groupID]);
238	}
239	}
240
241	/**
2a6da8d7 EM	242	*
2a6da8d7 EM	243	* @param int $permission
6a488035 TO	244	*
	245	* @return NULL\|integer $groupID
	246	*/
	247	function _multisite_get_domain_group($permission = 1) {
	248	$groupID = CRM_Core_BAO_Domain::getGroupId();
	249	if(empty($groupID) \|\| !is_numeric($groupID)){
	250	/* domain group not defined - we could let people know but
	251	* it is acceptable for some domains not to be in the multisite
	252	* so should probably check enabled before we spring an error
	253	*/
	254	return NULL;
	255	}
	256	// We will check for the possiblility of the acl_enabled setting being deliberately set to 0
	257	if($permission){
	258	$aclsEnabled = civicrm_api('setting', 'getvalue', array(
	259	'version' => 3,
	260	'name' => 'multisite_acl_enabled',
	261	'group' => 'Multi Site Preferences')
	262	);
	263	if(is_numeric($aclsEnabled) && !$aclsEnabled){
	264	return NULL;
	265	}
	266	}
	267
	268	return $groupID;
	269	}
	270
8deefe64 EM	271	/**
	272	* Should we be adding ACLs in this instance. If we don't add them the user
	273	* will not be able to see anything. We check if the install has the permissions
	274	* hook implemented correctly & if so only allow view & edit based on those.
	275	*
	276	* Otherwise all users get these permissions added (4.2 vs 4.3 / other CMS issues)
	277	*
	278	* @param integer $type type of operation
	279	*
	280	* @return bool
	281	*/
6a488035 TO	282	function _multisite_add_permissions($type){
	283	$hookclass = 'CRM_Utils_Hook';
	284	if(!method_exists($hookclass, 'permissions')){
	285	// ie. unpatched 4.2 so we can't check for extra declared permissions
	286	// & default to applying this to all
	287	return TRUE;
	288	}
	289	// extra check to make sure that hook is properly implemented
	290	// if not we won't check for it. NB view all contacts in domain is enough checking
	291	$declaredPermissions = CRM_Core_Permission::getCorePermissions();
	292	if(!array_key_exists('view all contacts in domain', $declaredPermissions)){
	293	drupal_set_message('here');
	294	return TRUE;
	295	}
	296
	297	if(CRM_ACL_BAO_ACL::matchType($type, 'View') &&
	298	CRM_Core_Permission::check('view all contacts in domain')) {
	299	return TRUE;
	300	}
	301
	302	if(CRM_ACL_BAO_ACL::matchType($type, 'Edit') &&
	303	CRM_Core_Permission::check('edit all contacts in domain')) {
	304	return TRUE;
	305	}
	306	return FALSE;
	307	}
	308