3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.3 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2013 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
31 * @copyright CiviCRM LLC (c) 2004-2013
39 class CRM_Core_Permission_DrupalBase
extends CRM_Core_Permission_Base
{
42 * is this user someone with access for the entire system
46 protected $_viewAdminUser = FALSE;
47 protected $_editAdminUser = FALSE;
50 * am in in view permission or edit permission?
53 protected $_viewPermission = FALSE;
54 protected $_editPermission = FALSE;
57 * the current set of permissioned groups for the user
61 protected $_viewPermissionedGroups;
62 protected $_editPermissionedGroups;
65 * Get all groups from database, filtered by permissions
68 * @param string $groupType type of group(Access/Mailing)
69 * @param boolen $excludeHidden exclude hidden groups.
73 * @return array - array reference of all groups.
76 public function group($groupType = NULL, $excludeHidden = TRUE) {
77 if (!isset($this->_viewPermissionedGroups
)) {
78 $this->_viewPermissionedGroups
= $this->_editPermissionedGroups
= array();
81 $groupKey = $groupType ?
$groupType : 'all';
83 if (!isset($this->_viewPermissionedGroups
[$groupKey])) {
84 $this->_viewPermissionedGroups
[$groupKey] = $this->_editPermissionedGroups
[$groupKey] = array();
86 $groups = CRM_Core_PseudoConstant
::allGroup($groupType, $excludeHidden);
88 if ($this->check('edit all contacts')) {
89 // this is the most powerful permission, so we return
90 // immediately rather than dilute it further
91 $this->_editAdminUser
= $this->_viewAdminUser
= TRUE;
92 $this->_editPermission
= $this->_viewPermission
= TRUE;
93 $this->_editPermissionedGroups
[$groupKey] = $groups;
94 $this->_viewPermissionedGroups
[$groupKey] = $groups;
95 return $this->_viewPermissionedGroups
[$groupKey];
97 elseif ($this->check('view all contacts')) {
98 $this->_viewAdminUser
= TRUE;
99 $this->_viewPermission
= TRUE;
100 $this->_viewPermissionedGroups
[$groupKey] = $groups;
104 $ids = CRM_ACL_API
::group(CRM_Core_Permission
::VIEW
, NULL, 'civicrm_saved_search', $groups);
105 foreach (array_values($ids) as $id) {
106 $title = CRM_Core_DAO
::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
107 $this->_viewPermissionedGroups
[$groupKey][$id] = $title;
108 $this->_viewPermission
= TRUE;
111 $ids = CRM_ACL_API
::group(CRM_Core_Permission
::EDIT
, NULL, 'civicrm_saved_search', $groups);
112 foreach (array_values($ids) as $id) {
113 $title = CRM_Core_DAO
::getFieldValue('CRM_Contact_DAO_Group', $id, 'title');
114 $this->_editPermissionedGroups
[$groupKey][$id] = $title;
115 $this->_viewPermissionedGroups
[$groupKey][$id] = $title;
116 $this->_editPermission
= TRUE;
117 $this->_viewPermission
= TRUE;
121 return $this->_viewPermissionedGroups
[$groupKey];
124 * Get group clause for this user
126 * @param int $type the type of permission needed
127 * @param array $tables (reference ) add the tables that are needed for the select clause
128 * @param array $whereTables (reference ) add the tables that are needed for the where clause
130 * @return string the group where clause for this user
133 public function groupClause($type, &$tables, &$whereTables) {
134 if (!isset($this->_viewPermissionedGroups
)) {
138 // we basically get all the groups here
140 if ($type == CRM_Core_Permission
::EDIT
) {
141 if ($this->_editAdminUser
) {
144 elseif (empty($this->_editPermissionedGroups
[$groupKey])) {
149 $groups = implode(', ', $this->_editPermissionedGroups
[$groupKey]);
150 $clauses[] = ' ( civicrm_group_contact.group_id IN ( ' . implode(', ', array_keys($this->_editPermissionedGroups
[$groupKey])) . " ) AND civicrm_group_contact.status = 'Added' ) ";
151 $tables['civicrm_group_contact'] = 1;
152 $whereTables['civicrm_group_contact'] = 1;
154 // foreach group that is potentially a saved search, add the saved search clause
155 foreach (array_keys($this->_editPermissionedGroups
[$groupKey]) as $id) {
156 $group = new CRM_Contact_DAO_Group();
158 if ($group->find(TRUE) && $group->saved_search_id
) {
159 $clause = CRM_Contact_BAO_SavedSearch
::whereClause($group->saved_search_id
,
164 $clauses[] = $clause;
168 $clause = ' ( ' . implode(' OR ', $clauses) . ' ) ';
172 if ($this->_viewAdminUser
) {
175 elseif (empty($this->_viewPermissionedGroups
[$groupKey])) {
180 $groups = implode(', ', $this->_viewPermissionedGroups
[$groupKey]);
181 $clauses[] = ' ( civicrm_group_contact.group_id IN (' . implode(', ', array_keys($this->_viewPermissionedGroups
[$groupKey])) . " ) AND civicrm_group_contact.status = 'Added' ) ";
182 $tables['civicrm_group_contact'] = 1;
183 $whereTables['civicrm_group_contact'] = 1;
184 $clause = ' ( ' . implode(' OR ', $clauses) . ' ) ';
192 * get the current permission of this user
194 * @return string the permission of the user (edit or view or null)
196 public function getPermission() {
199 if ($this->_editPermission
) {
200 return CRM_Core_Permission
::EDIT
;
202 elseif ($this->_viewPermission
) {
203 return CRM_Core_Permission
::VIEW
;
209 * given a permission string, check for access requirements
211 * @param string $str the permission to check
213 * @return boolean true if yes, else false
216 function check($str, $contactID = NULL) {
217 if (function_exists('user_access')) {
218 return user_access($str) ?
TRUE : FALSE;
223 function getContactEmails($uids) {
227 $uidString = implode(',', $uids);
230 FROM civicrm_contact c
231 INNER JOIN civicrm_email e ON ( c.id = e.contact_id AND e.is_primary = 1 )
232 INNER JOIN civicrm_uf_match uf ON ( c.id = uf.contact_id )
233 WHERE c.is_deceased = 0
235 AND uf.uf_id IN ( $uidString )
238 $dao = CRM_Core_DAO
::executeQuery($sql);
241 while ($dao->fetch()) {
242 $emails[] = $dao->email
;
245 return implode(', ', $emails);