projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #4773 from civicrm/version-fix
[civicrm-core.git] / CRM / Profile / Page / Dynamic.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2014 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 *
30 * @package CRM
31 * @copyright CiviCRM LLC (c) 2004-2014
32 * $Id$
33 *
34 */
35
36 /**
37 * Create a page for displaying CiviCRM Profile Fields.
38 *
39 * Heart of this class is the run method which checks
40 * for action type and then displays the appropriate
41 * page.
42 *
43 */
44 class CRM_Profile_Page_Dynamic extends CRM_Core_Page {
45
46 /**
47 * The contact id of the person we are viewing
48 *
49 * @var int
50 * @access protected
51 */
52 protected $_id;
53
54 /**
55 * The profile group are are interested in
56 *
57 * @var int
58 * @access protected
59 */
60 protected $_gid;
61
62 /**
63 * The profile types we restrict this page to display
64 *
65 * @var string
66 * @access protected
67 */
68 protected $_restrict;
69
70 /**
71 * Should we bypass permissions
72 *
73 * @var boolean
74 * @access protected
75 */
76 protected $_skipPermission;
77
78 /**
79 * Store profile ids if multiple profile ids are passed using comma separated.
80 * Currently lets implement this functionality only for dialog mode
81 */
82 protected $_profileIds = array();
83
84 /**
85 * Contact profile having activity fields?
86 *
87 * @var string
88 */
89 protected $_isContactActivityProfile = FALSE;
90
91 /**
92 * Activity Id connected to the profile
93 *
94 * @var string
95 */
96 protected $_activityId = NULL;
97
98 protected $_multiRecord = NULL;
99
100 protected $_recordId = NULL;
101
102 /*
103 * fetch multirecord as well as non-multirecord fields
104 */
105 protected $_allFields = NULL;
106
107 /**
108 * Class constructor
109 *
110 * @param int $id the contact id
111 * @param int $gid the group id
112 *
113 * @param $restrict
114 * @param bool $skipPermission
115 * @param null $profileIds
116 *
117 * @return \CRM_Profile_Page_Dynamic
118 * @access public
119 */
120 function __construct($id, $gid, $restrict, $skipPermission = FALSE, $profileIds = NULL) {
121 parent::__construct();
122
123 $this->_id = $id;
124 $this->_gid = $gid;
125 $this->_restrict = $restrict;
126 $this->_skipPermission = $skipPermission;
127
128 if (!array_key_exists('multiRecord', $_GET)) {
129 $this->set('multiRecord', NULL);
130 }
131 if (!array_key_exists('recordId', $_GET)) {
132 $this->set('recordId', NULL);
133 }
134 if (!array_key_exists('allFields', $_GET)) {
135 $this->set('allFields', NULL);
136 }
137
138 //specifies the action being done on a multi record field
139 $multiRecordAction = CRM_Utils_Request::retrieve('multiRecord', 'String', $this);
140
141 $this->_multiRecord = (!is_numeric($multiRecordAction)) ?
142 CRM_Core_Action::resolve($multiRecordAction) : $multiRecordAction;
143 if ($this->_multiRecord) {
144 $this->set('multiRecord', $this->_multiRecord);
145 }
146
147 if ($this->_multiRecord & CRM_Core_Action::VIEW) {
148 $this->_recordId = CRM_Utils_Request::retrieve('recordId', 'Positive', $this);
149 $this->_allFields = CRM_Utils_Request::retrieve('allFields', 'Integer', $this);
150 }
151
152 if ($profileIds) {
153 $this->_profileIds = $profileIds;
154 }
155 else {
156 $this->_profileIds = array($gid);
157 }
158
159 $this->_activityId = CRM_Utils_Request::retrieve('aid', 'Positive', $this, FALSE, 0, 'GET');
160 if (is_numeric($this->_activityId)) {
161 $latestRevisionId = CRM_Activity_BAO_Activity::getLatestActivityId($this->_activityId);
162 if ($latestRevisionId) {
163 $this->_activityId = $latestRevisionId;
164 }
165 }
166 $this->_isContactActivityProfile = CRM_Core_BAO_UFField::checkContactActivityProfileType($this->_gid);
167 }
168
169 /**
170 * Get the action links for this page.
171 *
172 * @return array $_actionLinks
173 *
174 */
175 function &actionLinks() {
176 return NULL;
177 }
178
179 /**
180 * Run the page.
181 *
182 * This method is called after the page is created. It checks for the
183 * type of action and executes that action.
184 *
185 * @return void
186 * @access public
187 *
188 */
189 function run() {
190 $template = CRM_Core_Smarty::singleton();
191 if ($this->_id && $this->_gid) {
192
193 // first check that id is part of the limit group id, CRM-4822
194 $limitListingsGroupsID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup',
195 $this->_gid,
196 'limit_listings_group_id'
197 );
198 $config = CRM_Core_Config::singleton();
199 if ($limitListingsGroupsID) {
200
201 if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id,
202 $limitListingsGroupsID
203 )) {
204 CRM_Utils_System::setTitle(ts('Profile View - Permission Denied'));
205 return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.'), ts('Permission Denied'), 'error');
206 }
207 }
208
209 $session = CRM_Core_Session::singleton();
210 $userID = $session->get('userID');
211
212 $this->_isPermissionedChecksum = FALSE;
213 $permissionType = CRM_Core_Permission::VIEW;
214 if ($this->_id != $userID) {
215 // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
216 if ($config->userFrameworkFrontend) {
217 $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE);
218 }
219 else {
220 $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE);
221 }
222 }
223 // CRM-10853
224 // Users with create or edit permission should be allowed to view their own profile
225 if ($this->_id == $userID || $this->_isPermissionedChecksum) {
226 if (!CRM_Core_Permission::check('profile view')) {
227 if (CRM_Core_Permission::check('profile create') || CRM_Core_Permission::check('profile edit')) {
228 $this->_skipPermission = TRUE;
229 }
230 }
231 }
232
233 // make sure we dont expose all fields based on permission
234 $admin = FALSE;
235 if ((!$config->userFrameworkFrontend &&
236 (CRM_Core_Permission::check('administer users') ||
237 CRM_Core_Permission::check('view all contacts') ||
238 CRM_Contact_BAO_Contact_Permission::allow($this->_id)
239 )
240 ) ||
241 $this->_id == $userID ||
242 $this->_isPermissionedChecksum
243 ) {
244 $admin = TRUE;
245 }
246
247 $values = array();
248 $fields = CRM_Core_BAO_UFGroup::getFields($this->_profileIds, FALSE, CRM_Core_Action::VIEW,
249 NULL, NULL, FALSE, $this->_restrict,
250 $this->_skipPermission, NULL,
251 $permissionType
252 );
253
254 if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) {
255 CRM_Core_BAO_UFGroup::shiftMultiRecordFields($fields, $multiRecordFields);
256 $fields = $multiRecordFields;
257 }
258 if ($this->_isContactActivityProfile && $this->_gid) {
259 $errors = CRM_Profile_Form::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid);
260 if (!empty($errors)) {
261 CRM_Core_Error::fatal(array_pop($errors));
262 }
263 }
264
265 //reformat fields array
266 foreach ($fields as $name => $field) {
267 // also eliminate all formatting fields
268 if (CRM_Utils_Array::value('field_type', $field) == 'Formatting') {
269 unset($fields[$name]);
270 }
271
272 // make sure that there is enough permission to expose this field
273 if (!$admin && $field['visibility'] == 'User and User Admin Only') {
274 unset($fields[$name]);
275 }
276 }
277
278 if ($this->_isContactActivityProfile) {
279 $contactFields = $activityFields = array();
280
281 foreach ($fields as $fieldName => $field) {
282 if (CRM_Utils_Array::value('field_type', $field) == 'Activity') {
283 $activityFields[$fieldName] = $field;
284 }
285 else {
286 $contactFields[$fieldName] = $field;
287 }
288 }
289
290 CRM_Core_BAO_UFGroup::getValues($this->_id, $contactFields, $values);
291 if ($this->_activityId) {
292 CRM_Core_BAO_UFGroup::getValues(
293 NULL,
294 $activityFields,
295 $values,
296 TRUE,
297 array(array('activity_id', '=', $this->_activityId, 0, 0))
298 );
299 }
300 }
301 else {
302 $customWhereClause = NULL;
303 if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId) {
304 if ($this->_allFields) {
305 $copyFields = $fields;
306 CRM_Core_BAO_UFGroup::shiftMultiRecordFields($copyFields, $multiRecordFields);
307 $fieldKey = key($multiRecordFields);
308 } else {
309 $fieldKey = key($fields);
310 }
311 if ($fieldID = CRM_Core_BAO_CustomField::getKeyID($fieldKey)) {
312 $tableColumnGroup = CRM_Core_BAO_CustomField::getTableColumnGroup($fieldID);
313 $columnName = "{$tableColumnGroup[0]}.id";
314 $customWhereClause = $columnName . ' = ' . $this->_recordId;
315 }
316 }
317 CRM_Core_BAO_UFGroup::getValues($this->_id, $fields, $values, TRUE, NULL, FALSE, $customWhereClause);
318 }
319
320 // $profileFields array can be used for customized display of field labels and values in Profile/View.tpl
321 $profileFields = array();
322 $labels = array();
323
324 foreach ($fields as $name => $field) {
325 //CRM-14338
326 // Create a unique, non-empty index for each field.
327 $index = $field['title'];
328 if ($index === '') $index = ' ';
329 while (array_key_exists($index, $labels))
330 $index .= ' ';
331
332 $labels[$index] = preg_replace('/\s+|\W+/', '_', $name);
333 }
334
335 foreach ($values as $title => $value) {
336 $profileFields[$labels[$title]] = array(
337 'label' => $title,
338 'value' => $value,
339 );
340 }
341
342 $template->assign_by_ref('row', $values);
343 $template->assign_by_ref('profileFields', $profileFields);
344 }
345
346 $name = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name');
347 $this->assign('ufGroupName', $name);
348 CRM_Utils_Hook::viewProfile($name);
349
350 if (strtolower($name) == 'summary_overlay') {
351 $template->assign('overlayProfile', TRUE);
352 }
353
354 if (($this->_multiRecord & CRM_Core_Action::VIEW) && $this->_recordId && !$this->_allFields) {
355 $fieldDetail = reset($fields);
356 $fieldId = CRM_Core_BAO_CustomField::getKeyID($fieldDetail['name']);
357 $customGroupDetails = CRM_Core_BAO_CustomGroup::getGroupTitles(array($fieldId));
358 $multiRecTitle = $customGroupDetails[$fieldId]['groupTitle'];
359 } else {
360 $title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title');
361 }
362
363 //CRM-4131.
364 $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name');
365 if ($displayName) {
366 $session = CRM_Core_Session::singleton();
367 $config = CRM_Core_Config::singleton();
368 if ($session->get('userID') &&
369 CRM_Core_Permission::check('access CiviCRM') &&
370 CRM_Contact_BAO_Contact_Permission::allow($session->get('userID'), CRM_Core_Permission::VIEW) &&
371 !$config->userFrameworkFrontend
372 ) {
373 $contactViewUrl = CRM_Utils_System::url('civicrm/contact/view', "action=view&reset=1&cid={$this->_id}", TRUE);
374 $this->assign('displayName', $displayName);
375 $displayName = "<a href=\"$contactViewUrl\">{$displayName}</a>";
376 }
377 $title .= ' - ' . $displayName;
378 }
379
380 $title = isset($multiRecTitle) ? ts('View %1 Record', array(1 => $multiRecTitle)) : $title;
381 CRM_Utils_System::setTitle($title);
382
383 // invoke the pagRun hook, CRM-3906
384 CRM_Utils_Hook::pageRun($this);
385
386 return trim($template->fetch($this->getHookedTemplateFileName()));
387 }
388
389 /**
390 * @param string $suffix
391 *
392 * @return null|string
393 */
394 function checkTemplateFileExists($suffix = '') {
395 if ($this->_gid) {
396 $templateFile = "CRM/Profile/Page/{$this->_gid}/Dynamic.{$suffix}tpl";
397 $template = CRM_Core_Page::getTemplate();
398 if ($template->template_exists($templateFile)) {
399 return $templateFile;
400 }
401
402 // lets see if we have customized by name
403 $ufGroupName = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name');
404 if ($ufGroupName) {
405 $templateFile = "CRM/Profile/Page/{$ufGroupName}/Dynamic.{$suffix}tpl";
406 if ($template->template_exists($templateFile)) {
407 return $templateFile;
408 }
409 }
410 }
411 return NULL;
412 }
413
414 /**
415 * Use the form name to create the tpl file name
416 *
417 * @return string
418 * @access public
419 */
420 /**
421 * @return string
422 */
423 function getTemplateFileName() {
424 $fileName = $this->checkTemplateFileExists();
425 return $fileName ? $fileName : parent::getTemplateFileName();
426 }
427
428 /**
429 * Default extra tpl file basically just replaces .tpl with .extra.tpl
430 * i.e. we dont override
431 *
432 * @return string
433 * @access public
434 */
435 /**
436 * @return string
437 */
438 function overrideExtraTemplateFileName() {
439 $fileName = $this->checkTemplateFileExists('extra.');
440 return $fileName ? $fileName : parent::overrideExtraTemplateFileName();
441 }
442 }
443