projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #4607 from samuelsov/CRM-15637
[civicrm-core.git] / CRM / Profile / Page / Dynamic.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2014 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 *
30 * @package CRM
31 * @copyright CiviCRM LLC (c) 2004-2014
32 * $Id$
33 *
34 */
35
36 /**
37 * Create a page for displaying CiviCRM Profile Fields.
38 *
39 * Heart of this class is the run method which checks
40 * for action type and then displays the appropriate
41 * page.
42 *
43 */
44 class CRM_Profile_Page_Dynamic extends CRM_Core_Page {
45
46 /**
47 * The contact id of the person we are viewing
48 *
49 * @var int
50 */
51 protected $_id;
52
53 /**
54 * The profile group are are interested in
55 *
56 * @var int
57 */
58 protected $_gid;
59
60 /**
61 * The profile types we restrict this page to display
62 *
63 * @var string
64 */
65 protected $_restrict;
66
67 /**
68 * Should we bypass permissions
69 *
70 * @var boolean
71 */
72 protected $_skipPermission;
73
74 /**
75 * Store profile ids if multiple profile ids are passed using comma separated.
76 * Currently lets implement this functionality only for dialog mode
77 */
78 protected $_profileIds = array();
79
80 /**
81 * Contact profile having activity fields?
82 *
83 * @var string
84 */
85 protected $_isContactActivityProfile = FALSE;
86
87 /**
88 * Activity Id connected to the profile
89 *
90 * @var string
91 */
92 protected $_activityId = NULL;
93
94 protected $_multiRecord = NULL;
95
96 protected $_recordId = NULL;
97
98 /*
99 * fetch multirecord as well as non-multirecord fields
100 */
101 protected $_allFields = NULL;
102
103 /**
104 * Class constructor
105 *
106 * @param int $id the contact id
107 * @param int $gid the group id
108 *
109 * @param $restrict
110 * @param bool $skipPermission
111 * @param null $profileIds
112 *
113 * @return \CRM_Profile_Page_Dynamic
114 */
115 public function __construct($id, $gid, $restrict, $skipPermission = FALSE, $profileIds = NULL) {
116 parent::__construct();
117
118 $this->_id = $id;
119 $this->_gid = $gid;
120 $this->_restrict = $restrict;
121 $this->_skipPermission = $skipPermission;
122
123 if (!array_key_exists('multiRecord', $_GET)) {
124 $this->set('multiRecord', NULL);
125 }
126 if (!array_key_exists('recordId', $_GET)) {
127 $this->set('recordId', NULL);
128 }
129 if (!array_key_exists('allFields', $_GET)) {
130 $this->set('allFields', NULL);
131 }
132
133 //specifies the action being done on a multi record field
134 $multiRecordAction = CRM_Utils_Request::retrieve('multiRecord', 'String', $this);
135
136 $this->_multiRecord = (!is_numeric($multiRecordAction)) ?
137 CRM_Core_Action::resolve($multiRecordAction) : $multiRecordAction;
138 if ($this->_multiRecord) {
139 $this->set('multiRecord', $this->_multiRecord);
140 }
141
142 if ($this->_multiRecord & CRM_Core_Action::VIEW) {
143 $this->_recordId = CRM_Utils_Request::retrieve('recordId', 'Positive', $this);
144 $this->_allFields = CRM_Utils_Request::retrieve('allFields', 'Integer', $this);
145 }
146
147 if ($profileIds) {
148 $this->_profileIds = $profileIds;
149 }
150 else {
151 $this->_profileIds = array($gid);
152 }
153
154 $this->_activityId = CRM_Utils_Request::retrieve('aid', 'Positive', $this, FALSE, 0, 'GET');
155 if (is_numeric($this->_activityId)) {
156 $latestRevisionId = CRM_Activity_BAO_Activity::getLatestActivityId($this->_activityId);
157 if ($latestRevisionId) {
158 $this->_activityId = $latestRevisionId;
159 }
160 }
161 $this->_isContactActivityProfile = CRM_Core_BAO_UFField::checkContactActivityProfileType($this->_gid);
162 }
163
164 /**
165 * Get the action links for this page.
166 *
167 * @return array $_actionLinks
168 *
169 */
170 public function &actionLinks() {
171 return NULL;
172 }
173
174 /**
175 * Run the page.
176 *
177 * This method is called after the page is created. It checks for the
178 * type of action and executes that action.
179 *
180 * @return void
181 *
182 */
183 public function run() {
184 $template = CRM_Core_Smarty::singleton();
185 if ($this->_id && $this->_gid) {
186
187 // first check that id is part of the limit group id, CRM-4822
188 $limitListingsGroupsID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup',
189 $this->_gid,
190 'limit_listings_group_id'
191 );
192 $config = CRM_Core_Config::singleton();
193 if ($limitListingsGroupsID) {
194
195 if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id,
196 $limitListingsGroupsID
197 )) {
198 CRM_Utils_System::setTitle(ts('Profile View - Permission Denied'));
199 return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.'), ts('Permission Denied'), 'error');
200 }
201 }
202
203 $session = CRM_Core_Session::singleton();
204 $userID = $session->get('userID');
205
206 $this->_isPermissionedChecksum = FALSE;
207 $permissionType = CRM_Core_Permission::VIEW;
208 if ($this->_id != $userID) {
209 // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
210 if ($config->userFrameworkFrontend) {
211 $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE);
212 }
213 else {
214 $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE);
215 }
216 }
217 // CRM-10853
218 // Users with create or edit permission should be allowed to view their own profile
219 if ($this->_id == $userID || $this->_isPermissionedChecksum) {
220 if (!CRM_Core_Permission::check('profile view')) {
221 if (CRM_Core_Permission::check('profile create') || CRM_Core_Permission::check('profile edit')) {
222 $this->_skipPermission = TRUE;
223 }
224 }
225 }
226
227 // make sure we dont expose all fields based on permission
228 $admin = FALSE;
229 if ((!$config->userFrameworkFrontend &&
230 (CRM_Core_Permission::check('administer users') ||
231 CRM_Core_Permission::check('view all contacts') ||
232 CRM_Contact_BAO_Contact_Permission::allow($this->_id)
233 )
234 ) ||
235 $this->_id == $userID ||
236 $this->_isPermissionedChecksum
237 ) {
238 $admin = TRUE;
239 }
240
241 $values = array();
242 $fields = CRM_Core_BAO_UFGroup::getFields($this->_profileIds, FALSE, CRM_Core_Action::VIEW,
243 NULL, NULL, FALSE, $this->_restrict,
244 $this->_skipPermission, NULL,
245 $permissionType
246 );
247
248 if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) {
249 CRM_Core_BAO_UFGroup::shiftMultiRecordFields($fields, $multiRecordFields);
250 $fields = $multiRecordFields;
251 }
252 if ($this->_isContactActivityProfile && $this->_gid) {
253 $errors = CRM_Profile_Form::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid);
254 if (!empty($errors)) {
255 CRM_Core_Error::fatal(array_pop($errors));
256 }
257 }
258
259 //reformat fields array
260 foreach ($fields as $name => $field) {
261 // also eliminate all formatting fields
262 if (CRM_Utils_Array::value('field_type', $field) == 'Formatting') {
263 unset($fields[$name]);
264 }
265
266 // make sure that there is enough permission to expose this field
267 if (!$admin && $field['visibility'] == 'User and User Admin Only') {
268 unset($fields[$name]);
269 }
270 }
271
272 if ($this->_isContactActivityProfile) {
273 $contactFields = $activityFields = array();
274
275 foreach ($fields as $fieldName => $field) {
276 if (CRM_Utils_Array::value('field_type', $field) == 'Activity') {
277 $activityFields[$fieldName] = $field;
278 }
279 else {
280 $contactFields[$fieldName] = $field;
281 }
282 }
283
284 CRM_Core_BAO_UFGroup::getValues($this->_id, $contactFields, $values);
285 if ($this->_activityId) {
286 CRM_Core_BAO_UFGroup::getValues(
287 NULL,
288 $activityFields,
289 $values,
290 TRUE,
291 array(array('activity_id', '=', $this->_activityId, 0, 0))
292 );
293 }
294 }
295 else {
296 $customWhereClause = NULL;
297 if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId) {
298 if ($this->_allFields) {
299 $copyFields = $fields;
300 CRM_Core_BAO_UFGroup::shiftMultiRecordFields($copyFields, $multiRecordFields);
301 $fieldKey = key($multiRecordFields);
302 } else {
303 $fieldKey = key($fields);
304 }
305 if ($fieldID = CRM_Core_BAO_CustomField::getKeyID($fieldKey)) {
306 $tableColumnGroup = CRM_Core_BAO_CustomField::getTableColumnGroup($fieldID);
307 $columnName = "{$tableColumnGroup[0]}.id";
308 $customWhereClause = $columnName . ' = ' . $this->_recordId;
309 }
310 }
311 CRM_Core_BAO_UFGroup::getValues($this->_id, $fields, $values, TRUE, NULL, FALSE, $customWhereClause);
312 }
313
314 // $profileFields array can be used for customized display of field labels and values in Profile/View.tpl
315 $profileFields = array();
316 $labels = array();
317
318 foreach ($fields as $name => $field) {
319 //CRM-14338
320 // Create a unique, non-empty index for each field.
321 $index = $field['title'];
322 if ($index === '') $index = ' ';
323 while (array_key_exists($index, $labels))
324 $index .= ' ';
325
326 $labels[$index] = preg_replace('/\s+|\W+/', '_', $name);
327 }
328
329 foreach ($values as $title => $value) {
330 $profileFields[$labels[$title]] = array(
331 'label' => $title,
332 'value' => $value,
333 );
334 }
335
336 $template->assign_by_ref('row', $values);
337 $template->assign_by_ref('profileFields', $profileFields);
338 }
339
340 $name = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name');
341 $this->assign('ufGroupName', $name);
342 CRM_Utils_Hook::viewProfile($name);
343
344 if (strtolower($name) == 'summary_overlay') {
345 $template->assign('overlayProfile', TRUE);
346 }
347
348 if (($this->_multiRecord & CRM_Core_Action::VIEW) && $this->_recordId && !$this->_allFields) {
349 $fieldDetail = reset($fields);
350 $fieldId = CRM_Core_BAO_CustomField::getKeyID($fieldDetail['name']);
351 $customGroupDetails = CRM_Core_BAO_CustomGroup::getGroupTitles(array($fieldId));
352 $multiRecTitle = $customGroupDetails[$fieldId]['groupTitle'];
353 } else {
354 $title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title');
355 }
356
357 //CRM-4131.
358 $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name');
359 if ($displayName) {
360 $session = CRM_Core_Session::singleton();
361 $config = CRM_Core_Config::singleton();
362 if ($session->get('userID') &&
363 CRM_Core_Permission::check('access CiviCRM') &&
364 CRM_Contact_BAO_Contact_Permission::allow($session->get('userID'), CRM_Core_Permission::VIEW) &&
365 !$config->userFrameworkFrontend
366 ) {
367 $contactViewUrl = CRM_Utils_System::url('civicrm/contact/view', "action=view&reset=1&cid={$this->_id}", TRUE);
368 $this->assign('displayName', $displayName);
369 $displayName = "<a href=\"$contactViewUrl\">{$displayName}</a>";
370 }
371 $title .= ' - ' . $displayName;
372 }
373
374 $title = isset($multiRecTitle) ? ts('View %1 Record', array(1 => $multiRecTitle)) : $title;
375 CRM_Utils_System::setTitle($title);
376
377 // invoke the pagRun hook, CRM-3906
378 CRM_Utils_Hook::pageRun($this);
379
380 return trim($template->fetch($this->getHookedTemplateFileName()));
381 }
382
383 /**
384 * @param string $suffix
385 *
386 * @return null|string
387 */
388 public function checkTemplateFileExists($suffix = '') {
389 if ($this->_gid) {
390 $templateFile = "CRM/Profile/Page/{$this->_gid}/Dynamic.{$suffix}tpl";
391 $template = CRM_Core_Page::getTemplate();
392 if ($template->template_exists($templateFile)) {
393 return $templateFile;
394 }
395
396 // lets see if we have customized by name
397 $ufGroupName = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name');
398 if ($ufGroupName) {
399 $templateFile = "CRM/Profile/Page/{$ufGroupName}/Dynamic.{$suffix}tpl";
400 if ($template->template_exists($templateFile)) {
401 return $templateFile;
402 }
403 }
404 }
405 return NULL;
406 }
407
408 /**
409 * Use the form name to create the tpl file name
410 *
411 * @return string
412 */
413 /**
414 * @return string
415 */
416 public function getTemplateFileName() {
417 $fileName = $this->checkTemplateFileExists();
418 return $fileName ? $fileName : parent::getTemplateFileName();
419 }
420
421 /**
422 * Default extra tpl file basically just replaces .tpl with .extra.tpl
423 * i.e. we dont override
424 *
425 * @return string
426 */
427 /**
428 * @return string
429 */
430 public function overrideExtraTemplateFileName() {
431 $fileName = $this->checkTemplateFileExists('extra.');
432 return $fileName ? $fileName : parent::overrideExtraTemplateFileName();
433 }
434 }