projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5287 from mlutfy/4.6-crm13584-2
[civicrm-core.git] / CRM / Profile / Page / Dynamic.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2014 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 *
30 * @package CRM
31 * @copyright CiviCRM LLC (c) 2004-2014
32 * $Id$
33 *
34 */
35
36 /**
37 * Create a page for displaying CiviCRM Profile Fields.
38 *
39 * Heart of this class is the run method which checks
40 * for action type and then displays the appropriate
41 * page.
42 *
43 */
44 class CRM_Profile_Page_Dynamic extends CRM_Core_Page {
45
46 /**
47 * The contact id of the person we are viewing.
48 *
49 * @var int
50 */
51 protected $_id;
52
53 /**
54 * The profile group are are interested in.
55 *
56 * @var int
57 */
58 protected $_gid;
59
60 /**
61 * The profile types we restrict this page to display.
62 *
63 * @var string
64 */
65 protected $_restrict;
66
67 /**
68 * Should we bypass permissions.
69 *
70 * @var boolean
71 */
72 protected $_skipPermission;
73
74 /**
75 * Store profile ids if multiple profile ids are passed using comma separated.
76 * Currently lets implement this functionality only for dialog mode
77 */
78 protected $_profileIds = array();
79
80 /**
81 * Contact profile having activity fields?
82 *
83 * @var string
84 */
85 protected $_isContactActivityProfile = FALSE;
86
87 /**
88 * Activity Id connected to the profile.
89 *
90 * @var string
91 */
92 protected $_activityId = NULL;
93
94 protected $_multiRecord = NULL;
95
96 protected $_recordId = NULL;
97
98 /*
99 * fetch multirecord as well as non-multirecord fields
100 */
101 protected $_allFields = NULL;
102
103 /**
104 * Class constructor.
105 *
106 * @param int $id
107 * The contact id.
108 * @param int $gid
109 * The group id.
110 *
111 * @param $restrict
112 * @param bool $skipPermission
113 * @param null $profileIds
114 *
115 * @return \CRM_Profile_Page_Dynamic
116 */
117 public function __construct($id, $gid, $restrict, $skipPermission = FALSE, $profileIds = NULL) {
118 parent::__construct();
119
120 $this->_id = $id;
121 $this->_gid = $gid;
122 $this->_restrict = $restrict;
123 $this->_skipPermission = $skipPermission;
124
125 if (!array_key_exists('multiRecord', $_GET)) {
126 $this->set('multiRecord', NULL);
127 }
128 if (!array_key_exists('recordId', $_GET)) {
129 $this->set('recordId', NULL);
130 }
131 if (!array_key_exists('allFields', $_GET)) {
132 $this->set('allFields', NULL);
133 }
134
135 //specifies the action being done on a multi record field
136 $multiRecordAction = CRM_Utils_Request::retrieve('multiRecord', 'String', $this);
137
138 $this->_multiRecord = (!is_numeric($multiRecordAction)) ? CRM_Core_Action::resolve($multiRecordAction) : $multiRecordAction;
139 if ($this->_multiRecord) {
140 $this->set('multiRecord', $this->_multiRecord);
141 }
142
143 if ($this->_multiRecord & CRM_Core_Action::VIEW) {
144 $this->_recordId = CRM_Utils_Request::retrieve('recordId', 'Positive', $this);
145 $this->_allFields = CRM_Utils_Request::retrieve('allFields', 'Integer', $this);
146 }
147
148 if ($profileIds) {
149 $this->_profileIds = $profileIds;
150 }
151 else {
152 $this->_profileIds = array($gid);
153 }
154
155 $this->_activityId = CRM_Utils_Request::retrieve('aid', 'Positive', $this, FALSE, 0, 'GET');
156 if (is_numeric($this->_activityId)) {
157 $latestRevisionId = CRM_Activity_BAO_Activity::getLatestActivityId($this->_activityId);
158 if ($latestRevisionId) {
159 $this->_activityId = $latestRevisionId;
160 }
161 }
162 $this->_isContactActivityProfile = CRM_Core_BAO_UFField::checkContactActivityProfileType($this->_gid);
163 }
164
165 /**
166 * Get the action links for this page.
167 *
168 * @return array
169 */
170 public function &actionLinks() {
171 return NULL;
172 }
173
174 /**
175 * Run the page.
176 *
177 * This method is called after the page is created. It checks for the
178 * type of action and executes that action.
179 *
180 * @return void
181 */
182 public function run() {
183 $template = CRM_Core_Smarty::singleton();
184 if ($this->_id && $this->_gid) {
185
186 // first check that id is part of the limit group id, CRM-4822
187 $limitListingsGroupsID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup',
188 $this->_gid,
189 'limit_listings_group_id'
190 );
191 $config = CRM_Core_Config::singleton();
192 if ($limitListingsGroupsID) {
193
194 if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id,
195 $limitListingsGroupsID
196 )
197 ) {
198 CRM_Utils_System::setTitle(ts('Profile View - Permission Denied'));
199 return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.'), ts('Permission Denied'), 'error');
200 }
201 }
202
203 $session = CRM_Core_Session::singleton();
204 $userID = $session->get('userID');
205
206 $this->_isPermissionedChecksum = $allowPermission = FALSE;
207 $permissionType = CRM_Core_Permission::VIEW;
208 if (CRM_Core_Permission::check('administer users') || CRM_Core_Permission::check('view all contacts') || CRM_Contact_BAO_Contact_Permission::allow($this->_id)) {
209 $allowPermission = TRUE;
210 }
211 if ($this->_id != $userID) {
212 // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
213 if ($config->userFrameworkFrontend) {
214 $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE);
215 if (!$this->_isPermissionedChecksum) {
216 $this->_isPermissionedChecksum = $allowPermission;
217 }
218 }
219 else {
220 $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE);
221 }
222 }
223 // CRM-10853
224 // Users with create or edit permission should be allowed to view their own profile
225 if ($this->_id == $userID || $this->_isPermissionedChecksum) {
226 if (!CRM_Core_Permission::check('profile view')) {
227 if (CRM_Core_Permission::check('profile create') || CRM_Core_Permission::check('profile edit')) {
228 $this->_skipPermission = TRUE;
229 }
230 }
231 }
232
233 // make sure we dont expose all fields based on permission
234 $admin = FALSE;
235 if ((!$config->userFrameworkFrontend && $allowPermission) ||
236 $this->_id == $userID ||
237 $this->_isPermissionedChecksum
238 ) {
239 $admin = TRUE;
240 }
241
242 $values = array();
243 $fields = CRM_Core_BAO_UFGroup::getFields($this->_profileIds, FALSE, CRM_Core_Action::VIEW,
244 NULL, NULL, FALSE, $this->_restrict,
245 $this->_skipPermission, NULL,
246 $permissionType
247 );
248
249 if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) {
250 CRM_Core_BAO_UFGroup::shiftMultiRecordFields($fields, $multiRecordFields);
251 $fields = $multiRecordFields;
252 }
253 if ($this->_isContactActivityProfile && $this->_gid) {
254 $errors = CRM_Profile_Form::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid);
255 if (!empty($errors)) {
256 CRM_Core_Error::fatal(array_pop($errors));
257 }
258 }
259
260 //reformat fields array
261 foreach ($fields as $name => $field) {
262 // also eliminate all formatting fields
263 if (CRM_Utils_Array::value('field_type', $field) == 'Formatting') {
264 unset($fields[$name]);
265 }
266
267 // make sure that there is enough permission to expose this field
268 if (!$admin && $field['visibility'] == 'User and User Admin Only') {
269 unset($fields[$name]);
270 }
271 }
272
273 if ($this->_isContactActivityProfile) {
274 $contactFields = $activityFields = array();
275
276 foreach ($fields as $fieldName => $field) {
277 if (CRM_Utils_Array::value('field_type', $field) == 'Activity') {
278 $activityFields[$fieldName] = $field;
279 }
280 else {
281 $contactFields[$fieldName] = $field;
282 }
283 }
284
285 CRM_Core_BAO_UFGroup::getValues($this->_id, $contactFields, $values);
286 if ($this->_activityId) {
287 CRM_Core_BAO_UFGroup::getValues(
288 NULL,
289 $activityFields,
290 $values,
291 TRUE,
292 array(array('activity_id', '=', $this->_activityId, 0, 0))
293 );
294 }
295 }
296 else {
297 $customWhereClause = NULL;
298 if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId) {
299 if ($this->_allFields) {
300 $copyFields = $fields;
301 CRM_Core_BAO_UFGroup::shiftMultiRecordFields($copyFields, $multiRecordFields);
302 $fieldKey = key($multiRecordFields);
303 }
304 else {
305 $fieldKey = key($fields);
306 }
307 if ($fieldID = CRM_Core_BAO_CustomField::getKeyID($fieldKey)) {
308 $tableColumnGroup = CRM_Core_BAO_CustomField::getTableColumnGroup($fieldID);
309 $columnName = "{$tableColumnGroup[0]}.id";
310 $customWhereClause = $columnName . ' = ' . $this->_recordId;
311 }
312 }
313 CRM_Core_BAO_UFGroup::getValues($this->_id, $fields, $values, TRUE, NULL, FALSE, $customWhereClause);
314 }
315
316 // $profileFields array can be used for customized display of field labels and values in Profile/View.tpl
317 $profileFields = array();
318 $labels = array();
319
320 foreach ($fields as $name => $field) {
321 //CRM-14338
322 // Create a unique, non-empty index for each field.
323 $index = $field['title'];
324 if ($index === '') {
325 $index = ' ';
326 }
327 while (array_key_exists($index, $labels)) {
328 $index .= ' ';
329 }
330
331 $labels[$index] = preg_replace('/\s+|\W+/', '_', $name);
332 }
333
334 foreach ($values as $title => $value) {
335 $profileFields[$labels[$title]] = array(
336 'label' => $title,
337 'value' => $value,
338 );
339 }
340
341 $template->assign_by_ref('row', $values);
342 $template->assign_by_ref('profileFields', $profileFields);
343 }
344
345 $name = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name');
346 $this->assign('ufGroupName', $name);
347 CRM_Utils_Hook::viewProfile($name);
348
349 if (strtolower($name) == 'summary_overlay') {
350 $template->assign('overlayProfile', TRUE);
351 }
352
353 if (($this->_multiRecord & CRM_Core_Action::VIEW) && $this->_recordId && !$this->_allFields) {
354 $fieldDetail = reset($fields);
355 $fieldId = CRM_Core_BAO_CustomField::getKeyID($fieldDetail['name']);
356 $customGroupDetails = CRM_Core_BAO_CustomGroup::getGroupTitles(array($fieldId));
357 $multiRecTitle = $customGroupDetails[$fieldId]['groupTitle'];
358 }
359 else {
360 $title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title');
361 }
362
363 //CRM-4131.
364 $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name');
365 if ($displayName) {
366 $session = CRM_Core_Session::singleton();
367 $config = CRM_Core_Config::singleton();
368 if ($session->get('userID') &&
369 CRM_Core_Permission::check('access CiviCRM') &&
370 CRM_Contact_BAO_Contact_Permission::allow($session->get('userID'), CRM_Core_Permission::VIEW) &&
371 !$config->userFrameworkFrontend
372 ) {
373 $contactViewUrl = CRM_Utils_System::url('civicrm/contact/view', "action=view&reset=1&cid={$this->_id}", TRUE);
374 $this->assign('displayName', $displayName);
375 $displayName = "<a href=\"$contactViewUrl\">{$displayName}</a>";
376 }
377 $title .= ' - ' . $displayName;
378 }
379
380 $title = isset($multiRecTitle) ? ts('View %1 Record', array(1 => $multiRecTitle)) : $title;
381 CRM_Utils_System::setTitle($title);
382
383 // invoke the pagRun hook, CRM-3906
384 CRM_Utils_Hook::pageRun($this);
385
386 return trim($template->fetch($this->getHookedTemplateFileName()));
387 }
388
389 /**
390 * @param string $suffix
391 *
392 * @return null|string
393 */
394 public function checkTemplateFileExists($suffix = '') {
395 if ($this->_gid) {
396 $templateFile = "CRM/Profile/Page/{$this->_gid}/Dynamic.{$suffix}tpl";
397 $template = CRM_Core_Page::getTemplate();
398 if ($template->template_exists($templateFile)) {
399 return $templateFile;
400 }
401
402 // lets see if we have customized by name
403 $ufGroupName = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name');
404 if ($ufGroupName) {
405 $templateFile = "CRM/Profile/Page/{$ufGroupName}/Dynamic.{$suffix}tpl";
406 if ($template->template_exists($templateFile)) {
407 return $templateFile;
408 }
409 }
410 }
411 return NULL;
412 }
413
414 /**
415 * Use the form name to create the tpl file name.
416 *
417 * @return string
418 */
419 /**
420 * @return string
421 */
422 public function getTemplateFileName() {
423 $fileName = $this->checkTemplateFileExists();
424 return $fileName ? $fileName : parent::getTemplateFileName();
425 }
426
427 /**
428 * Default extra tpl file basically just replaces .tpl with .extra.tpl
429 * i.e. we dont override
430 *
431 * @return string
432 */
433 /**
434 * @return string
435 */
436 public function overrideExtraTemplateFileName() {
437 $fileName = $this->checkTemplateFileExists('extra.');
438 return $fileName ? $fileName : parent::overrideExtraTemplateFileName();
439 }
440
441 }