return ts('Search');
}
+ /**
+ * Check Access for a component
+ * @param string $component
+ * @return bool
+ */
+ protected static function checkComponentAccess($component) {
+ $enabledComponents = CRM_Core_Component::getEnabledComponents();
+ if (!array_key_exists($component, $enabledComponents)) {
+ return FALSE;
+ }
+ return CRM_Core_Permission::access($component);
+ }
+
/**
* Load metadata for fields on the form.
*
* @throws \CiviCRM_API3_Exception
*/
protected function loadMetadata() {
- // @todo - check what happens if the person does not have 'access civicontribute' - make sure they
// can't by pass acls by passing search criteria in the url.
- $this->addSearchFieldMetadata(['Contribution' => CRM_Contribute_BAO_Query::getSearchFieldMetadata()]);
- $this->addSearchFieldMetadata(['ContributionRecur' => CRM_Contribute_BAO_ContributionRecur::getContributionRecurSearchFieldMetadata()]);
+ if (self::checkComponentAccess('CiviContribute')) {
+ $this->addSearchFieldMetadata(['Contribution' => CRM_Contribute_BAO_Query::getSearchFieldMetadata()]);
+ $this->addSearchFieldMetadata(['ContributionRecur' => CRM_Contribute_BAO_ContributionRecur::getContributionRecurSearchFieldMetadata()]);
+ }
$this->addSearchFieldMetadata(['Participant' => CRM_Event_BAO_Query::getSearchFieldMetadata()]);
+ $this->addSearchFieldMetadata(['Membership' => CRM_Member_BAO_Query::getSearchFieldMetadata()]);
+ $this->addSearchFieldMetadata(['Pledge' => CRM_Pledge_BAO_Query::getSearchFieldMetadata()]);
+ $this->addSearchFieldMetadata(['PledgePayment' => CRM_Pledge_BAO_Query::getPledgePaymentSearchFieldMetadata()]);
+ $this->addSearchFieldMetadata(['Grant' => CRM_Grant_BAO_Query::getSearchFieldMetadata()]);
+ $this->addSearchFieldMetadata(['Case' => CRM_Case_BAO_Query::getSearchFieldMetadata()]);
}
}