projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
CIVI-28 Added check for lineitems edit and delete
[civicrm-core.git] / CRM / Contribute / Form / Contribution.php
diff --git a/CRM/Contribute/Form/Contribution.php b/CRM/Contribute/Form/Contribution.php
index 1c8c13c2e4c5effa841a48cd70eefd2dab1e1111..e489f103cbaa6f3491836a7e4c034af9e7b41cbb 100644 (file)
--- a/CRM/Contribute/Form/Contribution.php
+++ b/CRM/Contribute/Form/Contribution.php
@@ -461,13 +461,7 @@ class CRM_Contribute_Form_Contribution extends CRM_Contribute_Form_AbstractEditP
     // FIXME: This probably needs to be done in preprocess
     if ($this->_action & CRM_Core_Action::UPDATE && CRM_Utils_Array::value('financial_type_id', $this->_values)) {
       $financialTypeID = CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id']);
-      $lineItems = CRM_Price_BAO_LineItem::getLineItemsByContributionID($this->_id);
-      foreach ($lineItems as $items) { 
-        if (!CRM_Core_Permission::check('edit contributions of type ' . CRM_Contribute_PseudoConstant::financialType($items['financial_type_id']))) {
-          CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
-          break;
-        }
-      }
+      CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($this->_id, 'edit');
       if (!CRM_Core_Permission::check('edit contributions of type ' . $financialTypeID)) {
         CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
       }