+--------------------------------------------------------------------+
| CiviCRM version 4.7 |
+--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2015 |
+ | Copyright CiviCRM LLC (c) 2004-2016 |
+--------------------------------------------------------------------+
| This file is a part of CiviCRM. |
| |
/**
*
* @package CRM
- * @copyright CiviCRM LLC (c) 2004-2015
+ * @copyright CiviCRM LLC (c) 2004-2016
*/
/**
if (isset($this->_id) && $this->_id) {
$params = array('id' => $this->_id);
CRM_Core_DAO::commonRetrieve('CRM_Contribute_DAO_ContributionPage', $params, $this->_values);
+ CRM_Contribute_BAO_ContributionPage::setValues($this->_id, $this->_values);
}
$this->set('values', $this->_values);
}
+ // Check permission to edit contribution page
+ if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus() && $this->_action & CRM_Core_Action::UPDATE) {
+ $financialTypeID = CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id']);
+ if (!CRM_Core_Permission::check('edit contributions of type ' . $financialTypeID)) {
+ CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
+ }
+ }
+
// Preload libraries required by the "Profiles" tab
$schemas = array('IndividualModel', 'OrganizationModel', 'ContributionModel');
if (in_array('CiviMember', CRM_Core_Config::singleton()->enableComponents)) {
projects / civicrm-core.git / blobdiff