projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
CRM-16189, added code to validate financial type for contribution
[civicrm-core.git] / CRM / Contribute / Form / ContributionPage.php
diff --git a/CRM/Contribute/Form/ContributionPage.php b/CRM/Contribute/Form/ContributionPage.php
index 3c08ea6338e3962db70962e7f7219d2493cd916e..e196b61c7fbbb677c759afed7b59e78f5c96fd09 100644 (file)
--- a/CRM/Contribute/Form/ContributionPage.php
+++ b/CRM/Contribute/Form/ContributionPage.php
@@ -3,7 +3,7 @@
  +--------------------------------------------------------------------+
  | CiviCRM version 4.7                                                |
  +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2015                                |
+ | Copyright CiviCRM LLC (c) 2004-2016                                |
  +--------------------------------------------------------------------+
  | This file is a part of CiviCRM.                                    |
  |                                                                    |
@@ -28,7 +28,7 @@
 /**
  *
  * @package CRM
- * @copyright CiviCRM LLC (c) 2004-2015
+ * @copyright CiviCRM LLC (c) 2004-2016
  */
 
 /**
@@ -136,10 +136,19 @@ class CRM_Contribute_Form_ContributionPage extends CRM_Core_Form {
       if (isset($this->_id) && $this->_id) {
         $params = array('id' => $this->_id);
         CRM_Core_DAO::commonRetrieve('CRM_Contribute_DAO_ContributionPage', $params, $this->_values);
+        CRM_Contribute_BAO_ContributionPage::setValues($this->_id, $this->_values);
       }
       $this->set('values', $this->_values);
     }
 
+    // Check permission to edit contribution page
+    if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus() && $this->_action & CRM_Core_Action::UPDATE) {
+      $financialTypeID = CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id']);
+      if (!CRM_Core_Permission::check('edit contributions of type ' . $financialTypeID)) {
+        CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
+      }
+    }
+
     // Preload libraries required by the "Profiles" tab
     $schemas = array('IndividualModel', 'OrganizationModel', 'ContributionModel');
     if (in_array('CiviMember', CRM_Core_Config::singleton()->enableComponents)) {
@@ -321,10 +330,6 @@ class CRM_Contribute_Form_ContributionPage extends CRM_Core_Form {
       list($defaults['start_date'], $defaults['start_date_time']) = CRM_Utils_Date::setDateDefaults();
     }
 
-    if (!isset($defaults['for_organization'])) {
-      $defaults['for_organization'] = ts('I am contributing on behalf of an organization.');
-    }
-
     if (!empty($defaults['recur_frequency_unit'])) {
       $defaults['recur_frequency_unit'] = array_fill_keys(explode(CRM_Core_DAO::VALUE_SEPARATOR,
         $defaults['recur_frequency_unit']
@@ -335,13 +340,6 @@ class CRM_Contribute_Form_ContributionPage extends CRM_Core_Form {
       $defaults['recur_frequency_unit'] = array('month' => 1);
     }
 
-    if (!empty($defaults['is_for_organization'])) {
-      $defaults['is_organization'] = 1;
-    }
-    else {
-      $defaults['is_for_organization'] = 1;
-    }
-
     // confirm page starts out enabled
     if (!isset($defaults['is_confirm_enabled'])) {
       $defaults['is_confirm_enabled'] = 1;