Merge pull request #15976 from eileenmcnaughton/5.20

[civicrm-core.git] / CRM / Contribute / Form / ContributionRecur.php

diff --git a/CRM/Contribute/Form/ContributionRecur.php b/CRM/Contribute/Form/ContributionRecur.php
index 9e96e10d148319c1dd139a2d5a2e3b28b3d7e9e6..b333159eca837a2ed463ec282a6563b4407ef87b 100644 (file)
--- a/CRM/Contribute/Form/ContributionRecur.php
+++ b/CRM/Contribute/Form/ContributionRecur.php
@@ -107,6 +107,13 @@ class CRM_Contribute_Form_ContributionRecur extends CRM_Core_Form {
    */
   protected $subscriptionDetails = [];
 
+  /**
+   * Is the form being accessed by a front end user to update their own recurring.
+   *
+   * @var bool
+   */
+  protected $selfService;
+
   /**
    * Explicitly declare the entity api name.
    */
@@ -204,4 +211,23 @@ class CRM_Contribute_Form_ContributionRecur extends CRM_Core_Form {
     return isset($sub->contact_id) ? $sub->contact_id : FALSE;
   }
 
+  /**
+   * Is this being used by a front end user to update their own recurring.
+   *
+   * @return bool
+   */
+  protected function isSelfService() {
+    if (!is_null($this->selfService)) {
+      return $this->selfService;
+    }
+    $this->selfService = FALSE;
+    if (!CRM_Core_Permission::check('edit contributions')) {
+      if ($this->_subscriptionDetails->contact_id != $this->getContactID()) {
+        CRM_Core_Error::statusBounce(ts('You do not have permission to cancel this recurring contribution.'));
+      }
+      $this->selfService = TRUE;
+    }
+    return $this->selfService;
+  }
+
 }