public function preProcess() {
$id = $this->getID();
+ // Check permission for action.
+ if (!CRM_Core_Permission::checkActionPermission('CiviContribute', $this->_action)) {
+ CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
+ }
+ $params = ['id' => $id];
$context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this);
$this->assign('context', $context);
$values = (array) $contribution;
$contributionStatus = CRM_Core_PseudoConstant::getName('CRM_Contribute_BAO_Contribution', 'contribution_status_id', $values['contribution_status_id']);
- if (!isset($this->get_template_vars()['hookDiscount'])) {
- $this->assign('hookDiscount', ['message' => '']);
- }
$this->addExpectedSmartyVariables([
+ 'hookDiscount',
'pricesetFieldsCount',
'pcp_id',
'getTaxDetails',