public function preProcess() {
$id = $this->getID();
+ // Check permission for action.
+ if (!CRM_Core_Permission::checkActionPermission('CiviContribute', $this->_action)) {
+ CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
+ }
+ $params = ['id' => $id];
$context = CRM_Utils_Request::retrieve('context', 'Alphanumeric', $this);
$this->assign('context', $context);
projects / civicrm-core.git / blobdiff