projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
CRM-17700 fix api to respect skipping permissions at the custom field level
[civicrm-core.git] / CRM / Core / BAO / CustomGroup.php
diff --git a/CRM/Core/BAO/CustomGroup.php b/CRM/Core/BAO/CustomGroup.php
index af3974f6e1a58140e2655da6f261b9efbeb6d64f..32494be2199d85a60cd288022f25830b44aac95f 100644 (file)
--- a/CRM/Core/BAO/CustomGroup.php
+++ b/CRM/Core/BAO/CustomGroup.php
@@ -1,7 +1,7 @@
 <?php
 /*
  +--------------------------------------------------------------------+
- | CiviCRM version 4.6                                                |
+ | CiviCRM version 4.7                                                |
  +--------------------------------------------------------------------+
  | Copyright CiviCRM LLC (c) 2004-2015                                |
  +--------------------------------------------------------------------+
@@ -123,7 +123,7 @@ class CRM_Core_BAO_CustomGroup extends CRM_Core_DAO_CustomGroup {
       'is_multiple',
     );
     foreach ($fields as $field) {
-      if (isset($params[$field])) {
+      if (isset($params[$field]) || $field == 'is_multiple') {
         $group->$field = CRM_Utils_Array::value($field, $params, FALSE);
       }
     }
@@ -329,7 +329,11 @@ class CRM_Core_BAO_CustomGroup extends CRM_Core_DAO_CustomGroup {
    *   Do not restrict by subtype at all. (The parameter feels a bit cludgey but is only used from the
    *   api - through which it is properly tested - so can be refactored with some comfort.)
    *
+   * @param bool $checkPermission
+   *
    * @return array
+   *   Custom field 'tree'.
+   *
    *   The returned array is keyed by group id and has the custom group table fields
    *   and a subkey 'fields' holding the specific custom fields.
    *   If entityId is passed in the fields keys have a subkey 'customValue' which holds custom data
@@ -348,7 +352,8 @@ class CRM_Core_BAO_CustomGroup extends CRM_Core_DAO_CustomGroup {
     $subName = NULL,
     $fromCache = TRUE,
     $onlySubType = NULL,
-    $returnAll = FALSE
+    $returnAll = FALSE,
+    $checkPermission = TRUE
   ) {
     if ($entityID) {
       $entityID = CRM_Utils_Type::escape($entityID, 'Integer');
@@ -495,12 +500,13 @@ WHERE civicrm_custom_group.is_active = 1
       // since groupID is false we need to show all Inline groups
       $strWhere .= " AND civicrm_custom_group.style = 'Inline'";
     }
-
-    // ensure that the user has access to these custom groups
-    $strWhere .= " AND " .
-      CRM_Core_Permission::customGroupClause(CRM_Core_Permission::VIEW,
-        'civicrm_custom_group.'
-      );
+    if ($checkPermission) {
+      // ensure that the user has access to these custom groups
+      $strWhere .= " AND " .
+        CRM_Core_Permission::customGroupClause(CRM_Core_Permission::VIEW,
+          'civicrm_custom_group.'
+        );
+    }
 
     $orderBy = "
 ORDER BY civicrm_custom_group.weight,
@@ -1297,9 +1303,12 @@ ORDER BY civicrm_custom_group.weight,
           continue;
         }
 
-        if (!empty($field['element_name'])) {
-          $elementName = $field['element_name'];
+        if (empty($field['element_name'])) {
+          continue;
         }
+
+        $elementName = $field['element_name'];
+
         switch ($field['html_type']) {
           case 'Multi-Select':
           case 'AdvMulti-Select':
@@ -1729,6 +1738,9 @@ ORDER BY civicrm_custom_group.weight,
       case 'Contribution':
         return 'civicrm_contribution';
 
+      case 'ContributionRecur':
+        return 'civicrm_contribution_recur';
+
       case 'Relationship':
         return 'civicrm_relationship';