+--------------------------------------------------------------------+
| CiviCRM version 4.6 |
+--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2014 |
+ | Copyright CiviCRM LLC (c) 2004-2015 |
+--------------------------------------------------------------------+
| This file is a part of CiviCRM. |
| |
/**
*
* @package CRM
- * @copyright CiviCRM LLC (c) 2004-2014
+ * @copyright CiviCRM LLC (c) 2004-2015
* $Id$
*
*/
class CRM_Profile_Page_Dynamic extends CRM_Core_Page {
/**
- * The contact id of the person we are viewing
+ * The contact id of the person we are viewing.
*
* @var int
*/
protected $_id;
/**
- * The profile group are are interested in
+ * The profile group are are interested in.
*
* @var int
*/
protected $_gid;
/**
- * The profile types we restrict this page to display
+ * The profile types we restrict this page to display.
*
* @var string
*/
protected $_restrict;
/**
- * Should we bypass permissions
+ * Should we bypass permissions.
*
* @var boolean
*/
protected $_isContactActivityProfile = FALSE;
/**
- * Activity Id connected to the profile
+ * Activity Id connected to the profile.
*
* @var string
*/
protected $_allFields = NULL;
/**
- * Class constructor
+ * Class constructor.
*
* @param int $id
* The contact id.
$session = CRM_Core_Session::singleton();
$userID = $session->get('userID');
- $this->_isPermissionedChecksum = FALSE;
+ $this->_isPermissionedChecksum = $allowPermission = FALSE;
$permissionType = CRM_Core_Permission::VIEW;
+ if (CRM_Core_Permission::check('administer users') || CRM_Core_Permission::check('view all contacts') || CRM_Contact_BAO_Contact_Permission::allow($this->_id)) {
+ $allowPermission = TRUE;
+ }
if ($this->_id != $userID) {
// do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228
if ($config->userFrameworkFrontend) {
$this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE);
+ if (!$this->_isPermissionedChecksum) {
+ $this->_isPermissionedChecksum = $allowPermission;
+ }
}
else {
$this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE);
// make sure we dont expose all fields based on permission
$admin = FALSE;
- if ((!$config->userFrameworkFrontend &&
- (CRM_Core_Permission::check('administer users') ||
- CRM_Core_Permission::check('view all contacts') ||
- CRM_Contact_BAO_Contact_Permission::allow($this->_id)
- )
- ) ||
+ if ((!$config->userFrameworkFrontend && $allowPermission) ||
$this->_id == $userID ||
$this->_isPermissionedChecksum
) {
}
/**
- * Use the form name to create the tpl file name
+ * Use the form name to create the tpl file name.
*
* @return string
*/
projects / civicrm-core.git / blobdiff