Merge branch '4.6' of https://github.com/civicrm/civicrm-core

[civicrm-core.git] / api / v3 / Contribution.php

diff --git a/api/v3/Contribution.php b/api/v3/Contribution.php
index a3705b8459ee8ea159b9cd65bc0176bb325fe27c..00aa5ccbdb78f79c026ee22f1c3adb8ad69a59ce 100644 (file)
--- a/api/v3/Contribution.php
+++ b/api/v3/Contribution.php
@@ -46,14 +46,24 @@ function civicrm_api3_contribution_create(&$params) {
   _civicrm_api3_custom_format_params($params, $values, 'Contribution');
   $params = array_merge($params, $values);
 
-  if (empty($params['id'])) {
-    $op = 'add';
-  }
-  CRM_Financial_BAO_FinancialType::getAvailableFinancialTypes($types, $op);
-  if (!in_array($params['financial_type_id'], array_keys($types))) {
-    return civicrm_api3_create_error('You do not have permission to create this contribution');
+  if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()) {
+    if (empty($params['id'])) {
+      $op = 'add';
+    }
+    else {
+      if (empty($params['financial_type_id'])) {
+        $params['financial_type_id'] = civicrm_api3('Contribution', 'getvalue', array(
+          'id' => $params['id'],
+          'return' => 'financial_type_id',
+        ));
+      }
+      $op = 'edit';
+    }
+    CRM_Financial_BAO_FinancialType::getAvailableFinancialTypes($types, $op);
+    if (!in_array($params['financial_type_id'], array_keys($types))) {
+      return civicrm_api3_create_error('You do not have permission to create this contribution');
+    }
   }
-
   if (!empty($params['id']) && !empty($params['contribution_status_id'])) {
     $error = array();
     //throw error for invalid status change such as setting completed back to pending
@@ -193,10 +203,11 @@ function civicrm_api3_contribution_delete($params) {
   $contributionID = !empty($params['contribution_id']) ? $params['contribution_id'] : $params['id'];
   // First check contribution financial type
   $financialType = CRM_Core_DAO::getFieldValue('CRM_Contribute_DAO_Contribution', $contributionID, 'financial_type_id');
-  
   // Now check permissioned lineitems & permissioned contribution
-  if (!CRM_Core_Permission::check('delete contributions of type ' . CRM_Contribute_PseudoConstant::financialType($financialType)) || 
-    !CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($contributionID, 'delete', FALSE)) {
+  if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()
+    && !CRM_Core_Permission::check('delete contributions of type ' . CRM_Contribute_PseudoConstant::financialType($financialType)) ||
+      !CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($contributionID, 'delete', FALSE)
+  ) {
     return civicrm_api3_create_error('You do not have permission to delete this contribution');
   }
   if (CRM_Contribute_BAO_Contribution::deleteContribution($contributionID)) {