X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;ds=sidebyside;f=CRM%2FProfile%2FPage%2FDynamic.php;h=003e6c799da629f513ca13d3a8419740d1a55636;hb=c9109f52be8f3869ecbb691b07a8b60d82a68594;hp=099894bb75745c5e08f3fa99aa8a3ca16b249c72;hpb=00be918220e9ac8f6d25d12ed3c9c49fddd07ff7;p=civicrm-core.git diff --git a/CRM/Profile/Page/Dynamic.php b/CRM/Profile/Page/Dynamic.php index 099894bb75..003e6c799d 100644 --- a/CRM/Profile/Page/Dynamic.php +++ b/CRM/Profile/Page/Dynamic.php @@ -23,7 +23,7 @@ | GNU Affero General Public License or the licensing of CiviCRM, | | see the CiviCRM license FAQ at http://civicrm.org/licensing | +--------------------------------------------------------------------+ -*/ + */ /** * @@ -44,34 +44,30 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { /** - * The contact id of the person we are viewing + * The contact id of the person we are viewing. * * @var int - * @access protected */ protected $_id; /** - * The profile group are are interested in + * The profile group are are interested in. * * @var int - * @access protected */ protected $_gid; /** - * The profile types we restrict this page to display + * The profile types we restrict this page to display. * * @var string - * @access protected */ protected $_restrict; /** - * Should we bypass permissions + * Should we bypass permissions. * * @var boolean - * @access protected */ protected $_skipPermission; @@ -89,7 +85,7 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { protected $_isContactActivityProfile = FALSE; /** - * Activity Id connected to the profile + * Activity Id connected to the profile. * * @var string */ @@ -105,17 +101,18 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { protected $_allFields = NULL; /** - * Class constructor + * Class constructor. * - * @param int $id the contact id - * @param int $gid the group id + * @param int $id + * The contact id. + * @param int $gid + * The group id. * * @param $restrict * @param bool $skipPermission * @param null $profileIds * * @return \CRM_Profile_Page_Dynamic - * @access public */ public function __construct($id, $gid, $restrict, $skipPermission = FALSE, $profileIds = NULL) { parent::__construct(); @@ -138,14 +135,13 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { //specifies the action being done on a multi record field $multiRecordAction = CRM_Utils_Request::retrieve('multiRecord', 'String', $this); - $this->_multiRecord = (!is_numeric($multiRecordAction)) ? - CRM_Core_Action::resolve($multiRecordAction) : $multiRecordAction; + $this->_multiRecord = (!is_numeric($multiRecordAction)) ? CRM_Core_Action::resolve($multiRecordAction) : $multiRecordAction; if ($this->_multiRecord) { $this->set('multiRecord', $this->_multiRecord); } if ($this->_multiRecord & CRM_Core_Action::VIEW) { - $this->_recordId = CRM_Utils_Request::retrieve('recordId', 'Positive', $this); + $this->_recordId = CRM_Utils_Request::retrieve('recordId', 'Positive', $this); $this->_allFields = CRM_Utils_Request::retrieve('allFields', 'Integer', $this); } @@ -169,8 +165,7 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { /** * Get the action links for this page. * - * @return array $_actionLinks - * + * @return array */ public function &actionLinks() { return NULL; @@ -183,8 +178,6 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { * type of action and executes that action. * * @return void - * @access public - * */ public function run() { $template = CRM_Core_Smarty::singleton(); @@ -199,8 +192,9 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { if ($limitListingsGroupsID) { if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id, - $limitListingsGroupsID - )) { + $limitListingsGroupsID + ) + ) { CRM_Utils_System::setTitle(ts('Profile View - Permission Denied')); return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.'), ts('Permission Denied'), 'error'); } @@ -209,12 +203,18 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { $session = CRM_Core_Session::singleton(); $userID = $session->get('userID'); - $this->_isPermissionedChecksum = FALSE; + $this->_isPermissionedChecksum = $allowPermission = FALSE; $permissionType = CRM_Core_Permission::VIEW; + if (CRM_Core_Permission::check('administer users') || CRM_Core_Permission::check('view all contacts') || CRM_Contact_BAO_Contact_Permission::allow($this->_id)) { + $allowPermission = TRUE; + } if ($this->_id != $userID) { // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 if ($config->userFrameworkFrontend) { $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE); + if (!$this->_isPermissionedChecksum) { + $this->_isPermissionedChecksum = $allowPermission; + } } else { $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE); @@ -232,12 +232,7 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { // make sure we dont expose all fields based on permission $admin = FALSE; - if ((!$config->userFrameworkFrontend && - (CRM_Core_Permission::check('administer users') || - CRM_Core_Permission::check('view all contacts') || - CRM_Contact_BAO_Contact_Permission::allow($this->_id) - ) - ) || + if ((!$config->userFrameworkFrontend && $allowPermission) || $this->_id == $userID || $this->_isPermissionedChecksum ) { @@ -305,7 +300,8 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { $copyFields = $fields; CRM_Core_BAO_UFGroup::shiftMultiRecordFields($copyFields, $multiRecordFields); $fieldKey = key($multiRecordFields); - } else { + } + else { $fieldKey = key($fields); } if ($fieldID = CRM_Core_BAO_CustomField::getKeyID($fieldKey)) { @@ -325,9 +321,12 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { //CRM-14338 // Create a unique, non-empty index for each field. $index = $field['title']; - if ($index === '') $index = ' '; - while (array_key_exists($index, $labels)) + if ($index === '') { + $index = ' '; + } + while (array_key_exists($index, $labels)) { $index .= ' '; + } $labels[$index] = preg_replace('/\s+|\W+/', '_', $name); } @@ -356,7 +355,8 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { $fieldId = CRM_Core_BAO_CustomField::getKeyID($fieldDetail['name']); $customGroupDetails = CRM_Core_BAO_CustomGroup::getGroupTitles(array($fieldId)); $multiRecTitle = $customGroupDetails[$fieldId]['groupTitle']; - } else { + } + else { $title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title'); } @@ -412,10 +412,9 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { } /** - * Use the form name to create the tpl file name + * Use the form name to create the tpl file name. * * @return string - * @access public */ /** * @return string @@ -430,7 +429,6 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { * i.e. we dont override * * @return string - * @access public */ /** * @return string @@ -439,5 +437,5 @@ class CRM_Profile_Page_Dynamic extends CRM_Core_Page { $fileName = $this->checkTemplateFileExists('extra.'); return $fileName ? $fileName : parent::overrideExtraTemplateFileName(); } -} +}