X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FContribute%2FForm%2FContributionRecur.php;h=b333159eca837a2ed463ec282a6563b4407ef87b;hb=0d69fd8e79da60b18afdf94d299dea5feeb6d5e4;hp=9e96e10d148319c1dd139a2d5a2e3b28b3d7e9e6;hpb=110cb51eb92825e97fd8dde352ef20ea0be26f5b;p=civicrm-core.git

diff --git a/CRM/Contribute/Form/ContributionRecur.php b/CRM/Contribute/Form/ContributionRecur.php
index 9e96e10d14..b333159eca 100644
--- a/CRM/Contribute/Form/ContributionRecur.php
+++ b/CRM/Contribute/Form/ContributionRecur.php
@@ -107,6 +107,13 @@ class CRM_Contribute_Form_ContributionRecur extends CRM_Core_Form {
    */
   protected $subscriptionDetails = [];
 
+  /**
+   * Is the form being accessed by a front end user to update their own recurring.
+   *
+   * @var bool
+   */
+  protected $selfService;
+
   /**
    * Explicitly declare the entity api name.
    */
@@ -204,4 +211,23 @@ class CRM_Contribute_Form_ContributionRecur extends CRM_Core_Form {
     return isset($sub->contact_id) ? $sub->contact_id : FALSE;
   }
 
+  /**
+   * Is this being used by a front end user to update their own recurring.
+   *
+   * @return bool
+   */
+  protected function isSelfService() {
+    if (!is_null($this->selfService)) {
+      return $this->selfService;
+    }
+    $this->selfService = FALSE;
+    if (!CRM_Core_Permission::check('edit contributions')) {
+      if ($this->_subscriptionDetails->contact_id != $this->getContactID()) {
+        CRM_Core_Error::statusBounce(ts('You do not have permission to cancel this recurring contribution.'));
+      }
+      $this->selfService = TRUE;
+    }
+    return $this->selfService;
+  }
+
 }