X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FContribute%2FForm%2FContributionRecur.php;h=b333159eca837a2ed463ec282a6563b4407ef87b;hb=0d69fd8e79da60b18afdf94d299dea5feeb6d5e4;hp=f5b26ce4e75a80700cc9fa56d4a8610266fbf2de;hpb=4c274652821b1e1a4410c12318820fe76d3cdf44;p=civicrm-core.git

diff --git a/CRM/Contribute/Form/ContributionRecur.php b/CRM/Contribute/Form/ContributionRecur.php
index f5b26ce4e7..b333159eca 100644
--- a/CRM/Contribute/Form/ContributionRecur.php
+++ b/CRM/Contribute/Form/ContributionRecur.php
@@ -107,6 +107,13 @@ class CRM_Contribute_Form_ContributionRecur extends CRM_Core_Form {
    */
   protected $subscriptionDetails = [];
 
+  /**
+   * Is the form being accessed by a front end user to update their own recurring.
+   *
+   * @var bool
+   */
+  protected $selfService;
+
   /**
    * Explicitly declare the entity api name.
    */
@@ -162,6 +169,10 @@ class CRM_Contribute_Form_ContributionRecur extends CRM_Core_Form {
       }
       $this->_paymentProcessorObj = $this->_paymentProcessor['object'];
     }
+    elseif ($this->_mid) {
+      $this->_paymentProcessorObj = CRM_Financial_BAO_PaymentProcessor::getProcessorForEntity($this->_mid, 'membership', 'obj');
+      $this->_paymentProcessor = $this->_paymentProcessorObj->getPaymentProcessor();
+    }
   }
 
   /**
@@ -174,6 +185,11 @@ class CRM_Contribute_Form_ContributionRecur extends CRM_Core_Form {
     elseif ($this->_coid) {
       $this->subscriptionDetails = $this->_subscriptionDetails = CRM_Contribute_BAO_ContributionRecur::getSubscriptionDetails($this->_coid, 'contribution');
     }
+    elseif ($this->_mid) {
+      $this->subscriptionDetails = CRM_Contribute_BAO_ContributionRecur::getSubscriptionDetails($this->_mid, 'membership');
+    }
+    // This is being set temporarily - we should eventually just use the getter fn.
+    $this->_subscriptionDetails = $this->subscriptionDetails;
   }
 
   /**
@@ -195,4 +211,23 @@ class CRM_Contribute_Form_ContributionRecur extends CRM_Core_Form {
     return isset($sub->contact_id) ? $sub->contact_id : FALSE;
   }
 
+  /**
+   * Is this being used by a front end user to update their own recurring.
+   *
+   * @return bool
+   */
+  protected function isSelfService() {
+    if (!is_null($this->selfService)) {
+      return $this->selfService;
+    }
+    $this->selfService = FALSE;
+    if (!CRM_Core_Permission::check('edit contributions')) {
+      if ($this->_subscriptionDetails->contact_id != $this->getContactID()) {
+        CRM_Core_Error::statusBounce(ts('You do not have permission to cancel this recurring contribution.'));
+      }
+      $this->selfService = TRUE;
+    }
+    return $this->selfService;
+  }
+
 }