X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FCore%2FBAO%2FUserJob.php;h=a8cafe65d721dfca77dc80f5a3685fcd12f3aad5;hb=b586573164eea83a4e424f5befbce5bca0a461a1;hp=29e7a698973e4e49014a564be4fd98cc038f48a5;hpb=8b8031ef34bff9ce24ac2da1306c62c44c0750c4;p=civicrm-core.git

diff --git a/CRM/Core/BAO/UserJob.php b/CRM/Core/BAO/UserJob.php
index 29e7a69897..a8cafe65d7 100644
--- a/CRM/Core/BAO/UserJob.php
+++ b/CRM/Core/BAO/UserJob.php
@@ -20,6 +20,26 @@
  */
 class CRM_Core_BAO_UserJob extends CRM_Core_DAO_UserJob {
 
+  /**
+   * Restrict access to the relevant user.
+   *
+   * Note that it is likely we might want to permit other users such as
+   * sysadmins to access other people's user_jobs in future but it has been
+   * kept tightly restricted for initial simplicity (ie do we want to
+   * use an existing permission? a new permission ? do they require
+   * 'view all contacts' etc.
+   *
+   * @inheritDoc
+   */
+  public function addSelectWhereClause(): array {
+    $clauses = [];
+    if (!\CRM_Core_Permission::check('administer queues')) {
+      $clauses['created_id'] = '= ' . (int) CRM_Core_Session::getLoggedInContactID();
+    }
+    CRM_Utils_Hook::selectWhereClause($this, $clauses);
+    return $clauses;
+  }
+
   /**
    * Get the statuses for Import Jobs.
    *
@@ -34,11 +54,16 @@ class CRM_Core_BAO_UserJob extends CRM_Core_DAO_UserJob {
       ],
       [
         'id' => 2,
+        'name' => 'draft',
+        'label' => ts('Draft'),
+      ],
+      [
+        'id' => 3,
         'name' => 'scheduled',
         'label' => ts('Scheduled'),
       ],
       [
-        'id' => 3,
+        'id' => 4,
         'name' => 'in_progress',
         'label' => ts('In Progress'),
       ],