projects
/
civicrm-core.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
75959a1
)
CRM-21393: Event checkPermission should only check the specific event, if eventId...
author
Mathieu Lutfy
<mathieu@bidon.ca>
Sat, 4 Nov 2017 03:25:00 +0000
(23:25 -0400)
committer
Mathieu Lutfy
<mathieu@bidon.ca>
Sat, 4 Nov 2017 03:25:00 +0000
(23:25 -0400)
CRM/Event/BAO/Event.php
patch
|
blob
|
blame
|
history
diff --git
a/CRM/Event/BAO/Event.php
b/CRM/Event/BAO/Event.php
index d9a653736e2843e497b5f1c146b71765eb019b1c..bdcefed7e7ab41f047e3b38c1b876e8983bc2881 100644
(file)
--- a/
CRM/Event/BAO/Event.php
+++ b/
CRM/Event/BAO/Event.php
@@
-2066,23
+2066,24
@@
WHERE ce.loc_block_id = $locBlockId";
static $permissions = NULL;
if (empty($permissions)) {
static $permissions = NULL;
if (empty($permissions)) {
- $
result = civicrm_api3('Event', 'get',
array(
+ $
params =
array(
'check_permissions' => 1,
'return' => 'title',
'options' => array(
'limit' => 0,
),
'check_permissions' => 1,
'return' => 'title',
'options' => array(
'limit' => 0,
),
- ));
+ );
+
+ if ($eventId) {
+ $params['id'] = $eventId;
+ }
+
+ $result = civicrm_api3('Event', 'get', $params);
$allEvents = CRM_Utils_Array::collect('title', $result['values']);
$allEvents = CRM_Utils_Array::collect('title', $result['values']);
- $result = civicrm_api3('Event', 'get', array(
- 'check_permissions' => 1,
- 'return' => 'title',
- 'created_id' => 'user_contact_id',
- 'options' => array(
- 'limit' => 0,
- ),
- ));
+ // Search again, but only events created by the user.
+ $params['created_id'] = 'user_contact_id';
+ $result = civicrm_api3('Event', 'get', $params);
$createdEvents = CRM_Utils_Array::collect('title', $result['values']);
// Note: for a multisite setup, a user with edit all events, can edit all events
$createdEvents = CRM_Utils_Array::collect('title', $result['values']);
// Note: for a multisite setup, a user with edit all events, can edit all events