Move permission checks from Query & BAO to financialacl extension

diff --git a/CRM/Contribute/BAO/Contribution.php b/CRM/Contribute/BAO/Contribution.php
index a44d125fb65a89697740934e2cd20faf1c372853..4601737ae03bfd1c696a85e6558cf4795e08d9b0 100644 (file)
--- a/CRM/Contribute/BAO/Contribution.php
+++ b/CRM/Contribute/BAO/Contribution.php
@@ -1157,34 +1157,7 @@ class CRM_Contribute_BAO_Contribution extends CRM_Contribute_DAO_Contribution {
   }
 
   /**
-   * @inheritDoc
-   */
-  public function addSelectWhereClause() {
-    $whereClauses = parent::addSelectWhereClause();
-    if ($whereClauses !== []) {
-      // In this case permisssions have been applied & we assume the
-      // financialaclreport is applying these
-      // https://github.com/JMAConsulting/biz.jmaconsulting.financialaclreport/blob/master/financialaclreport.php#L107
-      return $whereClauses;
-    }
-
-    if (!CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()) {
-      return $whereClauses;
-    }
-    $types = CRM_Financial_BAO_FinancialType::getAllEnabledAvailableFinancialTypes();
-    if (empty($types)) {
-      $whereClauses['financial_type_id'] = 'IN (0)';
-    }
-    else {
-      $whereClauses['financial_type_id'] = [
-        'IN (' . implode(',', array_keys($types)) . ')',
-      ];
-    }
-    return $whereClauses;
-  }
-
-  /**
-   * @param null $status
+   * @param string $status
    * @param null $startDate
    * @param null $endDate
    *

diff --git a/CRM/Financial/BAO/FinancialType.php b/CRM/Financial/BAO/FinancialType.php
index e5489e8ff923d6b9d80c500b5e25ee9ba7f0671a..2b3d81f5ece675d1453d589758326a537ade79f2 100644 (file)
--- a/CRM/Financial/BAO/FinancialType.php
+++ b/CRM/Financial/BAO/FinancialType.php
@@ -355,11 +355,7 @@ class CRM_Financial_BAO_FinancialType extends CRM_Financial_DAO_FinancialType im
       return '';
     }
     if ($component === 'contribution') {
-      $types = array_keys(self::getAllEnabledAvailableFinancialTypes());
-      if (empty($types)) {
-        $types = [0];
-      }
-      $clauses[] = ' civicrm_contribution.financial_type_id IN (' . implode(',', $types) . ')';
+      $clauses = CRM_Contribute_BAO_Contribution::getSelectWhereClause();
     }
     if ($component === 'membership') {
       self::getAvailableMembershipTypes($types, CRM_Core_Action::VIEW);

diff --git a/ext/financialacls/financialacls.php b/ext/financialacls/financialacls.php
index ccd3722205a88ff75d02b74d03a1527d56863f86..d0b445b3baa2fcd02aaf85e87986f9d21bb32108 100644 (file)
--- a/ext/financialacls/financialacls.php
+++ b/ext/financialacls/financialacls.php
@@ -139,6 +139,7 @@ function financialacls_civicrm_selectWhereClause($entity, &$clauses) {
     case 'LineItem':
     case 'MembershipType':
     case 'ContributionRecur':
+    case 'Contribution':
       $clauses['financial_type_id'] = _financialacls_civicrm_get_type_clause();
       break;
 

diff --git a/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php b/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php
index 4c07331e88a4936a824b55b621cd9d7a68db6a15..31594b86c2fce101a46c34712cffae95a1e42f7d 100644 (file)
--- a/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php
+++ b/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php
@@ -81,7 +81,7 @@ class FinancialTypeTest extends BaseTestClass {
       'view contributions of type Member Dues',
     ]);
     $whereClause = \CRM_Financial_BAO_FinancialType::buildPermissionedClause('contribution');
-    $this->assertEquals(' civicrm_contribution.financial_type_id IN (1,2)', $whereClause);
+    $this->assertEquals('(`civicrm_contribution`.`financial_type_id` IS NULL OR (`civicrm_contribution`.`financial_type_id` IN (1,2)))', $whereClause);
     $this->setPermissions([
       'view contributions of type Donation',
       'view contributions of type Member Dues',
@@ -89,7 +89,7 @@ class FinancialTypeTest extends BaseTestClass {
     ]);
 
     $whereClause = \CRM_Financial_BAO_FinancialType::buildPermissionedClause('contribution');
-    $this->assertEquals(' civicrm_contribution.financial_type_id IN (1,4,2)', $whereClause);
+    $this->assertEquals('(`civicrm_contribution`.`financial_type_id` IS NULL OR (`civicrm_contribution`.`financial_type_id` IN (1,4,2)))', $whereClause);
   }
 
 }

diff --git a/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php b/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php
index 2f3cbcb3812a50bf406176b8e3c047bae624aa6a..0e1ef1d8705d66d3236953dd481028a581d7d88c 100644 (file)
--- a/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php
+++ b/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php
@@ -302,26 +302,4 @@ class CRM_Financial_BAO_FinancialTypeTest extends CiviUnitTestCase {
     $this->assertEquals($perm, TRUE, 'Verify that lineitems now have permission.');
   }
 
-  /**
-   * Check method testisACLFinancialTypeStatus()
-   */
-  public function testBuildPermissionedClause() {
-    $this->setACL();
-    $this->setPermissions([
-      'view contributions of type Donation',
-      'view contributions of type Member Dues',
-    ]);
-    CRM_Financial_BAO_FinancialType::buildPermissionedClause($whereClause, 'contribution');
-    $this->assertEquals($whereClause, ' civicrm_contribution.financial_type_id IN (1,2)');
-    $this->setPermissions([
-      'view contributions of type Donation',
-      'view contributions of type Member Dues',
-      'view contributions of type Event Fee',
-    ]);
-    $whereClause = NULL;
-
-    CRM_Financial_BAO_FinancialType::buildPermissionedClause($whereClause, 'contribution');
-    $this->assertEquals($whereClause, ' civicrm_contribution.financial_type_id IN (1,4,2)');
-  }
-
 }