projects / civicrm-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 65f0ca6)
Move financial type check from event register page
authorEileen McNaughton <emcnaughton@wikimedia.org>
Thu, 14 Dec 2023 07:16:41 +0000 (20:16 +1300)
committereileen <emcnaughton@wikimedia.org>
Tue, 2 Jan 2024 21:49:30 +0000 (10:49 +1300)
CRM/Event/Form/Registration.php patch | blob | blame | history
ext/financialacls/financialacls.php patch | blob | blame | history

diff --git a/CRM/Event/Form/Registration.php b/CRM/Event/Form/Registration.php
index 4d7f17f8fa039399f3be1f35156c42e11e3220cc..2f2086fc6c0501a5c1d5b487f0da6f3e15372aa0 100644 (file)
--- a/CRM/Event/Form/Registration.php
+++ b/CRM/Event/Form/Registration.php
@@ -250,13 +250,6 @@ class CRM_Event_Form_Registration extends CRM_Core_Form {
 
       // check for is_monetary status
       $isMonetary = $this->getEventValue('is_monetary');
-      // check for ability to add contributions of type
-      if ($isMonetary
-        && CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()
-        && !CRM_Core_Permission::check('add contributions of type ' . CRM_Contribute_PseudoConstant::financialType($this->_values['event']['financial_type_id']))
-      ) {
-        CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
-      }
 
       $this->checkValidEvent();
       // get the participant values, CRM-4320
diff --git a/ext/financialacls/financialacls.php b/ext/financialacls/financialacls.php
index ed0c5bf7c7995f50232647cbd169b26b6e8e63f9..494d8b58b4c148b2fb303a683fb6ae2f7d51226e 100644 (file)
--- a/ext/financialacls/financialacls.php
+++ b/ext/financialacls/financialacls.php
@@ -311,7 +311,7 @@ function _civicrm_financial_acls_check_permissioned_line_items($id, $op, $force
   $lineItems = CRM_Price_BAO_LineItem::getLineItemsByContributionID($id);
   $flag = FALSE;
   foreach ($lineItems as $items) {
-    if (!CRM_Core_Permission::check($op . ' contributions of type ' . CRM_Contribute_PseudoConstant::financialType($items['financial_type_id']), $contactID)) {
+    if (!CRM_Core_Permission::check($op . ' contributions of type ' . CRM_Core_PseudoConstant::getName('CRM_Contribute_BAO_Contribution', 'financial_type_id', $items['financial_type_id']), $contactID)) {
       if ($force) {
         throw new CRM_Core_Exception(ts('You do not have permission to access this page.'));
       }
@@ -420,7 +420,7 @@ function financialacls_civicrm_alterMenu(array &$menu): void {
 
 /**
  * @param string $formName
- * @param \CRM_Core_Form $form
+ * @param \CRM_Event_Form_Registration|\CRM_Contribute_Form_Contribution $form
  */
 function financialacls_civicrm_preProcess(string $formName, \CRM_Core_Form $form): void {
   if (!financialacls_is_acl_limiting_enabled()) {
@@ -433,6 +433,14 @@ function financialacls_civicrm_preProcess(string $formName, \CRM_Core_Form $form
     }
   }
 
+  // check for ability to add contributions of type
+  if (str_starts_with($formName, 'CRM_Event_Form_Registration_') && $form->getEventValue('is_monetary')
+    && !CRM_Core_Permission::check(
+      'add contributions of type ' . CRM_Core_PseudoConstant::getName('CRM_Contribute_BAO_Contribution', 'financial_type_id', $form->getEventValue('financial_type_id')))
+  ) {
+    CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
+  }
+
 }
 
 /**