}
/**
- * Check if FT-ACL is turned on or off
+ * Check if the logged in user has permission to edit the given financial type.
+ *
+ * This is called when determining if they can edit things like option values
+ * in price sets. At the moment it is not possible to change an option value from
+ * a type you do not have permission to to a type that you do.
+ *
+ * @todo it is currently not possible to edit disabled types if you have ACLs on.
+ * Do ACLs still apply once disabled? That question should be resolved if tackling
+ * that gap.
+ *
+ * @param int $financialTypeID
+ *
+ * @return bool
+ */
+ public static function checkPermissionToEditFinancialType($financialTypeID) {
+ if (!self::isACLFinancialTypeStatus()) {
+ return TRUE;
+ }
+ // @todo consider adding back in disabled types here.
+ CRM_Financial_BAO_FinancialType::getAvailableFinancialTypes($financialTypes, CRM_Core_Action::UPDATE);
+ return isset($financialTypes[$financialTypeID]);
+ }
+
+ /**
+ * Check if FT-ACL is turned on or off.
+ *
+ * @todo rename this function e.g isFinancialTypeACLsEnabled.
*
* @return bool
*/
*
* @package CRM
* @copyright CiviCRM LLC (c) 2004-2017
- * $Id$
- *
*/
/**
* Insert/update a new entry in the database.
*
* @param array $params
- * (reference), array $ids.
*
- * @param $ids
+ * @param array $ids
+ * Deprecated variable.
*
* @return CRM_Price_DAO_PriceFieldValue
*/
}
/**
- * Retrive the all values for given field id.
+ * Retrieve all values for given field id.
*
* @param int $fieldId
* Price_field_id.
public function buildQuickForm() {
if ($this->_action == CRM_Core_Action::UPDATE) {
$finTypeId = CRM_Core_DAO::getFieldValue('CRM_Price_DAO_PriceFieldValue', $this->_oid, 'financial_type_id');
- CRM_Financial_BAO_FinancialType::getAvailableFinancialTypes($financialTypes, CRM_Core_Action::UPDATE);
- if (!array_key_exists($finTypeId, $financialTypes)) {
+ if (!CRM_Financial_BAO_FinancialType::checkPermissionToEditFinancialType($finTypeId)) {
CRM_Core_Error::fatal(ts("You do not have permission to access this page"));
}
}
* @return void
*/
public function browse() {
- $customOption = array();
- CRM_Price_BAO_PriceFieldValue::getValues($this->_fid, $customOption);
+ $priceOptions = civicrm_api3('PriceFieldValue', 'get', array(
+ 'price_field_id' => $this->_fid,
+ // Explicitly do not check permissions so we are not
+ // restricted by financial type, so we can change them.
+ 'check_permissions' => FALSE,
+ ));
+ $customOption = $priceOptions['values'];
// CRM-15378 - check if these price options are in an Event price set
$isEvent = FALSE;
}
$config = CRM_Core_Config::singleton();
- $financialType = CRM_Contribute_PseudoConstant::financialType();
$taxRate = CRM_Core_PseudoConstant::getTaxRates();
// display taxTerm for priceFields
$invoiceSettings = Civi::settings()->get('contribution_invoice_settings');
$customOption[$id]['tax_amount'] = $taxAmount['tax_amount'];
}
if (!empty($values['financial_type_id'])) {
- $customOption[$id]['financial_type_id'] = $financialType[$values['financial_type_id']];
+ $customOption[$id]['financial_type_id'] = CRM_Contribute_PseudoConstant::financialType($values['financial_type_id']);
}
// update enable/disable links depending on price_field properties.
if ($this->_isSetReserved) {
--- /dev/null
+<?php
+
+/*
+ +--------------------------------------------------------------------+
+ | CiviCRM version 4.7 |
+ +--------------------------------------------------------------------+
+ | Copyright CiviCRM LLC (c) 2004-2016 |
+ +--------------------------------------------------------------------+
+ | This file is a part of CiviCRM. |
+ | |
+ | CiviCRM is free software; you can copy, modify, and distribute it |
+ | under the terms of the GNU Affero General Public License |
+ | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
+ | |
+ | CiviCRM is distributed in the hope that it will be useful, but |
+ | WITHOUT ANY WARRANTY; without even the implied warranty of |
+ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
+ | See the GNU Affero General Public License for more details. |
+ | |
+ | You should have received a copy of the GNU Affero General Public |
+ | License and the CiviCRM Licensing Exception along |
+ | with this program; if not, contact CiviCRM LLC |
+ | at info[AT]civicrm[DOT]org. If you have questions about the |
+ | GNU Affero General Public License or the licensing of CiviCRM, |
+ | see the CiviCRM license FAQ at http://civicrm.org/licensing |
+ +--------------------------------------------------------------------+
+ */
+
+/**
+ *
+ * @package CRM
+ * @copyright CiviCRM LLC (c) 2004-2016
+ */
+class CRM_Utils_Check_Component_PriceFields extends CRM_Utils_Check_Component {
+
+ /**
+ * Display warning about invalid priceFields
+ *
+ */
+ public function checkPriceFields() {
+ $sql = "SELECT DISTINCT ps.title as ps_title, ps.id as ps_id, psf.label as psf_label
+ FROM civicrm_price_set ps
+ INNER JOIN civicrm_price_field psf ON psf.price_set_id = ps.id
+ INNER JOIN civicrm_price_field_value pfv ON pfv.price_field_id = psf.id
+ LEFT JOIN civicrm_financial_type cft ON cft.id = pfv.financial_type_id
+ WHERE cft.id IS NULL OR cft.is_active = 0";
+ $dao = CRM_Core_DAO::executeQuery($sql);
+ $count = 0;
+ $html = '';
+ $messages = array();
+ while ($dao->fetch()) {
+ $count++;
+ $url = CRM_Utils_System::url('civicrm/admin/price/field', array(
+ 'reset' => 1,
+ 'action' => 'browse',
+ 'sid' => $dao->ps_id));
+ $html .= "<tr><td>$dao->ps_title</td><td>$dao->psf_label</td><td><a href='$url'>View Price Set Fields</a></td></tr>";
+ }
+ if ($count > 0) {
+ $msg = "<p>the following Price Set Fields use disabled or invalid financial types and need to be fixed if they are to still be used.<p>
+ <p><table><thead><tr><th>Price Set</th><th>Price Set Field</th><th>Action Link</th>
+ </tr></thead><tbody>
+ $html
+ </tbody></table></p>";
+ $messages[] = new CRM_Utils_Check_Message(
+ __FUNCTION__,
+ ts($msg),
+ ts('Invalid Price Fields'),
+ \Psr\Log\LogLevel::WARNING,
+ 'fa-lock'
+ );
+ }
+ return $messages;
+ }
+
+}
projects / civicrm-core.git / commitdiff