$ctype = NULL,
$permissionType = CRM_Core_Permission::CREATE,
$orderBy = 'field_name',
- $orderProfiles = NULL
+ $orderProfiles = NULL,
+ $eventProfile = FALSE
) {
if (!is_array($id)) {
$id = CRM_Utils_Type::escape($id, 'Positive');
$query .= " AND g.is_active = 1";
}
+ $checkPermission = array(
+ array(
+ 'administer CiviCRM',
+ 'manage event profiles',
+ ),
+ );
+ if ($eventProfile && CRM_Core_Permission::check($checkPermission)) {
+ $skipPermission = TRUE;
+ }
+
// add permissioning for profiles only if not registration
if (!$skipPermission) {
$permissionClause = CRM_Core_Permission::ufGroupClause($permissionType, 'g.');
CRM_Core_Error::fatal(ts('Preview only supports HTTP POST'));
}
// Inline forms don't get menu-level permission checks
- if (!CRM_Core_Permission::check('administer CiviCRM')) {
+ $checkPermission = array(
+ array(
+ 'administer CiviCRM',
+ 'manage event profiles',
+ ),
+ );
+ if (!CRM_Core_Permission::check($checkPermission)) {
CRM_Core_Error::fatal(ts('Permission Denied'));
}
$content = json_decode($_REQUEST['ufData'], TRUE);
CRM_Core_Error::fatal(ts('Permission Denied'));
}
$gid = CRM_Utils_Request::retrieve('id', 'Positive');
- $fields = CRM_Core_BAO_UFGroup::getFields($gid);
+ $fields = CRM_Core_BAO_UFGroup::getFields($gid, FALSE, NULL, NULL, NULL, FALSE, NULL, FALSE, NULL, CRM_Core_Permission::CREATE, 'field_name', NULL, TRUE);
$this->setProfile($fields);
}
projects / civicrm-core.git / commitdiff