*/
protected function validateAuthenticatedCheckSumContactID(?int $contactID): int {
$userChecksum = CRM_Utils_Request::retrieve('cs', 'String', $this);
- if ($userChecksum && CRM_Contact_BAO_Contact_Utils::validChecksum($requestedContactID, $userChecksum)) {
- return $requestedContactID;
+ if ($userChecksum && CRM_Contact_BAO_Contact_Utils::validChecksum($contactID, $userChecksum)) {
+ return $contactID;
}
return 0;
}
$this->_event_id = $this->_part_values['event_id'];
$url = CRM_Utils_System::url('civicrm/event/info', "reset=1&id={$this->_event_id}");
$this->define('Contact', 'ContactFrom', ['id' => (int) $this->_part_values['participant_contact_id']]);
- if (!$this->validateAuthenticatedCheckSumContactID($this->getDefinition('ContactFrom')['id']) && !CRM_Core_Permission::check('edit all events')) {
+ if (!$this->validateAuthenticatedCheckSumContactID($this->lookup('ContactFrom', 'id')) && !CRM_Core_Permission::check('edit all events')) {
CRM_Core_Error::statusBounce(ts('You do not have sufficient permission to transfer/cancel this participant.'), $url);
}
$this->assign('action', $this->_action);
}
// for front-end user show and use the basic three fields used to create a contact
else {
- $this->add('text', 'email', ts('To Email'), $this->lookup('ContactFrom', 'email_primary.email'), TRUE);
- $this->add('text', 'last_name', ts('To Last Name'), $this->_to_contact_last_name, TRUE);
- $this->add('text', 'first_name', ts('To First Name'), $this->_to_contact_first_name, TRUE);
+ $this->add('text', 'email', ts('To Email'), NULL, TRUE);
+ $this->add('text', 'last_name', ts('To Last Name'), NULL, TRUE);
+ $this->add('text', 'first_name', ts('To First Name'), NULL, TRUE);
+ $this->setDefaults([
+ 'email' => $this->lookup('ContactFrom', 'email_primary.email'),
+ 'last_name' => $this->_to_contact_last_name,
+ 'first_name' => $this->_to_contact_first_name,
+ ]);
}
$this->addButtons([
$this->assertStringContainsString('fixme.domainemail@example.org', $emails[1]);
}
+ /**
+ * Test Transfer as anonymous
+ */
+ public function testTransferAnonymous(): void {
+ CRM_Core_Session::singleton()->getStatus(TRUE);
+ $event = $this->eventCreateUnpaid(['start_date' => date('Ymd', strtotime('+2 month')), 'end_date' => date('Ymd', strtotime('+2 month')), 'registration_end_date' => date('Ymd', strtotime('+1 month')), 'allow_selfcancelxfer' => 1]);
+ $_REQUEST['pid'] = $this->participantCreate(['status_id' => 'Registered', 'event_id' => $event['id']]);
+ $_REQUEST['cs'] = CRM_Contact_BAO_Contact_Utils::generateChecksum($this->callAPISuccess('Participant', 'getsingle', ['id' => $_REQUEST['pid']])['contact_id']);
+ $_REQUEST['is_backoffice'] = 0;
+ $this->addLocationBlockToDomain();
+ $this->individualCreate(['email' => 'new2@example.org']);
+ CRM_Core_Config::singleton()->userPermissionClass->permissions = [];
+ /** @var CRM_Event_Form_SelfSvcTransfer $form*/
+ $form = $this->getFormObject('CRM_Event_Form_SelfSvcTransfer', [
+ 'first_name' => 'test',
+ 'last_name' => 'selftransfer',
+ 'email' => 'new2@example.org',
+ ]);
+ $form->buildForm();
+ try {
+ $form->postProcess();
+ }
+ catch (CRM_Core_Exception_PrematureExitException $e) {
+ $this->assertEquals('Registration Transferred', CRM_Core_Session::singleton()->getStatus()[1]['title']);
+ }
+ }
+
}
projects / civicrm-core.git / commitdiff