* @return array
* array of all the events that are searched
*/
- public static function &getCompleteInfo(
+ public static function getCompleteInfo(
$start = NULL,
$type = NULL,
$eventId = NULL,
// check 'view event info' permission
//@todo - per CRM-14626 we have resolved that 'view event info' means 'view ALL event info'
- // and passing in the specific permission here will short-circuit the evaluation of permission to
- // see specific events (doesn't seem relevant to this call
- // however, since this function is accessed only by a convoluted call from a joomla block function
- // it seems safer not to touch here. Suggestion is that CRM_Core_Permission::check(array or relevant permissions) would
- // be clearer & safer here
- $permissions = CRM_Core_Permission::event(CRM_Core_Permission::VIEW);
+ if (CRM_Core_Permission::check('view event info')) {
+ $permissions = TRUE;
+ }
+ else {
+ $permissions = CRM_Core_Permission::event(CRM_Core_Permission::VIEW);
+ }
while ($dao->fetch()) {
- if (!empty($permissions) && in_array($dao->event_id, $permissions)) {
+ if (!empty($permissions) && ($permissions === TRUE || in_array($dao->event_id, $permissions))) {
$info = [];
$info['uid'] = "CiviCRM_EventID_{$dao->event_id}_" . md5($config->userFrameworkBaseURL) . $url;
$email = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $gId, 'notify');
if ($email) {
//get values of corresponding profile fields for notification
- list($profileValues) = self::buildCustomDisplay($gId,
+ [$profileValues] = self::buildCustomDisplay($gId,
NULL,
$contactID,
$template,
}
public function testViewOwnEvent() {
- self::setViewOwnEventPermissions();
+ $this->setViewOwnEventPermissions();
unset(\Civi::$statics['CRM_Event_BAO_Event']['permissions']);
$permissions = CRM_Event_BAO_Event::checkPermission($this->_ownEventId, CRM_Core_Permission::VIEW);
$this->assertTrue($permissions);
}
public function testEditOwnEvent() {
- self::setViewOwnEventPermissions();
+ $this->setViewOwnEventPermissions();
unset(\Civi::$statics['CRM_Event_BAO_Event']['permissions']);
$this->_loggedInUser = CRM_Core_Session::singleton()->get('userID');
$permissions = CRM_Event_BAO_Event::checkPermission($this->_ownEventId, CRM_Core_Permission::EDIT);
*/
public function testDeleteOwnEvent() {
// Check that you can't delete your own event without "Delete in CiviEvent" permission
- self::setViewOwnEventPermissions();
+ $this->setViewOwnEventPermissions();
unset(\Civi::$statics['CRM_Event_BAO_Event']['permissions']);
$permissions = CRM_Event_BAO_Event::checkPermission($this->_ownEventId, CRM_Core_Permission::DELETE);
$this->assertFalse($permissions);
public function testDeleteOtherEventDenied() {
// FIXME: This test could be improved, but for now it checks that we can't delete if we don't have "Delete in CiviEvent"
- self::setEditAllEventPermissions();
+ $this->setEditAllEventPermissions();
unset(\Civi::$statics['CRM_Event_BAO_Event']['permissions']);
$permissions = CRM_Event_BAO_Event::checkPermission($this->_otherEventId, CRM_Core_Permission::DELETE);
$this->assertFalse($permissions);
}
+ /**
+ * Test get complete info function returns all info for contacts with view all info.
+ */
+ public function testGetCompleteInfo() {
+ $this->setupScenarioCoreACLEveryonePermittedToEvent();
+ $info = CRM_Event_BAO_Event::getCompleteInfo('20000101');
+ $this->assertEquals('Annual CiviCRM meet', $info[0]['title']);
+ $this->assertEquals('Annual CiviCRM meet', $info[1]['title']);
+ }
+
}
projects / civicrm-core.git / commitdiff