benefits: Don't allow non-members to access benefits page.

* CRM/Memberdashboard/Page/Benefits.php (CRM_Memberdashboard_Page_Benefits)
  [hasValidMembership]: New method.
  [postProcess]: Restrict POST actions to members only.
  [run]: Pass 'hasValidMembership' variable to smarty template.
* templates/CRM/Memberdashboard/Page/Benefits.tpl: Display an access
  denied page if the user is a non-member.

diff --git a/CRM/Memberdashboard/Page/Benefits.php b/CRM/Memberdashboard/Page/Benefits.php
index fc84c96e7566fae472d713c05e49621820788f4b..7d968f8fffb56ea6121b26389e6d24aa0754e459 100644 (file)
--- a/CRM/Memberdashboard/Page/Benefits.php
+++ b/CRM/Memberdashboard/Page/Benefits.php
@@ -27,17 +27,38 @@ class CRM_Memberdashboard_Page_Benefits extends CRM_Memberdashboard_Page {
     return CRM_Memberdashboard_BAO_EmailAlias::allForContact($this->contact['id']);
   }
 
+  function hasValidMembership() {
+    // Since we don't currently shut off an expired member's benefits,
+    // we only test that they have a membership, not that it is current.
+    $params = array(
+      'contact_id' => $this->contact['id']
+    );
+
+    try {
+      $result = civicrm_api3('membership', 'get', $params);
+      return $result['count'] > 0;
+    } catch (CiviCRM_API3_Exception $e) {
+      return false;
+    }
+  }
+
   function postProcess() {
     $action = $_REQUEST['action'];
 
-    switch($action) {
-      case 'add':
-        $this->add();
-        break;
+    // Short-circuit if user doesn't have a membership.
+    if($this->hasValidMembership()) {
+      switch($action) {
+        case 'add':
+          $this->add();
+          break;
 
-      case 'edit':
-        $this->edit();
-        break;
+        case 'edit':
+          $this->edit();
+          break;
+      }
+    } else {
+      CRM_Core_Session::setStatus('Only members can have email aliases',
+                                  'Error', 'error');
     }
   }
 
@@ -135,6 +156,7 @@ class CRM_Memberdashboard_Page_Benefits extends CRM_Memberdashboard_Page {
 
     $this->assign('user', $user);
     $this->assign('emailAliases', $emailAliases);
+    $this->assign('hasValidMembership', $this->hasValidMembership());
 
     parent::run();
   }

diff --git a/templates/CRM/Memberdashboard/Page/Benefits.tpl b/templates/CRM/Memberdashboard/Page/Benefits.tpl
index 8cfa196661f03a6ec8fe6a753f8304e70443d6db..607324f7cfe5eada45a23be4d0f6ffeebfd5c274 100644 (file)
--- a/templates/CRM/Memberdashboard/Page/Benefits.tpl
+++ b/templates/CRM/Memberdashboard/Page/Benefits.tpl
@@ -1,117 +1,126 @@
-<div class="header-dark">Shop Discount</div>
-
-<p>
-  Enjoy 20% off all merchandise at the
-  <a href="http://shop.fsf.org/">FSF shop</a>
-  using promotional code <strong>ASSOC</strong>
-</p>
-
-<div class="header-dark">LibrePlanet</div>
-
-<a href="http://libreplanet.org">
-  <img src="https://static.fsf.org/nosvn/big-logo.png" alt="LibrePlanet" />
-</a>
-
-<p>
-  Associate members get gratis admission to
-  <a href="http://libreplanet.org">LibrePlanet</a>,
-  the FSF's annual conference.
-</p>
-
-<p>
-  Use your FSF account to join a
-  <a href="http://libreplanet.org/">
-    local free software group at LibrePlanet.
+{if $hasValidMembership}
+  <div class="header-dark">Shop Discount</div>
+
+  <p>
+    Enjoy 20% off all merchandise at the
+    <a href="http://shop.fsf.org/">FSF shop</a>
+    using promotional code <strong>ASSOC</strong>
+  </p>
+
+  <div class="header-dark">LibrePlanet</div>
+
+  <a href="http://libreplanet.org">
+    <img src="https://static.fsf.org/nosvn/big-logo.png" alt="LibrePlanet" />
   </a>
-</p>
-
-<div class="header-dark">Jabber/XMPP</div>
-
-<p>
-  Your Jabber/XMPP account is: <strong>{$user->name}@member.fsf.org</strong>
-</p>
-
-<h3>Instructions</h3>
-
-<p>
-  Use your FSF username as the jabber username, and member.fsf.org as
-  the domain if your XMPP client supports server discovery via a DNS
-  SRV record lookup. Most XMPP clients support this. If your client
-  does not, you can use jabber.member.fsf.org as the server name. Make
-  sure to enable encryption: we support TLS on port 5222 only. Your
-  password is the same as your FSF member password.  (Please report
-  any problems you might encounter to
-  <a href="mailto:sysadmin@gnu.org">sysadmin@gnu.org</a>.)
-</p>
-
-<div class="header-dark">Email Forwarding</div>
-
-<p>
-  You may maintain up to five email aliases. Each localpart name
-  exists in the member.fsf.org domain name and can forward to one
-  email address. The localpart you request might not be available.
-</p>
-
-<p>
-  For example, a localpart of "yyz" with a forward to value of
-  "xyzzy@example.com" would cause mail sent to "yyz@member.fsf.org" to
-  be forwarded to "xyzzy@example.com".
-</p>
-
-<p>
-  Please note that it may take up to a half hour for new forwards to
-  take effect.
-</p>
-
-{if !empty($emailAliases)}
-  <form method="POST"
-        action="{crmURL p='civicrm/member-dashboard/benefits' q='action=edit'}">
-    <table>
-      <thead>
-        <tr>
-          <th>Delete</th>
-          <th>Local Part</th>
-          <th>Forward</th>
-        </tr>
-      </thead>
-      <tbody>
-        {foreach from=$emailAliases item=alias}
+
+  <p>
+    Associate members get gratis admission to
+    <a href="http://libreplanet.org">LibrePlanet</a>,
+    the FSF's annual conference.
+  </p>
+
+  <p>
+    Use your FSF account to join a
+    <a href="http://libreplanet.org/">
+      local free software group at LibrePlanet.
+    </a>
+  </p>
+
+  <div class="header-dark">Jabber/XMPP</div>
+
+  <p>
+    Your Jabber/XMPP account is: <strong>{$user->name}@member.fsf.org</strong>
+  </p>
+
+  <h3>Instructions</h3>
+
+  <p>
+    Use your FSF username as the jabber username, and member.fsf.org as
+    the domain if your XMPP client supports server discovery via a DNS
+    SRV record lookup. Most XMPP clients support this. If your client
+    does not, you can use jabber.member.fsf.org as the server name. Make
+    sure to enable encryption: we support TLS on port 5222 only. Your
+    password is the same as your FSF member password.  (Please report
+    any problems you might encounter to
+    <a href="mailto:sysadmin@gnu.org">sysadmin@gnu.org</a>.)
+  </p>
+
+  <div class="header-dark">Email Forwarding</div>
+
+  <p>
+    You may maintain up to five email aliases. Each localpart name
+    exists in the member.fsf.org domain name and can forward to one
+    email address. The localpart you request might not be available.
+  </p>
+
+  <p>
+    For example, a localpart of "yyz" with a forward to value of
+    "xyzzy@example.com" would cause mail sent to "yyz@member.fsf.org" to
+    be forwarded to "xyzzy@example.com".
+  </p>
+
+  <p>
+    Please note that it may take up to a half hour for new forwards to
+    take effect.
+  </p>
+
+  {if !empty($emailAliases)}
+    <form method="POST"
+          action="{crmURL p='civicrm/member-dashboard/benefits' q='action=edit'}">
+      <table>
+        <thead>
           <tr>
-            <td>
-              <input type="checkbox" name="delete[{$alias->id}]" value="delete" />
-              <input type="hidden" name="ids[]" value="{$alias->id}" />
-            </td>
-            <td>
-              <input type="text" name="localparts[]" value="{$alias->localpart}" />
-            </td>
-            <td>
-              <input type="text" name="forwards[]" value="{$alias->forward}" />
-            </td>
+            <th>Delete</th>
+            <th>Local Part</th>
+            <th>Forward</th>
           </tr>
-        {/foreach}
-      </tbody>
-    </table>
+        </thead>
+        <tbody>
+          {foreach from=$emailAliases item=alias}
+            <tr>
+              <td>
+                <input type="checkbox" name="delete[{$alias->id}]" value="delete" />
+                <input type="hidden" name="ids[]" value="{$alias->id}" />
+              </td>
+              <td>
+                <input type="text" name="localparts[]" value="{$alias->localpart}" />
+              </td>
+              <td>
+                <input type="text" name="forwards[]" value="{$alias->forward}" />
+              </td>
+            </tr>
+          {/foreach}
+        </tbody>
+      </table>
+
+      <input class="crm-form-submit default" type="submit" value="Save" />
+    </form>
+  {/if}
+
+  <h3>Add New Alias</h3>
 
-    <input class="crm-form-submit default" type="submit" value="Save" />
+  <form method="POST"
+        action="{crmURL p='civicrm/member-dashboard/benefits' q='action=add'}">
+    <label for="localpart">Local part</label>
+    <input type="text" name="localpart" />
+    <label for="forward">Forward</label>
+    <input type="text" name="forward" />
+    <input class="crm-form-submit default" type="submit" value="Add" />
   </form>
-{/if}
-
-<h3>Add New Alias</h3>
-
-<form method="POST"
-      action="{crmURL p='civicrm/member-dashboard/benefits' q='action=add'}">
-  <label for="localpart">Local part</label>
-  <input type="text" name="localpart" />
-  <label for="forward">Forward</label>
-  <input type="text" name="forward" />
-  <input class="crm-form-submit default" type="submit" value="Add" />
-</form>
 
-<div class="header-dark">Member Forums</div>
-
-<p>
-  Post and participate in our
-  <a href="https://my.fsf.org/associate/forum">
-    Members-Only Forums
-  </a>
-</p>
+  <div class="header-dark">Member Forums</div>
+
+  <p>
+    Post and participate in our
+    <a href="https://my.fsf.org/associate/forum">
+      Members-Only Forums
+    </a>
+  </p>
+{else}
+  <div class="header-dark">Members Only</div>
+
+  <p>
+    Only FSF Associate Members can access this page.
+    <a href="https://fsf.org/join">Become an FSF Associate Member today!</a>
+  </p>
+{/if}