CRM-12675 - Hide Contribution activities from users without Access CiviContribute...

----------------------------------------
* CRM-12675: Contribution activities shown to users without permission
  https://issues.civicrm.org/jira/browse/CRM-12675

diff --git a/CRM/Activity/Form/Task.php b/CRM/Activity/Form/Task.php
index e1c8ec08d22a16ecc0c2d65832ae496dbe6fb7ed..13819f62124b5e04e1dbcebb4ad07d737c0c5439 100644 (file)
--- a/CRM/Activity/Form/Task.php
+++ b/CRM/Activity/Form/Task.php
@@ -113,7 +113,14 @@ class CRM_Activity_Form_Task extends CRM_Core_Form {
       );
       $query->_distinctComponentClause = '( civicrm_activity.id )';
       $query->_groupByComponentClause = " GROUP BY civicrm_activity.id ";
-      $result = $query->searchQuery(0, 0, NULL);
+
+      // CRM-12675
+      $activityClause = NULL;
+      if (! CRM_Core_Permission::check('access CiviContribute')) {
+        $activityClause = ' (activity_type.component_id IS NULL OR activity_type.component_id <> 2) ';
+      }
+
+      $result = $query->searchQuery(0, 0, NULL, FALSE, FALSE, FALSE, FALSE, FALSE, $activityClause);
 
       while ($result->fetch()) {
         if (!empty($result->activity_id)) {

diff --git a/CRM/Activity/Selector/Search.php b/CRM/Activity/Selector/Search.php
index 2609ea2b58a7d2616b60addc3d87e6173325fcd8..34318a2068f33d927935c23e8bf28434ef61928b 100644 (file)
--- a/CRM/Activity/Selector/Search.php
+++ b/CRM/Activity/Selector/Search.php
@@ -173,6 +173,17 @@ class CRM_Activity_Selector_Search extends CRM_Core_Selector_Base implements CRM
 
     $this->_activityClause = $activityClause;
 
+    // CRM-12675
+    if (! CRM_Core_Permission::check('access CiviContribute')) {
+      $componentRestriction = ' (activity_type.component_id IS NULL OR activity_type.component_id <> 2) ';
+      if (empty($this->_activityClause)) {
+        $this->_activityClause = $componentRestriction;
+      }
+      else {
+        $this->_activityClause .= ' AND ' . $componentRestriction;
+      }
+    }
+
     // type of selector
     $this->_action = $action;
     $this->_query = new CRM_Contact_BAO_Query($this->_queryParams,

diff --git a/CRM/Report/Form/Activity.php b/CRM/Report/Form/Activity.php
index d3bbdfb13fb5f95d2de60e577dc209b9b803419b..49f33103b859c298b00e6c5ceda8b53f18d20af2 100644 (file)
--- a/CRM/Report/Form/Activity.php
+++ b/CRM/Report/Form/Activity.php
@@ -597,6 +597,11 @@ class CRM_Report_Form_Activity extends CRM_Report_Form {
       }
     }
 
+    // CRM-12675
+    if (! CRM_Core_Permission::check('access CiviContribute')) {
+      $clauses[] = " ({$this->_aliases['civicrm_option_value']}.component_id IS NULL OR {$this->_aliases['civicrm_option_value']}.component_id <> 2) ";
+    }
+
     if (empty($clauses)) {
       $this->_where .= " ";
     }