CRM-12569 permission activity links and tasks more accurately

diff --git a/CRM/Activity/Selector/Activity.php b/CRM/Activity/Selector/Activity.php
index ff5c3c3d0c8f1dfd82294cde59060ca1df4b11a1..0a92ca5b719fad465ecda31bcabe4973019c7faf 100644 (file)
--- a/CRM/Activity/Selector/Activity.php
+++ b/CRM/Activity/Selector/Activity.php
@@ -209,11 +209,13 @@ class CRM_Activity_Selector_Activity extends CRM_Core_Selector_Base implements C
       elseif ($activityTypeName == 'Print PDF Letter') {
         $updateUrl = 'civicrm/activity/pdf/add';
       }
-      $actionLinks += array(CRM_Core_Action::UPDATE => array('name' => ts('Edit'),
-        'url' => $updateUrl,
-        'qs' => $qsUpdate,
-        'title' => ts('Update Activity'),
-      ));
+      if ( CRM_Activity_BAO_Activity::checkPermission($activityId, CRM_Core_Action::UPDATE) ) {
+        $actionLinks += array(CRM_Core_Action::UPDATE => array('name' => ts('Edit'),
+          'url' => $updateUrl,
+          'qs' => $qsUpdate,
+          'title' => ts('Update Activity'),
+        ));
+      }
     }
 
     if (

diff --git a/CRM/Activity/Task.php b/CRM/Activity/Task.php
index 09745c23d3ffd159eccfbdc9f7fc33117d03fa1b..073cd0024a11c62dfef711784dc6202ce5624d68 100644 (file)
--- a/CRM/Activity/Task.php
+++ b/CRM/Activity/Task.php
@@ -110,10 +110,13 @@ class CRM_Activity_Task {
 
       $config = CRM_Core_Config::singleton();
       if (in_array('CiviCase', $config->enableComponents)) {
-        self::$_tasks[6] = array('title' => ts('File on Case'),
-          'class' => 'CRM_Activity_Form_Task_FileOnCase',
-          'result' => FALSE,
-        );
+        if ( CRM_Core_Permission::check('access all cases and activities') ||
+          CRM_Core_Permission::check('access my cases and activities') ) {
+          self::$_tasks[6] = array('title' => ts('File on Case'),
+            'class' => 'CRM_Activity_Form_Task_FileOnCase',
+            'result' => FALSE,
+          );
+        }
       }
 
       //CRM-4418, check for delete