CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
}
+ if ($this->_action & CRM_Core_Action::UPDATE && !Contribution::checkAccess()
+ ->setAction('update')
+ ->addValue('id', $this->getContributionID())
+ ->execute()->first()['access']) {
+ CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
+ }
+
parent::preProcess();
$this->_formType = $_GET['formType'] ?? NULL;
]);
return;
}
-
- // FIXME: This probably needs to be done in preprocess
- if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()
- && $this->_action & CRM_Core_Action::UPDATE
- && !empty($this->_values['financial_type_id'])
- ) {
- $financialTypeID = CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id']);
- CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($this->_id, 'edit');
- if (!CRM_Core_Permission::check('edit contributions of type ' . $financialTypeID)) {
- CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
- }
- }
$allPanes = [];
//tax rate from financialType
* @copyright CiviCRM LLC https://civicrm.org/licensing
*/
+use Civi\Api4\Contribution;
+
/**
* This class provides the functionality to delete a group of contributions.
*
*
* @var bool
*/
- protected $_single = FALSE;
+ protected bool $_single = FALSE;
/**
* Build all the data structures needed to build the form.
*/
- public function preProcess() {
- //check for delete
+ public function preProcess(): void {
if (!CRM_Core_Permission::checkActionPermission('CiviContribute', CRM_Core_Action::DELETE)) {
CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
}
/**
* Build the form object.
+ *
+ * @throws \CRM_Core_Exception
*/
- public function buildQuickForm() {
+ public function buildQuickForm(): void {
$count = 0;
- if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()) {
- foreach ($this->_contributionIds as $key => $id) {
- $finTypeID = CRM_Core_DAO::getFieldValue('CRM_Contribute_DAO_Contribution', $id, 'financial_type_id');
- if (!CRM_Core_Permission::check('delete contributions of type ' . CRM_Contribute_PseudoConstant::financialType($finTypeID))) {
- unset($this->_contributionIds[$key]);
- $count++;
- }
- // Now check for lineItems
- if ($lineItems = CRM_Price_BAO_LineItem::getLineItemsByContributionID($id)) {
- foreach ($lineItems as $items) {
- if (!CRM_Core_Permission::check('delete contributions of type ' . CRM_Contribute_PseudoConstant::financialType($items['financial_type_id']))) {
- unset($this->_contributionIds[$key]);
- $count++;
- break;
- }
- }
- }
+ $this->assign('rows');
+ foreach ($this->_contributionIds as $key => $id) {
+ if (!Contribution::checkAccess()
+ ->setAction('delete')
+ ->addValue('id', $id)
+ ->execute()->first()['access']) {
+ unset($this->_contributionIds[$key]);
+ $count++;
}
}
if ($count && empty($this->_contributionIds)) {
/**
* Process the form after the input has been submitted and validated.
*/
- public function postProcess() {
+ public function postProcess(): void {
$deleted = $failed = 0;
foreach ($this->_contributionIds as $contributionId) {
if (CRM_Contribute_BAO_Contribution::deleteContribution($contributionId)) {
projects / civicrm-core.git / commitdiff