projects / civicrm-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 95c51aa)
CRM-16496 fix - ACLs not respected when viewing custom data set on an activity when...
authormonishdeb <monish.deb@webaccessglobal.com>
Tue, 26 May 2015 22:30:39 +0000 (04:00 +0530)
committermonishdeb <monish.deb@webaccessglobal.com>
Tue, 26 May 2015 22:30:39 +0000 (04:00 +0530)
https://issues.civicrm.org/jira/browse/CRM-16496

CRM/Case/XMLProcessor/Report.php patch | blob | blame | history

diff --git a/CRM/Case/XMLProcessor/Report.php b/CRM/Case/XMLProcessor/Report.php
index 8d13730cf376e8910852cad8ef10c4b6b2b91dd8..cdbe24399eef2196d7645e519222ad0a1740b445 100644 (file)
--- a/CRM/Case/XMLProcessor/Report.php
+++ b/CRM/Case/XMLProcessor/Report.php
@@ -625,7 +625,8 @@ SELECT cg.title           as groupTitle,
 FROM   civicrm_custom_group cg,
        civicrm_custom_field cf
 WHERE  cf.custom_group_id = cg.id
-AND    cg.extends = 'Activity'";
+AND    cg.extends = 'Activity'
+AND " . CRM_Core_Permission::customGroupClause(CRM_Core_Permission::VIEW, 'cg.');
 
       if ($activityTypeID) {
         $query .= "AND ( cg.extends_entity_column_value IS NULL OR cg.extends_entity_column_value LIKE '%" . CRM_Core_DAO::VALUE_SEPARATOR . "%1" . CRM_Core_DAO::VALUE_SEPARATOR . "%' )";