From: Pratik Joshi Date: Mon, 3 Jun 2013 14:54:19 +0000 (+0530) Subject: CRM-12747 : component access permission defining way for end developer X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=4e54c34839c83d27f9889b65e6ed7a0820aa65d8;p=civicrm-core.git CRM-12747 : component access permission defining way for end developer --- diff --git a/CRM/Contact/Form/Search/Custom.php b/CRM/Contact/Form/Search/Custom.php index 97c8f773b8..dec43979e6 100644 --- a/CRM/Contact/Form/Search/Custom.php +++ b/CRM/Contact/Form/Search/Custom.php @@ -81,6 +81,12 @@ class CRM_Contact_Form_Search_Custom extends CRM_Contact_Form_Search { // instantiate the new class $this->_customClass = new $this->_customSearchClass( $this->_formValues ); + + // CRM-12747 + if (isset($this->_customClass->_permissionedComponent) && + !self::isPermissioned($this->_customClass->_permissionedComponent)) { + CRM_Utils_System::permissionDenied(); + } } function setDefaultValues() { @@ -132,5 +138,23 @@ class CRM_Contact_Form_Search_Custom extends CRM_Contact_Form_Search { public function getTitle() { return ts('Custom Search'); } -} + function isPermissioned($components) { + if (empty($components)) { + return TRUE; + } + if (is_array($components)) { + foreach ($components as $component) { + if (!CRM_Core_Permission::access($component)) { + return FALSE; + } + } + } + else { + if (!CRM_Core_Permission::access($components)) { + return FALSE; + } + } + return TRUE; + } +} \ No newline at end of file diff --git a/CRM/Contact/Form/Search/Custom/ContribSYBNT.php b/CRM/Contact/Form/Search/Custom/ContribSYBNT.php index 515698b20e..7390e5be2e 100644 --- a/CRM/Contact/Form/Search/Custom/ContribSYBNT.php +++ b/CRM/Contact/Form/Search/Custom/ContribSYBNT.php @@ -34,8 +34,12 @@ */ class CRM_Contact_Form_Search_Custom_ContribSYBNT implements CRM_Contact_Form_Search_Interface { - protected $_formValues; function __construct(&$formValues) { + protected $_formValues; + public $_permissionedComponent; + + function __construct(&$formValues) { $this->_formValues = $formValues; + $this->_permissionedComponent = 'CiviContribute'; $this->_columns = array( ts('Contact Id') => 'contact_id', diff --git a/CRM/Contact/Form/Search/Custom/ContributionAggregate.php b/CRM/Contact/Form/Search/Custom/ContributionAggregate.php index 7552ca6152..7937845d2f 100644 --- a/CRM/Contact/Form/Search/Custom/ContributionAggregate.php +++ b/CRM/Contact/Form/Search/Custom/ContributionAggregate.php @@ -34,18 +34,24 @@ */ class CRM_Contact_Form_Search_Custom_ContributionAggregate implements CRM_Contact_Form_Search_Interface { - protected $_formValues; function __construct(&$formValues) { - $this->_formValues = $formValues; + protected $_formValues; + public $_permissionedComponent; + function __construct(&$formValues) { + $this->_formValues = $formValues; /** * Define the columns for search result rows */ + $this->_columns = array( ts('Contact Id') => 'contact_id', ts('Name') => 'sort_name', ts('Donation Count') => 'donation_count', ts('Donation Amount') => 'donation_amount', ); + + // define component access permission needed + $this->_permissionedComponent = 'CiviContribute'; } function buildForm(&$form) { diff --git a/CRM/Contact/Form/Search/Custom/EventAggregate.php b/CRM/Contact/Form/Search/Custom/EventAggregate.php index e7435082b0..b7b86ca725 100644 --- a/CRM/Contact/Form/Search/Custom/EventAggregate.php +++ b/CRM/Contact/Form/Search/Custom/EventAggregate.php @@ -34,8 +34,12 @@ */ class CRM_Contact_Form_Search_Custom_EventAggregate extends CRM_Contact_Form_Search_Custom_Base implements CRM_Contact_Form_Search_Interface { - protected $_formValues; function __construct(&$formValues) { + protected $_formValues; + public $_permissionedComponent; + + function __construct(&$formValues) { $this->_formValues = $formValues; + $this->_permissionedComponent = array('CiviContribute', 'CiviEvent'); /** * Define the columns for search result rows diff --git a/CRM/Contact/Form/Search/Custom/PriceSet.php b/CRM/Contact/Form/Search/Custom/PriceSet.php index dc3fe40148..cf3141ba4e 100644 --- a/CRM/Contact/Form/Search/Custom/PriceSet.php +++ b/CRM/Contact/Form/Search/Custom/PriceSet.php @@ -36,7 +36,10 @@ class CRM_Contact_Form_Search_Custom_PriceSet extends CRM_Contact_Form_Search_Cu protected $_eventID = NULL; - protected $_tableName = NULL; function __construct(&$formValues) { + protected $_tableName = NULL; + public $_permissionedComponent; + + function __construct(&$formValues) { parent::__construct($formValues); $this->_eventID = CRM_Utils_Array::value('event_id', @@ -47,9 +50,11 @@ class CRM_Contact_Form_Search_Custom_PriceSet extends CRM_Contact_Form_Search_Cu if ($this->_eventID) { $this->buildTempTable(); - $this->fillTable(); } + + // define component access permission needed + $this->_permissionedComponent = 'CiviEvent'; } function __destruct() { diff --git a/CRM/Contact/Form/Search/Custom/TagContributions.php b/CRM/Contact/Form/Search/Custom/TagContributions.php index 5b24abfc9a..da25978466 100644 --- a/CRM/Contact/Form/Search/Custom/TagContributions.php +++ b/CRM/Contact/Form/Search/Custom/TagContributions.php @@ -34,8 +34,12 @@ */ class CRM_Contact_Form_Search_Custom_TagContributions implements CRM_Contact_Form_Search_Interface { - protected $_formValues; function __construct(&$formValues) { + protected $_formValues; + public $_permissionedComponent; + + function __construct(&$formValues) { $this->_formValues = $formValues; + $this->_permissionedComponent = 'CiviContribute'; /** * Define the columns for search result rows