From: Samuel Vanhove <samuel@symbiotic.coop>
Date: Mon, 6 Jun 2016 00:07:38 +0000 (-0400)
Subject: CRM-17310 - simplification
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=92991cafdd5a35b4907f9bdb1d9d648c80cfb113;p=civicrm-core.git

CRM-17310 - simplification
---

diff --git a/CRM/Core/BAO/Navigation.php b/CRM/Core/BAO/Navigation.php
index ed189576a2..08c345ef25 100644
--- a/CRM/Core/BAO/Navigation.php
+++ b/CRM/Core/BAO/Navigation.php
@@ -604,13 +604,6 @@ ORDER BY parent_id, weight";
             return $showItem;
           }
         }
-        // CRM-17310 my reports allow people with access own reports to see the report if it is theirs.
-        elseif ($key == 'access own private reports') {
-          // Special permission processing for private reports.
-          $report_url = parse_url(ltrim($url, '/'));
-          $instance_id = CRM_Report_Utils_Report::getInstanceID($report_url['path']);
-          $hasPermission = $showItem = CRM_Report_BAO_ReportInstance::contactIsOwner($instance_id);
-        }
         else {
           $hasPermission = TRUE;
         }
diff --git a/CRM/Report/Form.php b/CRM/Report/Form.php
index aeb5720d2d..3c519aa727 100644
--- a/CRM/Report/Form.php
+++ b/CRM/Report/Form.php
@@ -624,6 +624,15 @@ class CRM_Report_Form extends CRM_Core_Form {
       }
     }
 
+    // Special permissions check for private instance if it's not the current contact instance
+    if (CRM_Report_BAO_ReportInstance::reportIsPrivate($this->_id) &&
+      !CRM_Report_BAO_ReportInstance::contactIsOwner($this->_id)) {
+      if (!CRM_Core_Permission::check('access all private reports')) {
+        $this->_instanceForm = FALSE;
+        $this->assign('criteriaForm', FALSE);
+      }
+    }
+
     $this->_instanceButtonName = $this->getButtonName('submit', 'save');
     $this->_createNewButtonName = $this->getButtonName('submit', 'next');
     $this->_printButtonName = $this->getButtonName('submit', 'print');
diff --git a/CRM/Report/Form/Instance.php b/CRM/Report/Form/Instance.php
index 2c14372e95..f0c0846a2f 100644
--- a/CRM/Report/Form/Instance.php
+++ b/CRM/Report/Form/Instance.php
@@ -368,8 +368,6 @@ class CRM_Report_Form_Instance {
     // it seems to be not set at all if unchecked.
     if (!empty($formValues['add_to_my_reports'])) {
       $params['owner_id'] = CRM_Core_Session::singleton()->getLoggedInContactID();
-      $params['permission'] = 'access own private reports';
-      $params['grouprole'] = array();
     }
     else {
       $params['owner_id'] = 'null';
diff --git a/CRM/Report/Info.php b/CRM/Report/Info.php
index 6f4ee789c4..f38adcaf47 100644
--- a/CRM/Report/Info.php
+++ b/CRM/Report/Info.php
@@ -87,13 +87,9 @@ class CRM_Report_Info extends CRM_Core_Component_Info {
         ts('access Report Criteria'),
         ts('Change report search criteria'),
       ),
-      'access own private reports' => array(
-        ts('access own private reports'),
-        ts('Access reports owned by the contact'),
-      ),
-      'access all private reports' => array(
-        ts('access all private reports'),
-        ts('Access all private reports'),
+      'administer private reports' => array(
+        ts('administer private reports'),
+        ts('Edit all private reports'),
       ),
       'administer reserved reports' => array(
         ts('administer reserved reports'),