From: eileen Date: Tue, 10 Dec 2019 01:02:32 +0000 (+1300) Subject: Swap out fatal for statusBounce for disabled or unpermittted forms X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=beb414cc7add512f563d90bf05c1bc4d653470c4;p=civicrm-core.git Swap out fatal for statusBounce for disabled or unpermittted forms I have deliberately left copy editing & translate out of scope & focussed on a specific narrow pattern --- diff --git a/CRM/Activity/Form/ActivityView.php b/CRM/Activity/Form/ActivityView.php index f87b928126..422e30eef3 100644 --- a/CRM/Activity/Form/ActivityView.php +++ b/CRM/Activity/Form/ActivityView.php @@ -33,7 +33,7 @@ class CRM_Activity_Form_ActivityView extends CRM_Core_Form { if ($activityId && !CRM_Activity_BAO_Activity::checkPermission($activityId, CRM_Core_Action::VIEW) ) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } $session = CRM_Core_Session::singleton(); diff --git a/CRM/Admin/Form/Options.php b/CRM/Admin/Form/Options.php index 0f7db78109..48f0d9ac87 100644 --- a/CRM/Admin/Form/Options.php +++ b/CRM/Admin/Form/Options.php @@ -94,7 +94,7 @@ class CRM_Admin_Form_Options extends CRM_Admin_Form { if ($this->_id && in_array($this->_gName, CRM_Core_OptionGroup::$_domainIDGroups)) { $domainID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_OptionValue', $this->_id, 'domain_id', 'id'); if (CRM_Core_Config::domainID() != $domainID) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } } } diff --git a/CRM/Admin/Page/ScheduleReminders.php b/CRM/Admin/Page/ScheduleReminders.php index dc25733ccc..524031760e 100644 --- a/CRM/Admin/Page/ScheduleReminders.php +++ b/CRM/Admin/Page/ScheduleReminders.php @@ -113,12 +113,14 @@ class CRM_Admin_Page_ScheduleReminders extends CRM_Core_Page_Basic { * Browse all Scheduled Reminders settings. * * @param null $action + * + * @throws \CRM_Core_Exception */ public function browse($action = NULL) { //CRM-16777: Do not permit access to user, for page 'Administer->Communication->Schedule Reminder', //when do not have 'administer CiviCRM' permission. if (!CRM_Core_Permission::check('administer CiviCRM')) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } // Get list of configured reminders diff --git a/CRM/Campaign/Form/Petition/Signature.php b/CRM/Campaign/Form/Petition/Signature.php index eed5321e93..580c784286 100644 --- a/CRM/Campaign/Form/Petition/Signature.php +++ b/CRM/Campaign/Form/Petition/Signature.php @@ -171,7 +171,7 @@ class CRM_Campaign_Form_Petition_Signature extends CRM_Core_Form { CRM_Core_Error::fatal('Petition doesn\'t exist.'); } if ($this->petition['is_active'] == 0) { - CRM_Core_Error::fatal('Petition is no longer active.'); + CRM_Core_Error::statusBounce('Petition is no longer active.'); } //get userID from session diff --git a/CRM/Campaign/Form/SurveyType.php b/CRM/Campaign/Form/SurveyType.php index f6b37abe46..85a3ff3ba3 100644 --- a/CRM/Campaign/Form/SurveyType.php +++ b/CRM/Campaign/Form/SurveyType.php @@ -44,6 +44,8 @@ class CRM_Campaign_Form_SurveyType extends CRM_Admin_Form { /** * Set variables up before form is built. + * + * @throws \CRM_Core_Exception */ public function preProcess() { $this->_action = CRM_Utils_Request::retrieve('action', 'String', $this); @@ -66,7 +68,7 @@ class CRM_Campaign_Form_SurveyType extends CRM_Admin_Form { if ($this->_id && in_array($this->_gName, CRM_Core_OptionGroup::$_domainIDGroups)) { $domainID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_OptionValue', $this->_id, 'domain_id', 'id'); if (CRM_Core_Config::domainID() != $domainID) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } } } diff --git a/CRM/Case/Form/ActivityView.php b/CRM/Case/Form/ActivityView.php index 9d4da77198..6193357e08 100644 --- a/CRM/Case/Form/ActivityView.php +++ b/CRM/Case/Form/ActivityView.php @@ -37,7 +37,7 @@ class CRM_Case_Form_ActivityView extends CRM_Core_Form { if ($activityID && !CRM_Activity_BAO_Activity::checkPermission($activityID, CRM_Core_Action::VIEW) ) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } $this->assign('contactID', $contactID); diff --git a/CRM/Case/Form/Search.php b/CRM/Case/Form/Search.php index 22eb6e404c..e682068121 100644 --- a/CRM/Case/Form/Search.php +++ b/CRM/Case/Form/Search.php @@ -62,7 +62,7 @@ class CRM_Case_Form_Search extends CRM_Core_Form_Search { //check for civicase access. if (!CRM_Case_BAO_Case::accessCiviCase()) { - CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); + CRM_Core_Error::statusBounce(ts('You are not authorized to access this page.')); } //validate case configuration. diff --git a/CRM/Case/Form/Task/Delete.php b/CRM/Case/Form/Task/Delete.php index 5b82fd731e..93909b58eb 100644 --- a/CRM/Case/Form/Task/Delete.php +++ b/CRM/Case/Form/Task/Delete.php @@ -37,10 +37,12 @@ class CRM_Case_Form_Task_Delete extends CRM_Case_Form_Task { /** * Build all the data structures needed to build the form. + * + * @throws \CRM_Core_Exception */ public function preProcess() { if (!CRM_Core_Permission::checkActionPermission('CiviCase', CRM_Core_Action::DELETE)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } parent::preProcess(); } diff --git a/CRM/Case/Page/DashBoard.php b/CRM/Case/Page/DashBoard.php index 5a2d22c304..856837855a 100644 --- a/CRM/Case/Page/DashBoard.php +++ b/CRM/Case/Page/DashBoard.php @@ -30,7 +30,7 @@ class CRM_Case_Page_DashBoard extends CRM_Core_Page { public function preProcess() { //check for civicase access. if (!CRM_Case_BAO_Case::accessCiviCase()) { - CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); + CRM_Core_Error::statusBounce(ts('You are not authorized to access this page.')); } //validate case configuration. diff --git a/CRM/Case/Page/Tab.php b/CRM/Case/Page/Tab.php index bcecfe10e1..e89132c3de 100644 --- a/CRM/Case/Page/Tab.php +++ b/CRM/Case/Page/Tab.php @@ -53,7 +53,7 @@ class CRM_Case_Page_Tab extends CRM_Core_Page { if (!CRM_Core_Permission::check('access all cases and activities')) { $userCases = CRM_Case_BAO_Case::getCases(FALSE, ['type' => 'any']); if (!array_key_exists($this->_id, $userCases)) { - CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); + CRM_Core_Error::statusBounce(ts('You are not authorized to access this page.')); } } } diff --git a/CRM/Contact/Page/View/UserDashBoard.php b/CRM/Contact/Page/View/UserDashBoard.php index c7938aff49..538dbd9bf1 100644 --- a/CRM/Contact/Page/View/UserDashBoard.php +++ b/CRM/Contact/Page/View/UserDashBoard.php @@ -62,7 +62,7 @@ class CRM_Contact_Page_View_UserDashBoard extends CRM_Core_Page { } elseif ($this->_contactId != $userID && !$validUser) { if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::VIEW)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this contact.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this contact.')); } if (!CRM_Contact_BAO_Contact_Permission::allow($this->_contactId, CRM_Core_Permission::EDIT)) { $this->_edit = FALSE; diff --git a/CRM/Contribute/Form/Contribution.php b/CRM/Contribute/Form/Contribution.php index 880dd56e71..49e580d30f 100644 --- a/CRM/Contribute/Form/Contribution.php +++ b/CRM/Contribute/Form/Contribution.php @@ -215,8 +215,7 @@ class CRM_Contribute_Form_Contribution extends CRM_Contribute_Form_AbstractEditP public function preProcess() { // Check permission for action. if (!CRM_Core_Permission::checkActionPermission('CiviContribute', $this->_action)) { - // @todo replace with throw new CRM_Core_Exception(). - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } parent::preProcess(); @@ -481,7 +480,7 @@ class CRM_Contribute_Form_Contribution extends CRM_Contribute_Form_AbstractEditP $financialTypeID = CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id']); CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($this->_id, 'edit'); if (!CRM_Core_Permission::check('edit contributions of type ' . $financialTypeID)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } } $allPanes = []; diff --git a/CRM/Contribute/Form/ContributionBase.php b/CRM/Contribute/Form/ContributionBase.php index 0eaf2fbb0e..59670755be 100644 --- a/CRM/Contribute/Form/ContributionBase.php +++ b/CRM/Contribute/Form/ContributionBase.php @@ -296,7 +296,7 @@ class CRM_Contribute_Form_ContributionBase extends CRM_Core_Form { if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus() && !CRM_Core_Permission::check('add contributions of type ' . CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id'])) ) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } if (empty($this->_values['is_active'])) { throw new CRM_Contribute_Exception_InactiveContributionPageException(ts('The page you requested is currently unavailable.'), $this->_id); diff --git a/CRM/Contribute/Form/ContributionPage.php b/CRM/Contribute/Form/ContributionPage.php index 95132b675c..1373abedca 100644 --- a/CRM/Contribute/Form/ContributionPage.php +++ b/CRM/Contribute/Form/ContributionPage.php @@ -136,7 +136,7 @@ class CRM_Contribute_Form_ContributionPage extends CRM_Core_Form { if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus() && $this->_action & CRM_Core_Action::UPDATE) { $financialTypeID = CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id']); if (!CRM_Core_Permission::check('edit contributions of type ' . $financialTypeID)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } } diff --git a/CRM/Contribute/Form/ContributionPage/Delete.php b/CRM/Contribute/Form/ContributionPage/Delete.php index 7a3182b140..89c0f16c04 100644 --- a/CRM/Contribute/Form/ContributionPage/Delete.php +++ b/CRM/Contribute/Form/ContributionPage/Delete.php @@ -43,7 +43,7 @@ class CRM_Contribute_Form_ContributionPage_Delete extends CRM_Contribute_Form_Co //check for delete if (!CRM_Core_Permission::checkActionPermission('CiviContribute', $this->_action)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } $dao = new CRM_Contribute_DAO_Contribution(); diff --git a/CRM/Contribute/Form/Task/Delete.php b/CRM/Contribute/Form/Task/Delete.php index e9d5b0dc71..1b8aa33f98 100644 --- a/CRM/Contribute/Form/Task/Delete.php +++ b/CRM/Contribute/Form/Task/Delete.php @@ -36,7 +36,7 @@ class CRM_Contribute_Form_Task_Delete extends CRM_Contribute_Form_Task { public function preProcess() { //check for delete if (!CRM_Core_Permission::checkActionPermission('CiviContribute', CRM_Core_Action::DELETE)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } parent::preProcess(); } diff --git a/CRM/Core/Page/Basic.php b/CRM/Core/Page/Basic.php index 3c4b9089b9..0b784e25cd 100644 --- a/CRM/Core/Page/Basic.php +++ b/CRM/Core/Page/Basic.php @@ -170,7 +170,7 @@ abstract class CRM_Core_Page_Basic extends CRM_Core_Page { if ($id) { if (!$this->checkPermission($id, NULL)) { - CRM_Core_Error::fatal(ts('You do not have permission to make changes to the record')); + CRM_Core_Error::statusBounce(ts('You do not have permission to make changes to the record')); } } diff --git a/CRM/Dashlet/Page/AllCases.php b/CRM/Dashlet/Page/AllCases.php index 91f3c74054..b321c67c2c 100644 --- a/CRM/Dashlet/Page/AllCases.php +++ b/CRM/Dashlet/Page/AllCases.php @@ -34,7 +34,7 @@ class CRM_Dashlet_Page_AllCases extends CRM_Core_Page { //check for civicase access. if (!CRM_Case_BAO_Case::accessCiviCase()) { - CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); + CRM_Core_Error::statusBounce(ts('You are not authorized to access this page.')); } $controller = new CRM_Core_Controller_Simple('CRM_Case_Form_Search', diff --git a/CRM/Dashlet/Page/CaseDashboard.php b/CRM/Dashlet/Page/CaseDashboard.php index 85a21d2f62..3428e2e447 100644 --- a/CRM/Dashlet/Page/CaseDashboard.php +++ b/CRM/Dashlet/Page/CaseDashboard.php @@ -31,7 +31,7 @@ class CRM_Dashlet_Page_CaseDashboard extends CRM_Core_Page { public function run() { //check for civicase access. if (!CRM_Case_BAO_Case::accessCiviCase()) { - CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); + CRM_Core_Error::statusBounce(ts('You are not authorized to access this page.')); } $summary = CRM_Case_BAO_Case::getCasesSummary(TRUE); diff --git a/CRM/Dashlet/Page/MyCases.php b/CRM/Dashlet/Page/MyCases.php index 5d5420e1fc..1b643ff72d 100644 --- a/CRM/Dashlet/Page/MyCases.php +++ b/CRM/Dashlet/Page/MyCases.php @@ -34,7 +34,7 @@ class CRM_Dashlet_Page_MyCases extends CRM_Core_Page { //check for civicase access. if (!CRM_Case_BAO_Case::accessCiviCase()) { - CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); + CRM_Core_Error::statusBounce(ts('You are not authorized to access this page.')); } $controller = new CRM_Core_Controller_Simple('CRM_Case_Form_Search', diff --git a/CRM/Event/Form/ManageEvent/Delete.php b/CRM/Event/Form/ManageEvent/Delete.php index 30dc58e441..376800f00c 100644 --- a/CRM/Event/Form/ManageEvent/Delete.php +++ b/CRM/Event/Form/ManageEvent/Delete.php @@ -29,6 +29,9 @@ class CRM_Event_Form_ManageEvent_Delete extends CRM_Event_Form_ManageEvent { /** * Set variables up before form is built. + * + * @throws \CiviCRM_API3_Exception + * @throws \CRM_Core_Exception */ public function preProcess() { parent::preProcess(); @@ -41,7 +44,7 @@ class CRM_Event_Form_ManageEvent_Delete extends CRM_Event_Form_ManageEvent { } if (!CRM_Event_BAO_Event::checkPermission($this->_id, CRM_Core_Permission::DELETE)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } } diff --git a/CRM/Event/Form/Registration.php b/CRM/Event/Form/Registration.php index a4e3be15a7..b458163dba 100644 --- a/CRM/Event/Form/Registration.php +++ b/CRM/Event/Form/Registration.php @@ -244,7 +244,7 @@ class CRM_Event_Form_Registration extends CRM_Core_Form { && CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus() && !CRM_Core_Permission::check('add contributions of type ' . CRM_Contribute_PseudoConstant::financialType($this->_values['event']['financial_type_id'])) ) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } $this->checkValidEvent($infoUrl); diff --git a/CRM/Event/Form/Task/Delete.php b/CRM/Event/Form/Task/Delete.php index 3c5413becf..d84c977c2f 100644 --- a/CRM/Event/Form/Task/Delete.php +++ b/CRM/Event/Form/Task/Delete.php @@ -41,7 +41,7 @@ class CRM_Event_Form_Task_Delete extends CRM_Event_Form_Task { //check for delete if (!CRM_Core_Permission::checkActionPermission('CiviEvent', CRM_Core_Action::DELETE)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } parent::preProcess(); foreach ($this->_participantIds as $participantId) { diff --git a/CRM/Event/Page/ParticipantListing.php b/CRM/Event/Page/ParticipantListing.php index 1b8540312a..a9f718ca61 100644 --- a/CRM/Event/Page/ParticipantListing.php +++ b/CRM/Event/Page/ParticipantListing.php @@ -35,7 +35,7 @@ class CRM_Event_Page_ParticipantListing extends CRM_Core_Page { 'participant_listing_id' ); if (!$this->_participantListingID) { - CRM_Core_Error::fatal(ts('The Participant Listing feature is not currently enabled for this event.')); + CRM_Core_Error::statusBounce(ts('The Participant Listing feature is not currently enabled for this event.')); } // retrieve Event Title and include it in page title diff --git a/CRM/Event/Page/ParticipantListing/NameStatusAndDate.php b/CRM/Event/Page/ParticipantListing/NameStatusAndDate.php index a15c5928e8..fef5ae7b12 100644 --- a/CRM/Event/Page/ParticipantListing/NameStatusAndDate.php +++ b/CRM/Event/Page/ParticipantListing/NameStatusAndDate.php @@ -35,7 +35,7 @@ class CRM_Event_Page_ParticipantListing_NameStatusAndDate extends CRM_Core_Page 'participant_listing_id' ); if (!$this->_participantListingID) { - CRM_Core_Error::fatal(ts("The Participant Listing feature is not currently enabled for this event.")); + CRM_Core_Error::statusBounce(ts("The Participant Listing feature is not currently enabled for this event.")); } // retrieve Event Title and include it in page title diff --git a/CRM/Financial/Form/FinancialType.php b/CRM/Financial/Form/FinancialType.php index d9e223f8e3..9dd624538c 100644 --- a/CRM/Financial/Form/FinancialType.php +++ b/CRM/Financial/Form/FinancialType.php @@ -38,13 +38,15 @@ class CRM_Financial_Form_FinancialType extends CRM_Contribute_Form { /** * Set variables up before form is built. + * + * @throws \CRM_Core_Exception */ public function preProcess() { // Check permission for Financial Type when ACL-FT is enabled if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus() && !CRM_Core_Permission::check('administer CiviCRM Financial Types') ) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } $this->_id = CRM_Utils_Request::retrieve('id', 'Positive', $this); parent::preProcess(); diff --git a/CRM/Financial/Page/FinancialType.php b/CRM/Financial/Page/FinancialType.php index 6a999cecfb..7a1480d524 100644 --- a/CRM/Financial/Page/FinancialType.php +++ b/CRM/Financial/Page/FinancialType.php @@ -88,7 +88,7 @@ class CRM_Financial_Page_FinancialType extends CRM_Core_Page_Basic { if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus() && !CRM_Core_Permission::check('administer CiviCRM Financial Types') ) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } // get all financial types sorted by weight $financialType = []; diff --git a/CRM/Friend/Form.php b/CRM/Friend/Form.php index ce38a42d3f..e1e03c3576 100644 --- a/CRM/Friend/Form.php +++ b/CRM/Friend/Form.php @@ -97,7 +97,7 @@ class CRM_Friend_Form extends CRM_Core_Form { ); if (empty($values['is_tellfriend_enabled'])) { - CRM_Core_Error::fatal(ts('Tell Friend is disable for this Personal Campaign Page')); + CRM_Core_Error::statusBounce(ts('Tell Friend is disable for this Personal Campaign Page')); } $this->_mailLimit = $values['tellfriend_limit']; @@ -118,7 +118,7 @@ class CRM_Friend_Form extends CRM_Core_Form { $this->assign('pcpTitle', $this->_title); } else { - CRM_Core_Error::fatal(ts('page argument missing or invalid')); + CRM_Core_Error::statusBounce(ts('page argument missing or invalid')); } $this->assign('context', $pcomponent); diff --git a/CRM/Grant/Form/Grant.php b/CRM/Grant/Form/Grant.php index 787a8b86ca..7f81aceb68 100644 --- a/CRM/Grant/Form/Grant.php +++ b/CRM/Grant/Form/Grant.php @@ -66,7 +66,7 @@ class CRM_Grant_Form_Grant extends CRM_Core_Form { //check permission for action. if (!CRM_Core_Permission::checkActionPermission('CiviGrant', $this->_action)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } $this->setPageTitle(ts('Grant')); diff --git a/CRM/Grant/Form/Task/Delete.php b/CRM/Grant/Form/Task/Delete.php index f0392f38e6..155fe0e584 100644 --- a/CRM/Grant/Form/Task/Delete.php +++ b/CRM/Grant/Form/Task/Delete.php @@ -42,7 +42,7 @@ class CRM_Grant_Form_Task_Delete extends CRM_Grant_Form_Task { //check permission for delete. if (!CRM_Core_Permission::checkActionPermission('CiviGrant', CRM_Core_Action::DELETE)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } } diff --git a/CRM/Grant/Form/Task/Update.php b/CRM/Grant/Form/Task/Update.php index 6290caafd7..ba62dda100 100644 --- a/CRM/Grant/Form/Task/Update.php +++ b/CRM/Grant/Form/Task/Update.php @@ -34,7 +34,7 @@ class CRM_Grant_Form_Task_Update extends CRM_Grant_Form_Task { //check permission for update. if (!CRM_Core_Permission::checkActionPermission('CiviGrant', CRM_Core_Action::UPDATE)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } } diff --git a/CRM/Member/Form.php b/CRM/Member/Form.php index af2c065916..40e66ca63f 100644 --- a/CRM/Member/Form.php +++ b/CRM/Member/Form.php @@ -127,7 +127,7 @@ class CRM_Member_Form extends CRM_Contribute_Form_AbstractEditPayment { public function preProcess() { // Check for edit permission. if (!CRM_Core_Permission::checkActionPermission('CiviMember', $this->_action)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } if (!CRM_Member_BAO_Membership::statusAvailabilty()) { // all possible statuses are disabled - redirect back to contact form diff --git a/CRM/Member/Form/Task/Delete.php b/CRM/Member/Form/Task/Delete.php index fdeb718a4c..3f613b1334 100644 --- a/CRM/Member/Form/Task/Delete.php +++ b/CRM/Member/Form/Task/Delete.php @@ -40,7 +40,7 @@ class CRM_Member_Form_Task_Delete extends CRM_Member_Form_Task { public function preProcess() { //check for delete if (!CRM_Core_Permission::checkActionPermission('CiviMember', CRM_Core_Action::DELETE)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } parent::preProcess(); } diff --git a/CRM/Pledge/Form/Payment.php b/CRM/Pledge/Form/Payment.php index 35b8580cbb..119533b567 100644 --- a/CRM/Pledge/Form/Payment.php +++ b/CRM/Pledge/Form/Payment.php @@ -43,11 +43,13 @@ class CRM_Pledge_Form_Payment extends CRM_Core_Form { /** * Set variables up before form is built. + * + * @throws \CRM_Core_Exception */ public function preProcess() { // check for edit permission if (!CRM_Core_Permission::check('edit pledges')) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } $this->_id = CRM_Utils_Request::retrieve('ppId', 'Positive', $this); diff --git a/CRM/Pledge/Form/Pledge.php b/CRM/Pledge/Form/Pledge.php index 4fdba82a5b..010335cddd 100644 --- a/CRM/Pledge/Form/Pledge.php +++ b/CRM/Pledge/Form/Pledge.php @@ -55,6 +55,8 @@ class CRM_Pledge_Form_Pledge extends CRM_Core_Form { /** * Set variables up before form is built. + * + * @throws \CRM_Core_Exception */ public function preProcess() { $this->_contactID = CRM_Utils_Request::retrieve('cid', 'Positive', $this); @@ -66,7 +68,7 @@ class CRM_Pledge_Form_Pledge extends CRM_Core_Form { // check for action permissions. if (!CRM_Core_Permission::checkActionPermission('CiviPledge', $this->_action)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } $this->assign('action', $this->_action); diff --git a/CRM/Pledge/Form/Task/Delete.php b/CRM/Pledge/Form/Task/Delete.php index 33e15f916f..2a1ed9c349 100644 --- a/CRM/Pledge/Form/Task/Delete.php +++ b/CRM/Pledge/Form/Task/Delete.php @@ -36,7 +36,7 @@ class CRM_Pledge_Form_Task_Delete extends CRM_Pledge_Form_Task { public function preProcess() { //check for delete if (!CRM_Core_Permission::checkActionPermission('CiviPledge', CRM_Core_Action::DELETE)) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } parent::preProcess(); } diff --git a/CRM/Price/BAO/PriceSet.php b/CRM/Price/BAO/PriceSet.php index 4807191593..5ac93721fd 100644 --- a/CRM/Price/BAO/PriceSet.php +++ b/CRM/Price/BAO/PriceSet.php @@ -1251,12 +1251,13 @@ WHERE id = %1"; * The price set id. * * @return bool + * @throws \CRM_Core_Exception */ public static function checkPermission($sid) { if ($sid && self::eventPriceSetDomainID()) { $domain_id = CRM_Core_DAO::getFieldValue('CRM_Price_DAO_PriceSet', $sid, 'domain_id', 'id'); if (CRM_Core_Config::domainID() != $domain_id) { - CRM_Core_Error::fatal(ts('You do not have permission to access this page.')); + CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.')); } } return TRUE; diff --git a/CRM/UF/Form/Inline/Preview.php b/CRM/UF/Form/Inline/Preview.php index 0b64ba6f3e..afb81c278c 100644 --- a/CRM/UF/Form/Inline/Preview.php +++ b/CRM/UF/Form/Inline/Preview.php @@ -40,7 +40,7 @@ class CRM_UF_Form_Inline_Preview extends CRM_UF_Form_AbstractPreview { ], ]; if (!CRM_Core_Permission::check($checkPermission)) { - CRM_Core_Error::fatal(ts('Permission Denied')); + CRM_Core_Error::statusBounce(ts('Permission Denied')); } $content = json_decode($_REQUEST['ufData'], TRUE); foreach (['ufGroup', 'ufFieldCollection'] as $key) { diff --git a/CRM/UF/Form/Inline/PreviewById.php b/CRM/UF/Form/Inline/PreviewById.php index bc306ea537..599ea7af8c 100644 --- a/CRM/UF/Form/Inline/PreviewById.php +++ b/CRM/UF/Form/Inline/PreviewById.php @@ -32,11 +32,12 @@ class CRM_UF_Form_Inline_PreviewById extends CRM_UF_Form_AbstractPreview { * @param * * @return void + * @throws \CRM_Core_Exception */ public function preProcess() { // Inline forms don't get menu-level permission checks if (!CRM_Core_Permission::check('access CiviCRM')) { - CRM_Core_Error::fatal(ts('Permission Denied')); + CRM_Core_Error::statusBounce(ts('Permission Denied')); } $gid = CRM_Utils_Request::retrieve('id', 'Positive'); $fields = CRM_Core_BAO_UFGroup::getFields($gid, FALSE, NULL, NULL, NULL, FALSE, NULL, FALSE, NULL, CRM_Core_Permission::CREATE, 'field_name', NULL, TRUE); diff --git a/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php b/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php index 72cd0df6e6..3ee26b5c45 100644 --- a/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php +++ b/tests/phpunit/CRM/Financial/BAO/FinancialTypeTest.php @@ -215,8 +215,11 @@ class CRM_Financial_BAO_FinancialTypeTest extends CiviUnitTestCase { /** * Check method testcheckPermissionedLineItems() + * + * @throws \CRM_Core_Exception + * @throws \CiviCRM_API3_Exception */ - public function testcheckPermissionedLineItems() { + public function testCheckPermissionedLineItems() { $contactId = $this->individualCreate(); $paramsSet['title'] = 'Price Set' . substr(sha1(rand()), 0, 4); $paramsSet['name'] = CRM_Utils_String::titleToVar($paramsSet['title']); @@ -282,10 +285,10 @@ class CRM_Financial_BAO_FinancialTypeTest extends CiviUnitTestCase { try { CRM_Financial_BAO_FinancialType::checkPermissionedLineItems($contributions->id, 'view'); - $this->fail("Missed expected exception"); + $this->fail('Missed expected exception'); } catch (Exception $e) { - $this->assertEquals("A fatal error was triggered: You do not have permission to access this page.", $e->getMessage()); + $this->assertEquals('A fatal error was triggered: You do not have permission to access this page.', $e->getMessage()); } $this->setPermissions([