civicrm-core.git
3 years agoMerge pull request #20532 from eileenmcnaughton/f_add
Seamus Lee [Thu, 10 Jun 2021 00:00:47 +0000 (10:00 +1000)]
Merge pull request #20532 from eileenmcnaughton/f_add

Fix Financial item test to validate Financials

3 years agoMerge pull request #20552 from eileenmcnaughton/fin
Seamus Lee [Wed, 9 Jun 2021 23:59:51 +0000 (09:59 +1000)]
Merge pull request #20552 from eileenmcnaughton/fin

Mark DetailTest as having invalid financials

3 years agoMerge pull request #20533 from totten/master-api4-omnivent
Eileen McNaughton [Wed, 9 Jun 2021 23:46:06 +0000 (11:46 +1200)]
Merge pull request #20533 from totten/master-api4-omnivent

Introduce civi.api4.authorizeRecord and civi.api4.validate

3 years agoMerge pull request #20564 from eileenmcnaughton/report
Eileen McNaughton [Wed, 9 Jun 2021 21:14:41 +0000 (09:14 +1200)]
Merge pull request #20564 from eileenmcnaughton/report

dev/core#2646 juice up the error a little

3 years agoMerge pull request #20493 from jaapjansma/dev_membership_37
Eileen McNaughton [Wed, 9 Jun 2021 19:39:04 +0000 (07:39 +1200)]
Merge pull request #20493 from jaapjansma/dev_membership_37

Fix for dev/membership#37

3 years agoMerge pull request #20563 from colemanw/array_key
demeritcowboy [Wed, 9 Jun 2021 19:34:42 +0000 (15:34 -0400)]
Merge pull request #20563 from colemanw/array_key

REF - Cleanup array key checking to use array_key_exists

3 years agodev/core#2646 juice up the error a little
Eileen McNaughton [Wed, 9 Jun 2021 19:34:06 +0000 (07:34 +1200)]
dev/core#2646 juice up the error a little

On explaining the issue in https://lab.civicrm.org/dev/core/-/issues/2646 not
having the name of the failed entity in the error message seemed like a pain point

3 years agoExpand CustomValue::_checkAccess()
Tim Otten [Wed, 9 Jun 2021 10:24:21 +0000 (03:24 -0700)]
Expand CustomValue::_checkAccess()

Before: Reports that access is available based one delegated-check for `Contact.update`

After: Reports that access is available based on multiple checks:

  1. The user must have access to the relevant CustomGroup (by way of ACL or perms)
  2. The user must have acces to the underlying entity (by way of checkAccessDelgated)

Comments: I did a bit of testing with `Custom_*.get`, and it does seem to
give access to single-value CustomGroups. So I removed a comment about
multi-value CustomGroups and expanded to a larger list of entities.

3 years agoMerge pull request #20562 from colemanw/shortArrayContactTask
demeritcowboy [Wed, 9 Jun 2021 14:22:52 +0000 (10:22 -0400)]
Merge pull request #20562 from colemanw/shortArrayContactTask

[REF] CRM_Contact_Task - Use short array syntax

3 years agoMerge pull request #20059 from samuelsov/dev/core#2479
colemanw [Wed, 9 Jun 2021 13:56:21 +0000 (09:56 -0400)]
Merge pull request #20059 from samuelsov/dev/core#2479

dev/core#2479 Adjust generic copy for localizable fields

3 years agoREF - Cleanup array key checking to use array_key_exists
Coleman Watts [Wed, 9 Jun 2021 13:41:52 +0000 (09:41 -0400)]
REF - Cleanup array key checking to use array_key_exists

Before: in_array($foo, array_keys($bar))
After: array_key_exists($foo, $bar)

3 years agoCRM_Contact_Task - Use short array syntax
Coleman Watts [Wed, 9 Jun 2021 12:45:26 +0000 (08:45 -0400)]
CRM_Contact_Task - Use short array syntax

3 years agoPartially rollback changes to `$userID`. Merely lay groundwork for future update.
Tim Otten [Wed, 9 Jun 2021 02:46:17 +0000 (19:46 -0700)]
Partially rollback changes to `$userID`. Merely lay groundwork for future update.

Context: AuthorizeEvent did not allow tracking userID.  AuthorizeRecordEvent
is spec'd to track userID.  This is a step toward supporting checks when the
target user is non-present (ie not the user in the browser/session).
However, this step is not *sufficient* - additional work is also needed to
support non-present users.

Original: AuthorizeEvent and AbstractAction::isAuthorized did not report
current userID.  However, the wiring for AuthorizeRecordEvent is spec'd
to allow userID.

Previous: Made a breaking change in the signature of
AuthorizeEvent/AbstractAction::isAuthorized() to report userID.  However,
even with the break, it's not clear if this is the best approach.

Revised:
* Both AuthorizeEvent and AuthorizeRecordEvent report `userID`. This allows consumers to start using
  this information -- laying the groundwork for future changes.
* If an existing event-consumer ignores the `userID`, it will still work as correctly as before. This is
  because we guarantee that the userID matches the session-user.
* The signature of `AbstractAction::isAuthorized()` matches its original. No BC break. However, the method
  is flagged `@internal` to warn about the prospect of future changes.
* In the future, after we do more legwork on to ensure that the overall
  system makes sense, we may flip this and start doing non-present users.

3 years agoMerge pull request #20560 from colemanw/searchable
Eileen McNaughton [Wed, 9 Jun 2021 03:18:05 +0000 (15:18 +1200)]
Merge pull request #20560 from colemanw/searchable

APIv4 - Make the @searchable flag explicit for OptionList type entities.

3 years agoMerge pull request #20545 from seamuslee001/hook_test_fix_part1
demeritcowboy [Wed, 9 Jun 2021 02:18:53 +0000 (22:18 -0400)]
Merge pull request #20545 from seamuslee001/hook_test_fix_part1

[php8-compat] Partial Fix of hook tests for php8

3 years agoMerge pull request #20548 from eileenmcnaughton/group
Seamus Lee [Wed, 9 Jun 2021 01:09:10 +0000 (11:09 +1000)]
Merge pull request #20548 from eileenmcnaughton/group

Fix the populateTempTable to be more direct

3 years agoAPIv4 - Make the @searchable flag explicit for OptionList type entities.
Coleman Watts [Tue, 8 Jun 2021 23:18:30 +0000 (19:18 -0400)]
APIv4 - Make the @searchable flag explicit for OptionList type entities.

The OptionList trait may or may not be useful in future, maybe we'll just get rid of it if not.
But I think it's better not to couple it with the @searchable flag, as that's not exactly the same thing.

3 years agoMerge pull request #20557 from demeritcowboy/test-turkish
Seamus Lee [Wed, 9 Jun 2021 00:29:05 +0000 (10:29 +1000)]
Merge pull request #20557 from demeritcowboy/test-turkish

[NFC/Unit Test] Failing test for civicrm-packages PR 324

3 years ago[php8-compat] Partial Fix of hook tests for php8
Seamus Lee [Tue, 8 Jun 2021 00:54:20 +0000 (00:54 +0000)]
[php8-compat] Partial Fix of hook tests for php8

3 years agoMerge pull request #20542 from seamuslee001/hook_test_fixes_2
colemanw [Wed, 9 Jun 2021 00:07:24 +0000 (20:07 -0400)]
Merge pull request #20542 from seamuslee001/hook_test_fixes_2

[php8-compact] Add in guards into various templates to fix hook tests…

3 years agoMark DetailTest as having invalid financials
Eileen McNaughton [Tue, 8 Jun 2021 07:25:04 +0000 (19:25 +1200)]
Mark DetailTest as having invalid financials

This class sets up in a weird way it will never pass financial checks

3 years agoMerge pull request #20549 from seamuslee001/php8_report
Eileen McNaughton [Tue, 8 Jun 2021 22:23:11 +0000 (10:23 +1200)]
Merge pull request #20549 from seamuslee001/php8_report

[php8-compact] Fix Report tests failing on php8

3 years agoMerge pull request #20540 from seamuslee001/tcpdf_upgrade
Seamus Lee [Tue, 8 Jun 2021 22:16:39 +0000 (08:16 +1000)]
Merge pull request #20540 from seamuslee001/tcpdf_upgrade

[php8-compat] Upgrade TCPDF version to support php8

3 years agoMerge pull request #20558 from colemanw/searchKitRelationships
Eileen McNaughton [Tue, 8 Jun 2021 22:16:17 +0000 (10:16 +1200)]
Merge pull request #20558 from colemanw/searchKitRelationships

SearchKit - allow searches based on relationships

3 years agoMerge pull request #20559 from colemanw/wordReplacement
Eileen McNaughton [Tue, 8 Jun 2021 21:44:49 +0000 (09:44 +1200)]
Merge pull request #20559 from colemanw/wordReplacement

dev/core#2486 - Add WordReplacement APIv4 entity

3 years agounit test for db insert in TR locale
demeritcowboy [Tue, 8 Jun 2021 16:00:53 +0000 (12:00 -0400)]
unit test for db insert in TR locale

3 years agodev/core#2486 - Add WordReplacement APIv4 entity
Coleman Watts [Tue, 8 Jun 2021 19:08:15 +0000 (15:08 -0400)]
dev/core#2486 - Add WordReplacement APIv4 entity

3 years agoMerge pull request #20555 from ahed-compucorp/dev/core#1744-afform
Eileen McNaughton [Tue, 8 Jun 2021 19:04:55 +0000 (07:04 +1200)]
Merge pull request #20555 from ahed-compucorp/dev/core#1744-afform

(REF) dev/core#1744 - Simplify Afform event naming

3 years agoSearchKit - Enable search for relationships as base entity
Coleman Watts [Tue, 8 Jun 2021 16:33:00 +0000 (12:33 -0400)]
SearchKit - Enable search for relationships as base entity

This makes it possible to use a bridge entity for the base of a search
(only if it is annotated @searchable primary|secondary)

It also ensures that fields needed for links are available in search displays
(previously it ensured ID was returned but some links require other fields as well)

3 years agoSearchKit - Fix error when trying to update operator in ON clause
Coleman Watts [Tue, 8 Jun 2021 16:22:51 +0000 (12:22 -0400)]
SearchKit - Fix error when trying to update operator in ON clause

3 years agodev/core#1744 - Simplify afform event naming
Ahed [Tue, 8 Jun 2021 12:48:57 +0000 (15:48 +0300)]
dev/core#1744 - Simplify afform event naming

3 years agoMerge pull request #20530 from eileenmcnaughton/val
Monish Deb [Tue, 8 Jun 2021 07:34:21 +0000 (13:04 +0530)]
Merge pull request #20530 from eileenmcnaughton/val

Fix v3 api payment test to validate on postAssert

3 years agoFix the populateTempTable to be more direct
Eileen McNaughton [Tue, 8 Jun 2021 01:57:52 +0000 (13:57 +1200)]
Fix the populateTempTable to be more direct

It's currently using a round-about method to populate the table which goes through
apiv3 and the query object before winding up at the load function
which makes the same 3 calls now being called directly

Note the tests api_v3_ReportTemplateTest as well as the apiv4 tests
cover this function

3 years ago[php8-compact] Fix Report tests failing on php8
Seamus Lee [Tue, 8 Jun 2021 04:34:47 +0000 (04:34 +0000)]
[php8-compact] Fix Report tests failing on php8

3 years agoConvert hook_civicrm_checkAccess to civi.api4.authorizeRecord
Tim Otten [Fri, 4 Jun 2021 18:57:55 +0000 (11:57 -0700)]
Convert hook_civicrm_checkAccess to civi.api4.authorizeRecord

3 years ago(REF) Consolidate calls to `Hook::checkAccess()`. Define initial value `$granted...
Tim Otten [Mon, 7 Jun 2021 10:12:10 +0000 (03:12 -0700)]
(REF) Consolidate calls to `Hook::checkAccess()`. Define initial value `$granted=NULL`.

Regarding invocations:

* Before: There are three different ways `Hook::checkAccess()` may be invoked, e.g.
    * `CRM_Core_DAO::checkAccess()`, which sprinkles in a call to `static::_checkAccess()` before `Hook::checkAccess()`
    * `CRM_Core_BAO_CustomValue::checkAccess()`, which sprinkles in a call to `checkAccessDelegated()` after `Hook::checkAccess()`
    * `CoreUtil::checkAccessRecord()`, which delegates to one of the above (if appropriate) or else calls `Hook::checkAccess()`
    * `CoreUtil::checkAccessRecord()` is the most general entry-point
* After: There is one way to invoke `Hook::checkAccess()`, and it incorporates some qausi/unofficial listeners.
    * `CoreUtil::checkAccessRecord()` is still the most general entry-point.
    * `CoreUtil::checkAccessRecord()` fires `Hook::checkAccess()` unconditionally
    * `CoreUtil::checkAccessRecord()` calls `CRM_Core_DAO::checkAccess()` and/or `CRM_Core_BAO_CustomValue::_checkAccess()`,
      which are now quasi/unofficial listeners for the hook

Regarding initialization and passing of `$granted`:

* Before: The value of `$granted` defaults to `TRUE`. Listeners may flip between `TRUE`/`FALSE`. The value of `$granted` is passed to each listener.
* After: The value of `$granted` defaults to `NULL`. Listeners may flip to `TRUE`/`FALSE`. If it remains `NULL` until the end, then it's treated as `TRUE`.
  The value of `$granted` is not passed to each listener.
* Comment: IMHO, this is an overall simplification.  If you pass in `$granted`, then each listener has to decide
  whether/how to mix the inputted value with its own decision.  (Ex: Should it be `return $grantedInput &&
  $myGrantedDecision` or `return $grantedInput || $myGrantedDecision` or `return $myGrantedDecision`? That choice appears to be
  carefully informed by the context of what steps ran before.) In the updated protocol, each `_checkAccess()` a smaller scope.

3 years ago(REF) Change CoreUtil::checkAccess() to CoreUtil::checkAccessRecord()
Tim Otten [Mon, 7 Jun 2021 06:28:43 +0000 (23:28 -0700)]
(REF) Change CoreUtil::checkAccess() to CoreUtil::checkAccessRecord()

This change invovles a few things:

1. Pass the `AbstractAction $apiRequest` instead of the tuple `string $entity, string $action`.

2. There are a couple cases where we don't actually want to re-use the current `$apiRequest`.
   Switch these using `checkAccessDelegated()`.

3. Always resolve the userID before calling `checkAccessRecord()`. `$userID===null` can mean
   two different things (ie "active user" vs "anonymous user").  By
   resolving this once before we do any work with `checkAccess()`, we ensure that it will
   consistently mean "anonymous user" (even if there are multiple rounds of delegation).

3. Change the name from `checkAccess()` to `checkAccessRecord`. There are a few flavors of
   `...checkAccess...`, and this makes it easier to differentiate when skimming.

3 years ago(REF) Consistently pass `string $entity` to all flavors of checkAccess
Tim Otten [Mon, 7 Jun 2021 06:05:40 +0000 (23:05 -0700)]
(REF) Consistently pass `string $entity` to all flavors of checkAccess

1. This removes the special-case where `CustomValue::checkAccess()` needs an extra parameter
   to identify the target entity.
2. This lines things up to do the swap from `_checkAccess()` to a hook/event listener

3 years ago(REF) Isolate calls to $bao::checkAccess. Prefer CoreUtil::checkAccessDelegate.
Tim Otten [Mon, 7 Jun 2021 03:13:12 +0000 (20:13 -0700)]
(REF) Isolate calls to $bao::checkAccess. Prefer CoreUtil::checkAccessDelegate.

Code paths:

* Before: There are many callers to `$bao::checkAccess()`.
* After: There is only one caller to `$bao::checkAccess()` (ie `CoreUtil`).

Delegation mechanics:

* Before: When delegating access-control to another entity, various things invoke  `$bao::checkAccess()`.
* After: When delegating access-control to another entity, various things invoke `CoreUtil::checkAccessDelegated()`

3 years agoCoreUtil::checkAccess() - Accept optional argument $userID
Tim Otten [Fri, 4 Jun 2021 23:42:29 +0000 (16:42 -0700)]
CoreUtil::checkAccess() - Accept optional argument $userID

Technically, there is an inheritable contract-change here - modifying
`isAuthorized()` to accept the current user ID. However, I grepped
universe for references:

```
[bknix-min:~/bknix/build/universe] grep -ri isAuthorized $( find -name Civi )
```

And all references were internal to `civicrm-core.git`.  This makes some
sense, given the available alternative extension-points
(`Civi\Api4\$ENTITY::permissions()` and `civi.api.authorize`).

3 years agoMerge pull request #20541 from eileenmcnaughton/alpha_trigg
Seamus Lee [Tue, 8 Jun 2021 02:24:36 +0000 (12:24 +1000)]
Merge pull request #20541 from eileenmcnaughton/alpha_trigg

Sort trigger data before processing

3 years ago[php8-compact] Add in guards into various templates to fix hook tests in php8
Seamus Lee [Tue, 8 Jun 2021 00:55:50 +0000 (00:55 +0000)]
[php8-compact] Add in guards into various templates to fix hook tests in php8

3 years agoSort trigger data before processing
Eileen McNaughton [Tue, 8 Jun 2021 00:06:57 +0000 (12:06 +1200)]
Sort trigger data before processing

At some point these stopped being consistently alpha sorted - which doesn't matter
if you are just letting Civi run the trigger updates but if you output it
and diff it this inconsistency is a problem

Subset of https://github.com/civicrm/civicrm-core/pull/20472
in the hope of getting this merged

https://github.com/civicrm/civicrm-core/pull/20471 also grooms this output for diffing
albeit only in an edge case

3 years agoMerge pull request #20539 from seamuslee001/group_custom_search_fix
Eileen McNaughton [Mon, 7 Jun 2021 23:55:27 +0000 (11:55 +1200)]
Merge pull request #20539 from seamuslee001/group_custom_search_fix

[php8-compat] Fix Include/Exclude Group Custom Search Tests by better…

3 years agoMerge pull request #20537 from colemanw/searchKitLinkFix
Eileen McNaughton [Mon, 7 Jun 2021 23:48:21 +0000 (11:48 +1200)]
Merge pull request #20537 from colemanw/searchKitLinkFix

SearchKit - Fix link target selection

3 years ago[php8-compat] Upgrade TCPDF version to support php8
Seamus Lee [Mon, 7 Jun 2021 23:08:39 +0000 (23:08 +0000)]
[php8-compat] Upgrade TCPDF version to support php8

3 years agoMerge pull request #20538 from seamuslee001/fix_resource_test
Seamus Lee [Mon, 7 Jun 2021 23:02:24 +0000 (09:02 +1000)]
Merge pull request #20538 from seamuslee001/fix_resource_test

[php8-compat] Fix Resources Test issue due to undefined array key add…

3 years ago[php8-compat] Fix Include/Exclude Group Custom Search Tests by better handling empty...
Seamus Lee [Mon, 7 Jun 2021 22:13:25 +0000 (22:13 +0000)]
[php8-compat] Fix Include/Exclude Group Custom Search Tests by better handling empty arrays on exclusions in the custom search

3 years ago[php8-compat] Fix Resources Test issue due to undefined array key addCacheCode
Seamus Lee [Mon, 7 Jun 2021 20:55:47 +0000 (20:55 +0000)]
[php8-compat] Fix Resources Test issue due to undefined array key addCacheCode

3 years agoMerge pull request #20535 from MikeyMJCO/patch-12
demeritcowboy [Mon, 7 Jun 2021 20:05:33 +0000 (16:05 -0400)]
Merge pull request #20535 from MikeyMJCO/patch-12

Switch table mapping to square bracket array syntax.

3 years agoSearchKit - Fix link target selection and move link templating out of controller
Coleman Watts [Mon, 7 Jun 2021 19:53:36 +0000 (15:53 -0400)]
SearchKit - Fix link target selection and move link templating out of controller

3 years agoMerge pull request #20534 from demeritcowboy/dupedao
Eileen McNaughton [Mon, 7 Jun 2021 19:37:41 +0000 (07:37 +1200)]
Merge pull request #20534 from demeritcowboy/dupedao

Dedupe DAO is out of date

3 years agoSwitch table mapping to square bracket array syntax.
Mikey O'Toole [Mon, 7 Jun 2021 15:50:34 +0000 (16:50 +0100)]
Switch table mapping to square bracket array syntax.

3 years agoMerge pull request #20525 from seamuslee001/fix_date_tests
demeritcowboy [Mon, 7 Jun 2021 15:21:54 +0000 (11:21 -0400)]
Merge pull request #20525 from seamuslee001/fix_date_tests

[php8-compat][REF] Fix Date unit tests in php8 by passing in 00 inste…

3 years agofix hash
demeritcowboy [Mon, 7 Jun 2021 14:55:54 +0000 (10:55 -0400)]
fix hash

3 years ago(REF) AuthorizeEvent - Extract AuthorizedTrait
Tim Otten [Mon, 7 Jun 2021 00:53:49 +0000 (17:53 -0700)]
(REF) AuthorizeEvent - Extract AuthorizedTrait

The primary purpose of this is to provide a trait (`AuthorizedTrait`) to
describe the common semantics of of coarse-grained authorization check and
the upcoming fine-grained authorization check.

The extracted trait makes a few small changes:

* Change the default value from `FALSE` to `NULL`.  In grepping universe for
  consumers of `isAuthorized(0`, I could only find consumers that used
  bool-ish values.  So this should be the same for them.  However, for
  future cases, it will allow some distinction between NULL/FALSE.

* Use more type-hints. The type should be nullable-boolean.

* Mutators should be amenable to fluent style (e.g. `$event->authorize()->stopPropagation()`).

3 years agoConformanceTest - Add support for read-only entities
Tim Otten [Mon, 7 Jun 2021 11:40:44 +0000 (04:40 -0700)]
ConformanceTest - Add support for read-only entities

3 years agoMerge pull request #20528 from colemanw/exportFix2
Seamus Lee [Mon, 7 Jun 2021 06:49:53 +0000 (16:49 +1000)]
Merge pull request #20528 from colemanw/exportFix2

dev/report#67 Fix standalone export classes

3 years agoFix Financial item test to validate Financials
Eileen McNaughton [Mon, 7 Jun 2021 06:49:38 +0000 (18:49 +1200)]
Fix Financial item test to validate Financials

The only material change here is to mark   /**
  protected $isValidateFinancialsOnPostAssert = FALSE

As I don't think this test is creating valid financial data 'on purpose'

3 years agoMerge pull request #20526 from seamuslee001/required_after_optional_more2
Seamus Lee [Mon, 7 Jun 2021 06:34:08 +0000 (16:34 +1000)]
Merge pull request #20526 from seamuslee001/required_after_optional_more2

[php8-compact][REF] Fix another couple of places where by there are r…

3 years agoMerge pull request #20527 from seamuslee001/payment_token_fix
Seamus Lee [Mon, 7 Jun 2021 06:33:59 +0000 (16:33 +1000)]
Merge pull request #20527 from seamuslee001/payment_token_fix

[php8-compact][REF] Fix api_v3_PaymentTokenTest to work on php8

3 years agoMerge pull request #20524 from seamuslee001/fix_case_custom_tests
Seamus Lee [Mon, 7 Jun 2021 06:33:15 +0000 (16:33 +1000)]
Merge pull request #20524 from seamuslee001/fix_case_custom_tests

[php8-compat][REF] Fix Case and Custom data tests by adding guards in…

3 years agoFix v3 api payment test to validate on postAssert
Eileen McNaughton [Mon, 7 Jun 2021 06:09:10 +0000 (18:09 +1200)]
Fix v3 api payment test to validate on postAssert

This fixes the test that was failing validation & moves the validation to class level

3 years agoFix standalone export classes
Coleman Watts [Mon, 7 Jun 2021 05:06:31 +0000 (01:06 -0400)]
Fix standalone export classes

This fixes an 'access denied' error on standalone export forms,
caused by renaming the php classes.

Fixes dev/report#67

3 years ago[php8-compact][REF] Fix api_v3_PaymentTokenTest to work on php8
Seamus Lee [Mon, 7 Jun 2021 04:48:49 +0000 (04:48 +0000)]
[php8-compact][REF] Fix api_v3_PaymentTokenTest to work on php8

3 years ago[php8-compact][REF] Fix another couple of places where by there are required variable...
Seamus Lee [Mon, 7 Jun 2021 04:42:55 +0000 (04:42 +0000)]
[php8-compact][REF] Fix another couple of places where by there are required variables in php function declaration after optional ones

3 years ago[php8-compat][REF] Fix Date unit tests in php8 by passing in 00 instead of null for...
Seamus Lee [Mon, 7 Jun 2021 04:38:51 +0000 (04:38 +0000)]
[php8-compat][REF] Fix Date unit tests in php8 by passing in 00 instead of null for hours,minutes and seconds

3 years ago[php8-compat][REF] Fix Case and Custom data tests by adding guards into templates
Seamus Lee [Mon, 7 Jun 2021 04:35:52 +0000 (04:35 +0000)]
[php8-compat][REF] Fix Case and Custom data tests by adding guards into templates

3 years agoMerge pull request #20357 from eileenmcnaughton/tax_add
Monish Deb [Mon, 7 Jun 2021 04:34:28 +0000 (10:04 +0530)]
Merge pull request #20357 from eileenmcnaughton/tax_add

Fix for tax rates being mangled on contribution update

3 years agoMerge pull request #20495 from eileenmcnaughton/lines
Seamus Lee [Mon, 7 Jun 2021 04:34:01 +0000 (14:34 +1000)]
Merge pull request #20495 from eileenmcnaughton/lines

Use line items to look up memberships

3 years agoMerge pull request #20521 from eileenmcnaughton/validate
Seamus Lee [Mon, 7 Jun 2021 04:32:52 +0000 (14:32 +1000)]
Merge pull request #20521 from eileenmcnaughton/validate

Test fix up for AdditionalPaymentTest

3 years agoConformanceTest - Add coverage for checkAccess
Tim Otten [Fri, 4 Jun 2021 05:59:48 +0000 (22:59 -0700)]
ConformanceTest - Add coverage for checkAccess

3 years agoImplement checkAccess for EntityTags and Notes
Coleman Watts [Sat, 8 May 2021 00:20:43 +0000 (20:20 -0400)]
Implement checkAccess for EntityTags and Notes

3 years agoImplement checkAccess for custom entities
Coleman Watts [Thu, 6 May 2021 17:39:21 +0000 (13:39 -0400)]
Implement checkAccess for custom entities

3 years agoImplement _checkAccess for Contact BAO and related entities (email, phone, etc.)
Coleman Watts [Wed, 5 May 2021 19:30:03 +0000 (15:30 -0400)]
Implement _checkAccess for Contact BAO and related entities (email, phone, etc.)

Implements the _checkAccess BAO callback for contacts and the related entities
listed in _civicrm_api3_check_edit_permissions.

Switch APIv4 to stop using _civicrm_api3_check_edit_permissions
now that the checks are implemented in the BAO.

Also fixes a couple permission check functions to respect $userID variable.

3 years agoAPIv4 - Add checkAccess action
Coleman Watts [Tue, 27 Apr 2021 18:51:02 +0000 (14:51 -0400)]
APIv4 - Add checkAccess action

Call checkAccess action before creating, updating or deleting

3 years agoAdd BAO function and hook for checkAccess
eileen [Sun, 11 Apr 2021 20:22:52 +0000 (08:22 +1200)]
Add BAO function and hook for checkAccess

This adds a static ::checkAccess function to all BAOs, which dispatches to
a protected _checkAccess function in that BAO, as well as a new hook:
hook_civicrm_checkAccess($entity, $action, $record, $contactID, &$granted)

3 years agoUFJoin - Update addSelectWhereClause
Coleman Watts [Fri, 4 Jun 2021 06:12:23 +0000 (23:12 -0700)]
UFJoin - Update addSelectWhereClause

3 years agoDAOCreateAction - Fill defaults before validating write
Tim Otten [Fri, 4 Jun 2021 06:05:19 +0000 (23:05 -0700)]
DAOCreateAction - Fill defaults before validating write

3 years agoFinancialItem - Provide defaults so that stricter ConformanceTest will pas
Tim Otten [Fri, 4 Jun 2021 03:13:48 +0000 (20:13 -0700)]
FinancialItem - Provide defaults so that stricter ConformanceTest will pas

Context: There were three separate, concurrent PRs - two added more tests
and events to APIv4, and the third added a new entity (FinancialItem).
FinancialItem got merged first.  I'm working reconciling the other two...
and discovered that `FinancialItem` isn't passing.

Problem: When the `ConformanceTest` creates a `FinancialItem`, it doesn't
fill in valid values for `entity_table,entity_id`. These values are
important to the access-control criteria used in reading-back data.

3 years agoAdd ValidateValuesTest
Tim Otten [Thu, 20 May 2021 06:17:25 +0000 (23:17 -0700)]
Add ValidateValuesTest

3 years agoValidateValues - Provide optional access to complete records
Tim Otten [Thu, 20 May 2021 05:11:29 +0000 (22:11 -0700)]
ValidateValues - Provide optional access to complete records

3 years agoAPIv4 - When running validateValues(), fire an event
Tim Otten [Tue, 27 Apr 2021 21:38:38 +0000 (14:38 -0700)]
APIv4 - When running validateValues(), fire an event

3 years ago(REF) Civi/API/Event - Extract RequestTrait
Tim Otten [Fri, 4 Jun 2021 04:38:04 +0000 (21:38 -0700)]
(REF) Civi/API/Event - Extract RequestTrait

3 years agoLazyArray - Add helper class for lazily-loaded lists
Tim Otten [Thu, 20 May 2021 02:34:16 +0000 (19:34 -0700)]
LazyArray - Add helper class for lazily-loaded lists

3 years ago(REF) APIv4 UpdateAction - Add skeletal 'validateValues()` method
Tim Otten [Wed, 19 May 2021 22:21:23 +0000 (15:21 -0700)]
(REF) APIv4 UpdateAction - Add skeletal 'validateValues()` method

3 years ago(REF) APIv4 BatchAction - Split 'getBatchRecords()' in two
Tim Otten [Wed, 19 May 2021 23:45:51 +0000 (16:45 -0700)]
(REF) APIv4 BatchAction - Split 'getBatchRecords()' in two

The original form (`getBatchRecords()`) still returns an array of items.

The alternate form (`getBatchAction()`) returns an API call for fetching the
batchs - but this API call may be further refined (e.g.  selecting different
fields or data-pages).

3 years ago(REF) Consolidate the 'dispatchSubevent()' methods
Tim Otten [Tue, 18 May 2021 08:56:37 +0000 (01:56 -0700)]
(REF) Consolidate the 'dispatchSubevent()' methods

3 years agoFix the ContributionPageTest to set up valid memberships
Eileen McNaughton [Mon, 7 Jun 2021 02:20:50 +0000 (14:20 +1200)]
Fix the ContributionPageTest to set up valid memberships

Fix for https://github.com/civicrm/civicrm-core/pull/20495
- resolve invalid test config

3 years agoUse line items to look up memberships
Eileen McNaughton [Thu, 3 Jun 2021 21:30:24 +0000 (09:30 +1200)]
Use line items to look up memberships

This still checks the membership payment but creates some noise if there are validity issues

3 years agoTest fix up for AdditionalPaymentTest
Eileen McNaughton [Mon, 7 Jun 2021 02:04:10 +0000 (14:04 +1200)]
Test fix up for AdditionalPaymentTest

This addresses a poor set up issue where the membership + contribution was being
set up incorrectly &  hence the line items were wrong, along with the ability
to validate the financials. It was blocking https://github.com/civicrm/civicrm-core/pull/20495
along with the efforts to get financial validation on all tests

3 years agoMerge pull request #20507 from colemanw/apiSmartGroups
Eileen McNaughton [Mon, 7 Jun 2021 01:18:19 +0000 (13:18 +1200)]
Merge pull request #20507 from colemanw/apiSmartGroups

SearchKit - Add API filter for contacts in groups and smart groups

3 years agoMerge pull request #20520 from seamuslee001/php8_more_template_guard
Seamus Lee [Mon, 7 Jun 2021 00:38:36 +0000 (10:38 +1000)]
Merge pull request #20520 from seamuslee001/php8_more_template_guard

[php8-compat] Fix api_v3_PaymentTest failures by putting in more guar…

3 years agoMerge pull request #20499 from JMAConsulting/add_permission_fi_api4
Tim Otten [Sun, 6 Jun 2021 23:59:48 +0000 (16:59 -0700)]
Merge pull request #20499 from JMAConsulting/add_permission_fi_api4

dev/core#2486 - Use read-only permissions for FinancialItem API

3 years agoMerge pull request #20513 from demeritcowboy/regen-better
Tim Otten [Sun, 6 Jun 2021 23:50:06 +0000 (16:50 -0700)]
Merge pull request #20513 from demeritcowboy/regen-better

dev/core#1549 - Malleate civicrm_generated so that long lines are split

3 years ago[php8-compat] Fix api_v3_PaymentTest failures by putting in more guards into message...
Seamus Lee [Sun, 6 Jun 2021 22:53:56 +0000 (22:53 +0000)]
[php8-compat] Fix api_v3_PaymentTest failures by putting in more guards into message templates

3 years agoMerge pull request #20516 from seamuslee001/php8_more_test_fixes
Eileen McNaughton [Sun, 6 Jun 2021 21:58:39 +0000 (09:58 +1200)]
Merge pull request #20516 from seamuslee001/php8_more_test_fixes

[php8-compat][REF] Fix some more test failures in php8

3 years agoMerge pull request #20518 from seamuslee001/php8_contribution_page
Eileen McNaughton [Sun, 6 Jun 2021 21:45:52 +0000 (09:45 +1200)]
Merge pull request #20518 from seamuslee001/php8_contribution_page

[php8-compat][REF] Fix api_v3_contributionpagetest on php8

3 years agoAPIv4 - Include child groups in contact group filter
Coleman Watts [Sun, 6 Jun 2021 20:32:11 +0000 (16:32 -0400)]
APIv4 - Include child groups in contact group filter

3 years agoSearchKit - Add API filter for contacts in groups and smart groups
Coleman Watts [Fri, 4 Jun 2021 20:46:05 +0000 (16:46 -0400)]
SearchKit - Add API filter for contacts in groups and smart groups

Adds 'type' property to API getFields to distinguish regular fields
from custom fields, extra fields and filters.

Implements `Contact.groups` as a filter, which internally adds a temp-table
and incorporates it into the query.