totten [Wed, 16 Mar 2022 21:05:59 +0000 (21:05 +0000)]
Merge branch 'security_core_111' into '5.46-security'
security/core#111 Add in Status check for if Anonymous Users have edit contributions and or access CiviContribute Permissions
See merge request security/core!151
Tim Otten [Wed, 16 Mar 2022 09:27:19 +0000 (02:27 -0700)]
(security/core#111) Refine prose/naming
Seamus Lee [Wed, 16 Mar 2022 08:33:54 +0000 (01:33 -0700)]
security/core#111 Add in Status check for if Anonymous Users have edit contributions and or access CiviContribute Permissions
CiviCRM [Wed, 16 Mar 2022 08:30:48 +0000 (01:30 -0700)]
CRM_Core_Permission - Allow checking of anon-perms by authenticated-users
Each CRM_Core_Permission_* adapter allows you to check the permissions on
behalf of some other user. However, if that "other user" is "anonymous",
then they are prone to mishandling.
Tim Otten [Wed, 16 Mar 2022 03:37:33 +0000 (20:37 -0700)]
E2E Tests - Add coverage for variations on `Permission::check($perm,$cid)`
Tim Otten [Wed, 16 Mar 2022 05:16:38 +0000 (22:16 -0700)]
composer.json - Define "allow-plugins" for compatibility
Seamus Lee [Thu, 3 Mar 2022 06:23:19 +0000 (17:23 +1100)]
security/core#113 Apply patch from Mathieu to fix SQLI in participant import
Tim Otten [Wed, 23 Feb 2022 03:49:56 +0000 (19:49 -0800)]
Merge pull request #22816 from totten/5.46-rn
(NFC) Backport 5.46.0 updates
Tim Otten [Tue, 22 Feb 2022 23:04:55 +0000 (15:04 -0800)]
release-notes/5.46.0.md - Auto clean (https://gist.github.com/totten/
acff49e6dd77947349a1df26d5002003)
Alice Frumin [Tue, 22 Feb 2022 23:18:45 +0000 (15:18 -0800)]
[NFC] 5.46 release notes updates
Tim Otten [Fri, 11 Feb 2022 04:14:35 +0000 (20:14 -0800)]
Merge pull request #22755 from totten/5.46-bump2
5.46.2 - Set version. Add notes.
Tim Otten [Fri, 11 Feb 2022 04:10:33 +0000 (20:10 -0800)]
Add release-notes/5.46.2.md
Tim Otten [Fri, 11 Feb 2022 04:09:21 +0000 (20:09 -0800)]
Set version to 5.46.2
Eileen McNaughton [Fri, 11 Feb 2022 03:54:19 +0000 (16:54 +1300)]
Merge pull request #22751 from colemanw/backportPseudoconstantFix
dev/core#3063 APIv3 - Fix numeric option matching
Coleman Watts [Wed, 9 Feb 2022 16:35:53 +0000 (11:35 -0500)]
dev/core#3063 APIv3 - Fix numeric option matching
Before: Option matching was skipped for all FK fields if a numeric value was given
After: Only skipped for `campaign_id` and `payment_processor_id` fields
The optimization was overly broad and had unintended side-effects
Eileen McNaughton [Thu, 10 Feb 2022 04:29:41 +0000 (17:29 +1300)]
Merge pull request #22747 from totten/5.46-api3-dupecheck
(dev/core#3065) Enforce required fields on Contact.duplicatecheck (5.46)
Jon Goldberg [Wed, 9 Feb 2022 20:56:11 +0000 (15:56 -0500)]
enforce required fields on Contact.duplicatecheck
Tim Otten [Wed, 9 Feb 2022 07:26:32 +0000 (23:26 -0800)]
Merge pull request #22739 from totten/5.46-bump1
5.46.1 - Update version. Add notes.
Eileen McNaughton [Wed, 9 Feb 2022 06:57:59 +0000 (19:57 +1300)]
Merge pull request #22737 from eileenmcnaughton/546
Regression fix - be tolerant with smarty money
Tim Otten [Wed, 9 Feb 2022 05:02:12 +0000 (21:02 -0800)]
Add release-notes/5.46.1.md
Tim Otten [Wed, 9 Feb 2022 05:01:17 +0000 (21:01 -0800)]
Set version to 5.46.1
Eileen McNaughton [Tue, 8 Feb 2022 03:38:05 +0000 (16:38 +1300)]
Regression fix - be tolerant with smarty money
I've seen issues in extended reports and in core where already-formatted money from
custom fields is formatted again in the smarty layer and, with recent changes
, throwing an exception when the money is greater than 1000
(because the presence of a comma makes it invalid). This adds tolerance
that seems consistent with prior code
Eileen McNaughton [Sat, 5 Feb 2022 02:38:38 +0000 (15:38 +1300)]
Merge pull request #22703 from MegaphoneJon/fix-dedupe-check-permission
Fix dedupe check to not require elevated permissions
Jon Goldberg [Fri, 4 Feb 2022 17:14:01 +0000 (12:14 -0500)]
Fix dedupe check to not require elevated permissions
CiviCRM [Fri, 4 Feb 2022 06:30:56 +0000 (06:30 +0000)]
Set version to 5.46.0
Tim Otten [Fri, 4 Feb 2022 06:19:50 +0000 (22:19 -0800)]
Merge pull request #22700 from totten/5.46-copyedit
5.46.0 - Run some autocleaning on release notes
Tim Otten [Fri, 4 Feb 2022 06:19:27 +0000 (22:19 -0800)]
Add release-notes/5.45.3.md
Tim Otten [Fri, 4 Feb 2022 03:07:33 +0000 (19:07 -0800)]
release-notes/5.46.0.md - Auto clean (https://gist.github.com/totten/
acff49e6dd77947349a1df26d5002003)
Tim Otten [Fri, 4 Feb 2022 02:52:55 +0000 (18:52 -0800)]
release-notes.md - Update date
Tim Otten [Fri, 4 Feb 2022 02:06:05 +0000 (18:06 -0800)]
release-notes/5.46.0.md - Stray char
Tim Otten [Fri, 4 Feb 2022 01:16:33 +0000 (17:16 -0800)]
release-notes/5.46.0.md - Synopsis
Seamus Lee [Tue, 1 Feb 2022 23:10:34 +0000 (10:10 +1100)]
Merge pull request #22678 from alifrumin/rn5.46
[NFC] 5.46 release notes first pass
Alice Frumin [Tue, 1 Feb 2022 22:20:00 +0000 (17:20 -0500)]
[NFC] 5.46 release notes first pass
Seamus Lee [Tue, 1 Feb 2022 21:23:39 +0000 (08:23 +1100)]
Merge pull request #22642 from colemanw/fixManagedCrash
(dev/core#3045) ManagedEntities - Fix crash during upgrade
Seamus Lee [Mon, 31 Jan 2022 22:09:59 +0000 (09:09 +1100)]
Merge pull request #22670 from agh1/5.46.0-releasenotes-initial
5.46.0 release notes initial run
Andie Hunt [Mon, 31 Jan 2022 16:38:18 +0000 (11:38 -0500)]
5.46.0 release notes: added boilerplate
Andie Hunt [Mon, 31 Jan 2022 16:29:20 +0000 (11:29 -0500)]
5.46.0 release notes: initial run
Seamus Lee [Fri, 28 Jan 2022 23:30:54 +0000 (10:30 +1100)]
Merge pull request #22656 from seamuslee001/5.46
5.45.1 & 5.45.2 Release Notes
Tim Otten [Fri, 28 Jan 2022 23:23:05 +0000 (15:23 -0800)]
Add release-notes/5.45.2.md
Tim Otten [Tue, 11 Jan 2022 19:34:54 +0000 (11:34 -0800)]
Add release-notes/5.45.1.md
demeritcowboy [Fri, 28 Jan 2022 14:46:26 +0000 (09:46 -0500)]
Merge pull request #22650 from totten/5.46-greeting
dev/core#3028 - For invalid greetings, return '' instead of failing
Eileen McNaughton [Fri, 28 Jan 2022 05:58:07 +0000 (21:58 -0800)]
dev/core#3028 - For invalid greetings, return '' instead of failing
Coleman Watts [Thu, 27 Jan 2022 17:19:08 +0000 (12:19 -0500)]
ManagedEntities - Fix crash during upgrade
This prevents a potential crash when trying to update a column before it has been added by the upgrader
Fixes dev/core#3045
colemanw [Thu, 27 Jan 2022 12:22:38 +0000 (07:22 -0500)]
Merge pull request #22640 from totten/5.46-ext-check
Extensions - Add dependency status check
Tim Otten [Thu, 27 Jan 2022 02:44:10 +0000 (18:44 -0800)]
Extensions - Revise prose for status check
Coleman Watts [Mon, 10 Jan 2022 22:48:03 +0000 (17:48 -0500)]
Extensions - Add dependency status check
Adds a system status check to ensure extension dependencies are met
Tim Otten [Thu, 27 Jan 2022 04:52:25 +0000 (20:52 -0800)]
Merge pull request #22623 from colemanw/extensionUpgrades
ExtensionUpgrades - Skip trying to upgrade missing dependencies
Coleman Watts [Tue, 25 Jan 2022 16:54:40 +0000 (11:54 -0500)]
ExtensionUpgrades - Skip trying to upgrade missing dependencies
Before: Missing dependencies would be added and then the extension upgrader would try and fail to upgrade them
After: They are skipped, as missing extension dependencies are handled elsewhere
This allows the extension upgrade to proceed without error, even if there are missing dependencies.
The user will be prompted to install the missing dependencies afterward.
Eileen McNaughton [Thu, 27 Jan 2022 00:59:32 +0000 (13:59 +1300)]
Merge pull request #22626 from colemanw/readOnlyRename
APIv4 - Rename 'ReadOnly' trait to 'ReadOnlyEntity' to avoid PHP error
Coleman Watts [Wed, 26 Jan 2022 02:10:34 +0000 (21:10 -0500)]
APIv4 - Rename 'ReadOnly' trait to 'ReadOnlyEntity' to avoid PHP fatal error
Fixes dev/core#3043
The word 'readonly' is reserved as of php 8.1
Seamus Lee [Sat, 22 Jan 2022 00:40:02 +0000 (11:40 +1100)]
Merge pull request #22597 from colemanw/searchKitEntityAccess
SearchKit - Fix running searches for anonymous users
Coleman Watts [Fri, 21 Jan 2022 20:00:35 +0000 (15:00 -0500)]
SearchKit - Fix loading metadata for anonymous users
The `checkPermissions` param was previously not getting copied into
`$this->savedSearch['api_params']` which caused trouble for less-
permissioned users, esp when the Run action is trying to internally
load field metadata.
Coleman Watts [Fri, 21 Jan 2022 17:08:28 +0000 (12:08 -0500)]
SearchKit - Fix `checkEntityAccess` for anonymous users
This function checks to see if a user has access to "get",
but anonymous users might not even have access to check if they have access!
Eileen McNaughton [Fri, 21 Jan 2022 00:39:51 +0000 (13:39 +1300)]
Merge pull request #22589 from eileenmcnaughton/46
Use api for entityRole - addresses save issue on the form
Eileen McNaughton [Thu, 20 Jan 2022 22:23:23 +0000 (11:23 +1300)]
Use api for entityRole - addresses save issue on the form
Seamus Lee [Thu, 20 Jan 2022 07:19:34 +0000 (18:19 +1100)]
Merge pull request #22583 from seamuslee001/update_jquery_ui
[REF] Upgrade JQuery UI to 1.13.0
Seamus Lee [Thu, 20 Jan 2022 03:45:37 +0000 (14:45 +1100)]
Merge pull request #22537 from jensschuppe/fix/typeErrorCustomFieldTokens
[dev/core#3029] Avoid risking a TypeError when evaluating tokens for non-existent custom fields
Seamus Lee [Wed, 19 Jan 2022 22:27:36 +0000 (09:27 +1100)]
[REF] Upgrade JQuery UI to 1.13.0
Jens Schuppe [Mon, 17 Jan 2022 10:49:17 +0000 (11:49 +0100)]
[dev/core#3029] Throw and catch exception instead of risking a TypeError when evaluating tokens for non-existent custom fields
Eileen McNaughton [Mon, 17 Jan 2022 18:53:48 +0000 (07:53 +1300)]
Merge pull request #22539 from colemanw/searchKitTokenFix
SearchKit - Fix token selector to use expression alias
Coleman Watts [Mon, 17 Jan 2022 17:22:44 +0000 (12:22 -0500)]
SearchKit - Fix token selector to use expression alias
Seamus Lee [Thu, 13 Jan 2022 01:48:29 +0000 (12:48 +1100)]
Merge pull request #22490 from colemanw/refreshButton
SearchKit - Facilitate popup forms
Eileen McNaughton [Thu, 13 Jan 2022 00:45:02 +0000 (13:45 +1300)]
Merge pull request #22493 from eileenmcnaughton/546
Cleanup test class
Eileen McNaughton [Wed, 5 Jan 2022 22:04:10 +0000 (11:04 +1300)]
Cleanup test class
Coleman Watts [Wed, 12 Jan 2022 21:07:49 +0000 (16:07 -0500)]
crmDialog - Add convenience binding to automatically launch a dialog when clicking an element
Coleman Watts [Wed, 12 Jan 2022 21:06:33 +0000 (16:06 -0500)]
SearchKit - Auto-refresh search when popup forms submit
This expands the listener to the entire surrounding <form> element,
in case there are related popups on the Afform.
Eileen McNaughton [Wed, 12 Jan 2022 04:38:33 +0000 (17:38 +1300)]
Merge pull request #22479 from demeritcowboy/fulltext-quickfix-546
dev/core#3026 - 5.46 version of 22478
demeritcowboy [Wed, 12 Jan 2022 02:35:33 +0000 (21:35 -0500)]
quickfix for fulltext search drupal block
Eileen McNaughton [Tue, 11 Jan 2022 23:05:33 +0000 (12:05 +1300)]
Merge pull request #22451 from MegaphoneJon/member-count-fix
Crash when adding a relationship when CiviMember is disabled
Jon Goldberg [Mon, 10 Jan 2022 18:11:57 +0000 (13:11 -0500)]
fix accessing member/contribution count when not enabled
Seamus Lee [Mon, 10 Jan 2022 21:24:00 +0000 (08:24 +1100)]
Merge pull request #22445 from eileenmcnaughton/546
Use field value function to get html signature
Eileen McNaughton [Mon, 10 Jan 2022 02:37:23 +0000 (15:37 +1300)]
Use field value function to get html signature
The function is used for all other tokens on the contact object and will better access
the right value and return an empty string rather NULL if not set.
I hit this as an enotice writing a test - but it is possibly the cause of this issue
https://github.com/eileenmcnaughton/nz.co.fuzion.civitoken/issues/58#issuecomment-
966611004
hence targetting the rc
The tokens() function does weird things if you pass it NULL
Eileen McNaughton [Mon, 10 Jan 2022 00:25:54 +0000 (13:25 +1300)]
Merge pull request #22437 from MegaphoneJon/broken-search-urls
fixes report#93: SearchKit shows broken external URLs
demeritcowboy [Mon, 10 Jan 2022 00:02:40 +0000 (19:02 -0500)]
Merge pull request #22429 from colemanw/fixMoneyType2
Fix input type for smarty number formatting (more forgiving)
Jon Goldberg [Sun, 9 Jan 2022 22:48:33 +0000 (17:48 -0500)]
fixes report#93: SearchKit shows broken external URLs
Coleman Watts [Sat, 8 Jan 2022 22:10:02 +0000 (17:10 -0500)]
Fix input type for smarty number formatting
Some smarty templates pass NULL to crmMoney, so it needs to handle that possibilty
Seamus Lee [Sat, 8 Jan 2022 22:19:49 +0000 (09:19 +1100)]
Merge pull request #22418 from demeritcowboy/isdir-7-8-546
[NFC] isDir unit test fails on php 7 'min' matrix
demeritcowboy [Sat, 8 Jan 2022 01:41:57 +0000 (20:41 -0500)]
fails in unusual situation on php 7
CiviCRM [Fri, 7 Jan 2022 03:23:36 +0000 (03:23 +0000)]
Set version to 5.46.beta1
Eileen McNaughton [Fri, 7 Jan 2022 03:16:01 +0000 (16:16 +1300)]
Merge pull request #22393 from eileenmcnaughton/no_ref
Remove unnecessary pass-by-ref
Eileen McNaughton [Fri, 7 Jan 2022 03:11:34 +0000 (16:11 +1300)]
Merge pull request #22392 from eileenmcnaughton/protect
Privatise function
Eileen McNaughton [Fri, 7 Jan 2022 01:45:58 +0000 (14:45 +1300)]
Merge pull request #22391 from eileenmcnaughton/legacy
[REF] Remove handling for relationshipID
Eileen McNaughton [Fri, 7 Jan 2022 01:39:04 +0000 (14:39 +1300)]
Merge pull request #22394 from eileenmcnaughton/return
Ensure getDuplicateContacts always returns an array
Eileen McNaughton [Fri, 7 Jan 2022 00:08:26 +0000 (13:08 +1300)]
Ensure getDuplicateContacts always returns an array
Calling code already handles an empty array as that is what it would receive - unless the hook set it to NULL
Eileen McNaughton [Thu, 6 Jan 2022 23:58:53 +0000 (12:58 +1300)]
Remove unnecessary pass-by-ref
Eileen McNaughton [Thu, 6 Jan 2022 23:56:20 +0000 (12:56 +1300)]
Privatise function
Eileen McNaughton [Thu, 6 Jan 2022 23:38:56 +0000 (12:38 +1300)]
Merge pull request #22389 from colemanw/contactTypes
REF - Use `CRM_Contact_BAO_ContactType::basicTypes()` instead of hardcoded lists
Eileen McNaughton [Thu, 6 Jan 2022 20:52:17 +0000 (09:52 +1300)]
[REF] Remove handling for relationshipID
We can see that the only call to this function does not set params['id'] & hence it is NULL
Eileen McNaughton [Thu, 6 Jan 2022 23:13:10 +0000 (12:13 +1300)]
Merge pull request #22383 from colemanw/dedupeRuleScreenFixes
DedupeRules - Translate contact type labels, respect enabled contact types
colemanw [Thu, 6 Jan 2022 23:08:20 +0000 (18:08 -0500)]
Merge pull request #22390 from eileenmcnaughton/legacy2
[REF] Further cleanup on employer create
colemanw [Thu, 6 Jan 2022 23:05:03 +0000 (18:05 -0500)]
Merge pull request #22319 from colemanw/afformSearchFilters
Afform - UI and contextual titles for search displays
colemanw [Thu, 6 Jan 2022 23:01:39 +0000 (18:01 -0500)]
Merge pull request #22323 from eileenmcnaughton/taxterm
Smarty modifier - stop using isset to check taxTerm
Seamus Lee [Thu, 6 Jan 2022 23:01:17 +0000 (10:01 +1100)]
Merge pull request #21178 from eileenmcnaughton/perm
dev/core#2752 Allow financial_trxns to be viewed
Eileen McNaughton [Thu, 6 Jan 2022 20:49:12 +0000 (09:49 +1300)]
[REF] Simplify handing of ids
Rather than compile contactID into an array to pass it in pass as itself. It is then
clear that ids['relationship'] will always be null - so remove the check
Coleman Watts [Thu, 6 Jan 2022 17:17:29 +0000 (12:17 -0500)]
REF - Use `CRM_Contact_BAO_ContactType::basicTypes()` instead of hardcoded lists
Makes code more flexible/forgiving if new contact types are added in the future,
or if existing contact types are disabled.
colemanw [Thu, 6 Jan 2022 18:40:38 +0000 (13:40 -0500)]
Merge pull request #22388 from colemanw/unusedFunctionDel
Remove unused function
Coleman Watts [Thu, 6 Jan 2022 17:04:02 +0000 (12:04 -0500)]
Remove unused function
Eileen McNaughton [Thu, 6 Jan 2022 02:26:07 +0000 (15:26 +1300)]
Duplicate legacyCreateMultiple to contact_utils
Having a lot of trouble fixing a bug via this method so gonn break up & clean up the function in this context
(leaves on the import class & a JMA extension calling it.
colemanw [Wed, 5 Jan 2022 18:50:00 +0000 (13:50 -0500)]
Merge pull request #22369 from braders/dedupeRulesSystemCheck
Add system status check for missing dedupe rules
colemanw [Wed, 5 Jan 2022 18:49:47 +0000 (13:49 -0500)]
Merge pull request #22378 from eileenmcnaughton/notice
Ensure dashboardLinks assigned to prevent e-notice
projects / civicrm-core.git / log