From 0a1a8b63b32699d447e401f2b20b1c816cdf5ce3 Mon Sep 17 00:00:00 2001 From: Coleman Watts Date: Thu, 14 Jan 2016 15:26:16 -0500 Subject: [PATCH] CRM-17645 - Migrate more case lookups to go through api --- CRM/Case/BAO/Case.php | 77 ++--------------- CRM/Case/Form/CaseView.php | 109 ++++++++++-------------- CRM/Case/Page/AJAX.php | 7 +- tests/phpunit/CRM/Case/BAO/CaseTest.php | 5 -- 4 files changed, 58 insertions(+), 140 deletions(-) diff --git a/CRM/Case/BAO/Case.php b/CRM/Case/BAO/Case.php index d3b6f45a8e..fc1ec29308 100644 --- a/CRM/Case/BAO/Case.php +++ b/CRM/Case/BAO/Case.php @@ -1905,79 +1905,14 @@ SELECT civicrm_contact.id as casemanager_id, * @return null|string */ public static function caseCount($contactId = NULL, $excludeDeleted = TRUE) { - $whereConditions = array(); + $params = array('check_permissions' => TRUE); if ($excludeDeleted) { - $whereConditions[] = "( civicrm_case.is_deleted = 0 OR civicrm_case.is_deleted IS NULL )"; + $params['is_deleted'] = 0; } if ($contactId) { - $whereConditions[] = "civicrm_case_contact.contact_id = {$contactId}"; + $params['contact_id'] = $contactId; } - if (!CRM_Core_Permission::check('access all cases and activities')) { - static $accessibleCaseIds; - if (!is_array($accessibleCaseIds)) { - $session = CRM_Core_Session::singleton(); - $accessibleCaseIds = array_keys(self::getCases(FALSE, $session->get('userID'), 'any')); - } - //no need of further processing. - if (empty($accessibleCaseIds)) { - return 0; - } - $whereConditions[] = "( civicrm_case.id in (" . implode(',', $accessibleCaseIds) . ") )"; - } - - $whereClause = ''; - if (!empty($whereConditions)) { - $whereClause = "WHERE " . implode(' AND ', $whereConditions); - } - - $query = " - SELECT count( civicrm_case.id ) - FROM civicrm_case -LEFT JOIN civicrm_case_contact ON ( civicrm_case.id = civicrm_case_contact.case_id ) - {$whereClause}"; - - return CRM_Core_DAO::singleValueQuery($query); - } - - /** - * Retrieve cases related to particular contact. - * - * @param int $contactId - * Contact id. - * @param bool $excludeDeleted - * Do not include deleted cases. - * - * @return array - */ - public static function getContactCases($contactId, $excludeDeleted = TRUE) { - $cases = array(); - if (!$contactId) { - return $cases; - } - - $whereClause = "civicrm_case_contact.contact_id = %1"; - if ($excludeDeleted) { - $whereClause .= " AND ( civicrm_case.is_deleted = 0 OR civicrm_case.is_deleted IS NULL )"; - } - - $query = " - SELECT civicrm_case.id, civicrm_case_type.title as case_type, civicrm_case.start_date - FROM civicrm_case -INNER JOIN civicrm_case_contact ON ( civicrm_case.id = civicrm_case_contact.case_id ) - LEFT JOIN civicrm_case_type ON civicrm_case.case_type_id = civicrm_case_type.id - WHERE {$whereClause}"; - - $dao = CRM_Core_DAO::executeQuery($query, array(1 => array($contactId, 'Integer'))); - while ($dao->fetch()) { - $cases[$dao->id] = array( - 'case_id' => $dao->id, - 'case_type' => $dao->case_type, - 'case_start_date' => $dao->start_date, - ); - } - $dao->free(); - - return $cases; + return civicrm_api3('Case', 'getcount', $params); } /** @@ -2609,6 +2544,7 @@ WHERE id IN (' . implode(',', $copiedActivityIds) . ')'; static $caseCount; if (!isset($caseCount)) { $caseCount = civicrm_api3('Case', 'getcount', array( + 'check_permissions' => TRUE, 'status_id' => array('!=' => 'Closed'), 'is_deleted' => 0, 'end_date' => array('IS NULL' => 1), @@ -2858,8 +2794,7 @@ WHERE id IN (' . implode(',', $copiedActivityIds) . ')'; if ($denyClosed && !CRM_Core_Permission::check('access all cases and activities')) { $params['status_id'] = array('!=' => 'Closed'); } - $result = civicrm_api3('Case', 'getcount', $params); - return (bool) $result['result']; + return (bool) civicrm_api3('Case', 'getcount', $params); } /** diff --git a/CRM/Case/Form/CaseView.php b/CRM/Case/Form/CaseView.php index 62a38cf5db..513b588103 100644 --- a/CRM/Case/Form/CaseView.php +++ b/CRM/Case/Form/CaseView.php @@ -66,41 +66,24 @@ class CRM_Case_Form_CaseView extends CRM_Core_Form { return; } - //check for civicase access. - if (!CRM_Case_BAO_Case::accessCiviCase()) { - CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); - } $this->_hasAccessToAllCases = CRM_Core_Permission::check('access all cases and activities'); $this->assign('hasAccessToAllCases', $this->_hasAccessToAllCases); - $this->_contactID = $this->get('cid'); - $this->_caseID = $this->get('id'); + $this->assign('contactID', $this->_contactID = (int) $this->get('cid')); + $this->assign('caseID', $this->_caseID = (int) $this->get('id')); + + // Access check. + if (!CRM_Case_BAO_Case::accessCase($this->_caseID, FALSE)) { + CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); + } $fulltext = CRM_Utils_Request::retrieve('context', 'String', CRM_Core_DAO::$_nullObject); if ($fulltext == 'fulltext') { $this->assign('fulltext', $fulltext); } - $this->assign('caseID', $this->_caseID); - $this->assign('contactID', $this->_contactID); $this->assign('contactType', CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_contactID, 'contact_type')); - - //validate case id. - $this->_userCases = array(); - $session = CRM_Core_Session::singleton(); - $userID = $session->get('userID'); - if (!$this->_hasAccessToAllCases) { - $this->_userCases = CRM_Case_BAO_Case::getCases(FALSE, $userID, 'any'); - if (!array_key_exists($this->_caseID, $this->_userCases)) { - CRM_Core_Error::fatal(ts('You are not authorized to access this page.')); - } - } - $this->assign('userID', $userID); - - if (CRM_Case_BAO_Case::caseCount($this->_contactID) >= 2) { - $this->_mergeCases = TRUE; - } - $this->assign('mergeCases', $this->_mergeCases); + $this->assign('userID', CRM_Core_Session::getLoggedInContactID()); //retrieve details about case $params = array('id' => $this->_caseID); @@ -244,6 +227,7 @@ class CRM_Case_Form_CaseView extends CRM_Core_Form { $linkActTypeId = array_search('Link Cases', $allActTypes); if ($linkActTypeId) { $count = civicrm_api3('Case', 'getcount', array( + 'check_permissions' => TRUE, 'id' => array('!=' => $this->_caseID), 'is_deleted' => 0, )); @@ -293,43 +277,7 @@ class CRM_Case_Form_CaseView extends CRM_Core_Form { } $this->addElement('submit', $this->getButtonName('next'), ' ', array('class' => 'hiddenElement')); - if ($this->_mergeCases) { - $allCases = CRM_Case_BAO_Case::getContactCases($this->_contactID); - $otherCases = array(); - foreach ($allCases as $caseId => $details) { - //filter current and own cases. - if (($caseId == $this->_caseID) || - (!$this->_hasAccessToAllCases && - !array_key_exists($caseId, $this->_userCases) - ) - ) { - continue; - } - - $otherCases[$caseId] = 'Case ID: ' . $caseId . ' Type: ' . $details['case_type'] . ' Start: ' . $details['case_start_date']; - } - if (empty($otherCases)) { - $this->_mergeCases = FALSE; - $this->assign('mergeCases', $this->_mergeCases); - } - else { - $this->add('select', 'merge_case_id', - ts('Select Case for Merge'), - array( - '' => ts('- select case -'), - ) + $otherCases, - FALSE, - array('class' => 'crm-select2 huge') - ); - $this->addElement('submit', - $this->getButtonName('next', 'merge_case'), - ts('Merge'), - array( - 'class' => 'hiddenElement', - ) - ); - } - } + $this->buildMergeCaseForm(); //call activity form self::activityForm($this, $aTypes); @@ -538,4 +486,41 @@ class CRM_Case_Form_CaseView extends CRM_Core_Form { } } + /** + * Form elements for merging cases + */ + public function buildMergeCaseForm() { + $otherCases = array(); + $result = civicrm_api3('Case', 'get', array( + 'check_permissions' => TRUE, + 'contact_id' => $this->_contactID, + 'is_deleted' => 0, + 'id' => array('!=' => $this->_caseID), + 'return' => array('id', 'start_date', 'case_type_id.title'), + )); + foreach ($result['values'] as $id => $case) { + $otherCases[$id] = "#$id: {$case['case_type_id.title']} " . ts('(opened %1)', array(1 => $case['start_date'])); + } + + $this->assign('mergeCases', $this->_mergeCases = (bool) $otherCases); + + if ($otherCases) { + $this->add('select', 'merge_case_id', + ts('Select Case for Merge'), + array( + '' => ts('- select case -'), + ) + $otherCases, + FALSE, + array('class' => 'crm-select2 huge') + ); + $this->addElement('submit', + $this->getButtonName('next', 'merge_case'), + ts('Merge'), + array( + 'class' => 'hiddenElement', + ) + ); + } + } + } diff --git a/CRM/Case/Page/AJAX.php b/CRM/Case/Page/AJAX.php index 2e3a999ea2..23f286f9e5 100644 --- a/CRM/Case/Page/AJAX.php +++ b/CRM/Case/Page/AJAX.php @@ -105,8 +105,11 @@ class CRM_Case_Page_AJAX { public function caseDetails() { $caseId = CRM_Utils_Type::escape($_GET['caseId'], 'Positive'); - $case = civicrm_api3('Case', 'getsingle', - array('id' => $caseId, 'return' => array('subject', 'case_type_id', 'status_id', 'start_date', 'end_date'))); + $case = civicrm_api3('Case', 'getsingle', array( + 'id' => $caseId, + 'check_permissions' => TRUE, + 'return' => array('subject', 'case_type_id', 'status_id', 'start_date', 'end_date')) + ); $caseStatuses = CRM_Case_PseudoConstant::caseStatus(); $caseTypes = CRM_Case_PseudoConstant::caseType('title', FALSE); diff --git a/tests/phpunit/CRM/Case/BAO/CaseTest.php b/tests/phpunit/CRM/Case/BAO/CaseTest.php index 1912ea7cc7..66fd5fce6a 100644 --- a/tests/phpunit/CRM/Case/BAO/CaseTest.php +++ b/tests/phpunit/CRM/Case/BAO/CaseTest.php @@ -70,11 +70,6 @@ class CRM_Case_BAO_CaseTest extends CiviUnitTestCase { $this->assertEquals(1, $cases['rows']['Housing Support']['Ongoing']['count']); } - public function testGetContactCases() { - $cases = CRM_Case_BAO_Case::getContactCases(3); - $this->assertEquals('Housing Support', $cases[1]['case_type']); - } - /* FIXME: requires activities * function testGetRelatedCases() { * } -- 2.25.1