From 13a4fb3bcfacd422e52f09533401d8081bb2741a Mon Sep 17 00:00:00 2001
From: Eileen McNaughton <emcnaughton@wikimedia.org>
Date: Thu, 14 Dec 2023 20:16:41 +1300
Subject: [PATCH] Move financial type check from event register page

---
 CRM/Event/Form/Registration.php     |  7 -------
 ext/financialacls/financialacls.php | 12 ++++++++++--
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/CRM/Event/Form/Registration.php b/CRM/Event/Form/Registration.php
index 4d7f17f8fa..2f2086fc6c 100644
--- a/CRM/Event/Form/Registration.php
+++ b/CRM/Event/Form/Registration.php
@@ -250,13 +250,6 @@ class CRM_Event_Form_Registration extends CRM_Core_Form {
 
       // check for is_monetary status
       $isMonetary = $this->getEventValue('is_monetary');
-      // check for ability to add contributions of type
-      if ($isMonetary
-        && CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()
-        && !CRM_Core_Permission::check('add contributions of type ' . CRM_Contribute_PseudoConstant::financialType($this->_values['event']['financial_type_id']))
-      ) {
-        CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
-      }
 
       $this->checkValidEvent();
       // get the participant values, CRM-4320
diff --git a/ext/financialacls/financialacls.php b/ext/financialacls/financialacls.php
index ed0c5bf7c7..494d8b58b4 100644
--- a/ext/financialacls/financialacls.php
+++ b/ext/financialacls/financialacls.php
@@ -311,7 +311,7 @@ function _civicrm_financial_acls_check_permissioned_line_items($id, $op, $force
   $lineItems = CRM_Price_BAO_LineItem::getLineItemsByContributionID($id);
   $flag = FALSE;
   foreach ($lineItems as $items) {
-    if (!CRM_Core_Permission::check($op . ' contributions of type ' . CRM_Contribute_PseudoConstant::financialType($items['financial_type_id']), $contactID)) {
+    if (!CRM_Core_Permission::check($op . ' contributions of type ' . CRM_Core_PseudoConstant::getName('CRM_Contribute_BAO_Contribution', 'financial_type_id', $items['financial_type_id']), $contactID)) {
       if ($force) {
         throw new CRM_Core_Exception(ts('You do not have permission to access this page.'));
       }
@@ -420,7 +420,7 @@ function financialacls_civicrm_alterMenu(array &$menu): void {
 
 /**
  * @param string $formName
- * @param \CRM_Core_Form $form
+ * @param \CRM_Event_Form_Registration|\CRM_Contribute_Form_Contribution $form
  */
 function financialacls_civicrm_preProcess(string $formName, \CRM_Core_Form $form): void {
   if (!financialacls_is_acl_limiting_enabled()) {
@@ -433,6 +433,14 @@ function financialacls_civicrm_preProcess(string $formName, \CRM_Core_Form $form
     }
   }
 
+  // check for ability to add contributions of type
+  if (str_starts_with($formName, 'CRM_Event_Form_Registration_') && $form->getEventValue('is_monetary')
+    && !CRM_Core_Permission::check(
+      'add contributions of type ' . CRM_Core_PseudoConstant::getName('CRM_Contribute_BAO_Contribution', 'financial_type_id', $form->getEventValue('financial_type_id')))
+  ) {
+    CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
+  }
+
 }
 
 /**
-- 
2.25.1