From 2f9320eaf659d18c120ef6ef84cdc6f2287254c2 Mon Sep 17 00:00:00 2001 From: yashodha Date: Tue, 16 Jun 2015 10:03:16 +0530 Subject: [PATCH] CRM-12675: generalize for all components ---------------------------------------- * CRM-12675: Contribution activities shown to users without permission https://issues.civicrm.org/jira/browse/CRM-12675 --- CRM/Activity/Form/Task.php | 13 ++++++++----- CRM/Activity/Selector/Search.php | 24 +++++++++++++++--------- CRM/Report/Form/Activity.php | 9 +++++---- 3 files changed, 28 insertions(+), 18 deletions(-) diff --git a/CRM/Activity/Form/Task.php b/CRM/Activity/Form/Task.php index 1ccc41e36b..4ed8c5839f 100644 --- a/CRM/Activity/Form/Task.php +++ b/CRM/Activity/Form/Task.php @@ -117,12 +117,15 @@ class CRM_Activity_Form_Task extends CRM_Core_Form { // CRM-12675 $activityClause = NULL; - if (! CRM_Core_Permission::check('access CiviContribute')) { - $components = CRM_Core_Component::getNames(); - $contribute = CRM_Utils_Array::key('CiviContribute', $components); - $activityClause = " (activity_type.component_id IS NULL OR activity_type.component_id <> {$contribute}) "; + $components = CRM_Core_Component::getNames(); + foreach($components as $componentID => $componentName) { + if (! CRM_Core_Permission::check("access $componentName")) { + $componentClause = " (activity_type.component_id IS NULL OR activity_type.component_id <> {$componentID}) "; + } + } + if (!empty($componentClause)) { + $activityClause = implode(' AND ', $componentClause); } - $result = $query->searchQuery(0, 0, NULL, FALSE, FALSE, FALSE, FALSE, FALSE, $activityClause); while ($result->fetch()) { diff --git a/CRM/Activity/Selector/Search.php b/CRM/Activity/Selector/Search.php index cb8a342963..ade5b26779 100644 --- a/CRM/Activity/Selector/Search.php +++ b/CRM/Activity/Selector/Search.php @@ -174,18 +174,24 @@ class CRM_Activity_Selector_Search extends CRM_Core_Selector_Base implements CRM $this->_activityClause = $activityClause; // CRM-12675 - if (! CRM_Core_Permission::check('access CiviContribute')) { - $components = CRM_Core_Component::getNames(); - $contribute = CRM_Utils_Array::key('CiviContribute', $components); - $componentRestriction = " (activity_type.component_id IS NULL OR activity_type.component_id <> {$contribute}) "; - if (empty($this->_activityClause)) { - $this->_activityClause = $componentRestriction; - } - else { - $this->_activityClause .= ' AND ' . $componentRestriction; + $components = CRM_Core_Component::getNames(); + foreach ($components as $componentID => $componentName) { + if (! CRM_Core_Permission::check("access $componentName")) { + $componentClause[] = " (activity_type.component_id IS NULL OR activity_type.component_id <> {$componentID}) "; } } + if (!empty($componentClause)) { + $componentRestriction = implode(' AND ', $componentClause); + } + + if (empty($this->_activityClause)) { + $this->_activityClause = $componentRestriction; + } + else { + $this->_activityClause .= ' AND ' . $componentRestriction; + } + // type of selector $this->_action = $action; $this->_query = new CRM_Contact_BAO_Query($this->_queryParams, diff --git a/CRM/Report/Form/Activity.php b/CRM/Report/Form/Activity.php index 832b492482..2c101a2e9d 100644 --- a/CRM/Report/Form/Activity.php +++ b/CRM/Report/Form/Activity.php @@ -598,10 +598,11 @@ class CRM_Report_Form_Activity extends CRM_Report_Form { } // CRM-12675 - if (! CRM_Core_Permission::check('access CiviContribute')) { - $components = CRM_Core_Component::getNames(); - $contribute = CRM_Utils_Array::key('CiviContribute', $components); - $clauses[] = " ({$this->_aliases['civicrm_option_value']}.component_id IS NULL OR {$this->_aliases['civicrm_option_value']}.component_id <> {$contribute}) "; + $components = CRM_Core_Component::getNames(); + foreach ($components as $componentID => $componentName) { + if (! CRM_Core_Permission::check("access $componentName")) { + $clauses[] = " ({$this->_aliases['civicrm_option_value']}.component_id IS NULL OR {$this->_aliases['civicrm_option_value']}.component_id <> {$componentID}) "; + } } if (empty($clauses)) { -- 2.25.1