From 7360980f270874ec85ae64750adc358d2bbc5715 Mon Sep 17 00:00:00 2001
From: Eileen McNaughton <emcnaughton@wikimedia.org>
Date: Fri, 13 Oct 2023 12:03:08 +1300
Subject: [PATCH] Move financial acl check on Main contribution page to the
 extension

Note that after our snaffu with memberships I tested with the setting enabled & disabled
---
 CRM/Contribute/Form/ContributionBase.php |  5 -----
 ext/financialacls/financialacls.php      | 19 ++++++++++++++++++-
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/CRM/Contribute/Form/ContributionBase.php b/CRM/Contribute/Form/ContributionBase.php
index 5cf148ca3a..30e2bedca1 100644
--- a/CRM/Contribute/Form/ContributionBase.php
+++ b/CRM/Contribute/Form/ContributionBase.php
@@ -384,11 +384,6 @@ class CRM_Contribute_Form_ContributionBase extends CRM_Core_Form {
       $this->_fields = [];
 
       CRM_Contribute_BAO_ContributionPage::setValues($this->_id, $this->_values);
-      if (CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()
-        && !CRM_Core_Permission::check('add contributions of type ' . CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id']))
-      ) {
-        CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
-      }
       if (empty($this->_values['is_active'])) {
         throw new CRM_Contribute_Exception_InactiveContributionPageException(ts('The page you requested is currently unavailable.'), $this->_id);
       }
diff --git a/ext/financialacls/financialacls.php b/ext/financialacls/financialacls.php
index 5696c289f2..334105d92e 100644
--- a/ext/financialacls/financialacls.php
+++ b/ext/financialacls/financialacls.php
@@ -201,7 +201,7 @@ function financialacls_civicrm_buildAmount($component, $form, &$feeBlock) {
 
   foreach ($feeBlock as $key => $value) {
     foreach ($value['options'] as $k => $options) {
-      if (!CRM_Core_Permission::check('add contributions of type ' . CRM_Contribute_PseudoConstant::financialType($options['financial_type_id']))) {
+      if (!CRM_Core_Permission::check('add contributions of type ' . CRM_Core_PseudoConstant::getName('CRM_Contribute_DAO_Contribution', 'financial_type_id', $options['financial_type_id']))) {
         unset($feeBlock[$key]['options'][$k]);
       }
     }
@@ -384,6 +384,23 @@ function financialacls_civicrm_alterMenu(array &$menu): void {
   $menu['civicrm/admin/financial/financialType']['access_arguments'] = [['administer CiviCRM Financial Types']];
 }
 
+/**
+ * @param string $formName
+ * @param \CRM_Core_Form $form
+ */
+function financialacls_civicrm_preProcess(string $formName, \CRM_Core_Form $form): void {
+  if (!financialacls_is_acl_limiting_enabled()) {
+    return;
+  }
+  if (str_starts_with($formName, 'CRM_Contribute_Form_Contribution_')) {
+    /* @var \CRM_Contribute_Form_Contribution_Main $form */
+    if (!CRM_Core_Permission::check('add contributions of type ' . $form->getContributionPageValue('financial_type_id:name'))) {
+      CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
+    }
+  }
+
+}
+
 /**
  * Hide edit/enable/disable links for memberships of a given Financial Type
  * Note: The $objectID param can be an int, string or null, hence not typed
-- 
2.25.1