From 7cebf16783937f499269432905b42fef6c074cb2 Mon Sep 17 00:00:00 2001 From: Edsel Date: Tue, 17 Mar 2015 16:34:22 +0530 Subject: [PATCH] CIVI-28 Added check for permissions while search results are being displayed on contribution search, advanced search and contact summary page (Contributions tab) --- CRM/Contribute/Form/ContributionPage/Settings.php | 14 +++++++------- CRM/Contribute/Selector/Search.php | 12 ++++++++++++ CRM/Financial/BAO/FinancialType.php | 8 +++++++- 3 files changed, 26 insertions(+), 8 deletions(-) diff --git a/CRM/Contribute/Form/ContributionPage/Settings.php b/CRM/Contribute/Form/ContributionPage/Settings.php index efcbd983a4..c70cc3c53a 100644 --- a/CRM/Contribute/Form/ContributionPage/Settings.php +++ b/CRM/Contribute/Form/ContributionPage/Settings.php @@ -118,14 +118,14 @@ class CRM_Contribute_Form_ContributionPage_Settings extends CRM_Contribute_Form_ $attributes = CRM_Core_DAO::getAttribute('CRM_Contribute_DAO_ContributionPage'); // financial Type - if (CRM_Core_Permission::check('administer CiviCRM Financial Types')) { - $this->addSelect('financial_type_id', array('context' => 'search'), TRUE); + CRM_Financial_BAO_FinancialType::getAvailableFinancialTypes($financialTypes, 'add'); + $financialOptions = array( + 'options' => $financialTypes, + ); + if (!CRM_Core_Permission::check('administer CiviCRM Financial Types')) { + $financialOptions['context'] = 'search'; } - else { - CRM_Financial_BAO_FinancialType::getAvailableFinancialTypes($financialTypes, 'add'); - - $this->addSelect('financial_type_id', array('context' => 'search', 'options' => $financialTypes), TRUE); - } + $this->addSelect('financial_type_id', $financialOptions, TRUE); // name $this->add('text', 'title', ts('Title'), $attributes['title'], TRUE); diff --git a/CRM/Contribute/Selector/Search.php b/CRM/Contribute/Selector/Search.php index 32d153ebb2..c6d4701406 100644 --- a/CRM/Contribute/Selector/Search.php +++ b/CRM/Contribute/Selector/Search.php @@ -359,6 +359,18 @@ class CRM_Contribute_Selector_Search extends CRM_Core_Selector_Base implements C while ($result->fetch()) { $row = array(); + $permissions[] = CRM_Core_Permission::VIEW; + if (!CRM_Core_Permission::check('view contributions of type ' . CRM_Contribute_PseudoConstant::financialType($result->financial_type_id))) { + continue; + } + if (!CRM_Core_Permission::check('edit contributions of type ' . CRM_Contribute_PseudoConstant::financialType($result->financial_type_id))) { + unset($permissions[array_search(CRM_Core_Permission::EDIT, $permissions)]); + $mask = CRM_Core_Action::mask($permissions); + } + if (!CRM_Core_Permission::check('delete contributions of type ' . CRM_Contribute_PseudoConstant::financialType($result->financial_type_id))) { + unset($permissions[array_search(CRM_Core_Permission::DELETE, $permissions)]); + $mask = CRM_Core_Action::mask($permissions); + } // the columns we are interested in foreach (self::$_properties as $property) { if (property_exists($result, $property)) { diff --git a/CRM/Financial/BAO/FinancialType.php b/CRM/Financial/BAO/FinancialType.php index dff2aa0630..f583dd67f3 100644 --- a/CRM/Financial/BAO/FinancialType.php +++ b/CRM/Financial/BAO/FinancialType.php @@ -192,7 +192,8 @@ class CRM_Financial_BAO_FinancialType extends CRM_Financial_DAO_FinancialType { * adding permissions for financial types * * - * @param array $permissions an array of permissions + * @param array $permissions + * an array of permissions */ public static function permissionedFinancialTypes(&$permissions) { $financialTypes = CRM_Contribute_PseudoConstant::financialType(); @@ -215,4 +216,9 @@ class CRM_Financial_BAO_FinancialType extends CRM_Financial_DAO_FinancialType { } } } + + /* public static function getPermissionedRows(&$rows) { */ + /* foreach () { */ + /* } */ + /* } */ } -- 2.25.1