From 9031972059a40eb5e58713078551574af03c6021 Mon Sep 17 00:00:00 2001
From: Brian Shaughnessy <brian@lcdservices.biz>
Date: Thu, 12 Dec 2013 10:33:24 -0500
Subject: [PATCH] CRM-13920 add "any" option to getCaseActivityQuery and use
 when checking case perms for user

---
 CRM/Case/BAO/Case.php      | 34 ++++++++++++++++++++++++++++++++--
 CRM/Case/Form/CaseView.php |  2 +-
 CRM/Case/Page/Tab.php      |  2 +-
 3 files changed, 34 insertions(+), 4 deletions(-)

diff --git a/CRM/Case/BAO/Case.php b/CRM/Case/BAO/Case.php
index d7b2f851ea..ac54933830 100644
--- a/CRM/Case/BAO/Case.php
+++ b/CRM/Case/BAO/Case.php
@@ -578,6 +578,13 @@ t_act.id as case_recent_activity_id,
 t_act.act_type_name as case_recent_activity_type_name,
 t_act.act_type AS case_recent_activity_type ";
     }
+    elseif ( $type == 'any' ) {
+      $query .=  "
+t_act.desired_date as case_activity_date,
+t_act.id as case_activity_id,
+t_act.act_type_name as case_activity_type_name,
+t_act.act_type AS case_activity_type ";
+    }
 
     $query .= " FROM civicrm_case
                   INNER JOIN civicrm_case_contact ON civicrm_case.id = civicrm_case_contact.case_id
@@ -624,6 +631,21 @@ LEFT JOIN civicrm_option_group aog ON aog.name='activity_type'
   LEFT JOIN civicrm_option_value aov ON ( aov.option_group_id = aog.id AND aov.value = act.activity_type_id )
 ) AS t_act ";
     }
+    elseif ( $type == 'any' ) {
+      $query .= " LEFT JOIN
+(
+  SELECT ca4.case_id, act4.id AS id, act4.activity_date_time AS desired_date, act4.activity_type_id, act4.status_id, aov.name AS act_type_name, aov.label AS act_type
+  FROM civicrm_activity act4
+  LEFT JOIN civicrm_case_activity ca4
+    ON ca4.activity_id = act4.id
+    AND act4.is_current_revision = 1
+  LEFT JOIN civicrm_option_group aog
+    ON aog.name='activity_type'
+  LEFT JOIN civicrm_option_value aov
+    ON aov.option_group_id = aog.id
+    AND aov.value = act4.activity_type_id
+) AS t_act";
+    }
 
     $query .= "
         ON t_act.case_id = civicrm_case.id
@@ -662,6 +684,9 @@ LEFT JOIN civicrm_option_group aog ON aog.name='activity_type'
     elseif ($type == 'recent') {
       $query .= " ORDER BY case_recent_activity_date ASC ";
     }
+    elseif ( $type == 'any' ) {
+      $query .= " ORDER BY case_activity_date ASC ";
+    }
 
     return $query;
   }
@@ -706,8 +731,7 @@ LEFT JOIN civicrm_option_group aog ON aog.name='activity_type'
     if (!$allCases) {
       $condition .= " AND case_relationship.contact_id_b = {$userID} ";
     }
-
-    if ($type == 'upcoming') {
+    if ( $type == 'upcoming' || $type == 'any' ) {
       $closedId = CRM_Core_OptionGroup::getValue('case_status', 'Closed', 'name');
       $condition .= "
 AND civicrm_case.status_id != $closedId";
@@ -751,6 +775,12 @@ AND civicrm_case.status_id != $closedId";
       $resultFields[] = 'case_recent_activity_type';
       $resultFields[] = 'case_recent_activity_id';
     }
+    elseif ( $type == 'any' ) {
+      $resultFields[] = 'case_activity_date';
+      $resultFields[] = 'case_activity_type_name';
+      $resultFields[] = 'case_activity_type';
+      $resultFields[] = 'case_activity_id';
+    }
 
     // we're going to use the usual actions, so doesn't make sense to duplicate definitions
     $actions = CRM_Case_Selector_Search::links();
diff --git a/CRM/Case/Form/CaseView.php b/CRM/Case/Form/CaseView.php
index 73a645ee64..771c3e7c1a 100644
--- a/CRM/Case/Form/CaseView.php
+++ b/CRM/Case/Form/CaseView.php
@@ -97,7 +97,7 @@ class CRM_Case_Form_CaseView extends CRM_Core_Form {
     $session          = CRM_Core_Session::singleton();
     $userID           = $session->get('userID');
     if (!$this->_hasAccessToAllCases) {
-      $this->_userCases = CRM_Case_BAO_Case::getCases(FALSE, $userID);
+      $this->_userCases = CRM_Case_BAO_Case::getCases(FALSE, $userID, 'any');
       if (!array_key_exists($this->_caseID, $this->_userCases)) {
         CRM_Core_Error::fatal(ts('You are not authorized to access this page.'));
       }
diff --git a/CRM/Case/Page/Tab.php b/CRM/Case/Page/Tab.php
index 9af6a6a965..3fde260ac1 100644
--- a/CRM/Case/Page/Tab.php
+++ b/CRM/Case/Page/Tab.php
@@ -72,7 +72,7 @@ class CRM_Case_Page_Tab extends CRM_Core_Page {
         //user might have special permissions to view this case, CRM-5666
         if (!CRM_Core_Permission::check('access all cases and activities')) {
           $session = CRM_Core_Session::singleton();
-          $userCases = CRM_Case_BAO_Case::getCases(FALSE, $session->get('userID'));
+          $userCases = CRM_Case_BAO_Case::getCases(FALSE, $session->get('userID'), 'any');
           if (!array_key_exists($this->_id, $userCases)) {
             CRM_Core_Error::fatal(ts('You are not authorized to access this page.'));
           }
-- 
2.25.1