From eba5693963f95c3f2bb56ce8ea5f6b3b18012130 Mon Sep 17 00:00:00 2001 From: Bob Silvern Date: Sat, 17 Aug 2019 11:08:27 -0700 Subject: [PATCH] dev/event#10 - Prevent old notes exposed in event confirmation email --- CRM/Event/BAO/Event.php | 9 + CRM/Event/Form/Registration/Confirm.php | 4 +- .../Event/Form/Registration/ConfirmTest.php | 168 ++++++++++++++++++ 3 files changed, 179 insertions(+), 2 deletions(-) diff --git a/CRM/Event/BAO/Event.php b/CRM/Event/BAO/Event.php index df8ece444c..eb096487d0 100644 --- a/CRM/Event/BAO/Event.php +++ b/CRM/Event/BAO/Event.php @@ -1358,6 +1358,15 @@ WHERE civicrm_event.is_active = 1 CRM_Core_BAO_UFGroup::getValues($cid, $fields, $values, FALSE, $params); + //dev/event#10 + //If the event profile includes a note field and the submitted value of + //that field is "", then remove the old note returned by getValues. + if (isset($participantParams['note']) && empty($participantParams['note'])) { + $noteKeyPos = array_search('note', array_keys($fields)); + $valuesKeys = array_keys($values); + $values[$valuesKeys[$noteKeyPos]] = ""; + } + if (isset($fields['participant_status_id']['title']) && isset($values[$fields['participant_status_id']['title']]) && is_numeric($values[$fields['participant_status_id']['title']]) diff --git a/CRM/Event/Form/Registration/Confirm.php b/CRM/Event/Form/Registration/Confirm.php index 66aca2e971..18e9ca607c 100644 --- a/CRM/Event/Form/Registration/Confirm.php +++ b/CRM/Event/Form/Registration/Confirm.php @@ -1301,8 +1301,8 @@ class CRM_Event_Form_Registration_Confirm extends CRM_Event_Form_Registration { // This happens in buildQuickForm so emulate here. $form->_amount = $form->_totalAmount = CRM_Utils_Rule::cleanMoney(CRM_Utils_Array::value('totalAmount', $params)); $form->set('params', $params['params']); - $form->_values['custom_pre_id'] = []; - $form->_values['custom_post_id'] = []; + $form->_values['custom_pre_id'] = CRM_Utils_Array::value('custom_pre_id', $params); + $form->_values['custom_post_id'] = CRM_Utils_Array::value('custom_post_id', $params); $form->_values['event'] = CRM_Utils_Array::value('event', $params); $form->_contributeMode = $params['contributeMode']; $eventParams = ['id' => $params['id']]; diff --git a/tests/phpunit/CRM/Event/Form/Registration/ConfirmTest.php b/tests/phpunit/CRM/Event/Form/Registration/ConfirmTest.php index 683ed6035c..479b7abc36 100644 --- a/tests/phpunit/CRM/Event/Form/Registration/ConfirmTest.php +++ b/tests/phpunit/CRM/Event/Form/Registration/ConfirmTest.php @@ -393,4 +393,172 @@ class CRM_Event_Form_Registration_ConfirmTest extends CiviUnitTestCase { ], $tplVar['primaryParticipantProfile']); } + /** + * Submit event registration with a note field + * + * @param array $event + * @param int $contact_id + * + * @throws \Exception + */ + private function submitWithNote($event, $contact_id) { + if (empty($contact_id)) { + $contact_id = $this->createLoggedInUser(); + } + $mut = new CiviMailUtils($this, TRUE); + CRM_Event_Form_Registration_Confirm::testSubmit([ + 'id' => $event['id'], + 'contributeMode' => 'direct', + 'registerByID' => $contact_id, + 'custom_pre_id' => $event['custom_pre_id'], + 'params' => [ + [ + 'qfKey' => 'e6eb2903eae63d4c5c6cc70bfdda8741_2801', + 'entryURL' => 'http://dmaster.local/civicrm/event/register?reset=1&id=3', + 'first_name' => 'k', + 'last_name' => 'p', + 'email-Primary' => 'demo@example.com', + 'hidden_processor' => '1', + 'credit_card_number' => '4111111111111111', + 'cvv2' => '123', + 'credit_card_exp_date' => [ + 'M' => '1', + 'Y' => '2019', + ], + 'credit_card_type' => 'Visa', + 'billing_first_name' => 'p', + 'billing_middle_name' => '', + 'billing_last_name' => 'p', + 'billing_street_address-5' => 'p', + 'billing_city-5' => 'p', + 'billing_state_province_id-5' => '1061', + 'billing_postal_code-5' => '7', + 'billing_country_id-5' => '1228', + 'scriptFee' => '', + 'scriptArray' => '', + 'priceSetId' => '6', + 'price_7' => [ + 13 => 1, + ], + 'payment_processor_id' => '1', + 'bypass_payment' => '', + 'MAX_FILE_SIZE' => '33554432', + 'is_primary' => 1, + 'is_pay_later' => 0, + 'campaign_id' => NULL, + 'defaultRole' => 1, + 'participant_role_id' => '1', + 'currencyID' => 'USD', + 'amount_level' => 'Tiny-tots (ages 5-8) - 1', + 'amount' => '800.00', + 'tax_amount' => NULL, + 'year' => '2019', + 'month' => '1', + 'ip_address' => '127.0.0.1', + 'invoiceID' => '57adc34957a29171948e8643ce906332', + 'button' => '_qf_Register_upload', + 'billing_state_province-5' => 'AP', + 'billing_country-5' => 'US', + 'note' => $event['note'], + ], + ], + ]); + $participant = $this->callAPISuccessGetSingle('Participant', []); + $mut->checkMailLog(['Comment: ' . $event['note'] . chr(0x0A)]); + $mut->stop(); + $mut->clearMessages(); + $tplVars = CRM_Core_Smarty::singleton()->get_template_vars(); + $this->assertEquals($participant['id'], $tplVars['participantID']); + //return ['contact_id' => $contact_id, 'participant_id' => $participant['id']]; + return [$contact_id, $participant['id']]; + } + + /** + * Create an event with a "pre" profile + * + * @throws \CRM_Core_Exception + * @throws \Exception + */ + private function creatEventWithProfile($event) { + if (empty($event)) { + $event = $this->eventCreate(); + $this->createJoinedProfile(['entity_table' => 'civicrm_event', 'entity_id' => $event['id']]); + $this->uf_field_add($this->ids["UFGroup"]["our profile"], 'note', 'Contact', 'Comment'); + } + + /* @var \CRM_Event_Form_Registration_Confirm $form */ + $form = $this->getFormObject('CRM_Event_Form_Registration_Confirm'); + $form->set('params', [[]]); + $form->set('id', $event['id']); + $form->set('values', [ + 'event' => $event['values'][$event['id']], + 'location' => [], + 'custom_pre_id' => $this->ids['UFGroup']['our profile'], + ]); + $form->preProcess(); + + CRM_Event_Form_Registration_Confirm::assignProfiles($form); + + $smarty = CRM_Core_Smarty::singleton(); + $tplVar = $smarty->get_template_vars(); + $this->assertEquals([ + 'CustomPre' => ['First Name' => NULL, 'Comment' => NULL], + 'CustomPreGroupTitle' => 'Public title', + ], $tplVar['primaryParticipantProfile']); + return $event; + } + + /** + * Add a field to the specified profile + * + * @param int $uf_group_id + * @param string $field_name + * @param string $field_type + * @param string $field_label + * @return array + * API result array + */ + private function uf_field_add($uf_group_id, $field_name, $field_type, $field_label) { + $params = [ + 'field_name' => $field_name, + 'field_type' => $field_type, + 'visibility' => 'Public Pages and Listings', + 'weight' => 1, + 'label' => $field_label, + 'is_searchable' => 1, + 'is_active' => 1, + 'uf_group_id' => $uf_group_id, + ]; + $result = civicrm_api3('UFField', 'create', $params); + return $result; + } + + /** + * /dev/event#10 + * Test submission with a note in the profile, ensuring the confirmation + * email reflects the submitted value + */ + public function testNoteSubmission() { + //create an event with an attached profile containing a note + $event = $this->creatEventWithProfile(NULL); + $event['custom_pre_id'] = $this->ids["UFGroup"]["our profile"]; + $event['note'] = "This is note 1"; + [$contact_id, $participant_id] = $this->submitWithNote($event, NULL); + civicrm_api3('Participant', 'delete', ['id' => $participant_id]); + + //now that the contact has one note, register this contact again with a different note + //and confirm that the note shown in the email is the current one + $event = $this->creatEventWithProfile($event); + $event['custom_pre_id'] = $this->ids["UFGroup"]["our profile"]; + $event['note'] = "This is note 2"; + [$contact_id, $participant_id] = $this->submitWithNote($event, $contact_id); + civicrm_api3('Participant', 'delete', ['id' => $participant_id]); + + //finally, submit a blank note and confirm that the note shown in the email is blank + $event = $this->creatEventWithProfile($event); + $event['custom_pre_id'] = $this->ids["UFGroup"]["our profile"]; + $event['note'] = ""; + [$contact_id, $participant_id] = $this->submitWithNote($event, $contact_id); + } + } -- 2.25.1