From ee90a98c70dcc9e33f25a48c6f60646ecd98ba95 Mon Sep 17 00:00:00 2001
From: Camilo Rodriguez <camilo@compucorp.co.uk>
Date: Tue, 14 Nov 2017 19:21:30 +0000
Subject: [PATCH] CRM-21425: Add Permissions to Edit Inbound E-mails

The following permissions were added to CiviCRM core:

- CiviCRM: edit inbound email basic information
- CiviCRM: edit inbound email basic information and content

Having any of these permissions will alow  user to edit inbound E-mails, but
only the latter will allow users to also change the original email's content.

E-mails downloaded and stored as Inbound Email activities were saving their
details in two formats, as an ezComponents-parsed representation of
a text with alternatives. These alternatives were being stripped on the
Activity Form template, with the side effect of also stripping the textarea
where the wysiwyg editor would be built upon.

Fixed by stripping alternatives when preprocessing the quickform instead,
before the html for the textarea is generated.
---
 CRM/Activity/Form/Activity.php           | 10 ++++++++++
 CRM/Activity/Page/Tab.php                | 17 +++++++++++++++++
 CRM/Activity/Selector/Activity.php       |  7 +++++++
 CRM/Case/BAO/Case.php                    |  6 ++++++
 CRM/Core/Permission.php                  |  8 ++++++++
 templates/CRM/Activity/Form/Activity.tpl |  2 +-
 6 files changed, 49 insertions(+), 1 deletion(-)

diff --git a/CRM/Activity/Form/Activity.php b/CRM/Activity/Form/Activity.php
index a82cbade69..ce6404aff9 100644
--- a/CRM/Activity/Form/Activity.php
+++ b/CRM/Activity/Form/Activity.php
@@ -516,10 +516,20 @@ class CRM_Activity_Form_Activity extends CRM_Contact_Form_Task {
         $params = array('id' => $this->_activityId);
         CRM_Activity_BAO_Activity::retrieve($params, $this->_values);
       }
+
       $this->set('values', $this->_values);
     }
 
     if ($this->_action & CRM_Core_Action::UPDATE) {
+      // We filter out alternatives, in case this is a stored e-mail, before sending to front-end
+      $this->_values['details'] = CRM_Utils_String::stripAlternatives($this->_values['details']);
+
+      if ($this->_activityTypeName === 'Inbound Email' &&
+        !CRM_Core_Permission::check('edit inbound email basic information and content')
+      ) {
+        $this->_fields['details']['type'] = 'static';
+      }
+
       CRM_Core_Form_RecurringEntity::preProcess('civicrm_activity');
     }
 
diff --git a/CRM/Activity/Page/Tab.php b/CRM/Activity/Page/Tab.php
index 658a350b19..837eeb3608 100644
--- a/CRM/Activity/Page/Tab.php
+++ b/CRM/Activity/Page/Tab.php
@@ -131,6 +131,7 @@ class CRM_Activity_Page_Tab extends CRM_Core_Page {
 
     $this->_action = CRM_Utils_Request::retrieve('action', 'String', $this, FALSE, 'browse');
     $this->assign('action', $this->_action);
+    $this->assign('allow_edit_inbound_emails', $this->checkEditInboundEmailsPermissions());
 
     // also create the form element for the activity links box
     $controller = new CRM_Core_Controller_Simple(
@@ -143,6 +144,22 @@ class CRM_Activity_Page_Tab extends CRM_Core_Page {
     $controller->run();
   }
 
+  /**
+   * Checks if user has permissions to edit inbound e-mails, either bsic info
+   * or both basic information and content.
+   *
+   * @return bool
+   */
+  private function checkEditInboundEmailsPermissions() {
+    if (CRM_Core_Permission::check('edit inbound email basic information')
+      || CRM_Core_Permission::check('edit inbound email basic information and content')
+    ) {
+      return TRUE;
+    }
+
+    return FALSE;
+  }
+
   public function delete() {
     $controller = new CRM_Core_Controller_Simple(
       'CRM_Activity_Form_Activity',
diff --git a/CRM/Activity/Selector/Activity.php b/CRM/Activity/Selector/Activity.php
index e7f2541bed..8182c6409c 100644
--- a/CRM/Activity/Selector/Activity.php
+++ b/CRM/Activity/Selector/Activity.php
@@ -181,6 +181,13 @@ class CRM_Activity_Selector_Activity extends CRM_Core_Selector_Base implements C
       case 'Inbound Email':
         $url = 'civicrm/contact/view/activity';
         $qsView = "atype={$activityTypeId}&action=view&reset=1&id=%%id%%&cid=%%cid%%&context=%%cxt%%{$extraParams}";
+
+        if (CRM_Core_Permission::check('edit inbound email basic information')
+          || CRM_Core_Permission::check('edit inbound email basic information and content')
+        ) {
+          $showDelete = $showUpdate = TRUE;
+          $qsUpdate = "atype={$activityTypeId}&action=update&reset=1&id=%%id%%&cid=%%cid%%&context=%%cxt%%{$extraParams}";
+        }
         break;
 
       case 'Open Case':
diff --git a/CRM/Case/BAO/Case.php b/CRM/Case/BAO/Case.php
index 0fa87b459e..750cf012d8 100644
--- a/CRM/Case/BAO/Case.php
+++ b/CRM/Case/BAO/Case.php
@@ -2745,6 +2745,12 @@ WHERE id IN (' . implode(',', $copiedActivityIds) . ')';
       //allow edit operation.
       $allowEditNames = array('Open Case');
 
+      if (CRM_Core_Permission::check('edit inbound email basic information') ||
+        CRM_Core_Permission::check('edit inbound email basic information and content')
+      ) {
+        $allowEditNames[] = 'Inbound Email';
+      }
+
       // do not allow File on Case
       $doNotFileNames = array(
         'Open Case',
diff --git a/CRM/Core/Permission.php b/CRM/Core/Permission.php
index ff732084aa..762c6ae951 100644
--- a/CRM/Core/Permission.php
+++ b/CRM/Core/Permission.php
@@ -761,6 +761,14 @@ class CRM_Core_Permission {
       'delete activities' => array(
         $prefix . ts('Delete activities'),
       ),
+      'edit inbound email basic information' => array(
+        $prefix . ts('edit inbound email basic information'),
+        ts('Edit all inbound email activities (for visible contacts) basic information. Content editing not allowed.'),
+      ),
+      'edit inbound email basic information and content' => array(
+        $prefix . ts('edit inbound email basic information and content'),
+        ts('Edit all inbound email activities (for visible contacts) basic information and content.'),
+      ),
       'access CiviCRM' => array(
         $prefix . ts('access CiviCRM backend and API'),
         ts('Master control for access to the main CiviCRM backend and API. Give to trusted roles only.'),
diff --git a/templates/CRM/Activity/Form/Activity.tpl b/templates/CRM/Activity/Form/Activity.tpl
index eac293ef8a..689bdf5db2 100644
--- a/templates/CRM/Activity/Form/Activity.tpl
+++ b/templates/CRM/Activity/Form/Activity.tpl
@@ -247,7 +247,7 @@
   {/if} {* End Delete vs. Add / Edit action *}
   </table>
   <div class="crm-submit-buttons">
-  {if $action eq 4 && $activityTName neq 'Inbound Email'}
+  {if $action eq 4 && ($activityTName neq 'Inbound Email' || $allow_edit_inbound_emails == 1)}
     {if !$context }
       {assign var="context" value='activity'}
     {/if}
-- 
2.25.1