Commit d075b934 authored by mattwire's avatar mattwire
Browse files

Drop support for CiviCRM 5.7 - release 0.9

parent a4393c8a
......@@ -89,7 +89,7 @@ class CRM_AdvancedEvents_Form_ManageEvent_Delete extends CRM_Core_Form {
public function preProcess() {
$this->_id = CRM_Utils_Request::retrieve('id', 'Positive');
if (!CRM_AdvancedEvents_Temp::checkPermission($this->getEventId(), CRM_Core_Permission::DELETE)) {
if (!CRM_Event_BAO_Event::checkPermission($this->getEventId(), CRM_Core_Permission::DELETE)) {
CRM_Core_Error::statusBounce(ts('You do not have permission to access this page.'));
}
......
<?php
class CRM_AdvancedEvents_Temp {
/**
* Make sure that the user has permission to access this event.
* TODO: Remove once https://github.com/civicrm/civicrm-core/pull/12769 is merged increment min version
*
* @param int $eventId
* @param int $permissionType
*
* @return bool|array
* Whether the user has permission for this event (or if eventId=NULL an array of permissions)
* @throws \CiviCRM_API3_Exception
*/
public static function checkPermission($eventId = NULL, $permissionType = CRM_Core_Permission::VIEW) {
if (empty($eventId)) {
// Not used in extension... return self::getAllPermissions($permissionType);
return FALSE;
}
switch ($permissionType) {
case CRM_Core_Permission::VIEW:
if (isset(Civi::$statics[__CLASS__]['permission']['view'][$eventId])) {
return Civi::$statics[__CLASS__]['permission']['view'][$eventId];
}
Civi::$statics[__CLASS__]['permission']['view'][$eventId] = FALSE;
list($allEvents, $createdEvents) = self::checkPermissionGetInfo($eventId);
if (CRM_Core_Permission::check('access CiviEvent')) {
if (in_array($eventId, CRM_ACL_API::group(CRM_Core_Permission::VIEW, NULL, 'civicrm_event', $allEvents, array_keys($createdEvents)))) {
// User created this event so has permission to view it
return Civi::$statics[__CLASS__]['permission']['view'][$eventId] = TRUE;
}
if (CRM_Core_Permission::check('view event participants')) {
// User has permission to view all events
// use case: allow "view all events" but NOT "edit all events"
// so for a normal site allow users with these two permissions to view all events AND
// at the same time also allow any hook to override if needed.
if (in_array($eventId, CRM_ACL_API::group(CRM_Core_Permission::VIEW, NULL, 'civicrm_event', $allEvents, array_keys($allEvents)))) {
Civi::$statics[__CLASS__]['permission']['view'][$eventId] = TRUE;
}
}
}
return Civi::$statics[__CLASS__]['permission']['view'][$eventId];
case CRM_Core_Permission::EDIT:
if (isset(Civi::$statics[__CLASS__]['permission']['edit'][$eventId])) {
return Civi::$statics[__CLASS__]['permission']['edit'][$eventId];
}
Civi::$statics[__CLASS__]['permission']['edit'][$eventId] = FALSE;
list($allEvents, $createdEvents) = self::checkPermissionGetInfo($eventId);
// Note: for a multisite setup, a user with edit all events, can edit all events
// including those from other sites
if (($permissionType == CRM_Core_Permission::EDIT) && CRM_Core_Permission::check('edit all events')) {
Civi::$statics[__CLASS__]['permission']['edit'][$eventId] = TRUE;
}
elseif (in_array($eventId, CRM_ACL_API::group(CRM_Core_Permission::EDIT, NULL, 'civicrm_event', $allEvents, $createdEvents))) {
Civi::$statics[__CLASS__]['permission']['edit'][$eventId] = TRUE;
}
return Civi::$statics[__CLASS__]['permission']['edit'][$eventId];
case CRM_Core_Permission::DELETE:
if (isset(Civi::$statics[__CLASS__]['permission']['delete'][$eventId])) {
return Civi::$statics[__CLASS__]['permission']['delete'][$eventId];
}
Civi::$statics[__CLASS__]['permission']['delete'][$eventId] = FALSE;
if (CRM_Core_Permission::check('delete in CiviEvent')) {
Civi::$statics[__CLASS__]['permission']['delete'][$eventId] = TRUE;
}
return Civi::$statics[__CLASS__]['permission']['delete'][$eventId];
default:
return FALSE;
}
}
/**
* This is a helper for refactoring checkPermission
* TODO: Remove once https://github.com/civicrm/civicrm-core/pull/12769 is merged increment min version
* FIXME: We should be able to get rid of these arrays, but that would require understanding how CRM_ACL_API::group actually works!
*
* @param int $eventId
*
* @return array $allEvents, $createdEvents
* @throws \CiviCRM_API3_Exception
*/
private static function checkPermissionGetInfo($eventId = NULL) {
$params = [
'check_permissions' => 1,
'return' => 'id, created_id',
'options' => ['limit' => 0],
];
if ($eventId) {
$params['id'] = $eventId;
}
$allEvents = [];
$createdEvents = [];
$eventResult = civicrm_api3('Event', 'get', $params);
if ($eventResult['count'] > 0) {
$contactId = CRM_Core_Session::getLoggedInContactID();
foreach ($eventResult['values'] as $eventId => $eventDetail) {
$allEvents[$eventId] = $eventId;
if (isset($eventDetail['created_id']) && $contactId == $eventDetail['created_id']) {
$createdEvents[$eventId] = $eventId;
}
}
}
return [$allEvents, $createdEvents];
}
}
\ No newline at end of file
......@@ -16,15 +16,11 @@ The extension is licensed under [AGPL-3.0](LICENSE.txt).
## Requirements
* PHP v7.0+
* CiviCRM 5.8+ (see notes below re. earlier versions)
* https://github.com/mattwire/civicrm-core/tree/advanced_events
Core PRs temporarily included in the extension (they should be merged to core eventually):
* https://github.com/civicrm/civicrm-core/pull/12769
* PHP v7.1+
* CiviCRM 5.13+
### CiviCRM 5.7
Requires: https://github.com/civicrm/civicrm-core/pull/12769
Recommended: https://github.com/civicrm/civicrm-core/pull/12747 *without this change some page/form redirects may go to the wrong tab on submit (eg. "Info and Settings" instead of "Repeat")*
### CiviCRM 5.6
......@@ -63,5 +59,3 @@ cv en advanced_events
Navigate to Administer->CiviEvent->Advanced Events Configuration.
## Known Issues
This extension is under development.
......@@ -13,11 +13,11 @@
<url desc="Support">https://www.mjwconsult.co.uk</url>
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2019-01-09</releaseDate>
<version>0.8</version>
<releaseDate>2019-06-18</releaseDate>
<version>0.9</version>
<develStage>beta</develStage>
<compatibility>
<ver>5.7</ver>
<ver>5.13</ver>
</compatibility>
<comments>Advanced functionality for Events</comments>
<civix>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment