Development issueshttps://lab.civicrm.org/groups/dev/-/issues2024-01-21T05:03:28Zhttps://lab.civicrm.org/dev/core/-/issues/3433FormBuilder: allow multiple email/phone/address blocks with pre-set location ...2024-01-21T05:03:28ZStéphane Lussierstephane@symbiotic.coopFormBuilder: allow multiple email/phone/address blocks with pre-set location typesOverview
----------------------------------------
I like the flexibility of _afform_ and its ability to edit multiple fields on the fly :
![afform](/uploads/132b8354b92569465f49a464dd9fd4f7/image.png)
...but sometimes, it would be ni...Overview
----------------------------------------
I like the flexibility of _afform_ and its ability to edit multiple fields on the fly :
![afform](/uploads/132b8354b92569465f49a464dd9fd4f7/image.png)
...but sometimes, it would be nice if it could also do this :
![profile](/uploads/83b66e2904f2391d6d7d56e971d279bd/image.png)
Current behaviour
----------------------------------------
Afform currently exposes all its flexibility to the end user by providing all available options to composite fields.
Proposed behaviour
----------------------------------------
Provide the ability to pre-configure a given amount of multiple fields in order to simplify the end-user interface and expose those fields immediately once the form is loaded.
Comments
----------------------------------------
In the case of an email field, we would be able to decide in advance the location of each field and/or specify which of those fields should be the main one.https://lab.civicrm.org/dev/core/-/issues/3432Greenwich theme: transparent background on pop-ups2022-06-23T22:07:08ZherbdoolGreenwich theme: transparent background on pop-upsOn 5.48.2, using default (Greenwich) admin theme:
![2022-04-28_15.51.38_xm2.lndo.site_d1e1f03fb990](/uploads/678c53c44f0cdf394c4e3e3f87ef985f/2022-04-28_15.51.38_xm2.lndo.site_d1e1f03fb990.png)
And with "unstyled" admin theme:
![2022-...On 5.48.2, using default (Greenwich) admin theme:
![2022-04-28_15.51.38_xm2.lndo.site_d1e1f03fb990](/uploads/678c53c44f0cdf394c4e3e3f87ef985f/2022-04-28_15.51.38_xm2.lndo.site_d1e1f03fb990.png)
And with "unstyled" admin theme:
![2022-04-28_15.57.43_xm2.lndo.site_8080eb78c5ef](/uploads/bd8487b62e72dc3e201b708652319b9c/2022-04-28_15.57.43_xm2.lndo.site_8080eb78c5ef.png)
Using Drupal 9, Seven admin theme.
Environment information
----------------------------------------
* __Browser:__ Chrome
* __CiviCRM:__ 5.48.2
* __PHP:__ 7.4
* __CMS:__ Drupal 95.52.0https://lab.civicrm.org/dev/core/-/issues/3431Case Resources cuts off at 25 contacts when creating case activity2022-05-01T22:33:07ZDaveDCase Resources cuts off at 25 contacts when creating case activityBut it's not the usual api3 limit, it's just a default of 25 that it has and there's no ability to set it.
1. Add more than 25 contacts to the Case Resources group.
1. Visit Manage Case and create a Followup.
1. In the send copy section...But it's not the usual api3 limit, it's just a default of 25 that it has and there's no ability to set it.
1. Add more than 25 contacts to the Case Resources group.
1. Visit Manage Case and create a Followup.
1. In the send copy section there's only 25 from the group.
Also on Manage Case, in the Other Relationships section, there's a pager for it but it's a bit broken. It cuts off at 10 by default, but doesn't indicate there's more pages, but if you use the dropdown to show 50 it will show all, but there's no indication there's more than 10 available.
This is not a regression. It goes back forever. It's probably unusual to have so many in the group, and this only came up on a test site where older entries had never been removed like they are in real life.5.50.0https://lab.civicrm.org/dev/drupal/-/issues/179KCFinder on D9: You don't have permissions to browse server.2022-08-12T05:14:07ZSandor SemseyKCFinder on D9: You don't have permissions to browse server.## Overview
The issue is very similar to this one:
https://civicrm.stackexchange.com/questions/41023/cannot-upload-images-using-ckeditor-on-message-template-after-5-45-upgrade
and the proposed workaround is solving it (reverting [this...## Overview
The issue is very similar to this one:
https://civicrm.stackexchange.com/questions/41023/cannot-upload-images-using-ckeditor-on-message-template-after-5-45-upgrade
and the proposed workaround is solving it (reverting [this](https://github.com/civicrm/civicrm-packages/commit/0bb407782b810c32a81e0ad42af67a435b44c845) commit), but I think the root cause is different.
**Steps to reproduce**
1. Use CKEditor4 as Wysiwig Editor
1. Create Event
1. Insert image to description
1. Try to browse, or upload image
1. Error: You don't have permissions to browse server.
## Analysis
In my case classes are found, so it's not namespacing. After some debugging, I think the following happens:
1. In `civicrm/packages/kcfinder/integration/civicrm.php` Drupal is bootstrapped, user authenticated and correct `KCFINDER` params are added to the `$_SESSION` var:
```
$_SESSION['KCFINDER']['disabled'] = false;
$_SESSION['KCFINDER']['uploadURL'] = $config->imageUploadURL;
$_SESSION['KCFINDER']['uploadDir'] = $config->imageUploadDir;
```
1. Then in `\kcfinder\uploader::construct()` session ID is requested from Drupal (`\CRM_Core_Config::singleton()->userSystem->getSessionId()`)
1. Eventually `Drupal\Core\Session\SessionManager::start()` finds no session so starts a new one, thus removing `KCFINDER` array from `$_SESSION`. This way kcfinder defaults are used, which is to disable access.
So I thought it's a cookie issue (though `$_COOKIE` was populated with all the cookies all the way through).
I changed `CRM_Utils_System_Drupal8::loadBootStrap()` to pass cookies to the Symfony request:
```
$request = new \Symfony\Component\HttpFoundation\Request([], [], [], $_COOKIE, [], $_SERVER);
```
This way session was found in step 3 above, it was restored, but it also didn't contained the `KCFINDER` array as `$_SESSION` was overwritten by restoring.
So I'm stuck here, probably I'm missing something obvious, but currently I can't see why should it behave differently.
Has anybody any idea?
**Drupal: 9.3.12**
**Civi: 5.47.4**
## UPDATE
Relevant issues in other repos:
https://lab.civicrm.org/dev/core/-/issues/3419#note_74113
https://lab.civicrm.org/dev/civicrm-asset-plugin/-/issues/45.51.0https://lab.civicrm.org/dev/core/-/issues/3430Afform - Add "reset" button for search forms2022-05-03T07:27:04ZcolemanwAfform - Add "reset" button for search formsInstead of a "submit" button, search forms need a "reset" button.Instead of a "submit" button, search forms need a "reset" button.5.50.0colemanwcolemanwhttps://lab.civicrm.org/dev/core/-/issues/3429API4: Make CaseType a managed entity2024-01-24T14:08:18ZherbdoolAPI4: Make CaseType a managed entityOverview
----------------------------------------
Allow CaseType to be a managed entity so it can be exported via api4.
Example use-case
----------------------------------------
1. Go to `/civicrm/api4`
1. Select CaseType and Export
C...Overview
----------------------------------------
Allow CaseType to be a managed entity so it can be exported via api4.
Example use-case
----------------------------------------
1. Go to `/civicrm/api4`
1. Select CaseType and Export
Current behaviour
----------------------------------------
Cannot export and use as a managed entity.https://lab.civicrm.org/dev/core/-/issues/3428SearchKit display results does not seem to respect the contribution currency2023-03-29T15:26:43ZErikHommelSearchKit display results does not seem to respect the contribution currencyOverview
----------------------------------------
When I create a searchkit search for soft credits and contribution and then click on View Results I get a display with the dollar sign against the amount while the contribution currency i...Overview
----------------------------------------
When I create a searchkit search for soft credits and contribution and then click on View Results I get a display with the dollar sign against the amount while the contribution currency is euro. This is probably because my default currency is set to USD. Once I change my default currency to Euro it is fine.
Reproduction steps
----------------------------------------
1. Create a contribution with euro as currency.
1. Create a searchkit search with amount and currency.
1. Click on **View Results**.
Current behaviour
----------------------------------------
Results display with dollar sign even if currency is euro (see attached print)
![afbeelding](/uploads/1cb4853e4dc4085fdbf687d221eb32ec/afbeelding.png)
Expected behaviour
----------------------------------------
Currency should show with the appropriate currency symbol even if the default currency is different than the contribution currency.
Environment information
----------------------------------------
* __CiviCRM:__ 5.48.2colemanwcolemanwhttps://lab.civicrm.org/dev/core/-/issues/3427Activities: Not able to see activity if created by contact you don't have acc...2024-01-23T05:03:19Zben_fairlessActivities: Not able to see activity if created by contact you don't have access toOverview
----------------------------------------
We restrict access to contacts using Group Memberships and ACLs. Specific users are only able to see members of specific groups. We have discovered that users are not able to view an acti...Overview
----------------------------------------
We restrict access to contacts using Group Memberships and ACLs. Specific users are only able to see members of specific groups. We have discovered that users are not able to view an activity unless they have access to **both** the contact _and_ the creator of the activity (which may be in a group they don't have access to).
Reproduction steps
----------------------------------------
1. Sally and Glenn are members of "Group ABC" group.
2. Bob is a member of "Group XYZ" group.
3. A group "Access Group ABC" exists with ACL permissions to "Group ABC".
4. James is a Member of "Access Group ABC".
5. James can see contact record for Sally and Glenn.
6. If Glenn creates an activity on Sally's profile, James can view the activity without issue.
7. If Bob creates an activity on Sally's profile, James can see the activity in the list but cannot view it.
Current behaviour
----------------------------------------
You need to have access to **both** the contact _and_ the creator of the activity in order to view an Activity.
Expected behaviour
----------------------------------------
If you have access to the contact (and all other permissions are correct), you should have access to the activity.
Environment information
----------------------------------------
* __Browser:__ _Chrome Version 100.0.4896.127_
* __CiviCRM:__ _5.48.1_
* __PHP:__ _7.4.28 (Supports 64bit values)_
* __CMS:__ _WordPress 5.9.3_
* __Database:__ _10.2.43-MariaDB_
* __Web Server:__ _Apache_
Comments
----------------------------------------
This assumes that all other permissions (such as WordPress role permissions) are configured correctly. CiviCRM seems to be checking for access to both the creator of an activity as well as the contact it's assigned to to determine if you can view the contents of the activity. You are able to see the activity listed in the Activities tab without issue.https://lab.civicrm.org/dev/drupal/-/issues/178Drupal 8 - End of Life2023-05-13T18:45:09ZtottenDrupal 8 - End of LifeDrupal 8 officially went end-of-life in November 2021 (https://www.drupal.org/psa-2021-11-30). The focus of this issue is to gauge sentiment about (and identify tasks for) ending CiviCRM's Drupal 8.x support.
(_Note: This issue has no i...Drupal 8 officially went end-of-life in November 2021 (https://www.drupal.org/psa-2021-11-30). The focus of this issue is to gauge sentiment about (and identify tasks for) ending CiviCRM's Drupal 8.x support.
(_Note: This issue has no impact on CiviCRM's support for Drupal 7 or Drupal 9 -- both continue to be supported by `drupal.org` and `civicrm.org`._)
Rationale
----------
@DaveD [made the case on Github](https://github.com/civicrm/civicrm-core/pull/23302#discussion_r858700890) as follows
> * There's the 3 reasons already mentioned:
> * Has been EOL for 6 months
> * No security updates.
> * And there have been recent drupal security fixes which would have helped prompt people to move off 8 if they were still on it.
> * Civi works equally as well on 9 as on 8
> * There's support for dropping it in chat, with nobody dissenting: https://chat.civicrm.org/civicrm/pl/qh6t761dt7gsdyp78m6stbmpwo
> * Drupal 8 to 9 is _very_ different than 6 to 7. Drupal 9 is identical to drupal 8.9 except for some deprecated functions. It's not much different than if they had called it 8.10.
> * There were many blog posts about this on the internet, about how easy it would be to upgrade compared to other jumps.
> * There was plenty of awareness ahead of time in the drupal world that drupal 8 would be unsupported.
> * From May 2021 to November 2021, the only updates for drupal 8.9.x were security updates, with repeated notices that 8 was becoming EOL.
> * There was a module available that was pretty good about pointing out what if anything you needed to change.
> * There is no CIVICRM_UF=Drupal9, because it's not needed.
I would add two more items in favor of dropping D8:
* ___Drupal 10 Support___: Preserving D8 may make it harder to add D10. While most changes can be bridged to support 2 versions major (eg D8+D9 or D9+D10), it gets more complicated with 3 major versions (D8+D9+D10). We've encountered at least one issue (involving changes in Symfony Dispatcher / PSR-14) that gets prickly with 3 major versions.
* ___Pingbacks___: There are only ~30 Civi deployments still reporting Drupal 8.x. They represent <1% of Civi-Drupal deployments.
* Note: This is based on directly examining pingbacks from 2022 -- and only counting sites with multiple pingbacks (e.g. to exclude most ephemeral test-sites). The data on `stats.civicrm.org` is confusing in this regard, because Drupal 8.x and Drupal 9.x are lumped together with UF `Drupal8`. My comments are based on examining actual version-numbers and not just UF name.
Tasks
-----
There are a few tasks to do as follow-up:
* Update installation guide
* Remove Drupal 8.x from test infra
Suggested Emojis
----------------
Please do register a quick reaction on D8 EOL. Some suggested emojis:
* :rocket: - Remove Drupal 8 compatibility at the soonest convenience.
* :turtle: - Remove Drupal 8 compatibility... just not quite yet. (Keep it until 5.51 ESR).
* :shield: - Protect Drupal 8 compatibility for a longer period of time.
* :bangbang: - Extra importance modifier. (Add this if the sentiment on the first emoji is strong - eg if you will be significantly impacted by the issue.)
(Flag whichever is the soonest that you think is appropriate/acceptable.)
(Example: If you maintain a site that's been held back on D8 because of some complicated issue and cannot resolve it in the near future, then you could say ":shield: :bangbang:".)
(You may see `totten` on all emojis for a while, since I put them in as placeholders.)https://lab.civicrm.org/dev/core/-/issues/3426form builder: edited labels result in visible markup on public display2024-01-19T05:03:24Zmegaphonetech-dennisform builder: edited labels result in visible markup on public displayWhen I created a form using Form Builder, edited a label, and then viewed the results as a standalone webpage, the edited labels unexpectedly displayed markup, which I believe to be a bug.
1. I created at Form Builder form at https://dm...When I created a form using Form Builder, edited a label, and then viewed the results as a standalone webpage, the edited labels unexpectedly displayed markup, which I believe to be a bug.
1. I created at Form Builder form at https://dmaster.demo.civicrm.org, titled *Form Title Here*, located at https://dmaster.demo.civicrm.org/civicrm/form-title-here
1. I exposed the form as a standalone webpage, by entering *civicrm/form-title-here* into the field, *Page*, located under **form settings > Placement**
1. I added a few fields associated with an organization contact to my form. These included a fieldset which contained an address block, as well as a *supplemental address 1* field.
1. I edited the labels for *Street Address* and *Supplemental Address 1* fields.
1. I viewed the form at https://dmaster.demo.civicrm.org/civicrm/form-title-here and found markup displayed along with the label. See screenshot.
![Screenshot_from_2022-04-26_17-22-28](/uploads/cadd27624aba5b9e23156fa3d2991178/Screenshot_from_2022-04-26_17-22-28.png)
Here is my form's markup
```
<af-form ctrl="afform">
<af-entity data="{contact_type: 'Organization', source: 'Form Title Here'}" type="Contact" name="Organization1" label="Organization 1" actions="{create: true, update: true}" security="RBAC" />
<fieldset af-fieldset="Organization1" class="af-container" af-title="Org 1">
<div af-join="Address" af-repeat="Add" min="1">
<div class="af-container af-layout-inline">
<af-field name="street_address" defn="{label: '<span class="ng-pristine ng-untouched ng-valid ng-binding ng-isolate-scope ng-not-empty" contenteditable="true">Street Address 1</span>', input_attrs: {}}" />
<af-field name="supplemental_address_1" defn="{label: 'Street Address 2', input_attrs: {}}" />
</div>
<div class="af-container af-layout-inline">
<af-field name="city" />
<af-field name="country_id" defn="{afform_default: '1228', input_attrs: {}}" />
<af-field name="state_province_id" />
<af-field name="postal_code" />
</div>
</div>
</fieldset>
<button class="af-button btn btn-primary" crm-icon="fa-check" ng-click="afform.submit()">Submit</button>
</af-form>
```https://lab.civicrm.org/dev/core/-/issues/3425form builder: contact reference field does not respect configuration2022-11-12T15:27:08Zlcdwebform builder: contact reference field does not respect configurationI ran into an issue with the following setup:
- created an activity type with a corresponding custom data set.
- created a custom data field of type contact reference, and used the advanced filter to limit it by contact type and sub typ...I ran into an issue with the following setup:
- created an activity type with a corresponding custom data set.
- created a custom data field of type contact reference, and used the advanced filter to limit it by contact type and sub type
- created a form to create an activity of this type. included the contact ref field in the form.
When the form is loaded, the contact reference field pulls all contacts -- ignoring the advanced filters.https://lab.civicrm.org/dev/core/-/issues/3424Search kit: Where clause for contact.created_date doesn't seem to recognize i...2022-05-04T12:19:02ZDaveDSearch kit: Where clause for contact.created_date doesn't seem to recognize it as a date1. Make a search on contacts.
2. In the where clause, try to add a filter to created date.
3. It doesn't seem to recognize that it's a date field, where you normally get a set of date-related options to choose from. Compare to e.g. birth...1. Make a search on contacts.
2. In the where clause, try to add a filter to created date.
3. It doesn't seem to recognize that it's a date field, where you normally get a set of date-related options to choose from. Compare to e.g. birth date.5.50.0colemanwcolemanwhttps://lab.civicrm.org/dev/core/-/issues/3423SearchKit: make inline edit for custom fields only available when applicable2022-05-21T14:07:07ZfrancescbassasSearchKit: make inline edit for custom fields only available when applicableOverview
----------------------------------------
It is possible to edit custom fields in non-applicable cases by editing inline with SearchKit.
Previously discussed here https://github.com/civicrm/civicrm-core/pull/21533#issuecomment-9...Overview
----------------------------------------
It is possible to edit custom fields in non-applicable cases by editing inline with SearchKit.
Previously discussed here https://github.com/civicrm/civicrm-core/pull/21533#issuecomment-923030658
Reproduction steps
----------------------------------------
1. Create a Custom Field only applicable for a certain Relationship Type
1. Define a SearchKit of Relationships with a Table Display allowing inline edit for the previously created Custom Field.
1. You will see how it is possible to edit the value of the Custom Field in relations with Relationship Type other than the one specified when defining the Custom Field.
Another case, for example, a Custom Field defined at Contact Subtype level.
Expected behaviour
----------------------------------------
Disable editing and adding a disabled-background for custom fields that do not belong to this type of data (contact, activity, relationship, etc.).colemanwcolemanwhttps://lab.civicrm.org/dev/core/-/issues/3422SearchKit: Allow referencing participant and participant_registered_by_id2022-08-16T00:09:47ZDetlev SieberSearchKit: Allow referencing participant and participant_registered_by_idOverview
----------------------------------------
We want to create a list of participants of an event, including the field "registered_by_id" (and displaying the Name of registered_by_id).
This is not possible, because the UI of Searc...Overview
----------------------------------------
We want to create a list of participants of an event, including the field "registered_by_id" (and displaying the Name of registered_by_id).
This is not possible, because the UI of SearchKit doesn't have that field available.
Comments
----------------------------------------
(As demonstrated to Coleman during Otterlo sprint.)colemanwcolemanwhttps://lab.civicrm.org/dev/core/-/issues/3421Deduping link to 'merge and go to list' just reloads the pair of merged contacts2022-06-12T01:04:14ZpetednzDeduping link to 'merge and go to list' just reloads the pair of merged contactsafter pulling up a list of duplicates, on the merge contacts screen one is offered a button saying "Merge and Go To Listing", but it doesn't, it just reloads the same pair of contacts. (replicated on dmaster) (fuzion tracker r26378)after pulling up a list of duplicates, on the merge contacts screen one is offered a button saying "Merge and Go To Listing", but it doesn't, it just reloads the same pair of contacts. (replicated on dmaster) (fuzion tracker r26378)5.51.0https://lab.civicrm.org/dev/core/-/issues/3420Schedule Reminders in event configuration pages display every site scheduled ...2022-04-26T21:14:00ZLKuttnerSchedule Reminders in event configuration pages display every site scheduled reminderAfter updating to CiviCRM 5.39.4, when configuring or viewing a new or existing event and switching to the Schedule Reminders tab, you see all existing scheduled reminders for all events. It appears that something has changed so that th...After updating to CiviCRM 5.39.4, when configuring or viewing a new or existing event and switching to the Schedule Reminders tab, you see all existing scheduled reminders for all events. It appears that something has changed so that the scheduled reminder list is not filtered by the event ID of the event you are editing. If you disable a reminder for an event while viewing it from a different event, the reminder title will be changed to the title of the event that you were viewing.
An example URL for the tab is:
/civicrm/event/manage/reminder?reset=1&action=browse&id=412&component=event&qfKey=CRMEventFormManageEventScheduleReminders3tup6ya78p0k84s0sk0ksk84sg404sc08gwgcso4gsssg8g8co_3012
I have not seen this reported previously. We are on Drupal 7.89 with MySQL 5.7.36. Thanks for any help you can offer.https://lab.civicrm.org/dev/core/-/issues/3419kcfinder not showing any images for CKeditor2024-01-23T05:03:20Zyashodhakcfinder not showing any images for CKeditorBrowser server for CKeditor does not work anymore, we do get a blank popup screen too and not able to choose images from server.
![dmaster_kcfinder](/uploads/fb5bd63021b3b277190e80ce85cb934c/dmaster_kcfinder.png)
I am able to replicate t...Browser server for CKeditor does not work anymore, we do get a blank popup screen too and not able to choose images from server.
![dmaster_kcfinder](/uploads/fb5bd63021b3b277190e80ce85cb934c/dmaster_kcfinder.png)
I am able to replicate this on dmaster
ref : https://dmaster.demo.civicrm.org/sites/all/modules/civicrm/packages/kcfinder/browse.php?cms=civicrm&type=images&CKEditor=details&CKEditorFuncNum=0&langCode=enhttps://lab.civicrm.org/dev/core/-/issues/3418Searchkit doesn't remove its tables when you uninstall civi2024-01-18T05:03:27ZDaveDSearchkit doesn't remove its tables when you uninstall civiThis isn't specific to search kit - the more general issue is that extensions don't run their uninstall code when civi is uninstalled - but search kit is the first extension that gets installed along with core and is enabled by default a...This isn't specific to search kit - the more general issue is that extensions don't run their uninstall code when civi is uninstalled - but search kit is the first extension that gets installed along with core and is enabled by default and has its own db tables and those tables are named `civicrm_something`.
So I don't know if I'd call it a bug, but it can cause some confusion when trying to re-install civi after uninstalling. In particular because https://github.com/civicrm/civicrm-core/blob/4d167cf85621e257b43752e6eee7c87abe5d69c2/setup/plugins/checkInstalled/CheckInstalledDatabase.civi-setup.php#L26 thinks civi is already installed and it's not obvious to the user why, especially if using the civicrm/setup screen which just keeps redirecting to the "already installed" page no matter what you do.
Normally core tables get cleaned up when you uninstall civicrm because they're in sql/civicrm_drop.mysql, which is generated from the xml/schema files. Here, search kit is both core and not core, but its tables aren't listed in drop.mysql.
Perhaps civi can try to uninstall all the extensions first before uninstalling itself?https://lab.civicrm.org/dev/core/-/issues/3417Search Kit: SQL syntax error when creating smart group based on custom field2024-01-19T05:03:23ZJonGoldSearch Kit: SQL syntax error when creating smart group based on custom fieldWhen creating a SK-based smart group, the SQL generated in the `HAVING` clause doesn't correctly calculate the name of custom fields.
### Steps to Replicate
* Create a new contact custom field of type Contact Reference.
* Fill in that v...When creating a SK-based smart group, the SQL generated in the `HAVING` clause doesn't correctly calculate the name of custom fields.
### Steps to Replicate
* Create a new contact custom field of type Contact Reference.
* Fill in that value on 1-2 contacts.
* Create a SK search that finds those contacts.
* Create a smart group based on the search. In the "Contact Column" selector, choose the custom field and save.
* Go to **Manage Groups** and attempt to view the contacts in the smart group.
### Expected Result
List of contacts.
### Actual Result
`DB Error: no such field`.
The SQL generated looks like this (my contact reference field is named 'advisor'):
```
INSERT IGNORE INTO civicrm_tmp_e_gccache_2d0f369488c3e23a1be7f722895ad9ce (group_id, contact_id)
SELECT 5 AS group_id, `constituent_information.advisor` AS contact_id FROM (
SELECT `constituent_information_1`.`advisor_7` AS `constituent_information.advisor`
FROM civicrm_contact a
LEFT JOIN `civicrm_value_constituent_information_1` `constituent_information_1` ON `a`.`id` = `constituent_information_1`.`entity_id`
WHERE (`a`.`id` >= "150")
HAVING (constituent_information.advisor NOT IN ( SELECT contact_id FROM civicrm_group_contact WHERE civicrm_group_contact.status = 'Removed' AND civicrm_group_contact.group_id = 5 )) )
```
The issue is with `HAVING (constituent_information.advisor`. A `HAVING` clause must reference the non-aliased name of the field. `CRM_Contact_BAO_GroupContactCache::getApiSQL()` has this line:
```php
$idField = SqlExpression::convert($apiParams['select'][0], TRUE)->getAlias();
```
However, this returns the incorrect value for `idField` when the Contact Column is a custom field.
I attempted a fix but couldn't find a way to determine the entity of the `$idField`.
Below is a Search Kit export of the search. You need a contact reference field named "advisor" in the "Constituent Information" custom group.
```json
[
[
"SavedSearch",
"save",
{
"records": [
{
"name": "abc",
"label": "abc",
"form_values": null,
"search_custom_id": null,
"api_entity": "Contact",
"api_params": {
"version": 4,
"select": [
"constituent_information.advisor",
"display_name",
"constituent_information.advisor"
],
"orderBy": [],
"where": [
[
"id",
">=",
150
]
],
"groupBy": [],
"join": [],
"having": []
},
"expires_date": null,
"description": null,
"mapping_id": null
}
],
"match": [
"name"
]
}
],
[
"Group",
"save",
{
"records": [
{
"name": "test_group_5",
"title": "test group",
"description": null,
"source": null,
"saved_search_id.name": "abc",
"is_active": true,
"visibility": "User and User Admin Only",
"group_type:name": [],
"parents": null,
"children": null,
"is_hidden": false,
"is_reserved": false,
"frontend_title": null,
"frontend_description": null
}
],
"match": [
"name"
]
}
]
]
```https://lab.civicrm.org/dev/core/-/issues/3416AuthX: Breaks sites when Basic Auth is enabled2023-09-04T14:08:09ZJonGoldAuthX: Breaks sites when Basic Auth is enabledOverview
----------------------------------------
AuthX completely breaks any site with Basic Auth enabled, displaying "401 Invalid Credential".
Reproduction steps
----------------------------------------
* Enable AuthX and basic auth...Overview
----------------------------------------
AuthX completely breaks any site with Basic Auth enabled, displaying "401 Invalid Credential".
Reproduction steps
----------------------------------------
* Enable AuthX and basic authentication on your site. [Apache documentation](https://httpd.apache.org/docs/2.4/mod/mod_auth_basic.html) suggests this is as simple as adding `AuthBasicFake demo demopass` to your config. Drupal 8+ also has a "Basic Authentication" module in core.
* Alternatively, just enable AuthX and access via curl, e.g. `curl https://a:b@dmaster.demo.civicrm.org/civicrm`
Current behaviour
----------------------------------------
All CiviCRM pages error out with "401 Invalid Credential".
Expected behaviour
----------------------------------------
Normal page loading behavior.
Comments
----------------------------------------
This happens because authx.php calls an anonymous function on the `civi.invoke.auth` listener with these lines:
```php
if (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
return (new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'header', 'cred' => $_SERVER['HTTP_AUTHORIZATION'], 'siteKey' => $siteKey]);
}
```
`$_SERVER['HTTP_AUTHORIZATION']` is populated when Basic Auth is in use, and will never find the principal. No amount of removing AuthX guards or ignoring user accounts will fix this.
Either AuthX shouldn't support the `Authorization:` HTTP header or it should be possible to disable it.5.50.0