Development issueshttps://lab.civicrm.org/groups/dev/-/issues2023-03-18T05:12:26Zhttps://lab.civicrm.org/dev/core/-/issues/4068Running a Contact Summary report as a limited access user granted gives DB Er...2023-03-18T05:12:26ZtiminaustRunning a Contact Summary report as a limited access user granted gives DB Error: no such fieldOverview
----------------------------------------
Running a report as a limited access user based on a group that has ACL permissions granted gives ...
```
Sorry, due to an error, we are unable (etc)... DB Error: no such field
```
My par...Overview
----------------------------------------
Running a report as a limited access user based on a group that has ACL permissions granted gives ...
```
Sorry, due to an error, we are unable (etc)... DB Error: no such field
```
My particular use case was a Contact Summary report based on a smartgroup being run by a locked-down user who has acl access to that group (ie not all groups).
Reproduction steps (simplified from my actual use case).
----------------------------------------
1. Create a smart-group and set up ACL for a specific user that doesn't have global access to all contacts/groups.
2. Login as that user, create the report, select a couple of fields AND the smart-group.
3. Attempt to run the report.
Current behaviour
----------------------------------------
Report fails with DB Error: no such field as limited access user, but runs fine for full access user.
The following SQL was generated for the limited access user ...
```
SELECT SQL_CALC_FOUND_ROWS contact_civireport.sort_name AS civicrm_contact_sort_name,
contact_civireport.id AS civicrm_contact_id,
email_civireport.email AS civicrm_email_email,
(address_civireport.street_number % 2) AS civicrm_address_address_odd_street_number,
address_civireport.postal_code AS civicrm_address_address_postal_code
FROM civicrm_contact contact_civireport
LEFT JOIN civicrm_address address_civireport ON
(contact_civireport.id = address_civireport.contact_id)
AND address_civireport.is_primary = 1
LEFT JOIN civicrm_email email_civireport ON
contact_civireport.id = email_civireport.contact_id
AND email_civireport.is_primary = 1
WHERE ((contact_civireport.contact_type IN ('Individual')))
AND contact_civireport.id IN
(SELECT DISTINCT cgroup_civireport.contact_id
FROM civicrm_group_contact cgroup_civireport
WHERE cgroup_civireport.group_id IN (11)
AND cgroup_civireport.status = 'Added'
UNION DISTINCT SELECT DISTINCT smartgroup_contact.contact_id
FROM civicrm_group_contact_cache smartgroup_contact
WHERE smartgroup_contact.group_id IN (11) )
AND (`contact_civireport`.`id` IS NULL
OR (`contact_civireport`.`id` IN
(SELECT contact_id FROM civicrm_acl_contact_cache WHERE user_id = 6)))
AND (`contact_civireport`.`is_deleted` IS NULL
OR (`contact_civireport`.`is_deleted` != 1))
AND (`cgroup_civireport`.`id` IS NULL
OR (`cgroup_civireport`.`id` IN (3, 7, 9, 11)))
ORDER BY contact_civireport.sort_name ASC
LIMIT 0, 50
```
The error is caused by the last where clause which is generated from buildPermissionClause(), which is trying to access 'contact_civireport' that only exists in the nested where/filter subquery.
The last 3 where clauses are not present for the full access user (ie buildPermissionsClause() return empty string).
Expected behaviour
----------------------------------------
The report should run correctly without the last where clause for limited access use.
Environment information
----------------------------------------
* __Browser: Firefox 108
* __CiviCRM: 5.57.0
* __PHP: 8.1
* __CMS: WordPress 6.1.1
* __Database: MariaDB 10.5
* __Web Server: Apache 2.4
Comments
----------------------------------------
The problem appears to be in civicrm/CRM/report/form.php.
From what I read ...
The last three where clauses in the above are generated by the function buildPermissionClause() which uses a BAO call to generate a user-specific clause for each table in the query where the user does not have full access.
This relies on function selectedTables() to generate the list of tables. The last part of selectedTables function searches all the filters an adds them to the list of tables, however for filters using $filterop 'in' or 'notin', the tables referenced by these clauses may not exist in the main query. It would seem likely that the selected tables list should not include tables where the filter uses these two constructs.
I am not sure apart from 'group' filter (which has specific handling), if any report filters would use 'in/not in (select...)' rather than 'in/out (value list)' so I am not sure the best way to fix this as I have only investigated my usage.
The solution may be to explicitly excluding contact group table (cgroup_civireport), or by updating to selecttables to exclude all 'in' and 'notin' filters as there is no guarantee the table exists in the main query for these types of filters.
Change in function selecttables (line ~4388) with
```
$this->_selectedTables[] = $tableName;"
```
to:
```
if ( ! in_array($filterOp, ["in","notin"] )) $this->_selectedTables[] = $tableName;
```
If the intent is to restrict access to acl enabled groups this would need the same clause added in function joinGroupTempTable(). There may be other places where this should apply.
(On a side issue as I am new here - in my sql query, civicrm_address_address_odd_street_number is not a column that is selectable - it seems to be preset as required and hidden for some reason and limited to a 'Walking Report' template. Having this would cause an unnecessary join to the address table if no address fields are being reported - only a little performance thing but should this be another problem or improvement request?).5.59.0https://lab.civicrm.org/dev/core/-/issues/4067Contact dashboard - Pledges section always says "no pledges" when using checksum2023-01-10T09:30:32ZDaveDContact dashboard - Pledges section always says "no pledges" when using checksumIf a contact has pledges, then the contact dashboard (e.g. /civicrm/user?id=12) will show the pledges for the logged in user, or for logged in admins who have access. But when visiting as anonymous and using a checksum, the other section...If a contact has pledges, then the contact dashboard (e.g. /civicrm/user?id=12) will show the pledges for the logged in user, or for logged in admins who have access. But when visiting as anonymous and using a checksum, the other sections display the same but the pledges says "no pledges".
I can reproduce on master (note dmaster.demo does not set permissions for anonymous access to contact dashboard even with checksum so can't do it there), and it goes back to at least 5.35 so I don't know how old it is.https://lab.civicrm.org/dev/core/-/issues/4066Can the `CRM_Event_Badge` classes be deprecated and removed?2023-07-03T14:20:54ZBradley TaylorCan the `CRM_Event_Badge` classes be deprecated and removed?I recently came across these classes:
- `CRM_Event_Badge`
- `CRM_Event_Badge_Logo`
- `CRM_Event_Badge_Logo5395`
- `CRM_Event_Badge_NameTent`
- `CRM_Event_Badge_Simple`
Stylistically they're not great, and I noticed they don't seem to b...I recently came across these classes:
- `CRM_Event_Badge`
- `CRM_Event_Badge_Logo`
- `CRM_Event_Badge_Logo5395`
- `CRM_Event_Badge_NameTent`
- `CRM_Event_Badge_Simple`
Stylistically they're not great, and I noticed they don't seem to be in use.
The last 4 of these classes extend `CRM_Event_Badge`, and are referenced in the `eventBadge` option group. However, I can't see any scenario where this `eventBadge` option group is actually used.
The `Event Name Badge Layouts` configuration screen gets stored in the `civicrm_print_label` table, and `CRM_Badge_BAO_Badge` is what actually get's used when you print a selection of badges for an event. `CRM_Badge_BAO_Badge` does not use `CRM_Event_Badge` (although they are very similar. I suspect one started as a copy of the other.)
I think it would make sense to:
1. Check nobody is using the 5 classes listed above through a universe search.
2. Noisily deprecated the 5 classes, specifying `CRM_Badge_BAO_Badge` should be used instead.
3. After a period of time remove the 5 classes.
4. Tidy up (remove all trace of) the `event_badge` option group.
Of these, the last step is the one I'm most unsure of the process for. I guess it'd be removed through an upgrade step.https://lab.civicrm.org/dev/core/-/issues/4065Upgrade Error 5.56.1 to 5.57.0 duplicate Search Kit UI_name2023-01-10T12:26:09ZkcristianoUpgrade Error 5.56.1 to 5.57.0 duplicate Search Kit UI_nameEnviornment:
WP 6.1.1
php 7.4
apache 2.4
Search Kit has a search created in 2021 called 'Top Donors'
on upgrade I get the error:
`[nativecode=1062 ** Duplicate entry 'Top_Donors' for key 'UI_name']`
```
[Error: Finish core DB update...Enviornment:
WP 6.1.1
php 7.4
apache 2.4
Search Kit has a search created in 2021 called 'Top Donors'
on upgrade I get the error:
`[nativecode=1062 ** Duplicate entry 'Top_Donors' for key 'UI_name']`
```
[Error: Finish core DB updates 5.57.0]
Error Field Error Value
Type DB_Error
Code -5
Message DB Error: already exists
Mode 16
UserInfo INSERT INTO `civicrm_saved_search` (`name` , `label` , `form_values` , `mapping_id` , `search_custom_id` , `api_entity` , `api_params` , `created_id` , `modified_id` , `expires_date` , `description` ) VALUES ('Top_Donors' , 'Top Donors' , NULL , NULL , NULL , 'Contribution' , '{\"version\":4,\"select\":[\"GROUP_CONCAT(DISTINCT Contribution_Contact_contact_id_01.display_name) AS GROUP_CONCAT_Contribution_Contact_contact_id_01_display_name\",\"SUM(total_amount) AS SUM_total_amount\",\"COUNT(id) AS COUNT_id\",\"AVG(total_amount) AS AVG_total_amount\"],\"orderBy\":[],\"where\":[[\"contribution_status_id:name\",\"=\",\"Completed\"]],\"groupBy\":[\"contact_id.display_name\"],\"join\":[[\"Contact AS Contribution_Contact_contact_id_01\",\"LEFT\",[\"contact_id\",\"=\",\"Contribution_Contact_contact_id_01.id\"]]],\"having\":[]}' , 202 , 202 , NULL , NULL ) [nativecode=1062 ** Duplicate entry 'Top_Donors' for key 'UI_name']
DebugInfo INSERT INTO `civicrm_saved_search` (`name` , `label` , `form_values` , `mapping_id` , `search_custom_id` , `api_entity` , `api_params` , `created_id` , `modified_id` , `expires_date` , `description` ) VALUES ('Top_Donors' , 'Top Donors' , NULL , NULL , NULL , 'Contribution' , '{\"version\":4,\"select\":[\"GROUP_CONCAT(DISTINCT Contribution_Contact_contact_id_01.display_name) AS GROUP_CONCAT_Contribution_Contact_contact_id_01_display_name\",\"SUM(total_amount) AS SUM_total_amount\",\"COUNT(id) AS COUNT_id\",\"AVG(total_amount) AS AVG_total_amount\"],\"orderBy\":[],\"where\":[[\"contribution_status_id:name\",\"=\",\"Completed\"]],\"groupBy\":[\"contact_id.display_name\"],\"join\":[[\"Contact AS Contribution_Contact_contact_id_01\",\"LEFT\",[\"contact_id\",\"=\",\"Contribution_Contact_contact_id_01.id\"]]],\"having\":[]}' , 202 , 202 , NULL , NULL ) [nativecode=1062 ** Duplicate entry 'Top_Donors' for key 'UI_name']
PEAR_Exception: DB Error: already exists in /home/wpmaybe/public_html/wp-content/plugins/civicrm/civicrm/vendor/pear/pear-core-minimal/src/PEAR.php on line 945
DB_Error: DB Error: already exists in unknown on line unknown
```
I edited the label and name in DB and re-ran the upgrade:
Success
I also now have a packaged Search with the same label and name as one that was created previously. Perhaps we should have a more unique name (not label) to indicated it's a core/packaged search?
EDIT: The affected sites all have the extension 'SearchKit Reports' enabled.https://lab.civicrm.org/dev/core/-/issues/4064Off-line Contribution receipts are sent to on hold emails2023-04-22T16:38:36ZlarsssandergreenOff-line Contribution receipts are sent to on hold emailsIf you record an off-line contribution for a contact with an email on hold, the option to send them a receipt at their on-hold email address is shown (with no indication that the email is on hold).
I would think the expected behaviour w...If you record an off-line contribution for a contact with an email on hold, the option to send them a receipt at their on-hold email address is shown (with no indication that the email is on hold).
I would think the expected behaviour would be to not show the receipt option if the contributor's email is on hold.https://lab.civicrm.org/dev/core/-/issues/4063Pagination and counts for soft credits on contact contribution tab are broken2023-01-31T04:22:10ZlarsssandergreenPagination and counts for soft credits on contact contribution tab are broken![image](/uploads/bb821970b38d324542ed222f854986c7/image.png)
![image](/uploads/6f7546327ec73b18a8811048bcf59d92/image.png)
If the total number of soft credits on a contact's contribution tab exceeds the number set in Show N entries, th...![image](/uploads/bb821970b38d324542ed222f854986c7/image.png)
![image](/uploads/6f7546327ec73b18a8811048bcf59d92/image.png)
If the total number of soft credits on a contact's contribution tab exceeds the number set in Show N entries, then the count is broken as above and the Next and Last links are disabled. You can use the page numbers to get to other pages, but it will always show five pages no matter how many actual soft credits are found.
Is this something that's worth digging into or is it anticipated that this will be replaced with SearchKit relatively soon?
To reproduce, add soft credit for 11 contributions to one contact, then go to that contact's contributions tab and select Show 10 entries.https://lab.civicrm.org/dev/core/-/issues/4062Emojis submitted to CiviCRM API cause issues2023-10-22T12:20:26ZfkohrtEmojis submitted to CiviCRM API cause issues## Problem/Motivation
Emojis that are submitted to custom fields cause an issue upon webform submission.
## Detailed steps to reproduce
1. Set up a simple webform event registration form, e.g. first name, last name, and a custom atten...## Problem/Motivation
Emojis that are submitted to custom fields cause an issue upon webform submission.
## Detailed steps to reproduce
1. Set up a simple webform event registration form, e.g. first name, last name, and a custom attendee-specific custom field (multi-line text box / textarea).
2. Put 👍🏻 into the custom field
3. Error message: The website encountered an unexpected error. Please try again later.
Alongside every form submission with emojis, the log contains two related entries:
__webform_submission__
```
CRM_Core_Exception: DB Error: unknown error in civicrm_api3() (line 135 of /var/www/[SITE]/vendor/civicrm/civicrm-core/api/api.php).
```
__php__
```
Drupal\Core\Entity\EntityStorageException: DB Error: unknown error in Drupal\Core\Entity\Sql\SqlContentEntityStorage->save() (line 815 of /var/www/[SITE]/web/core/lib/Drupal/Core/Entity/Sql/SqlContentEntityStorage.php).
```
## Proposed resolution
Successful submission of text that contains emojis.
## Further context
Moved from `webform_civicrm` issue [3331605](https://www.drupal.org/project/webform_civicrm/issues/3331605).https://lab.civicrm.org/dev/core/-/issues/4061Send letter in bulk to pledgers2023-01-10T09:34:22ZyashodhaSend letter in bulk to pledgersFunctional specifications:
- We are replicating the existing feature for contributions “Thank you letters - print or email” for the pledges.
- In menu Pledges, Find Pledges, make the Pledge statuses Pending, In progress and Overdue sele...Functional specifications:
- We are replicating the existing feature for contributions “Thank you letters - print or email” for the pledges.
- In menu Pledges, Find Pledges, make the Pledge statuses Pending, In progress and Overdue selected by default
- In menu Actions, add “Pledge Letters - print or email”
- When we select “Pledge Letters - print or email”, we land on a screen (replicate of the one for contributions)
- Replace Thank-you Letter for Contributions (PDF) by Pledge Letter
- Replace Update thank-you dates for these contributions by Update pledge letter dates for these pledges
- Remove Update receipt dates for these contributions
- Replace MAKE THANK-YOU LETTERS by MAKE PLEDGE LETTERS
The following tokens need to be available in the drop down Tokens so they can be included in a message template and resolved when included in the letter:
- Total pledge amount
- Total pledge payments
- Pledge balance
- Upcoming pledge payment amount
- Upcoming pledge payment due datehttps://lab.civicrm.org/dev/core/-/issues/4060On 5.57.0 Joomla3, cv fails with 'Failed to start application'2023-01-11T13:56:44Zaydunsaidan.saunders@squiffle.ukOn 5.57.0 Joomla3, cv fails with 'Failed to start application'Overview
----------------------------------------
On a 5.57.0 Joomla 3.10.9 system, the `cv` command fails with 'Failed to start application'
(Logging against core rather than cv since the problem appears to be here)
Reproduction steps...Overview
----------------------------------------
On a 5.57.0 Joomla 3.10.9 system, the `cv` command fails with 'Failed to start application'
(Logging against core rather than cv since the problem appears to be here)
Reproduction steps
----------------------------------------
1. Try running various commands such as `cv vars:show`, `cv api Contact.get`
Current behaviour
----------------------------------------
```
In Factory.php line 137:
Failed to start application
vars:show [--out OUT] [--flat [FLAT]] [--level LEVEL] [--hostname HOSTNAME] [-t|--test] [-U|--user USER]
```
Expected behaviour
----------------------------------------
No error!
Environment information
----------------------------------------
* __CiviCRM:__ _5.57.0_ <!-- If this problem relates to an upgrade, then specify both old and new versions -->
* __PHP:__ _7.3__
* __CMS:__ _Joomla 3.10.9._5.57.1aydunsaidan.saunders@squiffle.ukaydunsaidan.saunders@squiffle.ukhttps://lab.civicrm.org/dev/core/-/issues/4059CiviEvent: API3/4 deletes event is_template flag on event update2023-01-16T15:22:16ZBjörn EndresCiviEvent: API3/4 deletes event is_template flag on event updateOverview
----------------------------------------
The CiviCRM API resets(!) the ``is_template`` flag on an event entity when manipulating unrelated attributes. Tested on APIv3 and APIv4.
Reproduction steps
------------------------------...Overview
----------------------------------------
The CiviCRM API resets(!) the ``is_template`` flag on an event entity when manipulating unrelated attributes. Tested on APIv3 and APIv4.
Reproduction steps
----------------------------------------
1. Create a new event template (not a message template)
1. Go to the API explorer (3 or 4)
1. Run ``Event.get`` with the ID of the given template. Observe that the ``is_template`` parameter is set to 1/true.
1. Run ``Event.create/update`` with parameters:
* ``id`` = ID of the given template
* ``title`` = "just want to trigger a change"
1. Run ``Event.get`` with the ID of the given template.
Current behaviour
----------------------------------------
Observe that the ``is_template`` parameter is set to 0/false - **the flag has been deleted!**
Expected behaviour
----------------------------------------
API call should leave the ``is_template`` parameter alone, i.e. the return value of then ``is_template`` parameter should be 1/true
Environment information
----------------------------------------
Tested on current [DMASTER](https://dmaster.demo.civicrm.org) running 5.59.alpha1, but has definitely been around for longer.
Comments
----------------------------------------
A unit test to cover that should be pretty straightforward with these instructions.5.59.0https://lab.civicrm.org/dev/core/-/issues/4058Search Tasks limited by certain ACLs when they should not be2023-01-10T09:35:37ZRichSearch Tasks limited by certain ACLs when they should not beSometimes an incomplete list of search tasks are shown to a user whose access is ACL limited.
I think this problem is caused by this line:
https://lab.civicrm.org/dev/core/-/blob/5.56/CRM/ACL/BAO/ACL.php#L503
I think the loop `break`s...Sometimes an incomplete list of search tasks are shown to a user whose access is ACL limited.
I think this problem is caused by this line:
https://lab.civicrm.org/dev/core/-/blob/5.56/CRM/ACL/BAO/ACL.php#L503
I think the loop `break`s when it shouldn't. I think what's intended is to simply shift that `break` up within the `if {}` that ends on the line above it.
I think the intention of the code is:
- loop through the DAO results that lists permissions
- if the object_id is empty (typically, zero) then the permission applies to all "objects of that type" by which I think it means groups.
- there's an allowance that this record might be for a different permission type (e.g. View instead of Edit) which we would want to ignore
- if the type does match, then all groups are permissioned and we merge those onto our `$ids` array
However where it fails is if there are, say, 2 rows returned. The first says View all, the 2nd says Edit all, and we're asking about edit permission. Because of the `break` where it is, once the first row is looked at and discarded, we break and don't loko at the 2nd row!
Shifting the `break` up seems to fix this and seems to me to be probably what was intended.
Because this bug is highly sensitive to a load of stuff, it's likely that this shows up in weird situations and could be hard to reproduce.
If this makes sense to anyone I'll submit a PR.
In case it's helpful, my proposal is
```diff
diff --git a/sites/all/modules/civicrm/CRM/ACL/BAO/ACL.php b/sites/all/modules/civicrm/CRM/ACL/BAO/ACL.php
index 58b388b73..3d036a3a3 100644
--- a/CRM/ACL/BAO/ACL.php
+++ b/CRM/ACL/BAO/ACL.php
@@ -499,8 +499,8 @@ ORDER BY a.object_id
foreach ($allGroups as $id => $dontCare) {
$ids[] = $id;
}
+ break;
}
- break;
}
}
return $ids;
```https://lab.civicrm.org/dev/core/-/issues/4057Cannot remove contact from group from Groups tab UI within ACL environment2023-01-10T09:36:07ZRichCannot remove contact from group from Groups tab UI within ACL environmentHave a staff user, *Pebbles*, in an ACL, with access to a contact, *Wilma*.
When Pebbles views the Groups tab of Wilma's record, they are able to add Wilma to a group via the UI, but should they click **remove** or **delete** next to a ...Have a staff user, *Pebbles*, in an ACL, with access to a contact, *Wilma*.
When Pebbles views the Groups tab of Wilma's record, they are able to add Wilma to a group via the UI, but should they click **remove** or **delete** next to a group, an error shows:
> API permission check failed for GroupContact/delete call; insufficient permission: require access CiviCRM and edit all contacts
I don't think this is a security/permissions thing.
Pebbles is able to remove Wilma from the group by simply clicking Edit to get to the hideous edit-flippin-everything form, and then removing the group from the select2 element in the Groups accordion.
## Suggested fix (v1)
I think it's useful for ACL-ed staffers to be able to use groups; it's such a core feature of Civi. And it's fairly weird that they can add a contact to a group, but not remove one - or not by the main UI.
I implemented this as follows in a custom extension, but I'm sure there's a better way to do it upstream.
```
/**
* @see https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_alterAPIPermissions/
*/
function myextension_civicrm_alterAPIPermissions($entity, $action, &$params, &$permissions) {
if ($entity === 'group_contact' && $action == 'delete' && !empty($params['id'])) {
$gc = \Civi\Api4\GroupContact::get(FALSE)
->addWhere('id', '=', $params['id'])
->addSelect('contact_id', 'group_id.group_type:name')
->execute()->single();
$mayEditContact = \Civi\Api4\Contact::checkAccess()
->setAction('update')
->addValue('id', $gc['contact_id'])
->execute()->first()['access'] ?? FALSE;
$groupIsNotAcl = !in_array('Access Control', $gc['group_id.group_type:name'] ?? []);
if ($mayEditContact && $groupIsNotAcl) {
// Reduce the access permissions for this call.
$permissions['group_contact']['delete'] = 'access CiviCRM';
}
}
}
```https://lab.civicrm.org/dev/core/-/issues/4056Replace hard-coded call to legacyCustomSearch framework with a hook2023-06-25T18:31:24ZeileenReplace hard-coded call to legacyCustomSearch framework with a hookWe should get the legacy custom search frame work out of our `GroupContactCache` BAO and eventually out of core code (and unhide the extension, with a view to not shipping enabled).
In order to do this I think we need a hook to get the ...We should get the legacy custom search frame work out of our `GroupContactCache` BAO and eventually out of core code (and unhide the extension, with a view to not shipping enabled).
In order to do this I think we need a hook to get the sql when loading a contact group
![image](/uploads/9ca4de13d7127a957e988ccea1a5c43b/image.png)
It might potentially wind up like this
![image](/uploads/6eebfb49b84cb35210c17de5a7eaf5e2/image.png)
I see there is handling for the sql being empty - which seems weird - but we could probably assume that if anything ever needs no sql it is not a custom search
Note that `CRM_Contact_BAO_SearchCustom` could be moved to the extension with the hook once as part of this as nothing else calls it
The other place where the legacy custom search framework returns sql is
![image](/uploads/e99dfdf4ba2fb66ac6e78c9f1cffc3b6/image.png)
Internally the first query calls the same `contactIDs`
![image](/uploads/88c6ff1481188c0f666b6309cb01b25b/image.png)
@colemanw @seamuslee @DaveDhttps://lab.civicrm.org/dev/core/-/issues/4055Extension cannot found its own classes during install when opcache is enabled2023-03-16T13:12:50ZkainukExtension cannot found its own classes during install when opcache is enabledI start with the following configuration:
* PHP 8.1.7 _Using the docker image FROM php:8.1.7-apache-buster_
* OPCache enabled _standard configuration_
* Buildkit _CiviCRM install for Drupal 9_ see below:
````
civibuild create patch \
...I start with the following configuration:
* PHP 8.1.7 _Using the docker image FROM php:8.1.7-apache-buster_
* OPCache enabled _standard configuration_
* Buildkit _CiviCRM install for Drupal 9_ see below:
````
civibuild create patch \
--type drupal9-demo \
--civi-ver master \
--url http://patch.kainuk \
--cms-ver 9.5
````
Now, when I enable the Action Provider extension (just from the extension screen), the following error is thrown.
````
Error: Class "Civi\ActionProvider\Symfony\Component\DependencyInjection\DefinitionAdapter" not found in action_provider_civicrm_container() (line 15 of /buildkit/build/patch/web/sites/default/files/civicrm/ext/action-provider/action_provider.php)
````
`cv flush` lets the problem disappear, and for the Action Provider that is no problem because only code is installed (it does not change the database). However, other extensions can have more problems because the installation is interrupted, and possible incomplete.
The problem is, however, reproducible. When I disable the extension, and uninstall it, the error reappears after installing.
I did some duty time in the debugger and found the following code in the extension class loader (CRM_Extension_ClassLoader)
````php
$file = $this->getCacheFile();
if (file_exists($file)) {
$this->loader = require $file;
}
else {
$this->loader = $this->buildClassLoader();
$ser = serialize($this->loader);
file_put_contents($file,
sprintf("<?php\nreturn unserialize(%s);", var_export($ser, 1))
);
}
````
`$this->buildClassLoader()` is an expensive procedure, so after calculation the result is saved for reuse. When a new extension is installed, the saved file is removed because it does not contain the new extension configuration. A new classloader with all the extension stuff is calculated and an updated file is written.
For loading the class, the PHP construct `require` is used. This construct was designed for loading PHP code. The assumption is that PHP code does not change much, and OPCache used this assumption, to store the file in memory. The risk is here is that not the newly written configuration is used, but an old one from memory. On my configuration, I observed with the PHP debugger, that when the `hook_civicrm_container` the old classloader is loaded with require. Just put a breakpoint before the `$this->loader = require $file` line.
When the OPCache is disabled, the problem does not appear.5.59.0https://lab.civicrm.org/dev/core/-/issues/4054Redis cache of Extensions persists between builds2023-01-05T21:57:54ZeileenRedis cache of Extensions persists between buildsI'm hitting an issue where if I run civibuild to rebuild a site shortly after enabling afform it fails - the reason is the Redis cache is used to retrieve enabled extensions, including afform so the afform alterMenu hook is called when i...I'm hitting an issue where if I run civibuild to rebuild a site shortly after enabling afform it fails - the reason is the Redis cache is used to retrieve enabled extensions, including afform so the afform alterMenu hook is called when installing CiviCRM - but the extension is not yet installed & hence the function fatals as it fails to find the Afform class it calls
When determining which hook is called we see
```
/**
* @param $moduleList
*/
public function requireCiviModules(&$moduleList) {
$civiModules = CRM_Core_PseudoConstant::getModuleExtensions();
```
This winds up at
![image](/uploads/e0a82bcf50371e56217b8a0d5c048e2a/image.png)
And it gets the previous build's module list here
![image](/uploads/69f06caeb86421b3923c41e152028f23/image.png)
The cache name is a bit convoluted - but it should be flushed on install to avoid this between-install leakage.
I'm not quite sure where though ... @tottenhttps://lab.civicrm.org/dev/core/-/issues/4053Standalone: users and roles2023-08-11T16:23:42ZbgmStandalone: users and rolesGeneral issue to discuss user management, roles and permissions.
There was a discussion in Manchester about this. At first we explored the idea of using CiviCRM groups to manage permissions, but there was a lot of discomfort because of ...General issue to discuss user management, roles and permissions.
There was a discussion in Manchester about this. At first we explored the idea of using CiviCRM groups to manage permissions, but there was a lot of discomfort because of the (lack of) security around groups and how it could end up adding a lot of extra complexity. Of course, maybe an implement or another might prove one way or another.
So far one [WIP branch](https://github.com/civicrm/civicrm-core/compare/master...demeritcowboy:civicrm-core:user-storage?expand=1) by @DaveD proposes creating `civicrm_user` with an ID, username, password and maybe email. While testing, I managed to get it working by also adding a record in the `civicrm_uf_match` table (for authx http logins), to link that user to a contact.
Presumably we would also have `civicrm_user_role` (ex: admin, staff, member) and `civicrm_user_permission` (ex: "admin" has the "Administer CiviCRM" permission).
And then we would have the same permission grid similar to what CiviCRM has for WordPress role management (in that case, it adds WordPress capabilities, but in this case, it would add records in `civicrm_user_permission`).
cc @DaveD @artfulrobot @JoeMurray
Related meta: #2998https://lab.civicrm.org/dev/core/-/issues/4052Problem with custom group fields when cache get returns NULL from 'CRM_Core_D...2024-03-18T23:41:32ZLeanderJCCProblem with custom group fields when cache get returns NULL from 'CRM_Core_DAO_CustomGroup_QueryMultipleFields *' cache keyOverview
----------------------------------------
We had a problem where we did an APIv3 call on participants where it would cause an error resulting in a 500 response.
Some stack tracing showed us that in CRM/Core/BAO/CustomGroup.php t...Overview
----------------------------------------
We had a problem where we did an APIv3 call on participants where it would cause an error resulting in a 500 response.
Some stack tracing showed us that in CRM/Core/BAO/CustomGroup.php the code `$multipleFieldGroups = $cache->get($multipleFieldGroupCacheKey);` returned NULL (line 576). Since there is no check that says that it should not be NULL the code continues and errors on `if (in_array($table, $multipleFieldGroups) &&` because
> Argument #2 ($haystack) must be of type array, null given in in_array().
Reproduction steps
----------------------------------------
Could not specifically reproduce this with a clean install.
Current behaviour
----------------------------------------
Our page where the APIv3 Participant call was made would return a 500.
```
TypeError: in_array(): Argument #2 ($haystack) must be of type array, null given in in_array() (line 611 of /var/www/html/vendor/civicrm/civicrm-core/CRM/Core/BAO/CustomGroup.php)
#0 /var/www/html/vendor/civicrm/civicrm-core/CRM/Core/BAO/CustomGroup.php(611): in_array('civicrm_value_r...', NULL)
#1 /var/www/html/vendor/civicrm/civicrm-core/api/v3/utils.php(1449): CRM_Core_BAO_CustomGroup::getTree('Participant', Array, 1982, NULL, Array, NULL, true, NULL, true, false)
#2 /var/www/html/vendor/civicrm/civicrm-core/api/v3/Participant.php(154): _civicrm_api3_custom_data_get(Array, NULL, 'Participant', '1982', NULL)
#3 /var/www/html/vendor/civicrm/civicrm-core/Civi/API/Provider/MagicFunctionProvider.php(89): civicrm_api3_participant_get(Array)
#4 /var/www/html/vendor/civicrm/civicrm-core/Civi/API/Kernel.php(149): Civi\API\Provider\MagicFunctionProvider->invoke(Array)
#5 /var/www/html/vendor/civicrm/civicrm-core/Civi/API/Kernel.php(81): Civi\API\Kernel->runRequest(Array)
#6 /var/www/html/vendor/civicrm/civicrm-core/api/api.php(133): Civi\API\Kernel->runSafe('Participant', 'get', Array)
```
Expected behaviour
----------------------------------------
The page should load as normal.
Environment information
----------------------------------------
* __CiviCRM:__ _5.55.1_
* __PHP:__ _8.0.24_
* __CMS:__ _Drupal 9.4.8_
* __Database:__ _8.0.26_
* __Web Server:__ _nginx/1.20.2_
Comments
----------------------------------------
We fixed this issue by switching to APIv4 so it would no longer automatically get the custom groups and fields for the participant, but this still seemed a general issue to report.
I believe an if, at line 578 after settings the variable, would fix this issue.
```
if ($multipleFieldGroups === NULL) {
$multipleFieldGroups = [];
}
```https://lab.civicrm.org/dev/core/-/issues/4051ApiV4 - add options2022-12-27T20:14:54ZeileenApiV4 - add options@totten has added something to `cv` where you can add an option to an existing field - I think this feature makes sense, but as a an apiv4 feature (rather than a cv feature) and across multiple entities rather than just Settings. There a...@totten has added something to `cv` where you can add an option to an existing field - I think this feature makes sense, but as a an apiv4 feature (rather than a cv feature) and across multiple entities rather than just Settings. There are different ways it could look but in essence you are looking to be able to offer stuff like
```
Setting::update()->addWhere('name', '=', 'enable_components')->addOption(['CiviCampaign'])->execute();
Setting::update()->addWhere('name', '=', 'enable_components')->removeOption(['CiviCampaign'])->execute();
Contact::update()->addWhere('id', '=', 123)->addOption(['contact_sub_type' => 'Student'])->execute();
Contact::update()->addWhere('id', '=', 123)->removeOption(['contact_sub_type' => 'Student'])->execute();
```
I'm not sure the exact syntax or whether it should be on the `update` action - one for @colemanw
- This would probably be limited to fields with `is_multiple` or `serialize` or some other indicator of multiple-value-ness (whatever we land on for settings) & be validated against the relevant pseudoconstant or callback-option-listhttps://lab.civicrm.org/dev/core/-/issues/4050Can't Disable Event Notification when Registering Participant Off-line2022-12-28T18:13:11ZsavionleeCan't Disable Event Notification when Registering Participant Off-lineOverview
----------------------------------------
When performing an offline Event Registration, you cannot disable "Send Confirmation and Receipt". The POST handler ```civicrm/contact/view/participant``` sends out emails irrespective of...Overview
----------------------------------------
When performing an offline Event Registration, you cannot disable "Send Confirmation and Receipt". The POST handler ```civicrm/contact/view/participant``` sends out emails irrespective of the disabled checkbox on the UI and the disabled default event page configuration.
https://chat.civicrm.org/civicrm/pl/4uy3mp5c3jbtjdx96fif6nk4ie
_If you have already posted on https://civicrm.stackexchange.com or https://chat.civicrm.org, please include the link to that conversation._
Reproduction steps
----------------------------------------
1. Open a Contact
1. Click on **Actions-> Register for Event**.
1. After any Event, Disable **☑️ Send Confirmation and Receipt** and **Save**.
1. Got a success of **"Event registration for Test Email has been added. A confirmation email has been sent to"**.
(No email should have been sent)
Current behaviour
----------------------------------------
_What happens currently. Please provide error messages, screenshots or gifs ([LICEcap](http://www.cockos.com/licecap/), [SilentCast](https://github.com/colinkeenan/silentcast)) where appropriate._
Currently Sends this payload with a disabled send notification and disabled Payment box
```
entryURL:
https://example.website/wp-admin/admin.php?page=CiviCRM&q=civicrm%2Fcontact%2Fview%2Fparticipant&page=CiviCRM&reset=1&action=add&cid=497&context=participant
_qf_default:
Participant:upload
MAX_FILE_SIZE: 83886080
_qf_Participant_upload: 1
contact_id: 497
event_id: 15
campaign_id: 8
role_id[]: 1
register_date: 2022-12-27 13:23:00
status_id: 1
source:
hidden_feeblock: 1
hidden_eventFullMsg:
priceSetId: 10
price_16:
price_13:
price_11:
financial_type_id: 4
total_amount: 0
receive_date: 2022-12-27 13:23:00
trxn_id:
contribution_status_id: 1
payment_instrument_id: 4
check_number:
from_email_address: 185
receipt_text:
note:
hidden_custom: 1
hidden_custom_group_count[]: 1
custom_21_-1:
custom_18_-1: 0
custom_19_-1: 0
custom_20_-1: 0
custom_22_-1:
hidden_custom: 1
hidden_custom_group_count[]: 1
hidden_custom: 1
hidden_custom_group_count[]: 1
hidden_custom: 1
hidden_custom_group_count[]: 1
```
I injected a null value into the options to select from the drop down which changed the parameter of ```from_email_address: 185``` to ```from_email_address: ``` Unfortunately, that is not how the post handler determines if to send a message because i got this error:
![image](/uploads/ddd977f63def220652a4e628a64e6702/image.png) So it still tried to send with the unset email address.
Expected behaviour
----------------------------------------
_What should happen._
No email is sent.
Environment information
----------------------------------------
<!-- Some of the items below may not be relevant for every bug - if in doubt please include more information than you think is neccessary. -->
* __Browser:__ _Edge 108.0.1462.54 _
* __CiviCRM:__ _5.56.0, 5.55.3_
* __PHP:__ _7.4?_
* __CMS:__ _Wordpress 6.1.1_
* __Database:__ _Maria DB_
* __Web Server:__ _Apache 2_
Comments
----------------------------------------
I'm not skilled in reading how php handles calls and everything, so i can't find the handler that this post query relates to. Any pointers would help!https://lab.civicrm.org/dev/core/-/issues/4049Tag tree broken for nested tags when the tags weren't created in the same ord...2023-01-03T21:07:11ZgellweilerTag tree broken for nested tags when the tags weren't created in the same order as they are nestedOverview
----------------------------------------
Commit https://lab.civicrm.org/dev/core/-/commit/a902f9f9268899c31ca21296d19d8c247a370a43 brakes the tag tree (in the add tag to contact dialog) for nested tags when the tags weren't crea...Overview
----------------------------------------
Commit https://lab.civicrm.org/dev/core/-/commit/a902f9f9268899c31ca21296d19d8c247a370a43 brakes the tag tree (in the add tag to contact dialog) for nested tags when the tags weren't created in the same order as they are nested.
This happens when a child tag that has itself children is moved under a newer parent tag.
Reproduction steps
----------------------------------------
1. Go to civicrm/tag
2. Add a new tag called "Isaac" to the tag tree
3. Add a new tag called "Abraham" to the tag tree
4. Add a new tag called "Jacob" to the tag tree
5. Move the tag "Jacob" below "Isaac"
6. Move the tag "Isaac" below "Abraham"
7. Try to add the Tag Jacob to a contact (it will not show up).
The order of tag creation is important.
![order_of_creation_and_tag_hierarchy](/uploads/f6d9e14d41fe988231fcea735ae73ebd/order_of_creation_and_tag_hierarchy.png)
Current behaviour
----------------------------------------
The tag Jacob is not shown when trying to add it to a contact.
![jacob_missing](/uploads/2f968f85eca49eb574d724df63300536/jacob_missing.png)
Expected behaviour
----------------------------------------
_What should happen._
This is how it used to be and how it is after applying the fix:
![expected_behavior](/uploads/1477bb98b6fee39836d81b152669e5d3/expected_behavior.png)
Fix and cause of issue
----------------------------------------
If you uncomment `$thisref['children'] = [];` in line 92 in file `CRM/Core/BAO/Tag.php` everything works again as expected.
This error was introduced by commit https://lab.civicrm.org/dev/core/-/commit/a902f9f9268899c31ca21296d19d8c247a370a43.