Personal/drupal-civicrm
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

First commit

Browse source
This commit is contained in:
Theodotos Andreou 2018-01-14 13:10:16 +00:00
commit c6e2478c40
13918 changed files with 2303184 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

300
sites/all/modules/civicrm/CRM/ACL/Form/ACL.php Normal file
View file

@ -0,0 +1,300 @@
<?php
/*
+--------------------------------------------------------------------+
| CiviCRM version 4.7 |
+--------------------------------------------------------------------+
| Copyright CiviCRM LLC (c) 2004-2017 |
+--------------------------------------------------------------------+
| This file is a part of CiviCRM. |
| |
| CiviCRM is free software; you can copy, modify, and distribute it |
| under the terms of the GNU Affero General Public License |
| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
| |
| CiviCRM is distributed in the hope that it will be useful, but |
| WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| See the GNU Affero General Public License for more details. |
| |
| You should have received a copy of the GNU Affero General Public |
| License and the CiviCRM Licensing Exception along |
| with this program; if not, contact CiviCRM LLC |
| at info[AT]civicrm[DOT]org. If you have questions about the |
| GNU Affero General Public License or the licensing of CiviCRM, |
| see the CiviCRM license FAQ at http://civicrm.org/licensing |
+--------------------------------------------------------------------+
*/
/**
*
* @package CRM
* @copyright CiviCRM LLC (c) 2004-2017
*/
class CRM_ACL_Form_ACL extends CRM_Admin_Form {
/**
* Set default values for the form.
*/
public function setDefaultValues() {
$defaults = parent::setDefaultValues();
if ($this->_action & CRM_Core_Action::ADD) {
$defaults['object_type'] = 1;
}
$showHide = new CRM_Core_ShowHideBlocks();
if (isset($defaults['object_table'])) {
switch ($defaults['object_table']) {
case 'civicrm_saved_search':
$defaults['group_id'] = $defaults['object_id'];
$defaults['object_type'] = 1;
$showHide->addShow("id-group-acl");
$showHide->addHide("id-profile-acl");
$showHide->addHide("id-custom-acl");
$showHide->addHide("id-event-acl");
break;
case 'civicrm_uf_group':
$defaults['uf_group_id'] = $defaults['object_id'];
$defaults['object_type'] = 2;
$showHide->addHide("id-group-acl");
$showHide->addShow("id-profile-acl");
$showHide->addHide("id-custom-acl");
$showHide->addHide("id-event-acl");
break;
case 'civicrm_custom_group':
$defaults['custom_group_id'] = $defaults['object_id'];
$defaults['object_type'] = 3;
$showHide->addHide("id-group-acl");
$showHide->addHide("id-profile-acl");
$showHide->addShow("id-custom-acl");
$showHide->addHide("id-event-acl");
break;
case 'civicrm_event':
$defaults['event_id'] = $defaults['object_id'];
$defaults['object_type'] = 4;
$showHide->addHide("id-group-acl");
$showHide->addHide("id-profile-acl");
$showHide->addHide("id-custom-acl");
$showHide->addShow("id-event-acl");
break;
}
}
else {
$showHide->addHide("id-group-acl");
$showHide->addHide("id-profile-acl");
$showHide->addHide("id-custom-acl");
$showHide->addHide("id-event-acl");
}
// Don't assign showHide elements to template in DELETE mode (fields to be shown and hidden don't exist)
if (!($this->_action & CRM_Core_Action::DELETE)) {
$showHide->addToTemplate();
}
return $defaults;
}
/**
* Build the form object.
*/
public function buildQuickForm() {
parent::buildQuickForm();
$this->setPageTitle(ts('ACL'));
if ($this->_action & CRM_Core_Action::DELETE) {
return;
}
$attributes = CRM_Core_DAO::getAttribute('CRM_ACL_DAO_ACL');
$this->add('text', 'name', ts('Description'), CRM_Core_DAO::getAttribute('CRM_ACL_DAO_ACL', 'name'), TRUE);
$operations = array('' => ts('- select -')) + CRM_ACL_BAO_ACL::operation();
$this->add('select',
'operation',
ts('Operation'),
$operations, TRUE
);
$objTypes = array(
'1' => ts('A group of contacts'),
'2' => ts('A profile'),
'3' => ts('A set of custom data fields'),
);
if (CRM_Core_Permission::access('CiviEvent')) {
$objTypes['4'] = ts('Events');
}
$extra = array('onclick' => "showObjectSelect();");
$this->addRadio('object_type',
ts('Type of Data'),
$objTypes,
$extra,
'&nbsp;', TRUE
);
$label = ts('Role');
$role = array(
'-1' => ts('- select role -'),
'0' => ts('Everyone'),
) + CRM_Core_OptionGroup::values('acl_role');
$this->add('select', 'entity_id', $label, $role, TRUE);
$group = array(
'-1' => ts('- select -'),
'0' => ts('All Groups'),
) + CRM_Core_PseudoConstant::group();
$customGroup = array(
'-1' => ts('- select -'),
'0' => ts('All Custom Groups'),
) + CRM_Core_PseudoConstant::get('CRM_Core_DAO_CustomField', 'custom_group_id');
$ufGroup = array(
'-1' => ts('- select -'),
'0' => ts('All Profiles'),
) + CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id');
$event = array(
'-1' => ts('- select -'),
'0' => ts('All Events'),
) + CRM_Event_PseudoConstant::event(NULL, FALSE, "( is_template IS NULL OR is_template != 1 )");
$this->add('select', 'group_id', ts('Group'), $group);
$this->add('select', 'custom_group_id', ts('Custom Data'), $customGroup);
$this->add('select', 'uf_group_id', ts('Profile'), $ufGroup);
$this->add('select', 'event_id', ts('Event'), $event);
$this->add('checkbox', 'is_active', ts('Enabled?'));
$this->addFormRule(array('CRM_ACL_Form_ACL', 'formRule'));
}
/**
* @param array $params
*
* @return bool
*/
public static function formRule($params) {
$showHide = new CRM_Core_ShowHideBlocks();
// Make sure role is not -1
if ($params['entity_id'] == -1) {
$errors['entity_id'] = ts('Please assign this permission to a Role.');
}
$validOperations = array('View', 'Edit');
$operationMessage = ts("Only 'View' and 'Edit' operations are valid for this type of data");
// Figure out which type of object we're permissioning on and make sure user has selected a value.
switch ($params['object_type']) {
case 1:
if ($params['group_id'] == -1) {
$errors['group_id'] = ts('Please select a Group (or ALL Groups).');
$showHide->addShow("id-group-acl");
$showHide->addHide("id-profile-acl");
$showHide->addHide("id-custom-acl");
$showHide->addHide("id-event-acl");
}
if (!in_array($params['operation'], $validOperations)) {
$errors['operation'] = $operationMessage;
}
break;
case 2:
if ($params['uf_group_id'] == -1) {
$errors['uf_group_id'] = ts('Please select a Profile (or ALL Profiles).');
$showHide->addShow("id-profile-acl");
$showHide->addHide("id-group-acl");
$showHide->addHide("id-custom-acl");
$showHide->addHide("id-event-acl");
}
break;
case 3:
if ($params['custom_group_id'] == -1) {
$errors['custom_group_id'] = ts('Please select a set of Custom Data (or ALL Custom Data).');
$showHide->addShow("id-custom-acl");
$showHide->addHide("id-group-acl");
$showHide->addHide("id-profile-acl");
$showHide->addHide("id-event-acl");
}
if (!in_array($params['operation'], $validOperations)) {
$errors['operation'] = $operationMessage;
}
break;
case 4:
if ($params['event_id'] == -1) {
$errors['event_id'] = ts('Please select an Event (or ALL Events).');
$showHide->addShow("id-event-acl");
$showHide->addHide("id-custom-acl");
$showHide->addHide("id-group-acl");
$showHide->addHide("id-profile-acl");
}
if (!in_array($params['operation'], $validOperations)) {
$errors['operation'] = $operationMessage;
}
break;
}
$showHide->addToTemplate();
return empty($errors) ? TRUE : $errors;
}
/**
* Process the form submission.
*/
public function postProcess() {
// note this also resets any ACL cache
CRM_Core_BAO_Cache::deleteGroup('contact fields');
if ($this->_action & CRM_Core_Action::DELETE) {
CRM_ACL_BAO_ACL::del($this->_id);
CRM_Core_Session::setStatus(ts('Selected ACL has been deleted.'), ts('Record Deleted'), 'success');
}
else {
$params = $this->controller->exportValues($this->_name);
$params['is_active'] = CRM_Utils_Array::value('is_active', $params, FALSE);
$params['deny'] = 0;
$params['entity_table'] = 'civicrm_acl_role';
// Figure out which type of object we're permissioning on and set object_table and object_id.
switch ($params['object_type']) {
case 1:
$params['object_table'] = 'civicrm_saved_search';
$params['object_id'] = $params['group_id'];
break;
case 2:
$params['object_table'] = 'civicrm_uf_group';
$params['object_id'] = $params['uf_group_id'];
break;
case 3:
$params['object_table'] = 'civicrm_custom_group';
$params['object_id'] = $params['custom_group_id'];
break;
case 4:
$params['object_table'] = 'civicrm_event';
$params['object_id'] = $params['event_id'];
break;
}
if ($this->_id) {
$params['id'] = $this->_id;
}
CRM_ACL_BAO_ACL::create($params);
}
}
}

151
sites/all/modules/civicrm/CRM/ACL/Form/ACLBasic.php Normal file
View file

@ -0,0 +1,151 @@
<?php
/*
+--------------------------------------------------------------------+
| CiviCRM version 4.7 |
+--------------------------------------------------------------------+
| Copyright CiviCRM LLC (c) 2004-2017 |
+--------------------------------------------------------------------+
| This file is a part of CiviCRM. |
| |
| CiviCRM is free software; you can copy, modify, and distribute it |
| under the terms of the GNU Affero General Public License |
| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
| |
| CiviCRM is distributed in the hope that it will be useful, but |
| WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| See the GNU Affero General Public License for more details. |
| |
| You should have received a copy of the GNU Affero General Public |
| License and the CiviCRM Licensing Exception along |
| with this program; if not, contact CiviCRM LLC |
| at info[AT]civicrm[DOT]org. If you have questions about the |
| GNU Affero General Public License or the licensing of CiviCRM, |
| see the CiviCRM license FAQ at http://civicrm.org/licensing |
+--------------------------------------------------------------------+
*/
/**
*
* @package CRM
* @copyright CiviCRM LLC (c) 2004-2017
*/
class CRM_ACL_Form_ACLBasic extends CRM_Admin_Form {
/**
* Set default values for the form.
*/
public function setDefaultValues() {
$defaults = array();
if ($this->_id ||
$this->_id === '0'
) {
$defaults['entity_id'] = $this->_id;
$query = "
SELECT object_table
FROM civicrm_acl
WHERE entity_id = %1
AND ( object_table NOT IN ( 'civicrm_saved_search', 'civicrm_uf_group', 'civicrm_custom_group' ) )
";
$params = array(1 => array($this->_id, 'Integer'));
$dao = CRM_Core_DAO::executeQuery($query, $params);
$defaults['object_table'] = array();
while ($dao->fetch()) {
$defaults['object_table'][$dao->object_table] = 1;
}
}
return $defaults;
}
/**
* Build the form object.
*/
public function buildQuickForm() {
parent::buildQuickForm();
if ($this->_action & CRM_Core_Action::DELETE) {
return;
}
$permissions = array_flip(CRM_Core_Permission::basicPermissions());
$this->addCheckBox('object_table',
ts('ACL Type'),
$permissions,
NULL, NULL, TRUE, NULL,
array('</td><td>', '</td></tr><tr><td>')
);
$label = ts('Role');
$role = array(
'-1' => ts('- select role -'),
'0' => ts('Everyone'),
) + CRM_Core_OptionGroup::values('acl_role');
$entityID = &$this->add('select', 'entity_id', $label, $role, TRUE);
if ($this->_id) {
$entityID->freeze();
}
$this->add('checkbox', 'is_active', ts('Enabled?'));
$this->addFormRule(array('CRM_ACL_Form_ACLBasic', 'formRule'));
}
/**
* @param array $params
*
* @return array|bool
*/
public static function formRule($params) {
if ($params['entity_id'] == -1) {
$errors = array('entity_id' => ts('Role is a required field'));
return $errors;
}
return TRUE;
}
/**
* Process the form submission.
*/
public function postProcess() {
CRM_ACL_BAO_Cache::resetCache();
$params = $this->controller->exportValues($this->_name);
if ($this->_id ||
$this->_id === '0'
) {
$query = "
DELETE
FROM civicrm_acl
WHERE entity_id = %1
AND ( object_table NOT IN ( 'civicrm_saved_search', 'civicrm_uf_group', 'civicrm_custom_group' ) )
";
$deleteParams = array(1 => array($this->_id, 'Integer'));
CRM_Core_DAO::executeQuery($query, $deleteParams);
if ($this->_action & CRM_Core_Action::DELETE) {
CRM_Core_Session::setStatus(ts('Selected ACL has been deleted.'), ts('Record Deleted'), 'success');
return;
}
}
$params['operation'] = 'All';
$params['deny'] = 0;
$params['is_active'] = 1;
$params['entity_table'] = 'civicrm_acl_role';
$params['name'] = 'Core ACL';
foreach ($params['object_table'] as $object_table => $value) {
if ($value) {
$newParams = $params;
unset($newParams['object_table']);
$newParams['object_table'] = $object_table;
CRM_ACL_BAO_ACL::create($newParams);
}
}
}
}

78
sites/all/modules/civicrm/CRM/ACL/Form/EntityRole.php Normal file
View file

@ -0,0 +1,78 @@
<?php
/*
+--------------------------------------------------------------------+
| CiviCRM version 4.7 |
+--------------------------------------------------------------------+
| Copyright CiviCRM LLC (c) 2004-2017 |
+--------------------------------------------------------------------+
| This file is a part of CiviCRM. |
| |
| CiviCRM is free software; you can copy, modify, and distribute it |
| under the terms of the GNU Affero General Public License |
| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
| |
| CiviCRM is distributed in the hope that it will be useful, but |
| WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| See the GNU Affero General Public License for more details. |
| |
| You should have received a copy of the GNU Affero General Public |
| License and the CiviCRM Licensing Exception along |
| with this program; if not, contact CiviCRM LLC |
| at info[AT]civicrm[DOT]org. If you have questions about the |
| GNU Affero General Public License or the licensing of CiviCRM, |
| see the CiviCRM license FAQ at http://civicrm.org/licensing |
+--------------------------------------------------------------------+
*/
/**
*
* @package CRM
* @copyright CiviCRM LLC (c) 2004-2017
*/
class CRM_ACL_Form_EntityRole extends CRM_Admin_Form {
/**
* Build the form object.
*/
public function buildQuickForm() {
parent::buildQuickForm();
if ($this->_action & CRM_Core_Action::DELETE) {
return;
}
$aclRoles = array('' => ts('- select -')) + CRM_Core_OptionGroup::values('acl_role');
$this->add('select', 'acl_role_id', ts('ACL Role'),
$aclRoles, TRUE
);
$label = ts('Assigned to');
$group = array('' => ts('- select group -')) + CRM_Core_PseudoConstant::staticGroup(FALSE, 'Access');
$this->add('select', 'entity_id', $label, $group, TRUE, array('class' => 'crm-select2 huge'));
$this->add('checkbox', 'is_active', ts('Enabled?'));
}
/**
* Process the form submission.
*/
public function postProcess() {
CRM_ACL_BAO_Cache::resetCache();
if ($this->_action & CRM_Core_Action::DELETE) {
CRM_ACL_BAO_EntityRole::del($this->_id);
CRM_Core_Session::setStatus(ts('Selected Entity Role has been deleted.'), ts('Record Deleted'), 'success');
}
else {
$params = $this->controller->exportValues($this->_name);
if ($this->_id) {
$params['id'] = $this->_id;
}
$params['entity_table'] = 'civicrm_group';
CRM_ACL_BAO_EntityRole::create($params);
}
}
}

198
sites/all/modules/civicrm/CRM/ACL/Form/WordPress/Permissions.php Normal file
View file

@ -0,0 +1,198 @@
<?php
/*
+--------------------------------------------------------------------+
| CiviCRM version 4.7 |
+--------------------------------------------------------------------+
| Copyright CiviCRM LLC (c) 2004-2017 |
+--------------------------------------------------------------------+
| This file is a part of CiviCRM. |
| |
| CiviCRM is free software; you can copy, modify, and distribute it |
| under the terms of the GNU Affero General Public License |
| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
| |
| CiviCRM is distributed in the hope that it will be useful, but |
| WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| See the GNU Affero General Public License for more details. |
| |
| You should have received a copy of the GNU Affero General Public |
| License and the CiviCRM Licensing Exception along |
| with this program; if not, contact CiviCRM LLC |
| at info[AT]civicrm[DOT]org. If you have questions about the |
| GNU Affero General Public License or the licensing of CiviCRM, |
| see the CiviCRM license FAQ at http://civicrm.org/licensing |
+--------------------------------------------------------------------+
*/
/**
*
* @package CRM
* @copyright CiviCRM LLC (c) 2004-2017
*/
/**
* This class provides the functionality to Grant access to CiviCRM components and other CiviCRM permissions.
*/
class CRM_ACL_Form_WordPress_Permissions extends CRM_Core_Form {
/**
* Build the form object.
*/
public function buildQuickForm() {
CRM_Utils_System::setTitle('Wordpress Access Control');
// Get the core permissions array
$permissionsArray = self::getPermissionArray();
$permissionsDesc = self::getPermissionArray(TRUE);
// Get the wordpress roles, default capabilities and assign to the form
// TODO: Create a new wordpress role (Anonymous user) and define capabilities in Wordpress Access Control
global $wp_roles;
if (!isset($wp_roles)) {
$wp_roles = new WP_Roles();
}
foreach ($wp_roles->role_names as $role => $name) {
// Dont show the permissions options for administrator, as they have all permissions
if ($role !== 'administrator') {
$roleObj = $wp_roles->get_role($role);
if (!empty($roleObj->capabilities)) {
foreach ($roleObj->capabilities as $ckey => $cname) {
if (array_key_exists($ckey, $permissionsArray)) {
$elementName = $role . '[' . $ckey . ']';
$defaults[$elementName] = 1;
}
}
}
// Compose the checkbox array for each role, to assign to form
$rolePerms[$role] = $permissionsArray;
foreach ($rolePerms[$role] as $key => $value) {
$elementName = $role . '[' . $key . ']';
$this->add('checkbox', $elementName, $value);
}
$roles[$role] = $name;
}
}
$this->setDefaults($defaults);
$descArray = array();
foreach ($permissionsDesc as $perm => $attr) {
if (count($attr) > 1) {
$descArray[$perm] = $attr[1];
}
}
$this->assign('permDesc', $descArray);
$this->assign('rolePerms', $rolePerms);
$this->assign('roles', $roles);
$this->addButtons(
array(
array(
'type' => 'next',
'name' => ts('Save'),
'spacing' => '',
'isDefault' => FALSE,
),
)
);
}
/**
* Process the form submission.
*/
public function postProcess() {
$params = $this->controller->exportValues($this->_name);
$permissionsArray = self::getPermissionArray();
// Function to get Wordpress roles
global $wp_roles;
if (!isset($wp_roles)) {
$wp_roles = new WP_Roles();
}
foreach ($wp_roles->role_names as $role => $name) {
$roleObj = $wp_roles->get_role($role);
//Remove all civicrm capabilities for the role, as there may be some capabilities checkbox unticked
foreach ($permissionsArray as $key => $capability) {
$roleObj->remove_cap($key);
}
//Add the selected wordpress capabilities for the role
$rolePermissions = $params[$role];
if (!empty($rolePermissions)) {
foreach ($rolePermissions as $key => $capability) {
$roleObj->add_cap($key);
}
}
if ($role == 'anonymous_user') {
// Get the permissions into a format that matches what we get from WP
$allWarningPermissions = CRM_Core_Permission::getAnonymousPermissionsWarnings();
foreach ($allWarningPermissions as $key => $permission) {
$allWarningPermissions[$key] = CRM_Utils_String::munge(strtolower($permission));
}
$warningPermissions = array_intersect($allWarningPermissions, array_keys($rolePermissions));
$warningPermissionNames = array();
foreach ($warningPermissions as $permission) {
$warningPermissionNames[$permission] = $permissionsArray[$permission];
}
if (!empty($warningPermissionNames)) {
CRM_Core_Session::setStatus(
ts('The %1 role was assigned one or more permissions that may prove dangerous for users of that role to have. Please reconsider assigning %2 to them.', array(
1 => $wp_roles->role_names[$role],
2 => implode(', ', $warningPermissionNames),
)),
ts('Unsafe Permission Settings')
);
}
}
}
// FIXME
// Changed the 'access_civicrm_nav_link' capability in civicrm.php file
// But for some reason, if i remove 'Access CiviCRM' administrator and save, it is showing
// 'You do not have sufficient permissions to access this page'
// which should not happen for Super Admin and Administrators, as checking permissions for Super
// Admin and Administrators always gives TRUE
wp_civicrm_capability();
CRM_Core_Session::setStatus("", ts('Wordpress Access Control Updated'), "success");
// rebuild the menus to comply with the new permisssions/capabilites
CRM_Core_Invoke::rebuildMenuAndCaches();
CRM_Utils_System::redirect('admin.php?page=CiviCRM&q=civicrm/admin/access&reset=1');
CRM_Utils_System::civiExit();
}
/**
* Get the core civicrm permissions array.
* This function should be shared from a similar one in
* distmaker/utils/joomlaxml.php
*
* @param bool $descriptions
* Whether to return permission descriptions
*
* @return array
* civicrm permissions
*/
public static function getPermissionArray($descriptions = FALSE) {
global $civicrm_root;
$permissions = CRM_Core_Permission::basicPermissions(FALSE, $descriptions);
$perms_array = array();
foreach ($permissions as $perm => $title) {
//order matters here, but we deal with that later
$perms_array[CRM_Utils_String::munge(strtolower($perm))] = $title;
}
return $perms_array;
}
}