Skip to content

Commit 5ebc974

Browse files
EdzelopezEdzelopez
committed
Merge pull request civicrm#4 from Edzelopez/CIVI-28
Civi 28
2 parents fd890d4 + 8bde586 commit 5ebc974

File tree

2 files changed

+36
-1
lines changed

2 files changed

+36
-1
lines changed

CRM/Contribute/Form/Contribution.php

+19-1
Original file line numberDiff line numberDiff line change
@@ -489,6 +489,14 @@ public function setDefaultValues() {
489489
* Build the form object.
490490
*/
491491
public function buildQuickForm() {
492+
493+
// FIXME: This probably needs to be done in preprocess
494+
if ($this->_action & CRM_Core_Action::UPDATE) {
495+
$financialTypeID = CRM_Contribute_PseudoConstant::financialType($this->_values['financial_type_id']);
496+
if (!CRM_Core_Permission::check('edit contributions of type ' . $financialTypeID)) {
497+
CRM_Core_Error::fatal(ts('You do not have permission to access this page.'));
498+
}
499+
}
492500
//@todo document the purpose of cdType (if still in use)
493501
if ($this->_cdType) {
494502
CRM_Custom_Form_CustomData::buildQuickForm($this);
@@ -641,13 +649,23 @@ public function buildQuickForm() {
641649
}
642650

643651
$attributes = CRM_Core_DAO::getAttribute('CRM_Contribute_DAO_Contribution');
652+
653+
// Check permissions for financial type first
654+
$financialTypes = CRM_Contribute_PseudoConstant::financialType();
655+
656+
foreach ($financialTypes as $finTypeId => $type) {
657+
if (!CRM_Core_Permission::check('add new contributions of type ' . $type)) {
658+
unset($financialTypes[$finTypeId]);
659+
}
660+
}
644661

645662
$financialType = $this->add('select', 'financial_type_id',
646663
ts('Financial Type'),
647-
array('' => ts('- select -')) + CRM_Contribute_PseudoConstant::financialType(),
664+
array('' => ts('- select -')) + $financialTypes,
648665
TRUE,
649666
array('onChange' => "CRM.buildCustomData( 'Contribution', this.value );")
650667
);
668+
651669
$paymentInstrument = FALSE;
652670
if (!$this->_mode) {
653671
$paymentInstrument = $this->add('select', 'payment_instrument_id',

CRM/Financial/BAO/FinancialType.php

+17
Original file line numberDiff line numberDiff line change
@@ -188,4 +188,21 @@ public static function getIncomeFinancialType() {
188188
return $financialType;
189189
}
190190

191+
/**
192+
* adding permissions for financial types
193+
*
194+
*
195+
* @param array $permissions an array of permissions
196+
*/
197+
public static function permissionedFinancialTypes(&$permissions) {
198+
$financialTypes = CRM_Contribute_PseudoConstant::financialType();
199+
$prefix = ts('CiviCRM') . ': ';
200+
foreach ($financialTypes as $id => $type) {
201+
$permissions['add new contributions of type ' . $type] = $prefix . ts('add new contributions of type ' . $type);
202+
$permissions['view contributions of type ' . $type] = $prefix . ts('view contributions of type ' . $type);
203+
$permissions['edit contributions of type ' . $type] = $prefix . ts('edit contributions of type ' . $type);
204+
$permissions['delete contributions of type ' . $type] = $prefix . ts('delete contributions of type ' . $type);
205+
}
206+
$permissions['administer CiviCRM Financial Types'] = $prefix . ts('administer CiviCRM Financial Types');
207+
}
191208
}

0 commit comments

Comments
 (0)