CRM-16836 - make Basic Search form group select respect ACLs

[davejenx]

Overview

See full description at CRM-16836 Basic Search form group select does not respect ACLs.
The group selector on the Basic Search form is showing all groups, for an ACL'd user who should only be able to see a restricted set of groups.
This was a regression between 4.4.14 and 4.6.4

Before

For an ACL'd user who should only be able to see a restricted set of groups, the group selector on the Basic Search form shows all groups.

After

For an ACL'd user who should only be able to see a restricted set of groups, the group selector on the Basic Search form shows only the groups they are permitted to see.

Technical Details

This is fixing a regression. The simplest way to fix was to revert the relevant part of the commit that caused the issue, but discussion on JIRA seemed to favour retaining the change from
$this->add('select', 'group', ...
to
$this->addSelect('group', ...
So I followed @eileenmcnaughton's suggestion to specify 'options' in the call to addSelect(). I populated options using the same CRM_Contact_BAO_Group::getGroupsHierarchy() call that is used in Advanced Search, which respects ACLs.

Comments

See discussion in comments on JIRA.

[seamuslee001]

Jenkins re test this please

[seamuslee001]

I masquaraded as an ACLed user on AUG test box. Confirmed on basic search that originally the list of groups was not limited to what the ACLed user should see. Applying the patch limited the groups correctly

This works as expected and i approve this @eileenmcnaughton @totten @monishdeb

[seamuslee001]

Jenkins re test this please

[eileenmcnaughton]

If jenkins & @seamuslee001 approve it I think this is good to go. Change looks good & sensible. Seamus & Dave are both known to have dealt with group performance issues so I put weight on their testing from that point of view

[seamuslee001]

@eileenmcnaughton Jenkins has passed