Move permission checks from Query & BAO to financialacl extension

civicrm · Jan 13, 2022 · 43c606e · 43c606e
1 parent 26b3fea
commit 43c606e
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 35 deletions.
diff --git a/CRM/Contribute/BAO/Contribution.php b/CRM/Contribute/BAO/Contribution.php
@@ -1157,34 +1157,7 @@ protected static function disconnectPledgePaymentsIfCancelled(int $pledgePayment
   }
 
   /**
-   * @inheritDoc
-   */
-  public function addSelectWhereClause() {
-    $whereClauses = parent::addSelectWhereClause();
-    if ($whereClauses !== []) {
-      // In this case permisssions have been applied & we assume the
-      // financialaclreport is applying these
-      // https://github.com/JMAConsulting/biz.jmaconsulting.financialaclreport/blob/master/financialaclreport.php#L107
-      return $whereClauses;
-    }
-
-    if (!CRM_Financial_BAO_FinancialType::isACLFinancialTypeStatus()) {
-      return $whereClauses;
-    }
-    $types = CRM_Financial_BAO_FinancialType::getAllEnabledAvailableFinancialTypes();
-    if (empty($types)) {
-      $whereClauses['financial_type_id'] = 'IN (0)';
-    }
-    else {
-      $whereClauses['financial_type_id'] = [
-        'IN (' . implode(',', array_keys($types)) . ')',
-      ];
-    }
-    return $whereClauses;
-  }
-
-  /**
-   * @param null $status
+   * @param string $status
    * @param null $startDate
    * @param null $endDate
    *

diff --git a/CRM/Financial/BAO/FinancialType.php b/CRM/Financial/BAO/FinancialType.php
@@ -355,11 +355,7 @@ public static function buildPermissionedClause(string $component): string {
       return '';
     }
     if ($component === 'contribution') {
-      $types = array_keys(self::getAllEnabledAvailableFinancialTypes());
-      if (empty($types)) {
-        $types = [0];
-      }
-      $clauses[] = ' civicrm_contribution.financial_type_id IN (' . implode(',', $types) . ')';
+      $clauses = CRM_Contribute_BAO_Contribution::getSelectWhereClause();
     }
     if ($component === 'membership') {
       self::getAvailableMembershipTypes($types, CRM_Core_Action::VIEW);

diff --git a/ext/financialacls/financialacls.php b/ext/financialacls/financialacls.php
@@ -139,6 +139,7 @@ function financialacls_civicrm_selectWhereClause($entity, &$clauses) {
     case 'LineItem':
     case 'MembershipType':
     case 'ContributionRecur':
+    case 'Contribution':
       $clauses['financial_type_id'] = _financialacls_civicrm_get_type_clause();
       break;
 

diff --git a/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php b/ext/financialacls/tests/phpunit/Civi/Financialacls/FinancialTypeTest.php
@@ -81,15 +81,15 @@ public function testBuildPermissionedClause(): void {
       'view contributions of type Member Dues',
     ]);
     $whereClause = \CRM_Financial_BAO_FinancialType::buildPermissionedClause('contribution');
-    $this->assertEquals(' civicrm_contribution.financial_type_id IN (1,2)', $whereClause);
+    $this->assertEquals('(`civicrm_contribution`.`financial_type_id` IS NULL OR (`civicrm_contribution`.`financial_type_id` IN (1,2)))', $whereClause);
     $this->setPermissions([
       'view contributions of type Donation',
       'view contributions of type Member Dues',
       'view contributions of type Event Fee',
     ]);
 
     $whereClause = \CRM_Financial_BAO_FinancialType::buildPermissionedClause('contribution');
-    $this->assertEquals(' civicrm_contribution.financial_type_id IN (1,4,2)', $whereClause);
+    $this->assertEquals('(`civicrm_contribution`.`financial_type_id` IS NULL OR (`civicrm_contribution`.`financial_type_id` IN (1,4,2)))', $whereClause);
   }
 
 }