diff --git a/CRM/Batch/BAO/Batch.php b/CRM/Batch/BAO/Batch.php index 3b5fbd9481b6..7a4db7ce0529 100644 --- a/CRM/Batch/BAO/Batch.php +++ b/CRM/Batch/BAO/Batch.php @@ -290,6 +290,7 @@ public static function getBatchList(&$params) { switch ($batchStatusByName[$values['status_id']]) { case 'Open': + case 'Reopened': CRM_Utils_Array::remove($newLinks, 'reopen', 'download'); break; @@ -300,6 +301,15 @@ public static function getBatchList(&$params) { case 'Exported': CRM_Utils_Array::remove($newLinks, 'close', 'edit', 'reopen', 'export'); } + if (!CRM_Batch_BAO_Batch::checkBatchPermission('edit', $values['created_id'])) { + CRM_Utils_Array::remove($newLinks, 'close', 'edit', 'export'); + } + if (!CRM_Batch_BAO_Batch::checkBatchPermission('export', $values['created_id'])) { + CRM_Utils_Array::remove($newLinks, 'export', 'download'); + } + if (!CRM_Batch_BAO_Batch::checkBatchPermission('delete', $values['created_id'])) { + CRM_Utils_Array::remove($newLinks, 'delete'); + } } if (!empty($values['type_id'])) { $values['batch_type'] = $batchTypes[$values['type_id']]; @@ -381,6 +391,15 @@ public static function whereClause($params) { "created_id.sort_name", "created_id", ); + if (!CRM_Core_Permission::check("view all manual batches")) { + if (CRM_Core_Permission::check("view own manual batches")) { + $loggedInContactId = CRM_Core_Session::singleton()->get('userID'); + $params['created_id'] = $loggedInContactId; + } + else { + $params['created_id'] = 0; + } + } foreach ($return as $field) { if (!isset($params[$field])) { continue; @@ -775,4 +794,32 @@ public static function getBatchStatuses($batchIds) { return $batches; } + /** + * Function to check permission for batch. + * + * @param string $action + * @param int $batchCreatedId + * batch created by contact id + * + * @return bool + */ + public static function checkBatchPermission($action, $batchCreatedId = NULL) { + if (in_array($action, array('reopen', 'close'))) { + $action = 'edit'; + } + if (CRM_Core_Permission::check("{$action} all manual batches")) { + return TRUE; + } + if (CRM_Core_Permission::check("{$action} own manual batches")) { + $loggedInContactId = CRM_Core_Session::singleton()->get('userID'); + if ($batchCreatedId == $loggedInContactId) { + return TRUE; + } + elseif (CRM_Utils_System::isNull($batchCreatedId)) { + return TRUE; + } + } + return FALSE; + } + } diff --git a/CRM/Financial/Form/BatchTransaction.php b/CRM/Financial/Form/BatchTransaction.php index 457a739b527b..9fd6de50b6ec 100644 --- a/CRM/Financial/Form/BatchTransaction.php +++ b/CRM/Financial/Form/BatchTransaction.php @@ -67,7 +67,7 @@ public function preProcess() { $validStatus = TRUE; } $this->assign('validStatus', $validStatus); - + $this->_values = civicrm_api3('Batch', 'getSingle', array('id' => self::$_entityID)); $batchTitle = CRM_Core_DAO::getFieldValue('CRM_Batch_BAO_Batch', self::$_entityID, 'title'); CRM_Utils_System::setTitle(ts('Accounting Batch - %1', array(1 => $batchTitle))); @@ -100,8 +100,12 @@ public function buildQuickForm() { } parent::buildQuickForm(); - $this->add('submit', 'close_batch', ts('Close Batch')); - $this->add('submit', 'export_batch', ts('Close & Export Batch')); + if (CRM_Batch_BAO_Batch::checkBatchPermission('edit', $this->_values['created_id'])) { + $this->add('submit', 'close_batch', ts('Close Batch')); + if (CRM_Batch_BAO_Batch::checkBatchPermission('export', $this->_values['created_id'])) { + $this->add('submit', 'export_batch', ts('Close & Export Batch')); + } + } // text for sort_name $this->addElement('text', diff --git a/CRM/Financial/Form/Search.php b/CRM/Financial/Form/Search.php index c7d9a0b72032..742c886d3b0c 100644 --- a/CRM/Financial/Form/Search.php +++ b/CRM/Financial/Form/Search.php @@ -99,6 +99,11 @@ public function buildQuickForm() { 'delete' => ts('Delete'), ); + foreach ($batchAction as $action => $ignore) { + if (!CRM_Batch_BAO_Batch::checkBatchPermission($action)) { + unset($batchAction[$action]); + } + } $this->add('select', 'batch_update', ts('Task'),