You are here

Home » API reference » Webform CiviCRM Integration 8.5 » ContactComponent.php » ContactComponent

function ContactComponent::wf_crm_contact_access in Webform CiviCRM Integration 8.5

Load contact name if user has permission. Else return FALSE.

Parameters

$component: Webform component of type 'civicrm_contact'

$filters: Contact get params

$cid: Contact id

Return value

bool|string

Overrides ContactComponentInterface::wf_crm_contact_access

File

src/ContactComponent.php, line 176

Class

ContactComponent
Class ContactComponent

Namespace

Drupal\webform_civicrm

Code

function wf_crm_contact_access($component, $filters, $cid) {
  $utils = \Drupal::service('webform_civicrm.utils');

  // Create new contact doesn't require lookup
  $cid = (string) $cid;
  $component['#form_key'] = $component['#form_key'] ?? $component['#webform_key'];
  list(, $c, ) = explode('_', $component['#form_key'], 3);
  if (!empty($component['#none_prompt']) && !empty($component['#allow_create']) && $cid && strpos($cid, '-') === 0) {
    return Html::escape($component['#none_prompt']);
  }
  if (!is_numeric($cid)) {
    return FALSE;
  }
  $filters['id'] = $cid;
  $filters['is_deleted'] = 0;

  // A contact always has permission to view self
  if ($cid == $utils
    ->wf_crm_user_cid()) {
    $filters['check_permissions'] = FALSE;
  }
  if (!empty($filters['check_permissions'])) {

    // If we have a valid checksum for this contact, bypass other permission checks
    // For legacy reasons we support "cid" param as an alias of "cid1"
    // ToDo use: \Drupal::request()->query->all();
    if (wf_crm_aval($_GET, "cid{$c}") == $cid || $c == 1 && wf_crm_aval($_GET, "cid") == $cid) {

      // For legacy reasons we support "cs" param as an alias of "cs1"
      if (!empty($_GET['cs']) && $c == 1 && \CRM_Contact_BAO_Contact_Utils::validChecksum($cid, $_GET['cs'])) {
        $filters['check_permissions'] = FALSE;
      }
      elseif (!empty($_GET["cs{$c}"]) && \CRM_Contact_BAO_Contact_Utils::validChecksum($cid, $_GET["cs{$c}"])) {
        $filters['check_permissions'] = FALSE;
      }
    }
  }

  // Fetch contact name with filters applied
  $result = $utils
    ->wf_civicrm_api('contact', 'get', $filters);
  return $this
    ->wf_crm_format_contact(wf_crm_aval($result, "values:{$cid}"), [
    'display_name',
  ]);
}