CiviCRM Community Forums (archive)

Despite my best trainings (web videos, etc) it seems there is always a new staffer coming on board at one of my Orgs that doesn't take the time to learn or isn't properly trained by their peers.

Invariably, some staff member with some degree of Admin permissions like for instance:
administer CiviCRM  (at the very least)
edit all contacts
edit all events
edit contributions
edit event participants
edit groups
edit memberships
ends up going to a public form while logged in as an admin and entering in someone else's info.  Like for instance Sally Admin uses the public "Donation" Page to enter a new contribution she has received in the mail from Joe Jones.  This, of course, screws up Sally Admin's own Contact info and fails to create a new Contact for Joe Jones, because she is logged in as an admin, get it?  This has happened at least 5 times in the last year.

Well, I'd like to "idiot proof" this little system a bit and provide some kind of a warning on the CRM/Contribute/Form/Contribution/Main.tpl that checks for one of the above permissions, and if exists, displays a warning like this.

Warning: You are currently logged in as an administrator.  Entering Contact information for someone else on this page will overwrite your own Contact information and result in a failure to enter the transaction properly.  Use the <a href="/civicrm">Admin</a> area to enter other people's data unless you actually intend to enter a transaction for yourself.

Sound good?

I'm happy to submit the patch, just need to know how to check permissions on the .tpl to display the warning.  

Thanks, that's good info.  It makes sense that the warning should only appear for certain roles and/or permissions, and these should be configurable to an extent.  My inclination is to make the warning appear for certain Drupal roles.  So I would have to figure out how to access user roles from the $session->get( 'ufID' )