CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Developer Discussion »
  • APIs and Hooks (Moderator: Donald Lobo) »
  • [permissions] accessing admin part code from frontend form
Pages: [1]

Author Topic: [permissions] accessing admin part code from frontend form  (Read 1029 times)

mh

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.1.1
  • CMS version: joomla 2.5.3
  • MySQL version: 5.1.61
  • PHP version: 5.3.6
[permissions] accessing admin part code from frontend form
April 05, 2012, 09:49:34 am
Hi,

I found that there is problem when I'm trying to call /administrator/ related url from frontend form using AJAX.

It's related to the issue with profile form that includes contact reference field presented via frontend. Currently it's buggy because it is trying to call wrong url, without /administrator/ prefix. Unfortunately, after fixing that another issue appears - permissions issue with calling backend code from frontend.
Interesting thing is that when I'm logged in same time as admin I can run it without problem.

Is there existing solution for calling backend urls/code when viewing frontend form by any user ?

thanks!
best,
Marek Handze

Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: [permissions] accessing admin part code from frontend form
April 05, 2012, 12:03:34 pm

can u elaborate a bit more on:

1. What did u do to fix it?

2. The frontend should always call the frontend url. all functionality is exposed to both frontend and backend limited by permissions

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions

mh

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.1.1
  • CMS version: joomla 2.5.3
  • MySQL version: 5.1.61
  • PHP version: 5.3.6
Re: [permissions] accessing admin part code from frontend form
April 05, 2012, 12:36:18 pm
There is issue with accessing profile form that contains contact reference input field.

It's handled by code in "templates/CRM/Custom/Form/ContactReference.tpl" for both admin preview and frontend (called via i.e. menu).

Line 29 "var url" called via AJAX is:
1. for admin like -  /administrator/index.php?option=com_civicrm&task=civicrm/ajax/contactref&Itemid=469&context=customfield&id=1
2. for frontend it's like: /index.php?option=com_civicrm&task=civicrm/ajax/contactref&Itemid=469&context=customfield&id=1


Only admin version of that url is working (only when admin user is logged in that session). Second return error (always).
I was going to fix that forcing frontend to use admin url in that case, but maybe there is another solution ?
best,
Marek Handze

mh

  • I’m new here
  • *
  • Posts: 3
  • Karma: 0
  • CiviCRM version: 4.1.1
  • CMS version: joomla 2.5.3
  • MySQL version: 5.1.61
  • PHP version: 5.3.6
Re: [permissions] accessing admin part code from frontend form
May 01, 2012, 03:37:06 am
I did more investigation about that issue.
Contact ref field called via frontend return that backtrace via AJAX (in input field) calling
that url: /index.php?option=com_civicrm&task=civicrm/ajax/contactref&Itemid=469&context=customfield&id=1

Quote
<strong>Function</strong>         <strong>Location</strong>                 
1     JSite->dispatch()         /home/marek/public_html/j1741b2/index.php:43
2     JComponentHelper::renderComponent()       /home/marek/public_html/j1741b2/includes/application.php:191             
3     require_once()        /home/marek/public_html/j1741b2/libraries/joomla/application/component/helper.php:156   
4     civicrm_invoke()          /home/marek/public_html/j1741b2/components/com_civicrm/civicrm.php:24                 
5     CRM_Core_Invoke::invoke()         /home/marek/public_html/j1741b2/components/com_civicrm/civicrm.php:80                 
6     CRM_Utils_System::permissionDenied()          /home/marek/public_html/j1741b2/administrator/components/com_civicrm/civicrm/CRM/Core/Invoke.php:147                   
7     CRM_Utils_System_Joomla->permissionDenied()       /home/marek/public_html/j1741b2/administrator/components/com_civicrm/civicrm/CRM/Utils/System.php:185                 
8     CRM_Core_Error::fatal()       /home/marek/public_html/j1741b2/administrator/components/com_civicrm/civicrm/CRM/Utils/System/Joomla.php:500                   
9     JError::raiseError()          /home/marek/public_html/j1741b2/administrator/components/com_civicrm/civicrm/CRM/Core/Error.php:307               
10    JError::raise()       /home/marek/public_html/j1741b2/libraries/joomla/error/error.php:250     

</table>CiviCRM-001 - Error: CiviCRM-001</title>

It looks like there is problem with permissions for calling that code ?
best,
Marek Handze
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Developer Discussion »
  • APIs and Hooks (Moderator: Donald Lobo) »
  • [permissions] accessing admin part code from frontend form

This forum was archived on 2017-11-26.