Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-13179

Contribution & event registration forms - allow users with permissions to select another user

    Details

    • Type: Bug
    • Status: Done/Fixed
    • Priority: Minor
    • Resolution: Fixed/Completed
    • Affects Version/s: 4.4.0
    • Fix Version/s: 4.4.0
    • Component/s: None
    • Labels:
      None

      Description

      This registration-of-others / back-office data entry issue has been a huge painpoint in CiviCRM for a long time.

      Pieces
      1) if someone goes to contribution page or event page with cid=0 in the url they can fill the form in on behalf of someone else - this is already in 4.4

      2) if they have permission to edit at least 1 contact in the database they can select the contact from an autocomplete and if they also have 'access ajax rest' permission any profiles on the page for that person will autofill appropriately.

      3) contribution page can be configured with available relationships. If there are available relationships and a new contact is being created then the logged in user will be given a permissioned relationship to that contact of the type they select (if any). This involves an extra field on the contribution_page table

      4) participant pages ditto per #3

      Status

      1) at the moment all of the above is working on contribution forms & participant pages

      2) however, the UI is not quite there on showing / hiding the create vs select & the select relationship is looking a little odd.

      3) no effort has been made to add a link to the 'cid'=0 url for contribution & receipts still go the person on whose behalf the form has been filled.

      4) @ todo (just thought of) ensure that the relationship is not created if the new contact matches a dedupe

      5) I think I need a form rule to only allow the relationship stuff when multiple participants is not enabled as I haven't worked through that flow

      Notes

      1) There is relatively little change to 'normal' sites as you get no changes without cid=0 in the url. However the event part will create a small change - but only for logged in users who have permission to view other people OR for events with relationships enabled.

      2) adding the Access AJAX API permission is a bit obscure. It is not required for users with Access CiviCRM & I don't know the other implications.

      3) note that the profile api is permissioned on both contact access & profile access so if you see it through the api you can see it through the web).

      4) although this creates a permissioned contact relationship sites need to install the extension if they want to elevate this to a full ACL over the contact

        Attachments

        1. Screen Shot 2013-08-16 at 1.35.44 PM.PNG
          78 kB
          David Greenberg
        2. Screen Shot 2013-08-16 at 1.48.40 PM.PNG
          39 kB
          David Greenberg
        3. Screen Shot 2013-08-16 at 2.37.22 PM.PNG
          161 kB
          David Greenberg
        4. Screen Shot 2013-08-16 at 2.38.10 PM.PNG
          148 kB
          David Greenberg

          Issue Links

            Activity

              People

              • Assignee:
                eileen Eileen McNaughton
                Reporter:
                eileen Eileen McNaughton
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: