Commit | Line | Data |
---|---|---|
3d3a7160 CW |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
4 | | Copyright CiviCRM LLC. All rights reserved. | | |
5 | | | | |
6 | | This work is published under the GNU AGPLv3 license with some | | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
9 | +--------------------------------------------------------------------+ | |
10 | */ | |
11 | ||
12 | /** | |
13 | * | |
14 | * @package CRM | |
15 | * @copyright CiviCRM LLC https://civicrm.org/licensing | |
16 | */ | |
17 | ||
18 | /** | |
19 | * Trait for with entities with an entity_table + entity_id dynamic FK. | |
20 | */ | |
21 | trait CRM_Core_DynamicFKAccessTrait { | |
22 | ||
23 | /** | |
a5d0f31a | 24 | * @param string $entityName |
3d3a7160 CW |
25 | * @param string $action |
26 | * @param array $record | |
70da3927 | 27 | * @param int $userID |
3d3a7160 CW |
28 | * @return bool |
29 | * @see CRM_Core_DAO::checkAccess | |
30 | */ | |
70da3927 | 31 | public static function _checkAccess(string $entityName, string $action, array $record, int $userID): bool { |
3d3a7160 CW |
32 | $eid = $record['entity_id'] ?? NULL; |
33 | $table = $record['entity_table'] ?? NULL; | |
34 | if (!$eid && !empty($record['id'])) { | |
35 | $eid = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], 'entity_id'); | |
36 | } | |
37 | if ($eid && !$table && !empty($record['id'])) { | |
38 | $table = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], 'entity_table'); | |
39 | } | |
40 | if ($eid && $table) { | |
11ee29de | 41 | $targetEntity = CRM_Core_DAO_AllCoreTables::getEntityNameForTable($table); |
997e2e68 TO |
42 | if ($targetEntity === NULL) { |
43 | throw new \API_Exception(sprintf('Cannot resolve permissions for dynamic foreign key in "%s". Invalid table reference "%s".', | |
44 | static::getTableName(), $table)); | |
45 | } | |
6ea81ac6 | 46 | return \Civi\Api4\Utils\CoreUtil::checkAccessDelegated($targetEntity, 'update', ['id' => $eid], $userID); |
3d3a7160 CW |
47 | } |
48 | return TRUE; | |
49 | } | |
50 | ||
51 | } |