[civicrm-core.git] / CRM / Core / DynamicFKAccessTrait.php

<?php
/*
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC. All rights reserved.                        |
 |                                                                    |
 | This work is published under the GNU AGPLv3 license with some      |
 | permitted exceptions and without any warranty. For full license    |
 | and copyright information, see https://civicrm.org/licensing       |
 +--------------------------------------------------------------------+
 */

/**
 *
 * @package CRM
 * @copyright CiviCRM LLC https://civicrm.org/licensing
 */

/**
 * Trait for with entities with an entity_table + entity_id dynamic FK.
 */
trait CRM_Core_DynamicFKAccessTrait {

  /**
   * @param string $action
   * @param array $record
   * @param int|NULL $userID
   * @return bool
   * @see CRM_Core_DAO::checkAccess
   */
  public static function _checkAccess(string $action, array $record, $userID): bool {
    $eid = $record['entity_id'] ?? NULL;
    $table = $record['entity_table'] ?? NULL;
    if (!$eid && !empty($record['id'])) {
      $eid = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], 'entity_id');
    }
    if ($eid && !$table && !empty($record['id'])) {
      $table = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], 'entity_table');
    }
    if ($eid && $table) {
      $bao = CRM_Core_DAO_AllCoreTables::getBAOClassName(CRM_Core_DAO_AllCoreTables::getClassForTable($table));
      return $bao::checkAccess(CRM_Core_Permission::EDIT, ['id' => $eid], $userID);
    }
    return TRUE;
  }

}
Commit	Line	Data
3d3a7160 CW	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
	4	\| Copyright CiviCRM LLC. All rights reserved. \|
	5	\| \|
	6	\| This work is published under the GNU AGPLv3 license with some \|
	7	\| permitted exceptions and without any warranty. For full license \|
	8	\| and copyright information, see https://civicrm.org/licensing \|
	9	+--------------------------------------------------------------------+
	10	*/
	11
	12	/**
	13	*
	14	* @package CRM
	15	* @copyright CiviCRM LLC https://civicrm.org/licensing
	16	*/
	17
	18	/**
	19	* Trait for with entities with an entity_table + entity_id dynamic FK.
	20	*/
	21	trait CRM_Core_DynamicFKAccessTrait {
	22
	23	/**
	24	* @param string $action
	25	* @param array $record
	26	* @param int\|NULL $userID
	27	* @return bool
	28	* @see CRM_Core_DAO::checkAccess
	29	*/
	30	public static function _checkAccess(string $action, array $record, $userID): bool {
	31	$eid = $record['entity_id'] ?? NULL;
	32	$table = $record['entity_table'] ?? NULL;
	33	if (!$eid && !empty($record['id'])) {
	34	$eid = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], 'entity_id');
	35	}
	36	if ($eid && !$table && !empty($record['id'])) {
	37	$table = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], 'entity_table');
	38	}
	39	if ($eid && $table) {
	40	$bao = CRM_Core_DAO_AllCoreTables::getBAOClassName(CRM_Core_DAO_AllCoreTables::getClassForTable($table));
	41	return $bao::checkAccess(CRM_Core_Permission::EDIT, ['id' => $eid], $userID);
	42	}
	43	return TRUE;
	44	}
	45
	46	}