Commit | Line | Data |
---|---|---|
3d3a7160 CW |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
4 | | Copyright CiviCRM LLC. All rights reserved. | | |
5 | | | | |
6 | | This work is published under the GNU AGPLv3 license with some | | |
7 | | permitted exceptions and without any warranty. For full license | | |
8 | | and copyright information, see https://civicrm.org/licensing | | |
9 | +--------------------------------------------------------------------+ | |
10 | */ | |
11 | ||
12 | /** | |
13 | * | |
14 | * @package CRM | |
15 | * @copyright CiviCRM LLC https://civicrm.org/licensing | |
16 | */ | |
17 | ||
18 | /** | |
19 | * Trait for with entities with an entity_table + entity_id dynamic FK. | |
20 | */ | |
21 | trait CRM_Core_DynamicFKAccessTrait { | |
22 | ||
23 | /** | |
24 | * @param string $action | |
25 | * @param array $record | |
26 | * @param int|NULL $userID | |
27 | * @return bool | |
28 | * @see CRM_Core_DAO::checkAccess | |
29 | */ | |
30 | public static function _checkAccess(string $action, array $record, $userID): bool { | |
31 | $eid = $record['entity_id'] ?? NULL; | |
32 | $table = $record['entity_table'] ?? NULL; | |
33 | if (!$eid && !empty($record['id'])) { | |
34 | $eid = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], 'entity_id'); | |
35 | } | |
36 | if ($eid && !$table && !empty($record['id'])) { | |
37 | $table = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], 'entity_table'); | |
38 | } | |
39 | if ($eid && $table) { | |
40 | $bao = CRM_Core_DAO_AllCoreTables::getBAOClassName(CRM_Core_DAO_AllCoreTables::getClassForTable($table)); | |
41 | return $bao::checkAccess(CRM_Core_Permission::EDIT, ['id' => $eid], $userID); | |
42 | } | |
43 | return TRUE; | |
44 | } | |
45 | ||
46 | } |