Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
fee14197 | 4 | | CiviCRM version 5 | |
6a488035 | 5 | +--------------------------------------------------------------------+ |
f299f7db | 6 | | Copyright CiviCRM LLC (c) 2004-2020 | |
6a488035 TO |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
d25dd0ee | 26 | */ |
6a488035 TO |
27 | |
28 | /** | |
29 | * | |
30 | * @package CRM | |
f299f7db | 31 | * @copyright CiviCRM LLC (c) 2004-2020 |
6a488035 TO |
32 | * $Id$ |
33 | * | |
34 | */ | |
35 | ||
36 | /** | |
37 | * | |
38 | */ | |
39 | class CRM_Core_Permission_Base { | |
40 | ||
518fa0ee SL |
41 | /** |
42 | * permission mapping to stub check() calls | |
43 | * @var array | |
44 | */ | |
dcbec360 EM |
45 | public $permissions = NULL; |
46 | ||
085823c1 | 47 | /** |
d09edf64 | 48 | * Translate permission. |
085823c1 | 49 | * |
6ad55d91 EM |
50 | * @param string $perm |
51 | * Permission string e.g "administer CiviCRM", "cms:access user record", "Drupal:administer content", | |
52 | * "Joomla:action:com_asset" | |
53 | * | |
085823c1 | 54 | * @param string $nativePrefix |
6a0b768e TO |
55 | * @param array $map |
56 | * Array($portableName => $nativeName). | |
77b97be7 | 57 | * |
72b3a70c CW |
58 | * @return NULL|string |
59 | * a permission name | |
085823c1 TO |
60 | */ |
61 | public function translatePermission($perm, $nativePrefix, $map) { | |
62 | list ($civiPrefix, $name) = CRM_Utils_String::parsePrefix(':', $perm, NULL); | |
63 | switch ($civiPrefix) { | |
64 | case $nativePrefix: | |
2aa397bc TO |
65 | return $name; |
66 | ||
67 | // pass through | |
085823c1 TO |
68 | case 'cms': |
69 | return CRM_Utils_Array::value($name, $map, CRM_Core_Permission::ALWAYS_DENY_PERMISSION); | |
2aa397bc | 70 | |
085823c1 TO |
71 | case NULL: |
72 | return $name; | |
2aa397bc | 73 | |
085823c1 TO |
74 | default: |
75 | return CRM_Core_Permission::ALWAYS_DENY_PERMISSION; | |
76 | } | |
77 | } | |
78 | ||
42762e35 | 79 | /** |
d09edf64 | 80 | * Get the current permission of this user. |
42762e35 | 81 | * |
a6c01b45 CW |
82 | * @return string |
83 | * the permission of the user (edit or view or null) | |
42762e35 DL |
84 | */ |
85 | public function getPermission() { | |
86 | return CRM_Core_Permission::EDIT; | |
87 | } | |
88 | ||
6a488035 | 89 | /** |
d09edf64 | 90 | * Get the permissioned where clause for the user. |
6a488035 | 91 | * |
6a0b768e TO |
92 | * @param int $type |
93 | * The type of permission needed. | |
94 | * @param array $tables | |
95 | * (reference ) add the tables that are needed for the select clause. | |
96 | * @param array $whereTables | |
97 | * (reference ) add the tables that are needed for the where clause. | |
6a488035 | 98 | * |
a6c01b45 CW |
99 | * @return string |
100 | * the group where clause for this user | |
6a488035 TO |
101 | */ |
102 | public function whereClause($type, &$tables, &$whereTables) { | |
103 | return '( 1 )'; | |
104 | } | |
353ffa53 | 105 | |
6a488035 | 106 | /** |
d09edf64 | 107 | * Get the permissioned where clause for the user when trying to see groups. |
6a488035 | 108 | * |
6a0b768e TO |
109 | * @param int $type |
110 | * The type of permission needed. | |
111 | * @param array $tables | |
112 | * (reference ) add the tables that are needed for the select clause. | |
113 | * @param array $whereTables | |
114 | * (reference ) add the tables that are needed for the where clause. | |
6a488035 | 115 | * |
a6c01b45 CW |
116 | * @return string |
117 | * the group where clause for this user | |
6a488035 TO |
118 | */ |
119 | public function getPermissionedStaticGroupClause($type, &$tables, &$whereTables) { | |
120 | $this->group(); | |
121 | return $this->groupClause($type, $tables, $whereTables); | |
122 | } | |
77b97be7 | 123 | |
6a488035 TO |
124 | /** |
125 | * Get all groups from database, filtered by permissions | |
126 | * for this user | |
127 | * | |
6a0b768e TO |
128 | * @param string $groupType |
129 | * Type of group(Access/Mailing). | |
3f8d2862 CW |
130 | * @param bool $excludeHidden |
131 | * exclude hidden groups. | |
6a488035 | 132 | * |
6a488035 | 133 | * |
a6c01b45 CW |
134 | * @return array |
135 | * array reference of all groups. | |
6a488035 TO |
136 | */ |
137 | public function group($groupType = NULL, $excludeHidden = TRUE) { | |
42762e35 | 138 | return CRM_Core_PseudoConstant::allGroup($groupType, $excludeHidden); |
6a488035 TO |
139 | } |
140 | ||
141 | /** | |
d09edf64 | 142 | * Get group clause for this user. |
6a488035 | 143 | * |
6a0b768e TO |
144 | * @param int $type |
145 | * The type of permission needed. | |
146 | * @param array $tables | |
147 | * (reference ) add the tables that are needed for the select clause. | |
148 | * @param array $whereTables | |
149 | * (reference ) add the tables that are needed for the where clause. | |
6a488035 | 150 | * |
a6c01b45 CW |
151 | * @return string |
152 | * the group where clause for this user | |
6a488035 TO |
153 | */ |
154 | public function groupClause($type, &$tables, &$whereTables) { | |
42762e35 | 155 | return ' (1) '; |
6a488035 TO |
156 | } |
157 | ||
158 | /** | |
100fef9d | 159 | * Given a permission string, check for access requirements |
6a488035 | 160 | * |
6a0b768e TO |
161 | * @param string $str |
162 | * The permission to check. | |
18be3201 | 163 | * @param int $userId |
6a488035 | 164 | * |
6a488035 | 165 | */ |
18be3201 | 166 | public function check($str, $userId = NULL) { |
42762e35 | 167 | //no default behaviour |
6a488035 TO |
168 | } |
169 | ||
170 | /** | |
171 | * Given a roles array, check for access requirements | |
172 | * | |
6a0b768e TO |
173 | * @param array $array |
174 | * The roles to check. | |
6a488035 | 175 | * |
7c550ca0 | 176 | * @return bool |
a6c01b45 | 177 | * true if yes, else false |
6a488035 | 178 | */ |
00be9182 | 179 | public function checkGroupRole($array) { |
6a488035 TO |
180 | return FALSE; |
181 | } | |
182 | ||
183 | /** | |
d09edf64 | 184 | * Get all the contact emails for users that have a specific permission. |
6a488035 | 185 | * |
6a0b768e TO |
186 | * @param string $permissionName |
187 | * Name of the permission we are interested in. | |
6a488035 | 188 | * |
6a488035 TO |
189 | */ |
190 | public function permissionEmails($permissionName) { | |
191 | CRM_Core_Error::fatal("this function only works in Drupal 6 at the moment"); | |
192 | } | |
193 | ||
194 | /** | |
d09edf64 | 195 | * Get all the contact emails for users that have a specific role. |
6a488035 | 196 | * |
6a0b768e TO |
197 | * @param string $roleName |
198 | * Name of the role we are interested in. | |
6a488035 | 199 | * |
6a488035 TO |
200 | */ |
201 | public function roleEmails($roleName) { | |
202 | CRM_Core_Error::fatal("this function only works in Drupal 6 at the moment"); | |
203 | } | |
204 | ||
7fccad46 TO |
205 | /** |
206 | * Determine whether the permission store allows us to store | |
207 | * a list of permissions generated dynamically (eg by | |
208 | * hook_civicrm_permissions.) | |
209 | * | |
210 | * @return bool | |
211 | */ | |
212 | public function isModulePermissionSupported() { | |
213 | return FALSE; | |
214 | } | |
215 | ||
6a488035 | 216 | /** |
0d8fc497 TO |
217 | * Ensure that the CMS supports all the permissions defined by CiviCRM |
218 | * and its extensions. If there are stale permissions, they should be | |
219 | * deleted. This is useful during module upgrade when the newer module | |
220 | * version has removed permission that were defined in the older version. | |
c4bc14ed | 221 | * |
6a0b768e TO |
222 | * @param array $permissions |
223 | * Same format as CRM_Core_Permission::getCorePermissions(). | |
77b97be7 EM |
224 | * |
225 | * @throws CRM_Core_Exception | |
c4bc14ed | 226 | * @see CRM_Core_Permission::getCorePermissions |
6a488035 | 227 | */ |
00be9182 | 228 | public function upgradePermissions($permissions) { |
7fccad46 | 229 | throw new CRM_Core_Exception("Unimplemented method: CRM_Core_Permission_*::upgradePermissions"); |
6a488035 TO |
230 | } |
231 | ||
232 | /** | |
233 | * Get the permissions defined in the hook_civicrm_permission implementation | |
234 | * of the given module. | |
235 | * | |
789565bf TO |
236 | * Note: At time of writing, this is only used with native extension-modules, so |
237 | * there's one, predictable calling convention (regardless of CMS). | |
238 | * | |
77b97be7 EM |
239 | * @param $module |
240 | * | |
16b10e64 CW |
241 | * @return array |
242 | * Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions(). | |
b57fc2e3 | 243 | * @see CRM_Core_Permission::getCorePermissions |
6a488035 | 244 | */ |
00be9182 | 245 | public static function getModulePermissions($module) { |
be2fb01f | 246 | $return_permissions = []; |
789565bf TO |
247 | $fn_name = "{$module}_civicrm_permission"; |
248 | if (function_exists($fn_name)) { | |
be2fb01f | 249 | $module_permissions = []; |
789565bf TO |
250 | $fn_name($module_permissions); |
251 | $return_permissions = $module_permissions; | |
252 | } | |
253 | return $return_permissions; | |
6a488035 TO |
254 | } |
255 | ||
256 | /** | |
257 | * Get the permissions defined in the hook_civicrm_permission implementation | |
258 | * in all enabled CiviCRM module extensions. | |
259 | * | |
54957108 | 260 | * @param bool $descriptions |
261 | * | |
16b10e64 CW |
262 | * @return array |
263 | * Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions(). | |
6a488035 | 264 | */ |
f1db52b9 | 265 | public function getAllModulePermissions($descriptions = FALSE) { |
be2fb01f | 266 | $permissions = []; |
6a488035 | 267 | CRM_Utils_Hook::permission($permissions); |
f1db52b9 AH |
268 | |
269 | if ($descriptions) { | |
270 | foreach ($permissions as $permission => $label) { | |
be2fb01f | 271 | $permissions[$permission] = (is_array($label)) ? $label : [$label]; |
f1db52b9 AH |
272 | } |
273 | } | |
274 | else { | |
275 | foreach ($permissions as $permission => $label) { | |
276 | $permissions[$permission] = (is_array($label)) ? array_shift($label) : $label; | |
277 | } | |
278 | } | |
6a488035 TO |
279 | return $permissions; |
280 | } | |
96025800 | 281 | |
6a488035 | 282 | } |