Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
06b69b18 | 4 | | CiviCRM version 4.5 | |
6a488035 | 5 | +--------------------------------------------------------------------+ |
06b69b18 | 6 | | Copyright CiviCRM LLC (c) 2004-2014 | |
6a488035 TO |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
26 | */ | |
27 | ||
28 | /** | |
29 | * | |
30 | * @package CRM | |
06b69b18 | 31 | * @copyright CiviCRM LLC (c) 2004-2014 |
6a488035 TO |
32 | * $Id$ |
33 | * | |
34 | */ | |
35 | ||
36 | /** | |
37 | * | |
38 | */ | |
39 | class CRM_Core_Permission_Base { | |
40 | ||
dcbec360 EM |
41 | // permission mapping to stub check() calls |
42 | public $permissions = NULL; | |
43 | ||
085823c1 TO |
44 | /** |
45 | * Translate permission | |
46 | * | |
77b97be7 | 47 | * @param $perm |
085823c1 TO |
48 | * @param string $nativePrefix |
49 | * @param array $map array($portableName => $nativeName) | |
77b97be7 EM |
50 | * |
51 | * @internal param string $name e.g. "administer CiviCRM", "cms:access user record", "Drupal:administer content", "Joomla:action:com_asset" | |
085823c1 TO |
52 | * @return NULL|string a permission name |
53 | */ | |
54 | public function translatePermission($perm, $nativePrefix, $map) { | |
55 | list ($civiPrefix, $name) = CRM_Utils_String::parsePrefix(':', $perm, NULL); | |
56 | switch ($civiPrefix) { | |
57 | case $nativePrefix: | |
58 | return $name; // pass through | |
59 | case 'cms': | |
60 | return CRM_Utils_Array::value($name, $map, CRM_Core_Permission::ALWAYS_DENY_PERMISSION); | |
61 | case NULL: | |
62 | return $name; | |
63 | default: | |
64 | return CRM_Core_Permission::ALWAYS_DENY_PERMISSION; | |
65 | } | |
66 | } | |
67 | ||
42762e35 | 68 | /** |
100fef9d | 69 | * Get the current permission of this user |
42762e35 DL |
70 | * |
71 | * @return string the permission of the user (edit or view or null) | |
72 | */ | |
73 | public function getPermission() { | |
74 | return CRM_Core_Permission::EDIT; | |
75 | } | |
76 | ||
6a488035 TO |
77 | /** |
78 | * Get the permissioned where clause for the user | |
79 | * | |
80 | * @param int $type the type of permission needed | |
81 | * @param array $tables (reference ) add the tables that are needed for the select clause | |
82 | * @param array $whereTables (reference ) add the tables that are needed for the where clause | |
83 | * | |
84 | * @return string the group where clause for this user | |
85 | * @access public | |
86 | */ | |
87 | public function whereClause($type, &$tables, &$whereTables) { | |
88 | return '( 1 )'; | |
89 | } | |
90 | /** | |
91 | * Get the permissioned where clause for the user when trying to see groups | |
92 | * | |
93 | * @param int $type the type of permission needed | |
94 | * @param array $tables (reference ) add the tables that are needed for the select clause | |
95 | * @param array $whereTables (reference ) add the tables that are needed for the where clause | |
96 | * | |
97 | * @return string the group where clause for this user | |
98 | * @access public | |
99 | */ | |
100 | public function getPermissionedStaticGroupClause($type, &$tables, &$whereTables) { | |
101 | $this->group(); | |
102 | return $this->groupClause($type, $tables, $whereTables); | |
103 | } | |
77b97be7 | 104 | |
6a488035 TO |
105 | /** |
106 | * Get all groups from database, filtered by permissions | |
107 | * for this user | |
108 | * | |
77b97be7 EM |
109 | * @param string $groupType type of group(Access/Mailing) |
110 | * @param bool|\boolen $excludeHidden exclude hidden groups. | |
6a488035 TO |
111 | * |
112 | * @access public | |
113 | * | |
114 | * @return array - array reference of all groups. | |
6a488035 TO |
115 | */ |
116 | public function group($groupType = NULL, $excludeHidden = TRUE) { | |
42762e35 | 117 | return CRM_Core_PseudoConstant::allGroup($groupType, $excludeHidden); |
6a488035 TO |
118 | } |
119 | ||
120 | /** | |
42762e35 | 121 | * Get group clause for this user |
6a488035 TO |
122 | * |
123 | * @param int $type the type of permission needed | |
42762e35 DL |
124 | * @param array $tables (reference ) add the tables that are needed for the select clause |
125 | * @param array $whereTables (reference ) add the tables that are needed for the where clause | |
6a488035 | 126 | * |
42762e35 | 127 | * @return string the group where clause for this user |
6a488035 TO |
128 | * @access public |
129 | */ | |
130 | public function groupClause($type, &$tables, &$whereTables) { | |
42762e35 | 131 | return ' (1) '; |
6a488035 TO |
132 | } |
133 | ||
134 | /** | |
100fef9d | 135 | * Given a permission string, check for access requirements |
6a488035 TO |
136 | * |
137 | * @param string $str the permission to check | |
138 | * | |
139 | * @return boolean true if yes, else false | |
140 | * @access public | |
141 | */ | |
142 | ||
143 | function check($str) { | |
42762e35 | 144 | //no default behaviour |
6a488035 TO |
145 | } |
146 | ||
147 | /** | |
148 | * Given a roles array, check for access requirements | |
149 | * | |
150 | * @param array $array the roles to check | |
151 | * | |
152 | * @return boolean true if yes, else false | |
153 | * @access public | |
154 | */ | |
42762e35 | 155 | |
6a488035 TO |
156 | function checkGroupRole($array) { |
157 | return FALSE; | |
158 | } | |
159 | ||
160 | /** | |
161 | * Get all the contact emails for users that have a specific permission | |
162 | * | |
163 | * @param string $permissionName name of the permission we are interested in | |
164 | * | |
165 | * @return string a comma separated list of email addresses | |
166 | */ | |
167 | public function permissionEmails($permissionName) { | |
168 | CRM_Core_Error::fatal("this function only works in Drupal 6 at the moment"); | |
169 | } | |
170 | ||
171 | /** | |
172 | * Get all the contact emails for users that have a specific role | |
173 | * | |
174 | * @param string $roleName name of the role we are interested in | |
175 | * | |
176 | * @return string a comma separated list of email addresses | |
177 | */ | |
178 | public function roleEmails($roleName) { | |
179 | CRM_Core_Error::fatal("this function only works in Drupal 6 at the moment"); | |
180 | } | |
181 | ||
7fccad46 TO |
182 | /** |
183 | * Determine whether the permission store allows us to store | |
184 | * a list of permissions generated dynamically (eg by | |
185 | * hook_civicrm_permissions.) | |
186 | * | |
187 | * @return bool | |
188 | */ | |
189 | public function isModulePermissionSupported() { | |
190 | return FALSE; | |
191 | } | |
192 | ||
6a488035 | 193 | /** |
0d8fc497 TO |
194 | * Ensure that the CMS supports all the permissions defined by CiviCRM |
195 | * and its extensions. If there are stale permissions, they should be | |
196 | * deleted. This is useful during module upgrade when the newer module | |
197 | * version has removed permission that were defined in the older version. | |
c4bc14ed | 198 | * |
0d8fc497 | 199 | * @param array $permissions same format as CRM_Core_Permission::getCorePermissions(). |
77b97be7 EM |
200 | * |
201 | * @throws CRM_Core_Exception | |
c4bc14ed | 202 | * @see CRM_Core_Permission::getCorePermissions |
6a488035 | 203 | */ |
0d8fc497 | 204 | function upgradePermissions($permissions) { |
7fccad46 | 205 | throw new CRM_Core_Exception("Unimplemented method: CRM_Core_Permission_*::upgradePermissions"); |
6a488035 TO |
206 | } |
207 | ||
208 | /** | |
209 | * Get the permissions defined in the hook_civicrm_permission implementation | |
210 | * of the given module. | |
211 | * | |
789565bf TO |
212 | * Note: At time of writing, this is only used with native extension-modules, so |
213 | * there's one, predictable calling convention (regardless of CMS). | |
214 | * | |
77b97be7 EM |
215 | * @param $module |
216 | * | |
6a488035 | 217 | * @return Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions(). |
b57fc2e3 | 218 | * @see CRM_Core_Permission::getCorePermissions |
6a488035 TO |
219 | */ |
220 | static function getModulePermissions($module) { | |
789565bf TO |
221 | $return_permissions = array(); |
222 | $fn_name = "{$module}_civicrm_permission"; | |
223 | if (function_exists($fn_name)) { | |
224 | $module_permissions = array(); | |
225 | $fn_name($module_permissions); | |
226 | $return_permissions = $module_permissions; | |
227 | } | |
228 | return $return_permissions; | |
6a488035 TO |
229 | } |
230 | ||
231 | /** | |
232 | * Get the permissions defined in the hook_civicrm_permission implementation | |
233 | * in all enabled CiviCRM module extensions. | |
234 | * | |
235 | * @return Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions(). | |
236 | */ | |
237 | function getAllModulePermissions() { | |
238 | $permissions = array(); | |
239 | CRM_Utils_Hook::permission($permissions); | |
240 | return $permissions; | |
241 | } | |
242 | } | |
243 |