projects / civicrm-core.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #4892 from colemanw/INFRA-132
[civicrm-core.git] / CRM / Core / Permission.php
CommitLineData
6a488035
TO		 1<?php
2/*
3 +--------------------------------------------------------------------+
39de6fd5 4 | CiviCRM version 4.6 |
6a488035 5 +--------------------------------------------------------------------+
06b69b18 6 | Copyright CiviCRM LLC (c) 2004-2014 |
6a488035
TO		 7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26*/
27
28/**
29 *
30 * @package CRM
06b69b18 31 * @copyright CiviCRM LLC (c) 2004-2014
6a488035
TO		 32 * $Id$
33 *
34 */
35
36/**
37 * This is the basic permission class wrapper
38 */
39class CRM_Core_Permission {
40
41 /**
42 * Static strings used to compose permissions
43 *
44 * @const
45 * @var string
46 */
7da04cde 47 const EDIT_GROUPS = 'edit contacts in ', VIEW_GROUPS = 'view contacts in ';
6a488035
TO		 48
49 /**
50 * The various type of permissions
51 *
52 * @var int
53 */
7da04cde 54 const EDIT = 1, VIEW = 2, DELETE = 3, CREATE = 4, SEARCH = 5, ALL = 6, ADMIN = 7;
6a488035 55
085823c1
TO		 56 /**
57 * A placeholder permission which always fails
58 */
59 const ALWAYS_DENY_PERMISSION = "*always deny*";
60
61 /**
62 * A placeholder permission which always fails
63 */
64 const ALWAYS_ALLOW_PERMISSION = "*always allow*";
65
6dd18b98
DS		 66 /**
67 * Various authentication sources
68 *
69 * @var int
70 */
7da04cde 71 const AUTH_SRC_UNKNOWN = 0, AUTH_SRC_CHECKSUM = 1, AUTH_SRC_SITEKEY = 2, AUTH_SRC_LOGIN = 4;
6dd18b98 72
6a488035 73 /**
100fef9d 74 * Get the current permission of this user
6a488035
TO		 75 *
76 * @return string the permission of the user (edit or view or null)
77 */
78 public static function getPermission() {
79 $config = CRM_Core_Config::singleton();
41f314b6 80 return $config->userPermissionClass->getPermission();
6a488035
TO		 81 }
82
83 /**
100fef9d 84 * Given a permission string or array, check for access requirements
6a0b768e
TO		 85 * @param mixed $permissions
86 * The permission to check as an array or string -see examples.
60ec9f43 87 * arrays
6a488035 88 *
60ec9f43
E		 89 * Ex 1
90 *
91 * Must have 'access CiviCRM'
92 * (string) 'access CiviCRM'
93 *
94 *
95 * Ex 2 Must have 'access CiviCRM' and 'access Ajax API'
96 * array('access CiviCRM', 'access Ajax API')
97 *
98 * Ex 3 Must have 'access CiviCRM' or 'access Ajax API'
99 * array(
100 * array('access CiviCRM', 'access Ajax API'),
101 * ),
102 *
103 * Ex 4 Must have 'access CiviCRM' or 'access Ajax API' AND 'access CiviEvent'
104 * array(
105 * array('access CiviCRM', 'access Ajax API'),
106 * 'access CiviEvent',
107 * ),
108 *
109 * Note that in permissions.php this is keyed by the action eg.
110 * (access Civi || access AJAX) && (access CiviEvent || access CiviContribute)
111 * 'myaction' => array(
112 * array('access CiviCRM', 'access Ajax API'),
113 * array('access CiviEvent', 'access CiviContribute')
114 * ),
6a488035
TO		 115 *
116 * @return boolean true if yes, else false
117 * @static
6a488035 118 */
00be9182 119 public static function check($permissions) {
60ec9f43
E		 120 $permissions = (array) $permissions;
121
122 foreach ($permissions as $permission) {
22e263ad 123 if (is_array($permission)) {
60ec9f43 124 foreach ($permission as $orPerm) {
22e263ad 125 if (self::check($orPerm)) {
60ec9f43
E		 126 //one of our 'or' permissions has succeeded - stop checking this permission
127 return TRUE;;
128 }
129 }
130 //none of our our conditions was met
131 return FALSE;
132 }
133 else {
22e263ad 134 if (!CRM_Core_Config::singleton()->userPermissionClass->check($permission)) {
60ec9f43
E		 135 //one of our 'and' conditions has not been met
136 return FALSE;
137 }
138 }
139 }
140 return TRUE;
6a488035
TO		 141 }
142
dc92f2f8
TO		 143 /**
144 * Determine if any one of the permissions strings applies to current user
145 *
146 * @param array $perms
147 * @return bool
148 */
149 public static function checkAnyPerm($perms) {
150 foreach ($perms as $perm) {
151 if (CRM_Core_Permission::check($perm)) {
152 return TRUE;
153 }
154 }
155 return FALSE;
156 }
157
6a488035
TO		 158 /**
159 * Given a group/role array, check for access requirements
160 *
6a0b768e
TO		 161 * @param array $array
162 * The group/role to check.
6a488035
TO		 163 *
164 * @return boolean true if yes, else false
165 * @static
6a488035 166 */
00be9182 167 public static function checkGroupRole($array) {
6a488035 168 $config = CRM_Core_Config::singleton();
41f314b6 169 return $config->userPermissionClass->checkGroupRole($array);
6a488035
TO		 170 }
171
172 /**
173 * Get the permissioned where clause for the user
174 *
6a0b768e
TO		 175 * @param int $type
176 * The type of permission needed.
177 * @param array $tables
178 * (reference ) add the tables that are needed for the select clause.
179 * @param array $whereTables
180 * (reference ) add the tables that are needed for the where clause.
6a488035
TO		 181 *
182 * @return string the group where clause for this user
6a488035
TO		 183 */
184 public static function getPermissionedStaticGroupClause($type, &$tables, &$whereTables) {
185 $config = CRM_Core_Config::singleton();
41f314b6 186 return $config->userPermissionClass->getPermissionedStaticGroupClause($type, $tables, $whereTables);
6a488035
TO		 187 }
188
189 /**
190 * Get all groups from database, filtered by permissions
191 * for this user
192 *
6a0b768e
TO		 193 * @param string $groupType
194 * Type of group(Access/Mailing).
da6b46f4 195 * @param bool|\boolen $excludeHidden exclude hidden groups.
6a488035 196 *
6a488035
TO		 197 * @static
198 *
199 * @return array - array reference of all groups.
6a488035
TO		 200 */
201 public static function group($groupType, $excludeHidden = TRUE) {
202 $config = CRM_Core_Config::singleton();
41f314b6 203 return $config->userPermissionClass->group($groupType, $excludeHidden);
6a488035
TO		 204 }
205
a0ee3941
EM		 206 /**
207 * @return bool
208 */
6a488035
TO		 209 public static function customGroupAdmin() {
210 $admin = FALSE;
211
212 // check if user has all powerful permission
213 // or administer civicrm permission (CRM-1905)
214 if (self::check('access all custom data')) {
215 return TRUE;
216 }
217
634e1a1a
DL		 218 if (
219 self::check('administer Multiple Organizations') &&
6a488035
TO		 220 self::isMultisiteEnabled()
221 ) {
222 return TRUE;
223 }
224
225 if (self::check('administer CiviCRM')) {
226 return TRUE;
227 }
228
229 return FALSE;
230 }
231
a0ee3941
EM		 232 /**
233 * @param int $type
234 * @param bool $reset
235 *
236 * @return array
237 */
6a488035 238 public static function customGroup($type = CRM_Core_Permission::VIEW, $reset = FALSE) {
41f314b6 239 $customGroups = CRM_Core_PseudoConstant::get('CRM_Core_DAO_CustomField', 'custom_group_id',
240 array('fresh' => $reset));
6a488035
TO		 241 $defaultGroups = array();
242
243 // check if user has all powerful permission
244 // or administer civicrm permission (CRM-1905)
245 if (self::customGroupAdmin()) {
246 $defaultGroups = array_keys($customGroups);
247 }
248
249 return CRM_ACL_API::group($type, NULL, 'civicrm_custom_group', $customGroups, $defaultGroups);
250 }
251
a0ee3941
EM		 252 /**
253 * @param int $type
254 * @param null $prefix
255 * @param bool $reset
256 *
257 * @return string
258 */
00be9182 259 public static function customGroupClause($type = CRM_Core_Permission::VIEW, $prefix = NULL, $reset = FALSE) {
6a488035
TO		 260 if (self::customGroupAdmin()) {
261 return ' ( 1 ) ';
262 }
263
264 $groups = self::customGroup($type, $reset);
265 if (empty($groups)) {
266 return ' ( 0 ) ';
267 }
268 else {
269 return "{$prefix}id IN ( " . implode(',', $groups) . ' ) ';
270 }
271 }
272
a0ee3941 273 /**
100fef9d 274 * @param int $gid
a0ee3941
EM		 275 * @param int $type
276 *
277 * @return bool
278 */
6a488035
TO		 279 public static function ufGroupValid($gid, $type = CRM_Core_Permission::VIEW) {
280 if (empty($gid)) {
281 return TRUE;
282 }
283
284 $groups = self::ufGroup($type);
684b0b22 285 return !empty($groups) && in_array($gid, $groups) ? TRUE : FALSE;
6a488035
TO		 286 }
287
a0ee3941
EM		 288 /**
289 * @param int $type
290 *
291 * @return array
292 */
6a488035 293 public static function ufGroup($type = CRM_Core_Permission::VIEW) {
ff4f7744 294 $ufGroups = CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id');
6a488035
TO		 295
296 $allGroups = array_keys($ufGroups);
297
298 // check if user has all powerful permission
299 if (self::check('profile listings and forms')) {
300 return $allGroups;
301 }
302
303 switch ($type) {
304 case CRM_Core_Permission::VIEW:
305 if (self::check('profile view')) {
306 return $allGroups;
307 }
308 break;
309
310 case CRM_Core_Permission::CREATE:
311 if (self::check('profile create')) {
312 return $allGroups;
313 }
314 break;
315
316 case CRM_Core_Permission::EDIT:
317 if (self::check('profile edit')) {
318 return $allGroups;
319 }
320 break;
321
322 case CRM_Core_Permission::SEARCH:
323 if (self::check('profile listings')) {
324 return $allGroups;
325 }
326 break;
327 }
328
329 return CRM_ACL_API::group($type, NULL, 'civicrm_uf_group', $ufGroups);
330 }
331
a0ee3941
EM		 332 /**
333 * @param int $type
334 * @param null $prefix
335 * @param bool $returnUFGroupIds
336 *
337 * @return array|string
338 */
00be9182 339 public static function ufGroupClause($type = CRM_Core_Permission::VIEW, $prefix = NULL, $returnUFGroupIds = FALSE) {
6a488035
TO		 340 $groups = self::ufGroup($type);
341 if ($returnUFGroupIds) {
342 return $groups;
343 }
344 elseif (empty($groups)) {
345 return ' ( 0 ) ';
346 }
347 else {
348 return "{$prefix}id IN ( " . implode(',', $groups) . ' ) ';
349 }
350 }
351
a0ee3941
EM		 352 /**
353 * @param int $type
100fef9d 354 * @param int $eventID
a0ee3941
EM		 355 * @param string $context
356 *
357 * @return array|null
358 */
e2d09ab4 359 public static function event($type = CRM_Core_Permission::VIEW, $eventID = NULL, $context = '') {
22e263ad
TO		 360 if (!empty($context)) {
361 if (CRM_Core_Permission::check($context)) {
e2d09ab4
EM		 362 return TRUE;
363 }
364 }
6a488035
TO		 365 $events = CRM_Event_PseudoConstant::event(NULL, TRUE);
366 $includeEvents = array();
367
368 // check if user has all powerful permission
369 if (self::check('register for events')) {
370 $includeEvents = array_keys($events);
371 }
372
373 if ($type == CRM_Core_Permission::VIEW &&
374 self::check('view event info')
375 ) {
376 $includeEvents = array_keys($events);
377 }
378
379 $permissionedEvents = CRM_ACL_API::group($type, NULL, 'civicrm_event', $events, $includeEvents);
380 if (!$eventID) {
381 return $permissionedEvents;
382 }
41f314b6 383 if (!empty($permissionedEvents)) {
2efcf0c2 384 return array_search($eventID, $permissionedEvents) === FALSE ? NULL : $eventID;
41f314b6 385 }
dfa720e7 386 return NULL;
6a488035
TO		 387 }
388
a0ee3941
EM		 389 /**
390 * @param int $type
391 * @param null $prefix
392 *
393 * @return string
394 */
00be9182 395 public static function eventClause($type = CRM_Core_Permission::VIEW, $prefix = NULL) {
6a488035
TO		 396 $events = self::event($type);
397 if (empty($events)) {
398 return ' ( 0 ) ';
399 }
400 else {
401 return "{$prefix}id IN ( " . implode(',', $events) . ' ) ';
402 }
403 }
404
a0ee3941
EM		 405 /**
406 * @param $module
407 * @param bool $checkPermission
408 *
409 * @return bool
410 */
00be9182 411 public static function access($module, $checkPermission = TRUE) {
6a488035
TO		 412 $config = CRM_Core_Config::singleton();
413
414 if (!in_array($module, $config->enableComponents)) {
415 return FALSE;
416 }
417
418 if ($checkPermission) {
419 if ($module == 'CiviCase') {
420 return CRM_Case_BAO_Case::accessCiviCase();
421 }
422 else {
423 return CRM_Core_Permission::check("access $module");
424 }
425 }
426
427 return TRUE;
428 }
429
430 /**
100fef9d 431 * Check permissions for delete and edit actions
6a488035 432 *
6a0b768e
TO		 433 * @param string $module
434 * Component name.
435 * @param int $action
436 * Action to be check across component.
6a488035 437 *
77b97be7
EM		 438 *
439 * @return bool
440 */
00be9182 441 public static function checkActionPermission($module, $action) {
6a488035
TO		 442 //check delete related permissions.
443 if ($action & CRM_Core_Action::DELETE) {
444 $permissionName = "delete in $module";
445 }
446 else {
447 $editPermissions = array(
448 'CiviEvent' => 'edit event participants',
449 'CiviMember' => 'edit memberships',
450 'CiviPledge' => 'edit pledges',
451 'CiviContribute' => 'edit contributions',
452 'CiviGrant' => 'edit grants',
453 'CiviMail' => 'access CiviMail',
454 'CiviAuction' => 'add auction items',
455 );
456 $permissionName = CRM_Utils_Array::value($module, $editPermissions);
457 }
458
459 if ($module == 'CiviCase' && !$permissionName) {
460 return CRM_Case_BAO_Case::accessCiviCase();
461 }
462 else {
463 //check for permission.
464 return CRM_Core_Permission::check($permissionName);
465 }
466 }
467
a0ee3941
EM		 468 /**
469 * @param $args
470 * @param string $op
471 *
472 * @return bool
473 */
00be9182 474 public static function checkMenu(&$args, $op = 'and') {
6a488035
TO		 475 if (!is_array($args)) {
476 return $args;
477 }
478 foreach ($args as $str) {
479 $res = CRM_Core_Permission::check($str);
480 if ($op == 'or' && $res) {
481 return TRUE;
482 }
483 elseif ($op == 'and' && !$res) {
484 return FALSE;
485 }
486 }
487 return ($op == 'or') ? FALSE : TRUE;
488 }
489
a0ee3941
EM		 490 /**
491 * @param $item
492 *
493 * @return bool|mixed
494 * @throws Exception
495 */
00be9182 496 public static function checkMenuItem(&$item) {
6a488035
TO		 497 if (!array_key_exists('access_callback', $item)) {
498 CRM_Core_Error::backtrace();
499 CRM_Core_Error::fatal();
500 }
501
502 // if component_id is present, ensure it is enabled
503 if (isset($item['component_id']) &&
504 $item['component_id']
505 ) {
506 $config = CRM_Core_Config::singleton();
507 if (is_array($config->enableComponentIDs) &&
508 in_array($item['component_id'], $config->enableComponentIDs)
509 ) {
510 // continue with process
511 }
512 else {
513 return FALSE;
514 }
515 }
516
517 // the following is imitating drupal 6 code in includes/menu.inc
518 if (empty($item['access_callback']) ||
519 is_numeric($item['access_callback'])
520 ) {
521 return (boolean ) $item['access_callback'];
522 }
523
524 // check whether the following Ajax requests submitted the right key
525 // FIXME: this should be integrated into ACLs proper
526 if (CRM_Utils_Array::value('page_type', $item) == 3) {
527 if (!CRM_Core_Key::validate($_REQUEST['key'], $item['path'])) {
528 return FALSE;
529 }
530 }
531
532 // check if callback is for checkMenu, if so optimize it
533 if (is_array($item['access_callback']) &&
534 $item['access_callback'][0] == 'CRM_Core_Permission' &&
535 $item['access_callback'][1] == 'checkMenu'
536 ) {
537 $op = CRM_Utils_Array::value(1, $item['access_arguments'], 'and');
538 return self::checkMenu($item['access_arguments'][0], $op);
539 }
540 else {
541 return call_user_func_array($item['access_callback'], $item['access_arguments']);
542 }
543 }
544
a0ee3941
EM		 545 /**
546 * @param bool $all
547 *
548 * @return array
549 */
00be9182 550 public static function &basicPermissions($all = FALSE) {
6a488035
TO		 551 static $permissions = NULL;
552
553 if (!$permissions) {
81bb85ea 554 $config = CRM_Core_Config::singleton();
6a488035
TO		 555 $prefix = ts('CiviCRM') . ': ';
556 $permissions = self::getCorePermissions();
557
558 if (self::isMultisiteEnabled()) {
559 $permissions['administer Multiple Organizations'] = $prefix . ts('administer Multiple Organizations');
560 }
561
6a488035
TO		 562 if (!$all) {
563 $components = CRM_Core_Component::getEnabledComponents();
564 }
565 else {
566 $components = CRM_Core_Component::getComponents();
567 }
568
569 foreach ($components as $comp) {
570 $perm = $comp->getPermissions();
571 if ($perm) {
572 $info = $comp->getInfo();
573 foreach ($perm as $p) {
574 $permissions[$p] = $info['translatedName'] . ': ' . $p;
575 }
576 }
577 }
578
579 // Add any permissions defined in hook_civicrm_permission implementations.
6a488035
TO		 580 $module_permissions = $config->userPermissionClass->getAllModulePermissions();
581 $permissions = array_merge($permissions, $module_permissions);
582 }
583
584 return $permissions;
585 }
586
a0ee3941
EM		 587 /**
588 * @return array
589 */
00be9182 590 public static function getAnonymousPermissionsWarnings() {
81bb85ea
AC		 591 static $permissions = array();
592 if (empty($permissions)) {
593 $permissions = array(
21dfd5f5 594 'administer CiviCRM',
81bb85ea
AC		 595 );
596 $components = CRM_Core_Component::getComponents();
597 foreach ($components as $comp) {
598 if (!method_exists($comp, 'getAnonymousPermissionWarnings')) {
599 continue;
600 }
601 $permissions = array_merge($permissions, $comp->getAnonymousPermissionWarnings());
602 }
603 }
604 return $permissions;
605 }
606
a0ee3941
EM		 607 /**
608 * @param $anonymous_perms
609 *
610 * @return array
611 */
00be9182 612 public static function validateForPermissionWarnings($anonymous_perms) {
81bb85ea
AC		 613 return array_intersect($anonymous_perms, self::getAnonymousPermissionsWarnings());
614 }
615
a0ee3941
EM		 616 /**
617 * @return array
618 */
00be9182 619 public static function getCorePermissions() {
6a488035
TO		 620 $prefix = ts('CiviCRM') . ': ';
621 $permissions = array(
622 'add contacts' => $prefix . ts('add contacts'),
623 'view all contacts' => $prefix . ts('view all contacts'),
624 'edit all contacts' => $prefix . ts('edit all contacts'),
aafd773a
DL		 625 'view my contact' => $prefix . ts('view my contact'),
626 'edit my contact' => $prefix . ts('edit my contact'),
6a488035
TO		 627 'delete contacts' => $prefix . ts('delete contacts'),
628 'access deleted contacts' => $prefix . ts('access deleted contacts'),
629 'import contacts' => $prefix . ts('import contacts'),
630 'edit groups' => $prefix . ts('edit groups'),
631 'administer CiviCRM' => $prefix . ts('administer CiviCRM'),
634e1a1a 632 'skip IDS check' => $prefix . ts('skip IDS check'),
6a488035
TO		 633 'access uploaded files' => $prefix . ts('access uploaded files'),
634 'profile listings and forms' => $prefix . ts('profile listings and forms'),
635 'profile listings' => $prefix . ts('profile listings'),
636 'profile create' => $prefix . ts('profile create'),
637 'profile edit' => $prefix . ts('profile edit'),
638 'profile view' => $prefix . ts('profile view'),
639 'access all custom data' => $prefix . ts('access all custom data'),
640 'view all activities' => $prefix . ts('view all activities'),
641 'delete activities' => $prefix . ts('delete activities'),
642 'access CiviCRM' => $prefix . ts('access CiviCRM'),
643 'access Contact Dashboard' => $prefix . ts('access Contact Dashboard'),
644 'translate CiviCRM' => $prefix . ts('translate CiviCRM'),
645 'administer reserved groups' => $prefix . ts('administer reserved groups'),
646 'administer Tagsets' => $prefix . ts('administer Tagsets'),
647 'administer reserved tags' => $prefix . ts('administer reserved tags'),
648 'administer dedupe rules' => $prefix . ts('administer dedupe rules'),
649 'merge duplicate contacts' => $prefix . ts('merge duplicate contacts'),
650 'view debug output' => $prefix . ts('view debug output'),
651 'view all notes' => $prefix . ts('view all notes'),
652 'access AJAX API' => $prefix . ts('access AJAX API'),
653 'access contact reference fields' => $prefix . ts('access contact reference fields'),
654 'create manual batch' => $prefix . ts('create manual batch'),
655 'edit own manual batches' => $prefix . ts('edit own manual batches'),
656 'edit all manual batches' => $prefix . ts('edit all manual batches'),
657 'view own manual batches' => $prefix . ts('view own manual batches'),
658 'view all manual batches' => $prefix . ts('view all manual batches'),
659 'delete own manual batches' => $prefix . ts('delete own manual batches'),
660 'delete all manual batches' => $prefix . ts('delete all manual batches'),
661 'export own manual batches' => $prefix . ts('export own manual batches'),
662 'export all manual batches' => $prefix . ts('export all manual batches'),
e16ce4cd 663 'administer payment processors' => $prefix . ts('administer payment processors'),
6a488035
TO		 664 );
665
666 return $permissions;
667 }
668
669 /**
670 * Validate user permission across
671 * edit or view or with supportable acls.
672 *
673 * return boolean true/false.
674 **/
00be9182 675 public static function giveMeAllACLs() {
6a488035
TO		 676 if (CRM_Core_Permission::check('view all contacts') ||
677 CRM_Core_Permission::check('edit all contacts')
678 ) {
679 return TRUE;
680 }
681
682 $session = CRM_Core_Session::singleton();
683 $contactID = $session->get('userID');
684
6a488035
TO		 685 //check for acl.
686 $aclPermission = self::getPermission();
687 if (in_array($aclPermission, array(
688 CRM_Core_Permission::EDIT,
41f314b6 689 CRM_Core_Permission::VIEW,
690 ))
691 ) {
6a488035
TO		 692 return TRUE;
693 }
694
695 // run acl where hook and see if the user is supplying an ACL clause
696 // that is not false
697 $tables = $whereTables = array();
698 $where = NULL;
699
700 CRM_Utils_Hook::aclWhereClause(CRM_Core_Permission::VIEW,
701 $tables, $whereTables,
702 $contactID, $where
703 );
704 return empty($whereTables) ? FALSE : TRUE;
705 }
706
707 /**
100fef9d 708 * Get component name from given permission.
6a488035 709 *
41f314b6 710 * @param string $permission
6a488035
TO		 711 *
712 * return string $componentName the name of component.
77b97be7
EM		 713 *
714 * @return int|null|string
6a488035
TO		 715 * @static
716 */
00be9182 717 public static function getComponentName($permission) {
6a488035
TO		 718 $componentName = NULL;
719 $permission = trim($permission);
720 if (empty($permission)) {
721 return $componentName;
722 }
723
724 static $allCompPermissions = array();
725 if (empty($allCompPermissions)) {
726 $components = CRM_Core_Component::getComponents();
727 foreach ($components as $name => $comp) {
33777e4a
PJ		 728 //get all permissions of each components unconditionally
729 $allCompPermissions[$name] = $comp->getPermissions(TRUE);
6a488035
TO		 730 }
731 }
732
733 if (is_array($allCompPermissions)) {
734 foreach ($allCompPermissions as $name => $permissions) {
735 if (in_array($permission, $permissions)) {
736 $componentName = $name;
737 break;
738 }
739 }
740 }
741
742 return $componentName;
743 }
744
745 /**
746 * Get all the contact emails for users that have a specific permission
747 *
6a0b768e
TO		 748 * @param string $permissionName
749 * Name of the permission we are interested in.
6a488035
TO		 750 *
751 * @return string a comma separated list of email addresses
752 */
753 public static function permissionEmails($permissionName) {
754 $config = CRM_Core_Config::singleton();
41f314b6 755 return $config->userPermissionClass->permissionEmails($permissionName);
6a488035
TO		 756 }
757
758 /**
759 * Get all the contact emails for users that have a specific role
760 *
6a0b768e
TO		 761 * @param string $roleName
762 * Name of the role we are interested in.
6a488035
TO		 763 *
764 * @return string a comma separated list of email addresses
765 */
766 public static function roleEmails($roleName) {
767 $config = CRM_Core_Config::singleton();
41f314b6 768 return $config->userRoleClass->roleEmails($roleName);
6a488035
TO		 769 }
770
a0ee3941
EM		 771 /**
772 * @return bool
773 */
00be9182 774 public static function isMultisiteEnabled() {
6a488035
TO		 775 return CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::MULTISITE_PREFERENCES_NAME,
776 'is_enabled'
777 ) ? TRUE : FALSE;
778 }
779}