Commit | Line | Data |
---|---|---|
b30f1c8f TO |
1 | <?php |
2 | namespace Civi\Api4; | |
3 | ||
4 | /** | |
5 | * OAuthSysToken entity. | |
6 | * | |
7 | * Provided by the OAuth Client extension. | |
8 | * | |
9 | * @package Civi\Api4 | |
10 | */ | |
11 | class OAuthSysToken extends Generic\DAOEntity { | |
12 | ||
bc529d99 TO |
13 | /** |
14 | * Load and conditionally refresh a stored token. | |
15 | * | |
16 | * @param bool $checkPermissions | |
17 | * @return \Civi\Api4\Action\OAuthSysToken\Refresh | |
18 | */ | |
19 | public static function refresh($checkPermissions = TRUE) { | |
20 | $action = new \Civi\Api4\Action\OAuthSysToken\Refresh(static::class, __FUNCTION__); | |
21 | return $action->setCheckPermissions($checkPermissions); | |
22 | } | |
23 | ||
b30f1c8f TO |
24 | public static function permissions() { |
25 | return [ | |
26 | 'meta' => ['access CiviCRM'], | |
27 | 'default' => ['manage OAuth client'], | |
28 | 'delete' => ['manage OAuth client'], | |
29 | 'get' => ['manage OAuth client'], | |
bc529d99 | 30 | 'refresh' => ['manage OAuth client'], |
b30f1c8f TO |
31 | 'create' => ['manage OAuth client secrets'], |
32 | 'update' => ['manage OAuth client secrets'], | |
33 | // In theory, there might be cases to 'create' or 'update' an OAuthSysToken | |
34 | // without access to its secrets, but you should think through the | |
35 | // lifecycle/errors/permissions. For now, easier to limit 'create'/update'. | |
36 | ]; | |
37 | } | |
38 | ||
39 | } |