| 1 | <?php |
| 2 | /* |
| 3 | +--------------------------------------------------------------------+ |
| 4 | | Copyright CiviCRM LLC. All rights reserved. | |
| 5 | | | |
| 6 | | This work is published under the GNU AGPLv3 license with some | |
| 7 | | permitted exceptions and without any warranty. For full license | |
| 8 | | and copyright information, see https://civicrm.org/licensing | |
| 9 | +--------------------------------------------------------------------+ |
| 10 | */ |
| 11 | |
| 12 | /** |
| 13 | * Decide what permissions to check for an api call |
| 14 | * |
| 15 | * @param string $entity api entity |
| 16 | * @param string $action api action |
| 17 | * @param array $params api params |
| 18 | * |
| 19 | * @return array |
| 20 | * Array of permissions to check for this entity-action combo |
| 21 | */ |
| 22 | function _civicrm_api3_permissions($entity, $action, &$params) { |
| 23 | // FIXME: Lowercase entity_names are nonstandard but difficult to fix here |
| 24 | // because this function invokes hook_civicrm_alterAPIPermissions |
| 25 | $entity = _civicrm_api_get_entity_name_from_camel($entity); |
| 26 | $permissions = CRM_Core_Permission::getEntityActionPermissions(); |
| 27 | |
| 28 | // Translate 'create' action to 'update' if id is set |
| 29 | if ($action == 'create' && (!empty($params['id']) || !empty($params[$entity . '_id']))) { |
| 30 | $action = 'update'; |
| 31 | } |
| 32 | |
| 33 | // let third parties modify the permissions |
| 34 | CRM_Utils_Hook::alterAPIPermissions($entity, $action, $params, $permissions); |
| 35 | |
| 36 | // Merge permissions for this entity with the defaults |
| 37 | $perm = CRM_Utils_Array::value($entity, $permissions, []) + $permissions['default']; |
| 38 | |
| 39 | // Return exact match if permission for this action has been declared |
| 40 | if (isset($perm[$action])) { |
| 41 | return $perm[$action]; |
| 42 | } |
| 43 | |
| 44 | // Translate specific actions into their generic equivalents |
| 45 | $action = CRM_Core_Permission::getGenericAction($action); |
| 46 | |
| 47 | return $perm[$action] ?? $perm['default']; |
| 48 | } |