projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #8944 from totten/master-givi
[civicrm-core.git] / CRM / Core / DAO / permissions.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.7 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2016 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 * Decide what permissions to check for an api call
30 *
31 * @param $entity : (str) api entity
32 * @param $action : (str) api action
33 * @param $params : (array) api params
34 *
35 * @return array
36 * Array of permissions to check for this entity-action combo
37 */
38 function _civicrm_api3_permissions($entity, $action, &$params) {
39 // FIXME: Lowercase entity_names are nonstandard but difficult to fix here
40 // because this function invokes hook_civicrm_alterAPIPermissions
41 $entity = _civicrm_api_get_entity_name_from_camel($entity);
42
43 /**
44 * @var array of permissions
45 *
46 * For each entity, we declare an array of permissions required for each action
47 * The action is the array key, possible values:
48 * * create: applies to create (with no id in params)
49 * * update: applies to update, setvalue, create (with id in params)
50 * * get: applies to getcount, getsingle, getvalue and other gets
51 * * delete: applies to delete, replace
52 * * meta: applies to getfields, getoptions, getspec
53 * * default: catch-all for anything not declared
54 *
55 * Note: some APIs declare other actions as well
56 *
57 * Permissions should use arrays for AND and arrays of arrays for OR
58 * @see CRM_Core_Permission::check for more documentation
59 */
60 $permissions = array();
61
62 // These are the default permissions - if any entity does not declare permissions for a given action,
63 // (or the entity does not declare permissions at all) - then the action will be used from here
64 $permissions['default'] = array(
65 // applies to getfields, getoptions, etc.
66 'meta' => array('access CiviCRM'),
67 // catch-all, applies to create, get, delete, etc.
68 // If an entity declares it's own 'default' action it will override this one
69 'default' => array('administer CiviCRM'),
70 );
71
72 // Note: Additional permissions in DynamicFKAuthorization
73 $permissions['attachment'] = array(
74 'default' => array(
75 array('access CiviCRM', 'access AJAX API'),
76 ),
77 );
78
79 // Contact permissions
80 $permissions['contact'] = array(
81 'create' => array(
82 'access CiviCRM',
83 'add contacts',
84 ),
85 'delete' => array(
86 'access CiviCRM',
87 'delete contacts',
88 ),
89 // managed by query object
90 'get' => array(),
91 // managed by _civicrm_api3_check_edit_permissions
92 'update' => array(),
93 'getquick' => array(
94 array('access CiviCRM', 'access AJAX API'),
95 ),
96 );
97
98 // CRM-16963 - Permissions for country.
99 $permissions['country'] = array(
100 'get' => array(
101 'access CiviCRM',
102 ),
103 'default' => array(
104 'administer CiviCRM',
105 ),
106 );
107
108 // Contact-related data permissions.
109 $permissions['address'] = array(
110 // get is managed by BAO::addSelectWhereClause
111 // create/delete are managed by _civicrm_api3_check_edit_permissions
112 'default' => array(),
113 );
114 $permissions['email'] = $permissions['address'];
115 $permissions['phone'] = $permissions['address'];
116 $permissions['website'] = $permissions['address'];
117 $permissions['im'] = $permissions['address'];
118
119 // Also managed by ACLs - CRM-19448
120 $permissions['entity_tag'] = array('default' => array());
121 $permissions['note'] = $permissions['entity_tag'];
122
123 // Allow non-admins to get and create tags to support tagset widget
124 // Delete is still reserved for admins
125 $permissions['tag'] = array(
126 'get' => array('access CiviCRM'),
127 'create' => array('access CiviCRM'),
128 'update' => array('access CiviCRM'),
129 );
130
131 //relationship permissions
132 $permissions['relationship'] = array(
133 // get is managed by BAO::addSelectWhereClause
134 'get' => array(),
135 'delete' => array(
136 'access CiviCRM',
137 'edit all contacts',
138 ),
139 'default' => array(
140 'access CiviCRM',
141 'edit all contacts',
142 ),
143 );
144
145 // CRM-17741 - Permissions for RelationshipType.
146 $permissions['relationship_type'] = array(
147 'get' => array(
148 'access CiviCRM',
149 ),
150 'default' => array(
151 'administer CiviCRM',
152 ),
153 );
154
155 // Activity permissions
156 $permissions['activity'] = array(
157 'delete' => array(
158 'access CiviCRM',
159 'delete activities',
160 ),
161 'get' => array(
162 'access CiviCRM',
163 // Note that view all activities is also required within the api
164 // if the id is not passed in. Where the id is passed in the activity
165 // specific check functions are used and tested.
166 ),
167 'default' => array(
168 'access CiviCRM',
169 'view all activities',
170 ),
171 );
172
173 // Case permissions
174 $permissions['case'] = array(
175 'create' => array(
176 'access CiviCRM',
177 'add cases',
178 ),
179 'delete' => array(
180 'access CiviCRM',
181 'delete in CiviCase',
182 ),
183 'default' => array(
184 // At minimum the user needs one of the following. Finer-grained access is controlled by CRM_Case_BAO_Case::addSelectWhereClause
185 array('access my cases and activities', 'access all cases and activities'),
186 ),
187 );
188 $permissions['case_contact'] = $permissions['case'];
189
190 $permissions['case_type'] = array(
191 'default' => array('administer CiviCase'),
192 'get' => array(
193 // nested array = OR
194 array('access my cases and activities', 'access all cases and activities'),
195 ),
196 );
197
198 // Campaign permissions
199 $permissions['campaign'] = array(
200 'get' => array('access CiviCRM'),
201 'default' => array(
202 // nested array = OR
203 array('administer CiviCampaign', 'manage campaign')
204 ),
205 );
206 $permissions['survey'] = $permissions['campaign'];
207
208 // Financial permissions
209 $permissions['contribution'] = array(
210 'get' => array(
211 'access CiviCRM',
212 'access CiviContribute',
213 ),
214 'delete' => array(
215 'access CiviCRM',
216 'access CiviContribute',
217 'delete in CiviContribute',
218 ),
219 'completetransaction' => array(
220 'edit contributions',
221 ),
222 'default' => array(
223 'access CiviCRM',
224 'access CiviContribute',
225 'edit contributions',
226 ),
227 );
228 $permissions['line_item'] = $permissions['contribution'];
229
230 // Payment permissions
231 $permissions['payment'] = array(
232 'get' => array(
233 'access CiviCRM',
234 'access CiviContribute',
235 ),
236 'delete' => array(
237 'access CiviCRM',
238 'access CiviContribute',
239 'delete in CiviContribute',
240 ),
241 'cancel' => array(
242 'access CiviCRM',
243 'access CiviContribute',
244 'edit contributions',
245 ),
246 'create' => array(
247 'access CiviCRM',
248 'access CiviContribute',
249 'edit contributions',
250 ),
251 'default' => array(
252 'access CiviCRM',
253 'access CiviContribute',
254 'edit contributions',
255 ),
256 );
257
258 // Custom field permissions
259 $permissions['custom_field'] = array(
260 'default' => array(
261 'administer CiviCRM',
262 'access all custom data',
263 ),
264 );
265 $permissions['custom_group'] = $permissions['custom_field'];
266
267 // Event permissions
268 $permissions['event'] = array(
269 'create' => array(
270 'access CiviCRM',
271 'access CiviEvent',
272 'edit all events',
273 ),
274 'delete' => array(
275 'access CiviCRM',
276 'access CiviEvent',
277 'delete in CiviEvent',
278 ),
279 'get' => array(
280 'access CiviCRM',
281 'access CiviEvent',
282 'view event info',
283 ),
284 'update' => array(
285 'access CiviCRM',
286 'access CiviEvent',
287 'edit all events',
288 ),
289 );
290 // Loc block is only used for events
291 $permissions['loc_block'] = $permissions['event'];
292
293 // Price sets are shared by several components, user needs access to at least one of them
294 $permissions['price_set'] = array(
295 'default' => array(
296 array('access CiviEvent', 'access CiviContribute', 'access CiviMember'),
297 ),
298 'get' => array(
299 array('access CiviCRM', 'view event info', 'make online contributions'),
300 ),
301 );
302
303 // File permissions
304 $permissions['file'] = array(
305 'default' => array(
306 'access CiviCRM',
307 'access uploaded files',
308 ),
309 );
310 $permissions['files_by_entity'] = $permissions['file'];
311
312 // Group permissions
313 $permissions['group'] = array(
314 'get' => array(
315 'access CiviCRM',
316 ),
317 'default' => array(
318 'access CiviCRM',
319 'edit groups',
320 ),
321 );
322
323 $permissions['group_nesting'] = $permissions['group'];
324 $permissions['group_organization'] = $permissions['group'];
325
326 //Group Contact permission
327 $permissions['group_contact'] = array(
328 'get' => array(
329 'access CiviCRM',
330 ),
331 'default' => array(
332 'access CiviCRM',
333 'edit all contacts',
334 ),
335 );
336
337 // CiviMail Permissions
338 $civiMailBasePerms = array(
339 // To get/preview/update, one must have least one of these perms:
340 // Mailing API implementations enforce nuances of create/approve/schedule permissions.
341 'access CiviMail',
342 'create mailings',
343 'schedule mailings',
344 'approve mailings',
345 );
346 $permissions['mailing'] = array(
347 'get' => array(
348 'access CiviCRM',
349 $civiMailBasePerms,
350 ),
351 'delete' => array(
352 'access CiviCRM',
353 $civiMailBasePerms,
354 'delete in CiviMail',
355 ),
356 'submit' => array(
357 'access CiviCRM',
358 array('access CiviMail', 'schedule mailings'),
359 ),
360 'default' => array(
361 'access CiviCRM',
362 $civiMailBasePerms,
363 ),
364 );
365 $permissions['mailing_group'] = $permissions['mailing'];
366 $permissions['mailing_job'] = $permissions['mailing'];
367 $permissions['mailing_recipients'] = $permissions['mailing'];
368
369 $permissions['mailing_a_b'] = array(
370 'get' => array(
371 'access CiviCRM',
372 'access CiviMail',
373 ),
374 'delete' => array(
375 'access CiviCRM',
376 'access CiviMail',
377 'delete in CiviMail',
378 ),
379 'submit' => array(
380 'access CiviCRM',
381 array('access CiviMail', 'schedule mailings'),
382 ),
383 'default' => array(
384 'access CiviCRM',
385 'access CiviMail',
386 ),
387 );
388
389 // Membership permissions
390 $permissions['membership'] = array(
391 'get' => array(
392 'access CiviCRM',
393 'access CiviMember',
394 ),
395 'delete' => array(
396 'access CiviCRM',
397 'access CiviMember',
398 'delete in CiviMember',
399 ),
400 'default' => array(
401 'access CiviCRM',
402 'access CiviMember',
403 'edit memberships',
404 ),
405 );
406 $permissions['membership_status'] = $permissions['membership'];
407 $permissions['membership_type'] = $permissions['membership'];
408 $permissions['membership_payment'] = array(
409 'create' => array(
410 'access CiviCRM',
411 'access CiviMember',
412 'edit memberships',
413 'access CiviContribute',
414 'edit contributions',
415 ),
416 'delete' => array(
417 'access CiviCRM',
418 'access CiviMember',
419 'delete in CiviMember',
420 'access CiviContribute',
421 'delete in CiviContribute',
422 ),
423 'get' => array(
424 'access CiviCRM',
425 'access CiviMember',
426 'access CiviContribute',
427 ),
428 'update' => array(
429 'access CiviCRM',
430 'access CiviMember',
431 'edit memberships',
432 'access CiviContribute',
433 'edit contributions',
434 ),
435 );
436
437 // Participant permissions
438 $permissions['participant'] = array(
439 'create' => array(
440 'access CiviCRM',
441 'access CiviEvent',
442 'register for events',
443 ),
444 'delete' => array(
445 'access CiviCRM',
446 'access CiviEvent',
447 'edit event participants',
448 ),
449 'get' => array(
450 'access CiviCRM',
451 'access CiviEvent',
452 'view event participants',
453 ),
454 'update' => array(
455 'access CiviCRM',
456 'access CiviEvent',
457 'edit event participants',
458 ),
459 );
460 $permissions['participant_payment'] = array(
461 'create' => array(
462 'access CiviCRM',
463 'access CiviEvent',
464 'register for events',
465 'access CiviContribute',
466 'edit contributions',
467 ),
468 'delete' => array(
469 'access CiviCRM',
470 'access CiviEvent',
471 'edit event participants',
472 'access CiviContribute',
473 'delete in CiviContribute',
474 ),
475 'get' => array(
476 'access CiviCRM',
477 'access CiviEvent',
478 'view event participants',
479 'access CiviContribute',
480 ),
481 'update' => array(
482 'access CiviCRM',
483 'access CiviEvent',
484 'edit event participants',
485 'access CiviContribute',
486 'edit contributions',
487 ),
488 );
489
490 // Pledge permissions
491 $permissions['pledge'] = array(
492 'create' => array(
493 'access CiviCRM',
494 'access CiviPledge',
495 'edit pledges',
496 ),
497 'delete' => array(
498 'access CiviCRM',
499 'access CiviPledge',
500 'delete in CiviPledge',
501 ),
502 'get' => array(
503 'access CiviCRM',
504 'access CiviPledge',
505 ),
506 'update' => array(
507 'access CiviCRM',
508 'access CiviPledge',
509 'edit pledges',
510 ),
511 );
512
513 //CRM-16777: Disable schedule reminder for user that have 'edit all events' and 'administer CiviCRM' permission.
514 $permissions['action_schedule'] = array(
515 'update' => array(
516 array(
517 'access CiviCRM',
518 'edit all events',
519 ),
520 ),
521 );
522
523 $permissions['pledge_payment'] = array(
524 'create' => array(
525 'access CiviCRM',
526 'access CiviPledge',
527 'edit pledges',
528 'access CiviContribute',
529 'edit contributions',
530 ),
531 'delete' => array(
532 'access CiviCRM',
533 'access CiviPledge',
534 'delete in CiviPledge',
535 'access CiviContribute',
536 'delete in CiviContribute',
537 ),
538 'get' => array(
539 'access CiviCRM',
540 'access CiviPledge',
541 'access CiviContribute',
542 ),
543 'update' => array(
544 'access CiviCRM',
545 'access CiviPledge',
546 'edit pledges',
547 'access CiviContribute',
548 'edit contributions',
549 ),
550 );
551
552 // Profile permissions
553 $permissions['profile'] = array(
554 'get' => array(), // the profile will take care of this
555 );
556
557 $permissions['uf_group'] = array(
558 'create' => array(
559 'access CiviCRM',
560 array(
561 'administer CiviCRM',
562 'manage event profiles',
563 ),
564 ),
565 'get' => array(
566 'access CiviCRM',
567 ),
568 'update' => array(
569 'access CiviCRM',
570 array(
571 'administer CiviCRM',
572 'manage event profiles',
573 ),
574 ),
575 );
576 $permissions['uf_field'] = $permissions['uf_join'] = $permissions['uf_group'];
577 $permissions['uf_field']['delete'] = array(
578 'access CiviCRM',
579 array(
580 'administer CiviCRM',
581 'manage event profiles',
582 ),
583 );
584 $permissions['option_value'] = $permissions['uf_group'];
585 $permissions['option_group'] = $permissions['option_value'];
586
587 $permissions['message_template'] = array(
588 'get' => array('access CiviCRM'),
589 'create' => array('edit message templates'),
590 'update' => array('edit message templates'),
591 );
592
593 // Translate 'create' action to 'update' if id is set
594 if ($action == 'create' && (!empty($params['id']) || !empty($params[$entity . '_id']))) {
595 $action = 'update';
596 }
597
598 // let third parties modify the permissions
599 CRM_Utils_Hook::alterAPIPermissions($entity, $action, $params, $permissions);
600
601 // Merge permissions for this entity with the defaults
602 $perm = CRM_Utils_Array::value($entity, $permissions, array()) + $permissions['default'];
603
604 // Return exact match if permission for this action has been declared
605 if (isset($perm[$action])) {
606 return $perm[$action];
607 }
608
609 // Translate specific actions into their generic equivalents
610 $snippet = substr($action, 0, 3);
611 if ($action == 'replace' || $snippet == 'del') {
612 // 'Replace' is a combination of get+create+update+delete; however, the permissions
613 // on each of those will be tested separately at runtime. This is just a sniff-test
614 // based on the heuristic that 'delete' tends to be the most closely guarded
615 // of the necessary permissions.
616 $action = 'delete';
617 }
618 elseif ($action == 'setvalue' || $snippet == 'upd') {
619 $action = 'update';
620 }
621 elseif ($action == 'getfields' || $action == 'getfield' || $action == 'getspec' || $action == 'getoptions') {
622 $action = 'meta';
623 }
624 elseif ($snippet == 'get') {
625 $action = 'get';
626 }
627 return isset($perm[$action]) ? $perm[$action] : $perm['default'];
628 }
629
630 # FIXME: not sure how to permission the following API 3 calls:
631 # contribution_transact (make online contributions)
632 # entity_tag_display
633 # group_contact_pending
634 # group_contact_update_status
635 # mailing_event_bounce
636 # mailing_event_click
637 # mailing_event_confirm
638 # mailing_event_forward
639 # mailing_event_open
640 # mailing_event_reply
641 # mailing_group_event_domain_unsubscribe
642 # mailing_group_event_resubscribe
643 # mailing_group_event_subscribe
644 # mailing_group_event_unsubscribe
645 # membership_status_calc
646 # survey_respondant_count