projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #8916 from cividesk/CRM-19256-4.7
[civicrm-core.git] / CRM / Core / DAO / permissions.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.7 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2017 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 * Decide what permissions to check for an api call
30 *
31 * @param $entity : (str) api entity
32 * @param $action : (str) api action
33 * @param $params : (array) api params
34 *
35 * @return array
36 * Array of permissions to check for this entity-action combo
37 */
38 function _civicrm_api3_permissions($entity, $action, &$params) {
39 // FIXME: Lowercase entity_names are nonstandard but difficult to fix here
40 // because this function invokes hook_civicrm_alterAPIPermissions
41 $entity = _civicrm_api_get_entity_name_from_camel($entity);
42
43 /**
44 * @var array of permissions
45 *
46 * For each entity, we declare an array of permissions required for each action
47 * The action is the array key, possible values:
48 * * create: applies to create (with no id in params)
49 * * update: applies to update, setvalue, create (with id in params)
50 * * get: applies to getcount, getsingle, getvalue and other gets
51 * * delete: applies to delete, replace
52 * * meta: applies to getfields, getoptions, getspec
53 * * default: catch-all for anything not declared
54 *
55 * Note: some APIs declare other actions as well
56 *
57 * Permissions should use arrays for AND and arrays of arrays for OR
58 * @see CRM_Core_Permission::check for more documentation
59 */
60 $permissions = array();
61
62 // These are the default permissions - if any entity does not declare permissions for a given action,
63 // (or the entity does not declare permissions at all) - then the action will be used from here
64 $permissions['default'] = array(
65 // applies to getfields, getoptions, etc.
66 'meta' => array('access CiviCRM'),
67 // catch-all, applies to create, get, delete, etc.
68 // If an entity declares it's own 'default' action it will override this one
69 'default' => array('administer CiviCRM'),
70 );
71
72 // Note: Additional permissions in DynamicFKAuthorization
73 $permissions['attachment'] = array(
74 'default' => array(
75 array('access CiviCRM', 'access AJAX API'),
76 ),
77 );
78
79 // Contact permissions
80 $permissions['contact'] = array(
81 'create' => array(
82 'access CiviCRM',
83 'add contacts',
84 ),
85 'delete' => array(
86 'access CiviCRM',
87 'delete contacts',
88 ),
89 // managed by query object
90 'get' => array(),
91 // managed by _civicrm_api3_check_edit_permissions
92 'update' => array(),
93 'getquick' => array(
94 array('access CiviCRM', 'access AJAX API'),
95 ),
96 );
97
98 // CRM-16963 - Permissions for country.
99 $permissions['country'] = array(
100 'get' => array(
101 'access CiviCRM',
102 ),
103 'default' => array(
104 'administer CiviCRM',
105 ),
106 );
107
108 // Contact-related data permissions.
109 $permissions['address'] = array(
110 // get is managed by BAO::addSelectWhereClause
111 // create/delete are managed by _civicrm_api3_check_edit_permissions
112 'default' => array(),
113 );
114 $permissions['email'] = $permissions['address'];
115 $permissions['phone'] = $permissions['address'];
116 $permissions['website'] = $permissions['address'];
117 $permissions['im'] = $permissions['address'];
118 $permissions['open_i_d'] = $permissions['address'];
119
120 // Also managed by ACLs - CRM-19448
121 $permissions['entity_tag'] = array('default' => array());
122 $permissions['note'] = $permissions['entity_tag'];
123
124 // Allow non-admins to get and create tags to support tagset widget
125 // Delete is still reserved for admins
126 $permissions['tag'] = array(
127 'get' => array('access CiviCRM'),
128 'create' => array('access CiviCRM'),
129 'update' => array('access CiviCRM'),
130 );
131
132 //relationship permissions
133 $permissions['relationship'] = array(
134 // get is managed by BAO::addSelectWhereClause
135 'get' => array(),
136 'delete' => array(
137 'access CiviCRM',
138 'edit all contacts',
139 ),
140 'default' => array(
141 'access CiviCRM',
142 'edit all contacts',
143 ),
144 );
145
146 // CRM-17741 - Permissions for RelationshipType.
147 $permissions['relationship_type'] = array(
148 'get' => array(
149 'access CiviCRM',
150 ),
151 'default' => array(
152 'administer CiviCRM',
153 ),
154 );
155
156 // Activity permissions
157 $permissions['activity'] = array(
158 'delete' => array(
159 'access CiviCRM',
160 'delete activities',
161 ),
162 'get' => array(
163 'access CiviCRM',
164 // Note that view all activities is also required within the api
165 // if the id is not passed in. Where the id is passed in the activity
166 // specific check functions are used and tested.
167 ),
168 'default' => array(
169 'access CiviCRM',
170 'view all activities',
171 ),
172 );
173
174 // Case permissions
175 $permissions['case'] = array(
176 'create' => array(
177 'access CiviCRM',
178 'add cases',
179 ),
180 'delete' => array(
181 'access CiviCRM',
182 'delete in CiviCase',
183 ),
184 'default' => array(
185 // At minimum the user needs one of the following. Finer-grained access is controlled by CRM_Case_BAO_Case::addSelectWhereClause
186 array('access my cases and activities', 'access all cases and activities'),
187 ),
188 );
189 $permissions['case_contact'] = $permissions['case'];
190
191 $permissions['case_type'] = array(
192 'default' => array('administer CiviCase'),
193 'get' => array(
194 // nested array = OR
195 array('access my cases and activities', 'access all cases and activities'),
196 ),
197 );
198
199 // Campaign permissions
200 $permissions['campaign'] = array(
201 'get' => array('access CiviCRM'),
202 'default' => array(
203 // nested array = OR
204 array('administer CiviCampaign', 'manage campaign')
205 ),
206 );
207 $permissions['survey'] = $permissions['campaign'];
208
209 // Financial permissions
210 $permissions['contribution'] = array(
211 'get' => array(
212 'access CiviCRM',
213 'access CiviContribute',
214 ),
215 'delete' => array(
216 'access CiviCRM',
217 'access CiviContribute',
218 'delete in CiviContribute',
219 ),
220 'completetransaction' => array(
221 'edit contributions',
222 ),
223 'default' => array(
224 'access CiviCRM',
225 'access CiviContribute',
226 'edit contributions',
227 ),
228 );
229 $permissions['line_item'] = $permissions['contribution'];
230
231 // Payment permissions
232 $permissions['payment'] = array(
233 'get' => array(
234 'access CiviCRM',
235 'access CiviContribute',
236 ),
237 'delete' => array(
238 'access CiviCRM',
239 'access CiviContribute',
240 'delete in CiviContribute',
241 ),
242 'cancel' => array(
243 'access CiviCRM',
244 'access CiviContribute',
245 'edit contributions',
246 ),
247 'create' => array(
248 'access CiviCRM',
249 'access CiviContribute',
250 'edit contributions',
251 ),
252 'default' => array(
253 'access CiviCRM',
254 'access CiviContribute',
255 'edit contributions',
256 ),
257 );
258
259 // Custom field permissions
260 $permissions['custom_field'] = array(
261 'default' => array(
262 'administer CiviCRM',
263 'access all custom data',
264 ),
265 );
266 $permissions['custom_group'] = $permissions['custom_field'];
267
268 // Event permissions
269 $permissions['event'] = array(
270 'create' => array(
271 'access CiviCRM',
272 'access CiviEvent',
273 'edit all events',
274 ),
275 'delete' => array(
276 'access CiviCRM',
277 'access CiviEvent',
278 'delete in CiviEvent',
279 ),
280 'get' => array(
281 'access CiviCRM',
282 'access CiviEvent',
283 'view event info',
284 ),
285 'update' => array(
286 'access CiviCRM',
287 'access CiviEvent',
288 'edit all events',
289 ),
290 );
291 // Loc block is only used for events
292 $permissions['loc_block'] = $permissions['event'];
293
294 // Price sets are shared by several components, user needs access to at least one of them
295 $permissions['price_set'] = array(
296 'default' => array(
297 array('access CiviEvent', 'access CiviContribute', 'access CiviMember'),
298 ),
299 'get' => array(
300 array('access CiviCRM', 'view event info', 'make online contributions'),
301 ),
302 );
303
304 // File permissions
305 $permissions['file'] = array(
306 'default' => array(
307 'access CiviCRM',
308 'access uploaded files',
309 ),
310 );
311 $permissions['files_by_entity'] = $permissions['file'];
312
313 // Group permissions
314 $permissions['group'] = array(
315 'get' => array(
316 'access CiviCRM',
317 ),
318 'default' => array(
319 'access CiviCRM',
320 'edit groups',
321 ),
322 );
323
324 $permissions['group_nesting'] = $permissions['group'];
325 $permissions['group_organization'] = $permissions['group'];
326
327 //Group Contact permission
328 $permissions['group_contact'] = array(
329 'get' => array(
330 'access CiviCRM',
331 ),
332 'default' => array(
333 'access CiviCRM',
334 'edit all contacts',
335 ),
336 );
337
338 // CiviMail Permissions
339 $civiMailBasePerms = array(
340 // To get/preview/update, one must have least one of these perms:
341 // Mailing API implementations enforce nuances of create/approve/schedule permissions.
342 'access CiviMail',
343 'create mailings',
344 'schedule mailings',
345 'approve mailings',
346 );
347 $permissions['mailing'] = array(
348 'get' => array(
349 'access CiviCRM',
350 $civiMailBasePerms,
351 ),
352 'delete' => array(
353 'access CiviCRM',
354 $civiMailBasePerms,
355 'delete in CiviMail',
356 ),
357 'submit' => array(
358 'access CiviCRM',
359 array('access CiviMail', 'schedule mailings'),
360 ),
361 'default' => array(
362 'access CiviCRM',
363 $civiMailBasePerms,
364 ),
365 );
366 $permissions['mailing_group'] = $permissions['mailing'];
367 $permissions['mailing_job'] = $permissions['mailing'];
368 $permissions['mailing_recipients'] = $permissions['mailing'];
369
370 $permissions['mailing_a_b'] = array(
371 'get' => array(
372 'access CiviCRM',
373 'access CiviMail',
374 ),
375 'delete' => array(
376 'access CiviCRM',
377 'access CiviMail',
378 'delete in CiviMail',
379 ),
380 'submit' => array(
381 'access CiviCRM',
382 array('access CiviMail', 'schedule mailings'),
383 ),
384 'default' => array(
385 'access CiviCRM',
386 'access CiviMail',
387 ),
388 );
389
390 // Membership permissions
391 $permissions['membership'] = array(
392 'get' => array(
393 'access CiviCRM',
394 'access CiviMember',
395 ),
396 'delete' => array(
397 'access CiviCRM',
398 'access CiviMember',
399 'delete in CiviMember',
400 ),
401 'default' => array(
402 'access CiviCRM',
403 'access CiviMember',
404 'edit memberships',
405 ),
406 );
407 $permissions['membership_status'] = $permissions['membership'];
408 $permissions['membership_type'] = $permissions['membership'];
409 $permissions['membership_payment'] = array(
410 'create' => array(
411 'access CiviCRM',
412 'access CiviMember',
413 'edit memberships',
414 'access CiviContribute',
415 'edit contributions',
416 ),
417 'delete' => array(
418 'access CiviCRM',
419 'access CiviMember',
420 'delete in CiviMember',
421 'access CiviContribute',
422 'delete in CiviContribute',
423 ),
424 'get' => array(
425 'access CiviCRM',
426 'access CiviMember',
427 'access CiviContribute',
428 ),
429 'update' => array(
430 'access CiviCRM',
431 'access CiviMember',
432 'edit memberships',
433 'access CiviContribute',
434 'edit contributions',
435 ),
436 );
437
438 // Participant permissions
439 $permissions['participant'] = array(
440 'create' => array(
441 'access CiviCRM',
442 'access CiviEvent',
443 'register for events',
444 ),
445 'delete' => array(
446 'access CiviCRM',
447 'access CiviEvent',
448 'edit event participants',
449 ),
450 'get' => array(
451 'access CiviCRM',
452 'access CiviEvent',
453 'view event participants',
454 ),
455 'update' => array(
456 'access CiviCRM',
457 'access CiviEvent',
458 'edit event participants',
459 ),
460 );
461 $permissions['participant_payment'] = array(
462 'create' => array(
463 'access CiviCRM',
464 'access CiviEvent',
465 'register for events',
466 'access CiviContribute',
467 'edit contributions',
468 ),
469 'delete' => array(
470 'access CiviCRM',
471 'access CiviEvent',
472 'edit event participants',
473 'access CiviContribute',
474 'delete in CiviContribute',
475 ),
476 'get' => array(
477 'access CiviCRM',
478 'access CiviEvent',
479 'view event participants',
480 'access CiviContribute',
481 ),
482 'update' => array(
483 'access CiviCRM',
484 'access CiviEvent',
485 'edit event participants',
486 'access CiviContribute',
487 'edit contributions',
488 ),
489 );
490
491 // Pledge permissions
492 $permissions['pledge'] = array(
493 'create' => array(
494 'access CiviCRM',
495 'access CiviPledge',
496 'edit pledges',
497 ),
498 'delete' => array(
499 'access CiviCRM',
500 'access CiviPledge',
501 'delete in CiviPledge',
502 ),
503 'get' => array(
504 'access CiviCRM',
505 'access CiviPledge',
506 ),
507 'update' => array(
508 'access CiviCRM',
509 'access CiviPledge',
510 'edit pledges',
511 ),
512 );
513
514 //CRM-16777: Disable schedule reminder for user that have 'edit all events' and 'administer CiviCRM' permission.
515 $permissions['action_schedule'] = array(
516 'update' => array(
517 array(
518 'access CiviCRM',
519 'edit all events',
520 ),
521 ),
522 );
523
524 $permissions['pledge_payment'] = array(
525 'create' => array(
526 'access CiviCRM',
527 'access CiviPledge',
528 'edit pledges',
529 'access CiviContribute',
530 'edit contributions',
531 ),
532 'delete' => array(
533 'access CiviCRM',
534 'access CiviPledge',
535 'delete in CiviPledge',
536 'access CiviContribute',
537 'delete in CiviContribute',
538 ),
539 'get' => array(
540 'access CiviCRM',
541 'access CiviPledge',
542 'access CiviContribute',
543 ),
544 'update' => array(
545 'access CiviCRM',
546 'access CiviPledge',
547 'edit pledges',
548 'access CiviContribute',
549 'edit contributions',
550 ),
551 );
552
553 // Profile permissions
554 $permissions['profile'] = array(
555 'get' => array(), // the profile will take care of this
556 );
557
558 $permissions['uf_group'] = array(
559 'create' => array(
560 'access CiviCRM',
561 array(
562 'administer CiviCRM',
563 'manage event profiles',
564 ),
565 ),
566 'get' => array(
567 'access CiviCRM',
568 ),
569 'update' => array(
570 'access CiviCRM',
571 array(
572 'administer CiviCRM',
573 'manage event profiles',
574 ),
575 ),
576 );
577 $permissions['uf_field'] = $permissions['uf_join'] = $permissions['uf_group'];
578 $permissions['uf_field']['delete'] = array(
579 'access CiviCRM',
580 array(
581 'administer CiviCRM',
582 'manage event profiles',
583 ),
584 );
585 $permissions['option_value'] = $permissions['uf_group'];
586 $permissions['option_group'] = $permissions['option_value'];
587
588 $permissions['message_template'] = array(
589 'get' => array('access CiviCRM'),
590 'create' => array('edit message templates'),
591 'update' => array('edit message templates'),
592 );
593
594 // Translate 'create' action to 'update' if id is set
595 if ($action == 'create' && (!empty($params['id']) || !empty($params[$entity . '_id']))) {
596 $action = 'update';
597 }
598
599 // let third parties modify the permissions
600 CRM_Utils_Hook::alterAPIPermissions($entity, $action, $params, $permissions);
601
602 // Merge permissions for this entity with the defaults
603 $perm = CRM_Utils_Array::value($entity, $permissions, array()) + $permissions['default'];
604
605 // Return exact match if permission for this action has been declared
606 if (isset($perm[$action])) {
607 return $perm[$action];
608 }
609
610 // Translate specific actions into their generic equivalents
611 $snippet = substr($action, 0, 3);
612 if ($action == 'replace' || $snippet == 'del') {
613 // 'Replace' is a combination of get+create+update+delete; however, the permissions
614 // on each of those will be tested separately at runtime. This is just a sniff-test
615 // based on the heuristic that 'delete' tends to be the most closely guarded
616 // of the necessary permissions.
617 $action = 'delete';
618 }
619 elseif ($action == 'setvalue' || $snippet == 'upd') {
620 $action = 'update';
621 }
622 elseif ($action == 'getfields' || $action == 'getfield' || $action == 'getspec' || $action == 'getoptions') {
623 $action = 'meta';
624 }
625 elseif ($snippet == 'get') {
626 $action = 'get';
627 }
628 return isset($perm[$action]) ? $perm[$action] : $perm['default'];
629 }
630
631 # FIXME: not sure how to permission the following API 3 calls:
632 # contribution_transact (make online contributions)
633 # entity_tag_display
634 # group_contact_pending
635 # group_contact_update_status
636 # mailing_event_bounce
637 # mailing_event_click
638 # mailing_event_confirm
639 # mailing_event_forward
640 # mailing_event_open
641 # mailing_event_reply
642 # mailing_group_event_domain_unsubscribe
643 # mailing_group_event_resubscribe
644 # mailing_group_event_subscribe
645 # mailing_group_event_unsubscribe
646 # membership_status_calc
647 # survey_respondant_count