3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.7 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2017 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
29 * Decide what permissions to check for an api call
31 * @param $entity : (str) api entity
32 * @param $action : (str) api action
33 * @param $params : (array) api params
36 * Array of permissions to check for this entity-action combo
38 function _civicrm_api3_permissions($entity, $action, &$params) {
39 // FIXME: Lowercase entity_names are nonstandard but difficult to fix here
40 // because this function invokes hook_civicrm_alterAPIPermissions
41 $entity = _civicrm_api_get_entity_name_from_camel($entity);
44 * @var array of permissions
46 * For each entity, we declare an array of permissions required for each action
47 * The action is the array key, possible values:
48 * * create: applies to create (with no id in params)
49 * * update: applies to update, setvalue, create (with id in params)
50 * * get: applies to getcount, getsingle, getvalue and other gets
51 * * delete: applies to delete, replace
52 * * meta: applies to getfields, getoptions, getspec
53 * * default: catch-all for anything not declared
55 * Note: some APIs declare other actions as well
57 * Permissions should use arrays for AND and arrays of arrays for OR
58 * @see CRM_Core_Permission::check for more documentation
60 $permissions = array();
62 // These are the default permissions - if any entity does not declare permissions for a given action,
63 // (or the entity does not declare permissions at all) - then the action will be used from here
64 $permissions['default'] = array(
65 // applies to getfields, getoptions, etc.
66 'meta' => array('access CiviCRM'),
67 // catch-all, applies to create, get, delete, etc.
68 // If an entity declares it's own 'default' action it will override this one
69 'default' => array('administer CiviCRM'),
72 // Note: Additional permissions in DynamicFKAuthorization
73 $permissions['attachment'] = array(
75 array('access CiviCRM', 'access AJAX API'),
79 // Contact permissions
80 $permissions['contact'] = array(
89 // managed by query object
91 // managed by _civicrm_api3_check_edit_permissions
94 array('access CiviCRM', 'access AJAX API'),
98 // CRM-16963 - Permissions for country.
99 $permissions['country'] = array(
104 'administer CiviCRM',
108 // Contact-related data permissions.
109 $permissions['address'] = array(
110 // get is managed by BAO::addSelectWhereClause
111 // create/delete are managed by _civicrm_api3_check_edit_permissions
112 'default' => array(),
114 $permissions['email'] = $permissions['address'];
115 $permissions['phone'] = $permissions['address'];
116 $permissions['website'] = $permissions['address'];
117 $permissions['im'] = $permissions['address'];
118 $permissions['open_i_d'] = $permissions['address'];
120 // Also managed by ACLs - CRM-19448
121 $permissions['entity_tag'] = array('default' => array());
122 $permissions['note'] = $permissions['entity_tag'];
124 // Allow non-admins to get and create tags to support tagset widget
125 // Delete is still reserved for admins
126 $permissions['tag'] = array(
127 'get' => array('access CiviCRM'),
128 'create' => array('access CiviCRM'),
129 'update' => array('access CiviCRM'),
132 //relationship permissions
133 $permissions['relationship'] = array(
134 // get is managed by BAO::addSelectWhereClause
146 // CRM-17741 - Permissions for RelationshipType.
147 $permissions['relationship_type'] = array(
152 'administer CiviCRM',
156 // Activity permissions
157 $permissions['activity'] = array(
164 // Note that view all activities is also required within the api
165 // if the id is not passed in. Where the id is passed in the activity
166 // specific check functions are used and tested.
170 'view all activities',
175 $permissions['case'] = array(
182 'delete in CiviCase',
185 // At minimum the user needs one of the following. Finer-grained access is controlled by CRM_Case_BAO_Case::addSelectWhereClause
186 array('access my cases and activities', 'access all cases and activities'),
189 $permissions['case_contact'] = $permissions['case'];
191 $permissions['case_type'] = array(
192 'default' => array('administer CiviCase'),
195 array('access my cases and activities', 'access all cases and activities'),
199 // Campaign permissions
200 $permissions['campaign'] = array(
201 'get' => array('access CiviCRM'),
204 array('administer CiviCampaign', 'manage campaign')
207 $permissions['survey'] = $permissions['campaign'];
209 // Financial permissions
210 $permissions['contribution'] = array(
213 'access CiviContribute',
217 'access CiviContribute',
218 'delete in CiviContribute',
220 'completetransaction' => array(
221 'edit contributions',
225 'access CiviContribute',
226 'edit contributions',
229 $permissions['line_item'] = $permissions['contribution'];
231 // Payment permissions
232 $permissions['payment'] = array(
235 'access CiviContribute',
239 'access CiviContribute',
240 'delete in CiviContribute',
244 'access CiviContribute',
245 'edit contributions',
249 'access CiviContribute',
250 'edit contributions',
254 'access CiviContribute',
255 'edit contributions',
259 // Custom field permissions
260 $permissions['custom_field'] = array(
262 'administer CiviCRM',
263 'access all custom data',
266 $permissions['custom_group'] = $permissions['custom_field'];
269 $permissions['event'] = array(
278 'delete in CiviEvent',
291 // Loc block is only used for events
292 $permissions['loc_block'] = $permissions['event'];
294 // Price sets are shared by several components, user needs access to at least one of them
295 $permissions['price_set'] = array(
297 array('access CiviEvent', 'access CiviContribute', 'access CiviMember'),
300 array('access CiviCRM', 'view event info', 'make online contributions'),
305 $permissions['file'] = array(
308 'access uploaded files',
311 $permissions['files_by_entity'] = $permissions['file'];
314 $permissions['group'] = array(
324 $permissions['group_nesting'] = $permissions['group'];
325 $permissions['group_organization'] = $permissions['group'];
327 //Group Contact permission
328 $permissions['group_contact'] = array(
338 // CiviMail Permissions
339 $civiMailBasePerms = array(
340 // To get/preview/update, one must have least one of these perms:
341 // Mailing API implementations enforce nuances of create/approve/schedule permissions.
347 $permissions['mailing'] = array(
355 'delete in CiviMail',
359 array('access CiviMail', 'schedule mailings'),
366 $permissions['mailing_group'] = $permissions['mailing'];
367 $permissions['mailing_job'] = $permissions['mailing'];
368 $permissions['mailing_recipients'] = $permissions['mailing'];
370 $permissions['mailing_a_b'] = array(
378 'delete in CiviMail',
382 array('access CiviMail', 'schedule mailings'),
390 // Membership permissions
391 $permissions['membership'] = array(
399 'delete in CiviMember',
407 $permissions['membership_status'] = $permissions['membership'];
408 $permissions['membership_type'] = $permissions['membership'];
409 $permissions['membership_payment'] = array(
414 'access CiviContribute',
415 'edit contributions',
420 'delete in CiviMember',
421 'access CiviContribute',
422 'delete in CiviContribute',
427 'access CiviContribute',
433 'access CiviContribute',
434 'edit contributions',
438 // Participant permissions
439 $permissions['participant'] = array(
443 'register for events',
448 'edit event participants',
453 'view event participants',
458 'edit event participants',
461 $permissions['participant_payment'] = array(
465 'register for events',
466 'access CiviContribute',
467 'edit contributions',
472 'edit event participants',
473 'access CiviContribute',
474 'delete in CiviContribute',
479 'view event participants',
480 'access CiviContribute',
485 'edit event participants',
486 'access CiviContribute',
487 'edit contributions',
491 // Pledge permissions
492 $permissions['pledge'] = array(
501 'delete in CiviPledge',
514 //CRM-16777: Disable schedule reminder for user that have 'edit all events' and 'administer CiviCRM' permission.
515 $permissions['action_schedule'] = array(
524 $permissions['pledge_payment'] = array(
529 'access CiviContribute',
530 'edit contributions',
535 'delete in CiviPledge',
536 'access CiviContribute',
537 'delete in CiviContribute',
542 'access CiviContribute',
548 'access CiviContribute',
549 'edit contributions',
553 // Profile permissions
554 $permissions['profile'] = array(
555 'get' => array(), // the profile will take care of this
558 $permissions['uf_group'] = array(
562 'administer CiviCRM',
563 'manage event profiles',
572 'administer CiviCRM',
573 'manage event profiles',
577 $permissions['uf_field'] = $permissions['uf_join'] = $permissions['uf_group'];
578 $permissions['uf_field']['delete'] = array(
581 'administer CiviCRM',
582 'manage event profiles',
585 $permissions['option_value'] = $permissions['uf_group'];
586 $permissions['option_group'] = $permissions['option_value'];
588 $permissions['message_template'] = array(
589 'get' => array('access CiviCRM'),
590 'create' => array('edit message templates'),
591 'update' => array('edit message templates'),
594 // Translate 'create' action to 'update' if id is set
595 if ($action == 'create' && (!empty($params['id']) ||
!empty($params[$entity . '_id']))) {
599 // let third parties modify the permissions
600 CRM_Utils_Hook
::alterAPIPermissions($entity, $action, $params, $permissions);
602 // Merge permissions for this entity with the defaults
603 $perm = CRM_Utils_Array
::value($entity, $permissions, array()) +
$permissions['default'];
605 // Return exact match if permission for this action has been declared
606 if (isset($perm[$action])) {
607 return $perm[$action];
610 // Translate specific actions into their generic equivalents
611 $snippet = substr($action, 0, 3);
612 if ($action == 'replace' ||
$snippet == 'del') {
613 // 'Replace' is a combination of get+create+update+delete; however, the permissions
614 // on each of those will be tested separately at runtime. This is just a sniff-test
615 // based on the heuristic that 'delete' tends to be the most closely guarded
616 // of the necessary permissions.
619 elseif ($action == 'setvalue' ||
$snippet == 'upd') {
622 elseif ($action == 'getfields' ||
$action == 'getfield' ||
$action == 'getspec' ||
$action == 'getoptions') {
625 elseif ($snippet == 'get') {
628 return isset($perm[$action]) ?
$perm[$action] : $perm['default'];
631 # FIXME: not sure how to permission the following API 3 calls:
632 # contribution_transact (make online contributions)
634 # group_contact_pending
635 # group_contact_update_status
636 # mailing_event_bounce
637 # mailing_event_click
638 # mailing_event_confirm
639 # mailing_event_forward
641 # mailing_event_reply
642 # mailing_group_event_domain_unsubscribe
643 # mailing_group_event_resubscribe
644 # mailing_group_event_subscribe
645 # mailing_group_event_unsubscribe
646 # membership_status_calc
647 # survey_respondant_count