CRM/Core/DAO/permissions.php

   1 <?php
   2 /*
   3  +--------------------------------------------------------------------+
   4  | CiviCRM version 4.6                                                |
   5  +--------------------------------------------------------------------+
   6  | Copyright CiviCRM LLC (c) 2004-2014                                |
   7  +--------------------------------------------------------------------+
   8  | This file is a part of CiviCRM.                                    |
   9  |                                                                    |
  10  | CiviCRM is free software; you can copy, modify, and distribute it  |
  11  | under the terms of the GNU Affero General Public License           |
  12  | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
  13  |                                                                    |
  14  | CiviCRM is distributed in the hope that it will be useful, but     |
  15  | WITHOUT ANY WARRANTY; without even the implied warranty of         |
  16  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
  17  | See the GNU Affero General Public License for more details.        |
  18  |                                                                    |
  19  | You should have received a copy of the GNU Affero General Public   |
  20  | License and the CiviCRM Licensing Exception along                  |
  21  | with this program; if not, contact CiviCRM LLC                     |
  22  | at info[AT]civicrm[DOT]org. If you have questions about the        |
  23  | GNU Affero General Public License or the licensing of CiviCRM,     |
  24  | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
  25  +--------------------------------------------------------------------+
  26  */
  27
  28 /**
  29  * Decide what permissions to check for an api call
  30  * The contact must have all of the returned permissions for the api call to be allowed
  31  *
  32  * @param $entity : (str) api entity
  33  * @param $action : (str) api action
  34  * @param $params : (array) api params
  35  *
  36  * @return array
  37  *   Array of permissions to check for this entity-action combo
  38  */
  39 function _civicrm_api3_permissions($entity, $action, &$params) {
  40   // FIXME: Lowercase entity_names are nonstandard but difficult to fix here
  41   // because this function invokes hook_civicrm_alterAPIPermissions
  42   $entity = _civicrm_api_get_entity_name_from_camel($entity);
  43
  44   /**
  45    * @var array of permissions
  46    *
  47    * For each entity, we declare an array of permissions required for each action
  48    * The action is the array key, possible values:
  49    *  * create: applies to create (with no id in params)
  50    *  * update: applies to update, setvalue, create (with id in params)
  51    *  * get: applies to getcount, getsingle, getvalue and other gets
  52    *  * delete: applies to delete, replace
  53    *  * meta: applies to getfields, getoptions, getspec
  54    *  * default: catch-all for anything not declared
  55    *
  56    *  Note: some APIs declare other actions as well
  57    */
  58   $permissions = array();
  59
  60   // These are the default permissions - if any entity does not declare permissions for a given action,
  61   // (or the entity does not declare permissions at all) - then the action will be used from here
  62   $permissions['default'] = array(
  63     // applies to getfields, getoptions, etc.
  64     'meta' => array('access CiviCRM'),
  65     // catch-all, applies to create, get, delete, etc.
  66     // If an entity declares it's own 'default' action it will override this one
  67     'default' => array('administer CiviCRM'),
  68   );
  69
  70   // Note: Additional permissions in DynamicFKAuthorization
  71   $permissions['attachment'] = array(
  72     'default' => array(
  73       array('access CiviCRM', 'access AJAX API'),
  74     ),
  75   );
  76
  77   // Contact permissions
  78   $permissions['contact'] = array(
  79     'create' => array(
  80       'access CiviCRM',
  81       'add contacts',
  82     ),
  83     'delete' => array(
  84       'access CiviCRM',
  85       'delete contacts',
  86     ),
  87     // managed by query object
  88     'get' => array(),
  89     'update' => array(
  90       'access CiviCRM',
  91       'edit all contacts',
  92     ),
  93     'getquick' => array(
  94       array('access CiviCRM', 'access AJAX API'),
  95     ),
  96   );
  97
  98   // Contact-related data permissions.
  99   // CRM-14094 - Users can edit and delete contact-related objects using inline edit with 'edit all contacts' permission
 100   $permissions['address'] = array(
 101     'get' => array(
 102       'access CiviCRM',
 103       'view all contacts',
 104     ),
 105     'default' => array(
 106       'access CiviCRM',
 107       'edit all contacts',
 108     ),
 109   );
 110   $permissions['email'] = $permissions['address'];
 111   $permissions['phone'] = $permissions['address'];
 112   $permissions['website'] = $permissions['address'];
 113   $permissions['im'] = $permissions['address'];
 114   $permissions['loc_block'] = $permissions['address'];
 115   $permissions['entity_tag'] = $permissions['address'];
 116   $permissions['note'] = $permissions['address'];
 117
 118   //relationship permissions
 119   $permissions['relationship'] = array(
 120     'get' => array(
 121       'access CiviCRM',
 122       'view all contacts',
 123     ),
 124     'delete' => array(
 125       'access CiviCRM',
 126       'delete contacts',
 127     ),
 128     'default' => array(
 129       'access CiviCRM',
 130       'edit all contacts',
 131     ),
 132   );
 133
 134   // Activity permissions
 135   $permissions['activity'] = array(
 136     'delete' => array(
 137       'access CiviCRM',
 138       'delete activities',
 139     ),
 140     'default' => array(
 141       'access CiviCRM',
 142       'view all activities',
 143     ),
 144   );
 145
 146   // Case permissions
 147   $permissions['case'] = array(
 148     'create' => array(
 149       'access CiviCRM',
 150       'add cases',
 151     ),
 152     'delete' => array(
 153       'access CiviCRM',
 154       'delete in CiviCase',
 155     ),
 156     'default' => array(
 157       'access CiviCRM',
 158       'access all cases and activities',
 159     ),
 160   );
 161
 162   // Financial permissions
 163   $permissions['contribution'] = array(
 164     'get' => array(
 165       'access CiviCRM',
 166       'access CiviContribute',
 167     ),
 168     'delete' => array(
 169       'access CiviCRM',
 170       'access CiviContribute',
 171       'delete in CiviContribute',
 172     ),
 173     'completetransaction' => array(
 174       'edit contributions',
 175     ),
 176     'default' => array(
 177       'access CiviCRM',
 178       'access CiviContribute',
 179       'edit contributions',
 180     ),
 181   );
 182   $permissions['line_item'] = $permissions['contribution'];
 183
 184   // Custom field permissions
 185   $permissions['custom_field'] = array(
 186     'default' => array(
 187       'administer CiviCRM',
 188       'access all custom data',
 189     ),
 190   );
 191   $permissions['custom_group'] = $permissions['custom_field'];
 192
 193   // Event permissions
 194   $permissions['event'] = array(
 195     'create' => array(
 196       'access CiviCRM',
 197       'access CiviEvent',
 198       'edit all events',
 199     ),
 200     'delete' => array(
 201       'access CiviCRM',
 202       'access CiviEvent',
 203       'delete in CiviEvent',
 204     ),
 205     'get' => array(
 206       'access CiviCRM',
 207       'access CiviEvent',
 208       'view event info',
 209     ),
 210     'update' => array(
 211       'access CiviCRM',
 212       'access CiviEvent',
 213       'edit all events',
 214     ),
 215   );
 216
 217   // File permissions
 218   $permissions['file'] = array(
 219     'default' => array(
 220       'access CiviCRM',
 221       'access uploaded files',
 222     ),
 223   );
 224   $permissions['files_by_entity'] = $permissions['file'];
 225
 226   // Group permissions
 227   $permissions['group'] = array(
 228     'get' => array(
 229       'access CiviCRM',
 230     ),
 231     'default' => array(
 232       'access CiviCRM',
 233       'edit groups',
 234     ),
 235   );
 236   $permissions['group_contact'] = $permissions['group'];
 237   $permissions['group_nesting'] = $permissions['group'];
 238   $permissions['group_organization'] = $permissions['group'];
 239
 240   // CiviMail Permissions
 241   $permissions['mailing'] = array(
 242     'get' => array(
 243       'access CiviCRM',
 244       'access CiviMail',
 245     ),
 246     'delete' => array(
 247       'access CiviCRM',
 248       'access CiviMail',
 249       'delete in CiviMail',
 250     ),
 251     'default' => array(
 252       'access CiviCRM',
 253       'access CiviMail',
 254     ),
 255   );
 256   $permissions['mailing_a_b'] = $permissions['mailing'];
 257   $permissions['mailing_group'] = $permissions['mailing'];
 258   $permissions['mailing_job'] = $permissions['mailing'];
 259   $permissions['mailing_recipients'] = $permissions['mailing'];
 260
 261   // Membership permissions
 262   $permissions['membership'] = array(
 263     'get' => array(
 264       'access CiviCRM',
 265       'access CiviMember',
 266     ),
 267     'delete' => array(
 268       'access CiviCRM',
 269       'access CiviMember',
 270       'delete in CiviMember',
 271     ),
 272     'default' => array(
 273       'access CiviCRM',
 274       'access CiviMember',
 275       'edit memberships',
 276     ),
 277   );
 278   $permissions['membership_status'] = $permissions['membership'];
 279   $permissions['membership_type'] = $permissions['membership'];
 280   $permissions['membership_payment'] = array(
 281     'create' => array(
 282       'access CiviCRM',
 283       'access CiviMember',
 284       'edit memberships',
 285       'access CiviContribute',
 286       'edit contributions',
 287     ),
 288     'delete' => array(
 289       'access CiviCRM',
 290       'access CiviMember',
 291       'delete in CiviMember',
 292       'access CiviContribute',
 293       'delete in CiviContribute',
 294     ),
 295     'get' => array(
 296       'access CiviCRM',
 297       'access CiviMember',
 298       'access CiviContribute',
 299     ),
 300     'update' => array(
 301       'access CiviCRM',
 302       'access CiviMember',
 303       'edit memberships',
 304       'access CiviContribute',
 305       'edit contributions',
 306     ),
 307   );
 308
 309   // Participant permissions
 310   $permissions['participant'] = array(
 311     'create' => array(
 312       'access CiviCRM',
 313       'access CiviEvent',
 314       'register for events',
 315     ),
 316     'delete' => array(
 317       'access CiviCRM',
 318       'access CiviEvent',
 319       'edit event participants',
 320     ),
 321     'get' => array(
 322       'access CiviCRM',
 323       'access CiviEvent',
 324       'view event participants',
 325     ),
 326     'update' => array(
 327       'access CiviCRM',
 328       'access CiviEvent',
 329       'edit event participants',
 330     ),
 331   );
 332   $permissions['participant_payment'] = array(
 333     'create' => array(
 334       'access CiviCRM',
 335       'access CiviEvent',
 336       'register for events',
 337       'access CiviContribute',
 338       'edit contributions',
 339     ),
 340     'delete' => array(
 341       'access CiviCRM',
 342       'access CiviEvent',
 343       'edit event participants',
 344       'access CiviContribute',
 345       'delete in CiviContribute',
 346     ),
 347     'get' => array(
 348       'access CiviCRM',
 349       'access CiviEvent',
 350       'view event participants',
 351       'access CiviContribute',
 352     ),
 353     'update' => array(
 354       'access CiviCRM',
 355       'access CiviEvent',
 356       'edit event participants',
 357       'access CiviContribute',
 358       'edit contributions',
 359     ),
 360   );
 361
 362   // Pledge permissions
 363   $permissions['pledge'] = array(
 364     'create' => array(
 365       'access CiviCRM',
 366       'access CiviPledge',
 367       'edit pledges',
 368     ),
 369     'delete' => array(
 370       'access CiviCRM',
 371       'access CiviPledge',
 372       'delete in CiviPledge',
 373     ),
 374     'get' => array(
 375       'access CiviCRM',
 376       'access CiviPledge',
 377     ),
 378     'update' => array(
 379       'access CiviCRM',
 380       'access CiviPledge',
 381       'edit pledges',
 382     ),
 383   );
 384   $permissions['pledge_payment'] = array(
 385     'create' => array(
 386       'access CiviCRM',
 387       'access CiviPledge',
 388       'edit pledges',
 389       'access CiviContribute',
 390       'edit contributions',
 391     ),
 392     'delete' => array(
 393       'access CiviCRM',
 394       'access CiviPledge',
 395       'delete in CiviPledge',
 396       'access CiviContribute',
 397       'delete in CiviContribute',
 398     ),
 399     'get' => array(
 400       'access CiviCRM',
 401       'access CiviPledge',
 402       'access CiviContribute',
 403     ),
 404     'update' => array(
 405       'access CiviCRM',
 406       'access CiviPledge',
 407       'edit pledges',
 408       'access CiviContribute',
 409       'edit contributions',
 410     ),
 411   );
 412
 413   // Profile permissions
 414   $permissions['profile'] = array(
 415     'get' => array(), // the profile will take care of this
 416   );
 417
 418   $permissions['uf_group'] = array(
 419     'get' => array(
 420       'access CiviCRM',
 421     ),
 422   );
 423   $permissions['uf_field'] = $permissions['uf_group'];
 424   $permissions['option_value'] = $permissions['uf_group'];
 425   $permissions['option_group'] = $permissions['option_value'];
 426
 427   // Translate 'create' action to 'update' if id is set
 428   if ($action == 'create' && (!empty($params['id']) || !empty($params[$entity . '_id']))) {
 429     $action = 'update';
 430   }
 431
 432   // let third parties modify the permissions
 433   CRM_Utils_Hook::alterAPIPermissions($entity, $action, $params, $permissions);
 434
 435   // Merge permissions for this entity with the defaults
 436   $perm = CRM_Utils_Array::value($entity, $permissions, array()) + $permissions['default'];
 437
 438   // Return exact match if permission for this action has been declared
 439   if (isset($perm[$action])) {
 440     return $perm[$action];
 441   }
 442
 443   // Translate specific actions into their generic equivalents
 444   $snippet = substr($action, 0, 3);
 445   if ($action == 'replace' || $snippet == 'del') {
 446     // 'Replace' is a combination of get+create+update+delete; however, the permissions
 447     // on each of those will be tested separately at runtime. This is just a sniff-test
 448     // based on the heuristic that 'delete' tends to be the most closesly guarded
 449     // of the necessary permissions.
 450     $action = 'delete';
 451   }
 452   elseif ($action == 'setvalue' || $snippet == 'upd') {
 453     $action = 'update';
 454   }
 455   elseif ($action == 'getfields' || $action == 'getspec' || $action == 'getoptions') {
 456     $action = 'meta';
 457   }
 458   elseif ($snippet == 'get') {
 459     $action = 'get';
 460   }
 461   return isset($perm[$action]) ? $perm[$action] : $perm['default'];
 462 }
 463
 464 # FIXME: not sure how to permission the following API 3 calls:
 465 # contribution_transact (make online contributions)
 466 # entity_tag_display
 467 # group_contact_pending
 468 # group_contact_update_status
 469 # mailing_event_bounce
 470 # mailing_event_click
 471 # mailing_event_confirm
 472 # mailing_event_forward
 473 # mailing_event_open
 474 # mailing_event_reply
 475 # mailing_group_event_domain_unsubscribe
 476 # mailing_group_event_resubscribe
 477 # mailing_group_event_subscribe
 478 # mailing_group_event_unsubscribe
 479 # membership_status_calc
 480 # survey_respondant_count