3 +--------------------------------------------------------------------+
4 | Copyright CiviCRM LLC. All rights reserved. |
6 | This work is published under the GNU AGPLv3 license with some |
7 | permitted exceptions and without any warranty. For full license |
8 | and copyright information, see https://civicrm.org/licensing |
9 +--------------------------------------------------------------------+
13 * Decide what permissions to check for an api call
15 * @param string $entity api entity
16 * @param string $action api action
17 * @param array $params api params
20 * Array of permissions to check for this entity-action combo
22 function _civicrm_api3_permissions($entity, $action, &$params) {
23 // FIXME: Lowercase entity_names are nonstandard but difficult to fix here
24 // because this function invokes hook_civicrm_alterAPIPermissions
25 $entity = _civicrm_api_get_entity_name_from_camel($entity);
26 $permissions = CRM_Core_Permission
::getEntityActionPermissions();
28 // Translate 'create' action to 'update' if id is set
29 if ($action == 'create' && (!empty($params['id']) ||
!empty($params[$entity . '_id']))) {
33 // let third parties modify the permissions
34 CRM_Utils_Hook
::alterAPIPermissions($entity, $action, $params, $permissions);
36 // Merge permissions for this entity with the defaults
37 $perm = CRM_Utils_Array
::value($entity, $permissions, []) +
$permissions['default'];
39 // Return exact match if permission for this action has been declared
40 if (isset($perm[$action])) {
41 return $perm[$action];
44 // Translate specific actions into their generic equivalents
45 $action = CRM_Core_Permission
::getGenericAction($action);
47 return $perm[$action] ??
$perm['default'];
projects / civicrm-core.git / blob