3 +--------------------------------------------------------------------+
4 | Copyright CiviCRM LLC. All rights reserved. |
6 | This work is published under the GNU AGPLv3 license with some |
7 | permitted exceptions and without any warranty. For full license |
8 | and copyright information, see https://civicrm.org/licensing |
9 +--------------------------------------------------------------------+
15 * @copyright CiviCRM LLC https://civicrm.org/licensing
19 * Trait for with entities with an entity_table + entity_id dynamic FK.
21 trait CRM_Core_DynamicFKAccessTrait
{
24 * @param string $entityName
25 * @param string $action
26 * @param array $record
29 * @see CRM_Core_DAO::checkAccess
31 public static function _checkAccess(string $entityName, string $action, array $record, int $userID): bool {
32 $eid = $record['entity_id'] ??
NULL;
33 $table = $record['entity_table'] ??
NULL;
34 if (!$eid && !empty($record['id'])) {
35 $eid = CRM_Core_DAO
::getFieldValue(__CLASS__
, $record['id'], 'entity_id');
37 if ($eid && !$table && !empty($record['id'])) {
38 $table = CRM_Core_DAO
::getFieldValue(__CLASS__
, $record['id'], 'entity_table');
41 $targetEntity = CRM_Core_DAO_AllCoreTables
::getEntityNameForTable($table);
42 if ($targetEntity === NULL) {
43 throw new \
API_Exception(sprintf('Cannot resolve permissions for dynamic foreign key in "%s". Invalid table reference "%s".',
44 static::getTableName(), $table));
46 return \Civi\Api4\Utils\CoreUtil
::checkAccessDelegated($targetEntity, 'update', ['id' => $eid], $userID);