3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2014 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
31 * @copyright CiviCRM LLC (c) 2004-2014
39 class CRM_Core_Permission_Base
{
41 // permission mapping to stub check() calls
42 public $permissions = NULL;
45 * Translate permission
48 * @param string $nativePrefix
50 * Array($portableName => $nativeName).
52 * @internal param string $name e.g. "administer CiviCRM", "cms:access user record", "Drupal:administer content", "Joomla:action:com_asset"
53 * @return NULL|string a permission name
55 public function translatePermission($perm, $nativePrefix, $map) {
56 list ($civiPrefix, $name) = CRM_Utils_String
::parsePrefix(':', $perm, NULL);
57 switch ($civiPrefix) {
59 return $name; // pass through
61 return CRM_Utils_Array
::value($name, $map, CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
);
65 return CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
;
70 * Get the current permission of this user
72 * @return string the permission of the user (edit or view or null)
74 public function getPermission() {
75 return CRM_Core_Permission
::EDIT
;
79 * Get the permissioned where clause for the user
82 * The type of permission needed.
83 * @param array $tables
84 * (reference ) add the tables that are needed for the select clause.
85 * @param array $whereTables
86 * (reference ) add the tables that are needed for the where clause.
88 * @return string the group where clause for this user
90 public function whereClause($type, &$tables, &$whereTables) {
94 * Get the permissioned where clause for the user when trying to see groups
97 * The type of permission needed.
98 * @param array $tables
99 * (reference ) add the tables that are needed for the select clause.
100 * @param array $whereTables
101 * (reference ) add the tables that are needed for the where clause.
103 * @return string the group where clause for this user
105 public function getPermissionedStaticGroupClause($type, &$tables, &$whereTables) {
107 return $this->groupClause($type, $tables, $whereTables);
111 * Get all groups from database, filtered by permissions
114 * @param string $groupType
115 * Type of group(Access/Mailing).
116 * @param bool|\boolen $excludeHidden exclude hidden groups.
119 * @return array - array reference of all groups.
121 public function group($groupType = NULL, $excludeHidden = TRUE) {
122 return CRM_Core_PseudoConstant
::allGroup($groupType, $excludeHidden);
126 * Get group clause for this user
129 * The type of permission needed.
130 * @param array $tables
131 * (reference ) add the tables that are needed for the select clause.
132 * @param array $whereTables
133 * (reference ) add the tables that are needed for the where clause.
135 * @return string the group where clause for this user
137 public function groupClause($type, &$tables, &$whereTables) {
142 * Given a permission string, check for access requirements
145 * The permission to check.
147 * @return boolean true if yes, else false
150 public function check($str) {
151 //no default behaviour
155 * Given a roles array, check for access requirements
157 * @param array $array
158 * The roles to check.
160 * @return boolean true if yes, else false
163 public function checkGroupRole($array) {
168 * Get all the contact emails for users that have a specific permission
170 * @param string $permissionName
171 * Name of the permission we are interested in.
173 * @return string a comma separated list of email addresses
175 public function permissionEmails($permissionName) {
176 CRM_Core_Error
::fatal("this function only works in Drupal 6 at the moment");
180 * Get all the contact emails for users that have a specific role
182 * @param string $roleName
183 * Name of the role we are interested in.
185 * @return string a comma separated list of email addresses
187 public function roleEmails($roleName) {
188 CRM_Core_Error
::fatal("this function only works in Drupal 6 at the moment");
192 * Determine whether the permission store allows us to store
193 * a list of permissions generated dynamically (eg by
194 * hook_civicrm_permissions.)
198 public function isModulePermissionSupported() {
203 * Ensure that the CMS supports all the permissions defined by CiviCRM
204 * and its extensions. If there are stale permissions, they should be
205 * deleted. This is useful during module upgrade when the newer module
206 * version has removed permission that were defined in the older version.
208 * @param array $permissions
209 * Same format as CRM_Core_Permission::getCorePermissions().
211 * @throws CRM_Core_Exception
212 * @see CRM_Core_Permission::getCorePermissions
214 public function upgradePermissions($permissions) {
215 throw new CRM_Core_Exception("Unimplemented method: CRM_Core_Permission_*::upgradePermissions");
219 * Get the permissions defined in the hook_civicrm_permission implementation
220 * of the given module.
222 * Note: At time of writing, this is only used with native extension-modules, so
223 * there's one, predictable calling convention (regardless of CMS).
227 * @return Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions().
228 * @see CRM_Core_Permission::getCorePermissions
230 public static function getModulePermissions($module) {
231 $return_permissions = array();
232 $fn_name = "{$module}_civicrm_permission";
233 if (function_exists($fn_name)) {
234 $module_permissions = array();
235 $fn_name($module_permissions);
236 $return_permissions = $module_permissions;
238 return $return_permissions;
242 * Get the permissions defined in the hook_civicrm_permission implementation
243 * in all enabled CiviCRM module extensions.
245 * @return Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions().
247 public function getAllModulePermissions() {
248 $permissions = array();
249 CRM_Utils_Hook
::permission($permissions);