4 +--------------------------------------------------------------------+
5 | Copyright CiviCRM LLC. All rights reserved. |
7 | This work is published under the GNU AGPLv3 license with some |
8 | permitted exceptions and without any warranty. For full license |
9 | and copyright information, see https://civicrm.org/licensing |
10 +--------------------------------------------------------------------+
13 use Civi\Core\Event\GenericHookEvent
;
16 * Class CRM_Core_Permission_List
18 * When presenting the administrator with a list of available permissions (`Permission.get`),
19 * the methods in provide the default implementations.
21 * These methods are not intended for public consumption or frequent execution.
23 * @see \Civi\Api4\Action\Permission\Get
25 class CRM_Core_Permission_List
{
28 * Enumerate concrete permissions that originate in CiviCRM (core or extension).
30 * @param \Civi\Core\Event\GenericHookEvent $e
31 * @see \CRM_Utils_Hook::permissionList
33 public static function findCiviPermissions(GenericHookEvent
$e) {
34 $activeCorePerms = \CRM_Core_Permission
::basicPermissions(FALSE);
35 $allCorePerms = \CRM_Core_Permission
::basicPermissions(TRUE, TRUE);
36 foreach ($allCorePerms as $permName => $corePerm) {
37 $e->permissions
[$permName] = [
39 'title' => $corePerm['label'] ??
$corePerm[0] ??
$permName,
40 'description' => $corePerm['description'] ??
$corePerm[1] ??
NULL,
41 'is_active' => isset($activeCorePerms[$permName]),
47 * Enumerate permissions that originate in the CMS (core or module/plugin),
48 * excluding any Civi permissions.
50 * @param \Civi\Core\Event\GenericHookEvent $e
51 * @see \CRM_Utils_Hook::permissionList
53 public static function findCmsPermissions(GenericHookEvent
$e) {
54 $config = \CRM_Core_Config
::singleton();
56 $ufPerms = $config->userPermissionClass
->getAvailablePermissions();
57 foreach ($ufPerms as $permName => $cmsPerm) {
58 $e->permissions
[$permName] = [
60 'title' => $cmsPerm['title'] ??
$permName,
61 'description' => $cmsPerm['description'] ??
NULL,
65 // There are a handful of special permissions defined in CRM/Core/Permission/*.php
66 // using the `translatePermission()` mechanism.
67 $e->permissions
['cms:view user account'] = [
69 'title' => ts('CMS') . ': ' . ts('View user accounts'),
70 'description' => ts('View user accounts. (Synthetic permission - adapts to local CMS)'),
71 'is_synthetic' => TRUE,
73 $e->permissions
['cms:administer users'] = [
75 'title' => ts('CMS') . ': ' . ts('Administer user accounts'),
76 'description' => ts('Administer user accounts. (Synthetic permission - adapts to local CMS)'),
77 'is_synthetic' => TRUE,
82 * @param \Civi\Core\Event\GenericHookEvent $e
83 * @see \CRM_Utils_Hook::permissionList
85 public static function findConstPermissions(GenericHookEvent
$e) {
86 // There are a handful of special permissions defined in CRM/Core/Permission.
87 $e->permissions
[\CRM_Core_Permission
::ALWAYS_DENY_PERMISSION
] = [
89 'title' => ts('Generic: Deny all users'),
90 'is_synthetic' => TRUE,
92 $e->permissions
[\CRM_Core_Permission
::ALWAYS_ALLOW_PERMISSION
] = [
94 'title' => ts('Generic: Allow all users (including anonymous)'),
95 'is_synthetic' => TRUE,