CRM-19372 allow payment processors to define an array of accepted credit card types

[civicrm-core.git] / CRM / Core / Permission.php

diff --git a/CRM/Core/Permission.php b/CRM/Core/Permission.php
index 242fdf40748f897f2b3fa50486a076458fbfeb2b..2e6aedfb40cc66faf7ae271c3b921ed3be2cf78c 100644 (file)
--- a/CRM/Core/Permission.php
+++ b/CRM/Core/Permission.php
@@ -3,7 +3,7 @@
  +--------------------------------------------------------------------+
  | CiviCRM version 4.7                                                |
  +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2015                                |
+ | Copyright CiviCRM LLC (c) 2004-2016                                |
  +--------------------------------------------------------------------+
  | This file is a part of CiviCRM.                                    |
  |                                                                    |
@@ -28,7 +28,7 @@
 /**
  *
  * @package CRM
- * @copyright CiviCRM LLC (c) 2004-2015
+ * @copyright CiviCRM LLC (c) 2004-2016
  * $Id$
  *
  */
@@ -411,12 +411,22 @@ class CRM_Core_Permission {
   }
 
   /**
-   * @param $module
+   * Checks that component is enabled and optionally that user has basic perm.
+   *
+   * @param string $module
+   *   Specifies the name of the CiviCRM component.
    * @param bool $checkPermission
+   *   Check not only that module is enabled, but that user has necessary
+   *   permission.
+   * @param bool $requireAllCasesPermOnCiviCase
+   *   Significant only if $module == CiviCase
+   *   Require "access all cases and activities", not just
+   *   "access my cases and activities".
    *
    * @return bool
+   *   Access to specified $module is granted.
    */
-  public static function access($module, $checkPermission = TRUE) {
+  public static function access($module, $checkPermission = TRUE, $requireAllCasesPermOnCiviCase = FALSE) {
     $config = CRM_Core_Config::singleton();
 
     if (!in_array($module, $config->enableComponents)) {
@@ -424,11 +434,17 @@ class CRM_Core_Permission {
     }
 
     if ($checkPermission) {
-      if ($module == 'CiviCase') {
-        return CRM_Case_BAO_Case::accessCiviCase();
-      }
-      else {
-        return CRM_Core_Permission::check("access $module");
+      switch ($module) {
+        case 'CiviCase':
+          $access_all_cases = CRM_Core_Permission::check("access all cases and activities");
+          $access_my_cases  = CRM_Core_Permission::check("access my cases and activities");
+          return $access_all_cases || (!$requireAllCasesPermOnCiviCase && $access_my_cases);
+
+        case 'CiviCampaign':
+          return CRM_Core_Permission::check("administer $module");
+
+        default:
+          return CRM_Core_Permission::check("access $module");
       }
     }
 
@@ -690,6 +706,10 @@ class CRM_Core_Permission {
         $prefix . ts('import contacts'),
         ts('Import contacts and activities'),
       ),
+      'import SQL datasource' => array(
+        $prefix . ts('import SQL datasource'),
+        ts('When importing, consume data directly from a SQL datasource'),
+      ),
       'edit groups' => array(
         $prefix . ts('edit groups'),
         ts('Create new groups, edit group settings (e.g. group name, visibility...), delete groups'),
@@ -833,6 +853,14 @@ class CRM_Core_Permission {
         $prefix . ts('view my invoices'),
         ts('Allow users to view/ download their own invoices'),
       ),
+      'edit api keys' => array(
+        $prefix . ts('edit api keys'),
+        ts('Edit API keys'),
+      ),
+      'edit own api keys' => array(
+        $prefix . ts('edit own api keys'),
+        ts('Edit user\'s own API keys'),
+      ),
     );
 
     return $permissions;