projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #24022 from colemanw/afformFrontend
[civicrm-core.git] / CRM / Utils / Recent.php
diff --git a/CRM/Utils/Recent.php b/CRM/Utils/Recent.php
index a2a22ebb4127b75d3a1185cfa466b962d372439f..f09ce294bbbb795e667bb1f15f1d5d8731948ea1 100644 (file)
--- a/CRM/Utils/Recent.php
+++ b/CRM/Utils/Recent.php
@@ -80,8 +80,18 @@ class CRM_Utils_Recent {
    * Create function used by the API - supplies defaults
    *
    * @param array $params
+   * @param Civi\Api4\Generic\AbstractAction $action
    */
-  public static function create(array $params) {
+  public static function create(array $params, Civi\Api4\Generic\AbstractAction $action) {
+    if ($action->getCheckPermissions()) {
+      $allowed = civicrm_api4($params['entity_type'], 'checkAccess', [
+        'action' => 'get',
+        'values' => ['id' => $params['entity_id']],
+      ], 0);
+      if (empty($allowed['access'])) {
+        return [];
+      }
+    }
     $params['title'] = $params['title'] ?? self::getTitle($params['entity_type'], $params['entity_id']);
     $params['view_url'] = $params['view_url'] ?? self::getUrl($params['entity_type'], $params['entity_id'], 'view');
     $params['edit_url'] = $params['edit_url'] ?? self::getUrl($params['entity_type'], $params['entity_id'], 'update');
@@ -182,10 +192,11 @@ class CRM_Utils_Recent {
       $record = civicrm_api4($entityType, 'get', [
         'where' => [['id', '=', $entityId]],
         'select' => [$labelField],
+        'checkPermissions' => FALSE,
       ], 0);
       $title = $record[$labelField] ?? NULL;
     }
-    return $title ?? (CoreUtil::getInfoItem($entityType, 'label_field'));
+    return $title ?? (CoreUtil::getInfoItem($entityType, 'title'));
   }
 
   /**
@@ -244,7 +255,7 @@ class CRM_Utils_Recent {
       }
       elseif ($event->action === 'edit') {
         if (isset($event->object->is_deleted)) {
-          \Civi\Api4\RecentItem::update()
+          \Civi\Api4\RecentItem::update(FALSE)
             ->addWhere('entity_type', '=', $entityType)
             ->addWhere('entity_id', '=', $event->id)
             ->addValue('is_deleted', (bool) $event->object->is_deleted)