<?php
/*
+--------------------------------------------------------------------+
- | CiviCRM version 5 |
- +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC (c) 2004-2020 |
- +--------------------------------------------------------------------+
- | This file is a part of CiviCRM. |
- | |
- | CiviCRM is free software; you can copy, modify, and distribute it |
- | under the terms of the GNU Affero General Public License |
- | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
+ | Copyright CiviCRM LLC. All rights reserved. |
| |
- | CiviCRM is distributed in the hope that it will be useful, but |
- | WITHOUT ANY WARRANTY; without even the implied warranty of |
- | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
- | See the GNU Affero General Public License for more details. |
- | |
- | You should have received a copy of the GNU Affero General Public |
- | License and the CiviCRM Licensing Exception along |
- | with this program; if not, contact CiviCRM LLC |
- | at info[AT]civicrm[DOT]org. If you have questions about the |
- | GNU Affero General Public License or the licensing of CiviCRM, |
- | see the CiviCRM license FAQ at http://civicrm.org/licensing |
+ | This work is published under the GNU AGPLv3 license with some |
+ | permitted exceptions and without any warranty. For full license |
+ | and copyright information, see https://civicrm.org/licensing |
+--------------------------------------------------------------------+
*/
*/
public static function getSubscribedEvents() {
return [
- Events::AUTHORIZE => [
+ 'civi.api.authorize' => [
['onApiAuthorize', Events::W_EARLY],
],
];
public $kernel;
/**
- * @var string, the entity for which we want to manage permissions
+ * The entity for which we want to manage permissions.
+ *
+ * @var string
*/
protected $entityName;
/**
- * @var array <string> the actions for which we want to manage permissions
+ * The actions for which we want to manage permissions
+ *
+ * @var string[]
*/
protected $actions;
/**
- * @var string, SQL. Given a file ID, determine the entity+table it's attached to.
+ * SQL SELECT query - Given a file ID, determine the entity+table it's attached to.
*
* ex: "SELECT if(cf.id,1,0) as is_valid, cef.entity_table, cef.entity_id
* FROM civicrm_file cf
* - is_valid: "1" if %1 identifies an actual record; otherwise "0"
* - entity_table: NULL or the name of a related table
* - entity_id: NULL or the ID of a row in the related table
+ *
+ * @var string
*/
protected $lookupDelegateSql;
/**
- * @var string, SQL. Get a list of (field_name, table_name, extends) tuples.
+ * SQL SELECT query. Get a list of (field_name, table_name, extends) tuples.
*
* For example, one tuple might be ("custom_123", "civicrm_value_mygroup_4",
* "Activity").
+ *
+ * @var string
*/
protected $lookupCustomFieldSql;
protected $lookupCustomFieldCache;
/**
- * @var array list of related tables for which FKs are allowed
+ * List of related tables for which FKs are allowed.
+ *
+ * @var array
*/
protected $allowedDelegates;
'id' => $entityId,
];
- $result = $self->kernel->run($entity, $self->getDelegatedAction($action), $params);
+ $result = $self->kernel->runSafe($entity, $self->getDelegatedAction($action), $params);
if ($result['is_error'] || empty($result['values'])) {
$exception = new \Civi\API\Exception\UnauthorizedException("Authorization failed on ($entity,$entityId)", [
'cause' => $result,
projects / civicrm-core.git / blobdiff