Merge pull request #22992 from eileenmcnaughton/billingnot

[civicrm-core.git] / Civi / Api4 / Generic / DAODeleteAction.php

diff --git a/Civi/Api4/Generic/DAODeleteAction.php b/Civi/Api4/Generic/DAODeleteAction.php
index de5ed1a07f0c310d7f7ba756157563b732308612..84d818de9b1c51d34b46a547a2eb583a9e5aa0c5 100644 (file)
--- a/Civi/Api4/Generic/DAODeleteAction.php
+++ b/Civi/Api4/Generic/DAODeleteAction.php
@@ -10,17 +10,11 @@
  +--------------------------------------------------------------------+
  */
 
-/**
- *
- * @package CRM
- * @copyright CiviCRM LLC https://civicrm.org/licensing
- */
-
-
 namespace Civi\Api4\Generic;
 
 use Civi\API\Exception\UnauthorizedException;
 use Civi\Api4\Utils\CoreUtil;
+use Civi\Api4\Utils\ReflectionUtils;
 
 /**
  * Delete one or more $ENTITIES.
@@ -43,7 +37,7 @@ class DAODeleteAction extends AbstractBatchAction {
 
     if ($this->getCheckPermissions()) {
       foreach ($items as $key => $item) {
-        if (!CoreUtil::checkAccess($this->getEntityName(), $this->getActionName(), $item)) {
+        if (!CoreUtil::checkAccessRecord($this, $item, \CRM_Core_Session::getLoggedInContactID() ?: 0)) {
           throw new UnauthorizedException("ACL check failed");
         }
         $items[$key]['check_permissions'] = TRUE;
@@ -63,7 +57,8 @@ class DAODeleteAction extends AbstractBatchAction {
     $ids = [];
     $baoName = $this->getBaoName();
 
-    if ($this->getEntityName() !== 'EntityTag' && method_exists($baoName, 'del')) {
+    // Use BAO::del() method if it is not deprecated
+    if (method_exists($baoName, 'del') && !ReflectionUtils::isMethodDeprecated($baoName, 'del')) {
       foreach ($items as $item) {
         $args = [$item['id']];
         $bao = call_user_func_array([$baoName, 'del'], $args);