* @throws \API_Exception
*/
public function _run(\Civi\Api4\Generic\Result $result) {
- // Only administrators can use this in unsecured "preview mode"
- if (is_array($this->savedSearch) && $this->checkPermissions && !\CRM_Core_Permission::check('administer CiviCRM data')) {
+ // Only SearchKit admins can use this in unsecured "preview mode"
+ if (
+ is_array($this->savedSearch) && $this->checkPermissions &&
+ !\CRM_Core_Permission::check([['administer CiviCRM data', 'administer search_kit']])
+ ) {
throw new UnauthorizedException('Access denied');
}
$this->loadSavedSearch();
if (!empty($field['explicit_join'])) {
$label = $this->getJoinLabel($field['explicit_join']) . ': ';
}
- if (!empty($field['implicit_join'])) {
+ if (!empty($field['implicit_join']) && empty($field['custom_field_id'])) {
$field = $this->getField(substr($expr->getAlias(), 0, -1 - strlen($field['name'])));
}
return $label . $field['label'];