X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;ds=sidebyside;f=Civi%2FAPI%2FSubscriber%2FDynamicFKAuthorization.php;h=6a19cded035058c8a9d8ac931e7cfd27e95cda45;hb=39b870b8909a488c58ab35e5ec4656e65e190a8a;hp=29374172ff5647ea992792810200f539c0828799;hpb=c735fb7e38514eb6d7732ffb11ac21ac33e570b9;p=civicrm-core.git diff --git a/Civi/API/Subscriber/DynamicFKAuthorization.php b/Civi/API/Subscriber/DynamicFKAuthorization.php index 29374172ff..6a19cded03 100644 --- a/Civi/API/Subscriber/DynamicFKAuthorization.php +++ b/Civi/API/Subscriber/DynamicFKAuthorization.php @@ -36,7 +36,7 @@ class DynamicFKAuthorization implements EventSubscriberInterface { */ public static function getSubscribedEvents() { return [ - Events::AUTHORIZE => [ + 'civi.api.authorize' => [ ['onApiAuthorize', Events::W_EARLY], ], ]; @@ -50,17 +50,21 @@ class DynamicFKAuthorization implements EventSubscriberInterface { public $kernel; /** - * @var string, the entity for which we want to manage permissions + * The entity for which we want to manage permissions. + * + * @var string */ protected $entityName; /** - * @var array the actions for which we want to manage permissions + * The actions for which we want to manage permissions + * + * @var string[] */ protected $actions; /** - * @var string, SQL. Given a file ID, determine the entity+table it's attached to. + * SQL SELECT query - Given a file ID, determine the entity+table it's attached to. * * ex: "SELECT if(cf.id,1,0) as is_valid, cef.entity_table, cef.entity_id * FROM civicrm_file cf @@ -72,14 +76,18 @@ class DynamicFKAuthorization implements EventSubscriberInterface { * - is_valid: "1" if %1 identifies an actual record; otherwise "0" * - entity_table: NULL or the name of a related table * - entity_id: NULL or the ID of a row in the related table + * + * @var string */ protected $lookupDelegateSql; /** - * @var string, SQL. Get a list of (field_name, table_name, extends) tuples. + * SQL SELECT query. Get a list of (field_name, table_name, extends) tuples. * * For example, one tuple might be ("custom_123", "civicrm_value_mygroup_4", * "Activity"). + * + * @var string */ protected $lookupCustomFieldSql; @@ -91,7 +99,9 @@ class DynamicFKAuthorization implements EventSubscriberInterface { protected $lookupCustomFieldCache; /** - * @var array list of related tables for which FKs are allowed + * List of related tables for which FKs are allowed. + * + * @var array */ protected $allowedDelegates; @@ -220,7 +230,7 @@ class DynamicFKAuthorization implements EventSubscriberInterface { 'id' => $entityId, ]; - $result = $self->kernel->run($entity, $self->getDelegatedAction($action), $params); + $result = $self->kernel->runSafe($entity, $self->getDelegatedAction($action), $params); if ($result['is_error'] || empty($result['values'])) { $exception = new \Civi\API\Exception\UnauthorizedException("Authorization failed on ($entity,$entityId)", [ 'cause' => $result,