X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FCore%2FPermission.php;h=9fb1bd155174fb01d2d8dc8c08ea51b9ee491717;hb=dad652254a7b1467c130027633efe76218eb8756;hp=86ee19f6b2d8060a2b06aa737545a3533bc48332;hpb=d5b9585b3da73a76dada27cfa2f791c6c4763cd5;p=civicrm-core.git diff --git a/CRM/Core/Permission.php b/CRM/Core/Permission.php index 86ee19f6b2..9fb1bd1551 100644 --- a/CRM/Core/Permission.php +++ b/CRM/Core/Permission.php @@ -3,7 +3,7 @@ +--------------------------------------------------------------------+ | CiviCRM version 4.6 | +--------------------------------------------------------------------+ - | Copyright CiviCRM LLC (c) 2004-2014 | + | Copyright CiviCRM LLC (c) 2004-2015 | +--------------------------------------------------------------------+ | This file is a part of CiviCRM. | | | @@ -28,7 +28,7 @@ /** * * @package CRM - * @copyright CiviCRM LLC (c) 2004-2014 + * @copyright CiviCRM LLC (c) 2004-2015 * $Id$ * */ @@ -547,43 +547,77 @@ class CRM_Core_Permission { /** * @param bool $all + * @param bool $descriptions + * whether to return descriptions * * @return array */ - public static function &basicPermissions($all = FALSE) { - static $permissions = NULL; + public static function &basicPermissions($all = FALSE, $descriptions = FALSE) { + if ($descriptions) { + static $permissionsDesc = NULL; - if (!$permissions) { - $config = CRM_Core_Config::singleton(); - $prefix = ts('CiviCRM') . ': '; - $permissions = self::getCorePermissions(); - - if (self::isMultisiteEnabled()) { - $permissions['administer Multiple Organizations'] = $prefix . ts('administer Multiple Organizations'); + if (!$permissionsDesc) { + $permissionsDesc = self::assembleBasicPermissions($all, $descriptions); } - if (!$all) { - $components = CRM_Core_Component::getEnabledComponents(); - } - else { - $components = CRM_Core_Component::getComponents(); + return $permissionsDesc; + } + else { + static $permissions = NULL; + + if (!$permissions) { + $permissions = self::assembleBasicPermissions($all, $descriptions); } - foreach ($components as $comp) { - $perm = $comp->getPermissions(); - if ($perm) { - $info = $comp->getInfo(); + return $permissions; + } + } + + /** + * @param bool $all + * @param bool $descriptions + * whether to return descriptions + * + * @return array + */ + public static function assembleBasicPermissions($all = FALSE, $descriptions = FALSE) { + $config = CRM_Core_Config::singleton(); + $prefix = ts('CiviCRM') . ': '; + $permissions = self::getCorePermissions($descriptions); + + if (self::isMultisiteEnabled()) { + $permissions['administer Multiple Organizations'] = $prefix . ts('administer Multiple Organizations'); + } + + if (!$all) { + $components = CRM_Core_Component::getEnabledComponents(); + } + else { + $components = CRM_Core_Component::getComponents(); + } + + foreach ($components as $comp) { + $perm = $comp->getPermissions(FALSE, $descriptions); + if ($perm) { + $info = $comp->getInfo(); + if ($descriptions) { + foreach ($perm as $p => $attr) { + $title = $info['translatedName'] . ': ' . array_shift($attr); + array_unshift($attr, $title); + $permissions[$p] = $attr; + } + } + else { foreach ($perm as $p) { $permissions[$p] = $info['translatedName'] . ': ' . $p; } } } - - // Add any permissions defined in hook_civicrm_permission implementations. - $module_permissions = $config->userPermissionClass->getAllModulePermissions(); - $permissions = array_merge($permissions, $module_permissions); } + // Add any permissions defined in hook_civicrm_permission implementations. + $module_permissions = $config->userPermissionClass->getAllModulePermissions($descriptions); + $permissions = array_merge($permissions, $module_permissions); return $permissions; } @@ -617,56 +651,185 @@ class CRM_Core_Permission { } /** + * @param bool $descriptions + * whether to return descriptions + * * @return array */ - public static function getCorePermissions() { + public static function getCorePermissions($descriptions = FALSE) { $prefix = ts('CiviCRM') . ': '; $permissions = array( - 'add contacts' => $prefix . ts('add contacts'), - 'view all contacts' => $prefix . ts('view all contacts'), - 'edit all contacts' => $prefix . ts('edit all contacts'), - 'view my contact' => $prefix . ts('view my contact'), - 'edit my contact' => $prefix . ts('edit my contact'), - 'delete contacts' => $prefix . ts('delete contacts'), - 'access deleted contacts' => $prefix . ts('access deleted contacts'), - 'import contacts' => $prefix . ts('import contacts'), - 'edit groups' => $prefix . ts('edit groups'), - 'administer CiviCRM' => $prefix . ts('administer CiviCRM'), - 'skip IDS check' => $prefix . ts('skip IDS check'), - 'access uploaded files' => $prefix . ts('access uploaded files'), - 'profile listings and forms' => $prefix . ts('profile listings and forms'), - 'profile listings' => $prefix . ts('profile listings'), - 'profile create' => $prefix . ts('profile create'), - 'profile edit' => $prefix . ts('profile edit'), - 'profile view' => $prefix . ts('profile view'), - 'access all custom data' => $prefix . ts('access all custom data'), - 'view all activities' => $prefix . ts('view all activities'), - 'delete activities' => $prefix . ts('delete activities'), - 'access CiviCRM' => $prefix . ts('access CiviCRM'), - 'access Contact Dashboard' => $prefix . ts('access Contact Dashboard'), - 'translate CiviCRM' => $prefix . ts('translate CiviCRM'), - 'administer reserved groups' => $prefix . ts('administer reserved groups'), - 'administer Tagsets' => $prefix . ts('administer Tagsets'), - 'administer reserved tags' => $prefix . ts('administer reserved tags'), - 'administer dedupe rules' => $prefix . ts('administer dedupe rules'), - 'merge duplicate contacts' => $prefix . ts('merge duplicate contacts'), - 'view debug output' => $prefix . ts('view debug output'), - 'view all notes' => $prefix . ts('view all notes'), - 'access AJAX API' => $prefix . ts('access AJAX API'), - 'access contact reference fields' => $prefix . ts('access contact reference fields'), - 'create manual batch' => $prefix . ts('create manual batch'), - 'edit own manual batches' => $prefix . ts('edit own manual batches'), - 'edit all manual batches' => $prefix . ts('edit all manual batches'), - 'view own manual batches' => $prefix . ts('view own manual batches'), - 'view all manual batches' => $prefix . ts('view all manual batches'), - 'delete own manual batches' => $prefix . ts('delete own manual batches'), - 'delete all manual batches' => $prefix . ts('delete all manual batches'), - 'export own manual batches' => $prefix . ts('export own manual batches'), - 'export all manual batches' => $prefix . ts('export all manual batches'), - 'administer payment processors' => $prefix . ts('administer payment processors'), - 'edit message templates' => $prefix . ts('edit message templates'), + 'add contacts' => array( + $prefix . ts('add contacts'), + ts('Create a new contact record in CiviCRM'), + ), + 'view all contacts' => array( + $prefix . ts('view all contacts'), + ts('View ANY CONTACT in the CiviCRM database, export contact info and perform activities such as Send Email, Phone Call, etc.'), + ), + 'edit all contacts' => array( + $prefix . ts('edit all contacts'), + ts('View, Edit and Delete ANY CONTACT in the CiviCRM database; Create and edit relationships, tags and other info about the contacts'), + ), + 'view my contact' => array( + $prefix . ts('view my contact'), + ), + 'edit my contact' => array( + $prefix . ts('edit my contact'), + ), + 'delete contacts' => array( + $prefix . ts('delete contacts'), + ), + 'access deleted contacts' => array( + $prefix . ts('access deleted contacts'), + ts('Access contacts in the trash'), + ), + 'import contacts' => array( + $prefix . ts('import contacts'), + ts('Import contacts and activities'), + ), + 'edit groups' => array( + $prefix . ts('edit groups'), + ts('Create new groups, edit group settings (e.g. group name, visibility...), delete groups'), + ), + 'administer CiviCRM' => array( + $prefix . ts('administer CiviCRM'), + ts('Perform all tasks in the Administer CiviCRM control panel and Import Contacts'), + ), + 'skip IDS check' => array( + $prefix . ts('skip IDS check'), + ts('IDS system is bypassed for users with this permission. Prevents false errors for admin users.'), + ), + 'access uploaded files' => array( + $prefix . ts('access uploaded files'), + ts('View / download files including images and photos'), + ), + 'profile listings and forms' => array( + $prefix . ts('profile listings and forms'), + ts('Access the profile Search form and listings'), + ), + 'profile listings' => array( + $prefix . ts('profile listings'), + ), + 'profile create' => array( + $prefix . ts('profile create'), + ts('Use profiles in Create mode'), + ), + 'profile edit' => array( + $prefix . ts('profile edit'), + ts('Use profiles in Edit mode'), + ), + 'profile view' => array( + $prefix . ts('profile view'), + ), + 'access all custom data' => array( + $prefix . ts('access all custom data'), + ts('View all custom fields regardless of ACL rules'), + ), + 'view all activities' => array( + $prefix . ts('view all activities'), + ts('View all activities (for visible contacts)'), + ), + 'delete activities' => array( + $prefix . ts('Delete activities'), + ), + 'access CiviCRM' => array( + $prefix . ts('access CiviCRM'), + ts('Master control for access to the main CiviCRM backend and API'), + ), + 'access Contact Dashboard' => array( + $prefix . ts('access Contact Dashboard'), + ts('View Contact Dashboard (for themselves and visible contacts)'), + ), + 'translate CiviCRM' => array( + $prefix . ts('translate CiviCRM'), + ts('Allow User to enable multilingual'), + ), + 'administer reserved groups' => array( + $prefix . ts('administer reserved groups'), + ts('Edit and disable Reserved Groups (Needs Edit Groups)'), + ), + 'administer Tagsets' => array( + $prefix . ts('administer Tagsets'), + ), + 'administer reserved tags' => array( + $prefix . ts('administer reserved tags'), + ), + 'administer dedupe rules' => array( + $prefix . ts('administer dedupe rules'), + ts('Create and edit rules, change the supervised and unsupervised rules'), + ), + 'merge duplicate contacts' => array( + $prefix . ts('merge duplicate contacts'), + ts('Delete Contacts must also be granted in order for this to work.'), + ), + 'view debug output' => array( + $prefix . ts('view debug output'), + ts('View results of debug and backtrace'), + ), + 'view all notes' => array( + $prefix . ts('view all notes'), + ts("View notes (for visible contacts) even if they're marked admin only"), + ), + 'access AJAX API' => array( + $prefix . ts('access AJAX API'), + ts('Allow API access even if Access CiviCRM is not granted'), + ), + 'access contact reference fields' => array( + $prefix . ts('access contact reference fields'), + ts('Allow entering data into contact reference fields'), + ), + 'create manual batch' => array( + $prefix . ts('create manual batch'), + ts('Create an accounting batch (with Access to CiviContribute and View Own/All Manual Batches)'), + ), + 'edit own manual batches' => array( + $prefix . ts('edit own manual batches'), + ts('Edit accounting batches created by user'), + ), + 'edit all manual batches' => array( + $prefix . ts('edit all manual batches'), + ts('Edit all accounting batches'), + ), + 'view own manual batches' => array( + $prefix . ts('view own manual batches'), + ts('View accounting batches created by user (with Access to CiviContribute)'), + ), + 'view all manual batches' => array( + $prefix . ts('view all manual batches'), + ts('View all accounting batches (with Access to CiviContribute)'), + ), + 'delete own manual batches' => array( + $prefix . ts('delete own manual batches'), + ts('Delete accounting batches created by user'), + ), + 'delete all manual batches' => array( + $prefix . ts('delete all manual batches'), + ts('Delete all accounting batches'), + ), + 'export own manual batches' => array( + $prefix . ts('export own manual batches'), + ts('Export accounting batches created by user'), + ), + 'export all manual batches' => array( + $prefix . ts('export all manual batches'), + ts('Export all accounting batches'), + ), + 'administer payment processors' => array( + $prefix . ts('administer payment processors'), + ts('Add, Update, or Disable Payment Processors'), + ), + 'edit message templates' => array( + $prefix . ts('edit message templates'), + ), ); + if (!$descriptions) { + foreach ($permissions as $name => $attr) { + $permissions[$name] = array_shift($attr); + } + } + return $permissions; }