Add new Super-duper-no-permissions-apply permission
We discussed in the context of search kit that there are 2 competing concepts of
'administer CiviCRM'
1) like drupal user 1, can do anything
2) role that has various administrative access but acls etc still apply
In search kit we have an interest in allowing users who won't do dumb things
the ability to expose data to people who otherwise would not have access to that data
- e.g to create a listing of event participants to expose to anonymous users.
This effectively means we are giving people the power to create displays
that set check_permissions to FALSE. This would potentially enable people
to not just bypass ACLs applied to others but also acls applied to them.
In order words it could be a privellege escallation.
To prevent any unexpected escallation we decided that this ability
should only be given to contacts who explicitly have access to everything
anyway. There is no existing permission that does this (although
there is a perception that there is)
projects / civicrm-core.git / commit