Remove obsolete 'Basic ACLs'

These 'Basic ACLs' were, as best anyone on the CT can remember, a primitive form of user-role permissions,
which are now obsolete since CiviCRM utilizes user-role permissions provided by the CMS.
Based on the git/svn history, this subsystem hasn't been touched in a very long time
so is most likely unused.

diff --git a/CRM/ACL/Form/ACLBasic.php b/CRM/ACL/Form/ACLBasic.php
deleted file mode 100644 (file)
index f6df1a4..0000000
--- a/CRM/ACL/Form/ACLBasic.php
+++ /dev/null
@@ -1,140 +0,0 @@
-<?php
-/*
- +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC. All rights reserved.                        |
- |                                                                    |
- | This work is published under the GNU AGPLv3 license with some      |
- | permitted exceptions and without any warranty. For full license    |
- | and copyright information, see https://civicrm.org/licensing       |
- +--------------------------------------------------------------------+
- */
-
-/**
- *
- * @package CRM
- * @copyright CiviCRM LLC https://civicrm.org/licensing
- */
-class CRM_ACL_Form_ACLBasic extends CRM_Admin_Form {
-
-  /**
-   * @var bool
-   */
-  public $submitOnce = TRUE;
-
-  /**
-   * Set default values for the form.
-   */
-  public function setDefaultValues() {
-    $defaults = [];
-
-    if ($this->_id ||
-      $this->_id === '0'
-    ) {
-      $defaults['entity_id'] = $this->_id;
-
-      $query = "
-SELECT object_table
-  FROM civicrm_acl
- WHERE entity_id = %1
-   AND ( object_table NOT IN ( 'civicrm_saved_search', 'civicrm_uf_group', 'civicrm_custom_group' ) )
-";
-      $params = [1 => [$this->_id, 'Integer']];
-      $dao = CRM_Core_DAO::executeQuery($query, $params);
-      $defaults['object_table'] = [];
-      while ($dao->fetch()) {
-        $defaults['object_table'][$dao->object_table] = 1;
-      }
-    }
-
-    return $defaults;
-  }
-
-  /**
-   * Build the form object.
-   */
-  public function buildQuickForm() {
-    parent::buildQuickForm();
-
-    if ($this->_action & CRM_Core_Action::DELETE) {
-      return;
-    }
-
-    $permissions = array_flip(CRM_Core_Permission::basicPermissions());
-    $this->addCheckBox('object_table',
-      ts('ACL Type'),
-      $permissions,
-      NULL, NULL, TRUE, NULL,
-      ['</td><td>', '</td></tr><tr><td>']
-    );
-
-    $label = ts('Role');
-    $role = [
-      '-1' => ts('- select role -'),
-      '0' => ts('Everyone'),
-    ] + CRM_Core_OptionGroup::values('acl_role');
-    $entityID = &$this->add('select', 'entity_id', $label, $role, TRUE);
-
-    if ($this->_id) {
-      $entityID->freeze();
-    }
-    $this->add('checkbox', 'is_active', ts('Enabled?'));
-
-    $this->addFormRule(['CRM_ACL_Form_ACLBasic', 'formRule']);
-  }
-
-  /**
-   * @param array $params
-   *
-   * @return array|bool
-   */
-  public static function formRule($params) {
-    if ($params['entity_id'] == -1) {
-      $errors = ['entity_id' => ts('Role is a required field')];
-      return $errors;
-    }
-
-    return TRUE;
-  }
-
-  /**
-   * Process the form submission.
-   */
-  public function postProcess() {
-    CRM_ACL_BAO_Cache::resetCache();
-
-    $params = $this->controller->exportValues($this->_name);
-    if ($this->_id ||
-      $this->_id === '0'
-    ) {
-      $query = "
-DELETE
-  FROM civicrm_acl
- WHERE entity_id = %1
-   AND ( object_table NOT IN ( 'civicrm_saved_search', 'civicrm_uf_group', 'civicrm_custom_group' ) )
-";
-      $deleteParams = [1 => [$this->_id, 'Integer']];
-      CRM_Core_DAO::executeQuery($query, $deleteParams);
-
-      if ($this->_action & CRM_Core_Action::DELETE) {
-        CRM_Core_Session::setStatus(ts('Selected ACL has been deleted.'), ts('Record Deleted'), 'success');
-        return;
-      }
-    }
-
-    $params['operation'] = 'All';
-    $params['deny'] = 0;
-    $params['is_active'] = 1;
-    $params['entity_table'] = 'civicrm_acl_role';
-    $params['name'] = 'Core ACL';
-
-    foreach ($params['object_table'] as $object_table => $value) {
-      if ($value) {
-        $newParams = $params;
-        unset($newParams['object_table']);
-        $newParams['object_table'] = $object_table;
-        CRM_ACL_BAO_ACL::writeRecord($newParams);
-      }
-    }
-  }
-
-}

diff --git a/CRM/ACL/Page/ACL.php b/CRM/ACL/Page/ACL.php
index b5d3cc89552dc9fb83a830f67e795d2cc09f07d9..9aea585919088a437302fe70b77cabb87c4afc46 100644 (file)
--- a/CRM/ACL/Page/ACL.php
+++ b/CRM/ACL/Page/ACL.php
@@ -99,12 +99,7 @@ class CRM_ACL_Page_ACL extends CRM_Core_Page_Basic {
   public function browse() {
     // get all acl's sorted by weight
     $acl = [];
-    $query = "
-  SELECT *
-    FROM civicrm_acl
-   WHERE ( object_table IN ( 'civicrm_saved_search', 'civicrm_uf_group', 'civicrm_custom_group', 'civicrm_event' ) )
-ORDER BY entity_id
-";
+    $query = "SELECT * FROM civicrm_acl";
     $dao = CRM_Core_DAO::executeQuery($query);
 
     $roles = CRM_Core_OptionGroup::values('acl_role');

diff --git a/CRM/ACL/Page/ACLBasic.php b/CRM/ACL/Page/ACLBasic.php
deleted file mode 100644 (file)
index ff643d0..0000000
--- a/CRM/ACL/Page/ACLBasic.php
+++ /dev/null
@@ -1,180 +0,0 @@
-<?php
-/*
- +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC. All rights reserved.                        |
- |                                                                    |
- | This work is published under the GNU AGPLv3 license with some      |
- | permitted exceptions and without any warranty. For full license    |
- | and copyright information, see https://civicrm.org/licensing       |
- +--------------------------------------------------------------------+
- */
-
-/**
- *
- * @package CRM
- * @copyright CiviCRM LLC https://civicrm.org/licensing
- */
-class CRM_ACL_Page_ACLBasic extends CRM_Core_Page_Basic {
-
-  /**
-   * The action links that we need to display for the browse screen.
-   *
-   * @var array
-   */
-  public static $_links = NULL;
-
-  /**
-   * Get BAO Name.
-   *
-   * @return string
-   *   Classname of BAO.
-   */
-  public function getBAOName() {
-    return 'CRM_ACL_BAO_ACL';
-  }
-
-  /**
-   * Get action Links.
-   *
-   * @return array
-   *   (reference) of action links
-   */
-  public function &links() {
-    if (!(self::$_links)) {
-      self::$_links = [
-        CRM_Core_Action::UPDATE => [
-          'name' => ts('Edit'),
-          'url' => 'civicrm/acl/basic',
-          'qs' => 'reset=1&action=update&id=%%id%%',
-          'title' => ts('Edit ACL'),
-        ],
-        CRM_Core_Action::DELETE => [
-          'name' => ts('Delete'),
-          'url' => 'civicrm/acl/basic',
-          'qs' => 'reset=1&action=delete&id=%%id%%',
-          'title' => ts('Delete ACL'),
-        ],
-      ];
-    }
-    return self::$_links;
-  }
-
-  /**
-   * Run the page.
-   *
-   * This method is called after the page is created. It checks for the
-   * type of action and executes that action.
-   * Finally it calls the parent's run method.
-   */
-  public function run() {
-    $id = $this->getIdAndAction();
-
-    // set breadcrumb to append to admin/access
-    $breadCrumb = [
-      [
-        'title' => ts('Access Control'),
-        'url' => CRM_Utils_System::url('civicrm/admin/access', 'reset=1'),
-      ],
-    ];
-    CRM_Utils_System::appendBreadCrumb($breadCrumb);
-
-    // what action to take ?
-    if ($this->_action & (CRM_Core_Action::UPDATE | CRM_Core_Action::ADD | CRM_Core_Action::DELETE)) {
-      $this->edit($this->_action, $id);
-    }
-
-    // finally browse the acl's
-    $this->browse();
-
-    // This replaces parent run, but do parent's parent run
-    return CRM_Core_Page::run();
-  }
-
-  /**
-   * Browse all acls.
-   */
-  public function browse() {
-
-    // get all acl's sorted by weight
-    $acl = [];
-    $query = "
-  SELECT *
-    FROM civicrm_acl
-   WHERE ( object_table NOT IN ( 'civicrm_saved_search', 'civicrm_uf_group', 'civicrm_custom_group' ) )
-ORDER BY entity_id
-";
-    $dao = CRM_Core_DAO::executeQuery($query);
-
-    $roles = CRM_Core_OptionGroup::values('acl_role');
-
-    $permissions = CRM_Core_Permission::basicPermissions();
-    while ($dao->fetch()) {
-      if (!array_key_exists($dao->entity_id, $acl)) {
-        $acl[$dao->entity_id] = [];
-        $acl[$dao->entity_id]['name'] = $dao->name;
-        $acl[$dao->entity_id]['entity_id'] = $dao->entity_id;
-        $acl[$dao->entity_id]['entity_table'] = $dao->entity_table;
-        $acl[$dao->entity_id]['object_table'] = $permissions[$dao->object_table] ?? NULL;
-        $acl[$dao->entity_id]['is_active'] = 1;
-
-        if ($acl[$dao->entity_id]['entity_id']) {
-          $acl[$dao->entity_id]['entity'] = $roles[$acl[$dao->entity_id]['entity_id']];
-        }
-        else {
-          $acl[$dao->entity_id]['entity'] = ts('Any Role');
-        }
-
-        // form all action links
-        $action = array_sum(array_keys($this->links()));
-
-        $acl[$dao->entity_id]['action'] = CRM_Core_Action::formLink(
-          self::links(),
-          $action,
-          ['id' => $dao->entity_id],
-          ts('more'),
-          FALSE,
-          'aclRole.manage.action',
-          'ACLRole',
-          $dao->entity_id
-        );
-      }
-      elseif (!empty($permissions[$dao->object_table])) {
-        $acl[$dao->entity_id]['object_table'] .= ", {$permissions[$dao->object_table]}";
-      }
-    }
-    $this->assign('rows', $acl);
-  }
-
-  /**
-   * Get name of edit form.
-   *
-   * @return string
-   *   Classname of edit form.
-   */
-  public function editForm() {
-    return 'CRM_ACL_Form_ACLBasic';
-  }
-
-  /**
-   * Get edit form name.
-   *
-   * @return string
-   *   name of this page.
-   */
-  public function editName() {
-    return 'Core ACLs';
-  }
-
-  /**
-   * Get user context.
-   *
-   * @param null $mode
-   *
-   * @return string
-   *   user context.
-   */
-  public function userContext($mode = NULL) {
-    return 'civicrm/acl/basic';
-  }
-
-}

diff --git a/CRM/Core/xml/Menu/Misc.xml b/CRM/Core/xml/Menu/Misc.xml
index 97d9c63c6dd3caa637d4e84f6c0162ac42c27adf..34c93bf27ac2aaf3d4c832fd2cd7ac4f410e1d96 100644 (file)
--- a/CRM/Core/xml/Menu/Misc.xml
+++ b/CRM/Core/xml/Menu/Misc.xml
@@ -40,12 +40,6 @@
      <page_callback>CRM_ACL_Page_EntityRole</page_callback>
      <access_arguments>administer CiviCRM,access CiviCRM</access_arguments>
   </item>
-  <item>
-     <path>civicrm/acl/basic</path>
-     <title>ACL</title>
-     <page_callback>CRM_ACL_Page_ACLBasic</page_callback>
-     <access_arguments>administer CiviCRM,access CiviCRM</access_arguments>
-  </item>
   <item>
      <path>civicrm/file</path>
      <title>Browse Uploaded files</title>

diff --git a/CRM/Upgrade/Incremental/sql/5.64.alpha1.mysql.tpl b/CRM/Upgrade/Incremental/sql/5.64.alpha1.mysql.tpl
index 2fa75d0fbb9c01051f901f085115f70a87bb24de..f1f12629b23bb19569cb9c9828d8a1926db94bfb 100644 (file)
--- a/CRM/Upgrade/Incremental/sql/5.64.alpha1.mysql.tpl
+++ b/CRM/Upgrade/Incremental/sql/5.64.alpha1.mysql.tpl
@@ -2,6 +2,10 @@
 
 UPDATE `civicrm_acl` SET `priority` = `id`;
 
+-- Remove obsolete "Basic ACLs"
+DELETE FROM civicrm_acl
+WHERE object_table NOT IN ('civicrm_saved_search', 'civicrm_uf_group', 'civicrm_custom_group', 'civicrm_event');
+
 -- fix mis-casing of field name. Note the php function doesn't permit the name change hence it is here
 -- but field is not localised.
 ALTER TABLE civicrm_uf_group

diff --git a/templates/CRM/ACL/Form/ACLBasic.tpl b/templates/CRM/ACL/Form/ACLBasic.tpl
deleted file mode 100644 (file)
index 764ebe8..0000000
--- a/templates/CRM/ACL/Form/ACLBasic.tpl
+++ /dev/null
@@ -1,44 +0,0 @@
-{*
- +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC. All rights reserved.                        |
- |                                                                    |
- | This work is published under the GNU AGPLv3 license with some      |
- | permitted exceptions and without any warranty. For full license    |
- | and copyright information, see https://civicrm.org/licensing       |
- +--------------------------------------------------------------------+
-*}
-{* this template is used for adding/editing ACL  *}
-<div class="form-item">
-<fieldset><legend>{if $action eq 1}{ts}New ACL{/ts}{elseif $action eq 2}{ts}Edit ACL{/ts}{else}{ts}Delete ACL{/ts}{/if}</legend>
-
-{if $action eq 8}
-  <div class="messages status no-popup">
-    <dl>
-      <dt>{icon icon="fa-info-circle"}{/icon}</dt>
-      <dd>
-        {ts}WARNING: Delete will remove this permission from the specified ACL Role.{/ts} {ts}Do you want to continue?{/ts}
-      </dd>
-    </dl>
-  </div>
-{else}
-  <dl>
-    <dt>{$form.entity_id.label}</dt><dd>{$form.entity_id.html}</dd>
-    <dt>&nbsp;</dt><dd class="description">{ts}Select a Role to assign (grant) this permission to. Select the special role 'Everyone' if you want to grant this permission to ALL users. 'Anyone' includes anonymous (i.e. not logged in) users.{/ts}</dd>
-  </dl>
-  <dl>
-    <dt>{$form.object_table.label}</dt>
-<dd>
-<table>
-<tr><td>
-{$form.object_table.html}
-</td></tr>
-</table>
-</dd>
-  </dl>
-{/if}
-  <dl>
-    <dt></dt><dd>{$form.buttons.html}</dd>
-  </dl>
-</fieldset>
-</div>
-

diff --git a/templates/CRM/ACL/Page/ACLBasic.tpl b/templates/CRM/ACL/Page/ACLBasic.tpl
deleted file mode 100644 (file)
index f747719..0000000
--- a/templates/CRM/ACL/Page/ACLBasic.tpl
+++ /dev/null
@@ -1,56 +0,0 @@
-{*
- +--------------------------------------------------------------------+
- | Copyright CiviCRM LLC. All rights reserved.                        |
- |                                                                    |
- | This work is published under the GNU AGPLv3 license with some      |
- | permitted exceptions and without any warranty. For full license    |
- | and copyright information, see https://civicrm.org/licensing       |
- +--------------------------------------------------------------------+
-*}
-{include file="CRM/ACL/Header.tpl" step=3}
-
-{if $action eq 1 or $action eq 2 or $action eq 8}
-<div class="crm-block crm-form-block">
-   {include file="CRM/ACL/Form/ACLBasic.tpl"}
-</div>
-{/if}
-
-<div class="crm-block crm-content-block">
-{if $rows}
-<div id="ltype">
-<p></p>
-    <div class="form-item">
-        {strip}
-        <table>
-        <tr class="columnheader">
-            <th>{ts}Role{/ts}</th>
-            <th>{ts}ACL Type(s){/ts}</th>
-            <th></th>
-        </tr>
-        {foreach from=$rows item=row}
-        <tr class="{cycle values="odd-row,even-row"}{if !empty($row.class)} {$row.class}{/if}{if NOT $row.is_active} disabled{/if}">
-          <td>{$row.entity}</td>
-          <td>{$row.object_table}</td>
-          <td>{$row.action}</td>
-        </tr>
-        {/foreach}
-        </table>
-        {/strip}
-
-        {if $action ne 1 and $action ne 2}
-      <div class="action-link">
-      <a href="{crmURL q="action=add&reset=1"}" id="newACL"><i class="crm-i fa-plus-circle" aria-hidden="true"></i> {ts}Add ACL{/ts}</a>
-        </div>
-        {/if}
-    </div>
-</div>
-{elseif $action ne 1 and $action ne 2 and $action ne 8}
-    <div class="messages status no-popup">
-    <dl>
-        <dt><img src="{$config->resourceBase}i/Inform.gif" alt="{ts}status{/ts}"/></dt>
-        {capture assign=crmURL}{crmURL q="action=add&reset=1"}{/capture}
-        <dd>{ts 1=$crmURL}There are no ACLs entered. You can <a href='%1'>add one</a>.{/ts}</dd>
-        </dl>
-    </div>
-{/if}
-</div>

diff --git a/xml/templates/civicrm_acl.tpl b/xml/templates/civicrm_acl.tpl
index a42b18952c1a67a9df72c9c917cb18d3d8fe406b..0877ac3d468544c89cd53b7e8d576f450b42c50c 100644 (file)
--- a/xml/templates/civicrm_acl.tpl
+++ b/xml/templates/civicrm_acl.tpl
@@ -12,76 +12,13 @@
 -- sample acl entries
 
 -- Create ACL to edit and view contacts in all groups
-INSERT INTO civicrm_acl (name, deny, entity_table, entity_id, operation, object_table, object_id, acl_table, acl_id, is_active)
+INSERT INTO civicrm_acl (name, deny, entity_table, entity_id, operation, object_table, object_id, acl_table, acl_id, is_active, priority)
 VALUES
-('Edit All Contacts', 0, 'civicrm_acl_role', 1, 'Edit', 'civicrm_saved_search', 0, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 0, 'All', 'access CiviMail subscribe/unsubscribe pages', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 0, 'All', 'access all custom data', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 0, 'All', 'make online contributions', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 0, 'All', 'make online pledges', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 0, 'All', 'profile listings and forms', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 0, 'All', 'view event info', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 0, 'All', 'register for events', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviCRM', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviContribute', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviEvent', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviMail', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviMail subscribe/unsubscribe pages', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviMember', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviPledge', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'administer CiviCase', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access my cases and activities', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access all cases and activities', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'delete in CiviCase', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviGrant', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access Contact Dashboard', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'administer Multiple Organizations', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'delete activities', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'delete in CiviContribute', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'delete in CiviMail', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'delete in CiviPledge', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'delete contacts', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'delete in CiviEvent', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'delete in CiviMember', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'translate CiviCRM', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'edit grants', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access all custom data', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access uploaded files', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'add contacts', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'administer CiviCRM', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'edit all contacts', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'edit contributions', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'edit event participants', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'edit groups', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'edit memberships', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'edit pledges', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access CiviReport', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'access Report Criteria', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'administer Reports', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'import contacts', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'make online contributions', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'make online pledges', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'profile listings and forms', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'profile create', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'profile edit', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'profile listings', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'profile view', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'register for events', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'view all activities', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'view all contacts', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'view event info', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'view event participants', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 1, 'All', 'edit all events', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 2, 'All', 'access CiviMail subscribe/unsubscribe pages', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 2, 'All', 'access all custom data', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 2, 'All', 'make online contributions', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 2, 'All', 'make online pledges', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 2, 'All', 'profile listings and forms', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 2, 'All', 'register for events', NULL, NULL, NULL, 1),
-('Core ACL', 0, 'civicrm_acl_role', 2, 'All', 'view event info', NULL, NULL, NULL, 1);
+('Edit All Contacts', 0, 'civicrm_acl_role', 1, 'Edit', 'civicrm_saved_search', 0, NULL, NULL, 1, 1);
 
 -- Create default Groups for User Permissioning
-INSERT INTO civicrm_group (`id`, `name`, `title`, `description`, `source`, `saved_search_id`, `is_active`, `visibility`, `group_type`) VALUES (1, 'Administrators', '{ts escape="sql"}Administrators{/ts}', '{ts escape="sql"}Contacts in this group are assigned Administrator role permissions.{/ts}', NULL, NULL, 1, 'User and User Admin Only', '\ 11\ 1');
+INSERT INTO civicrm_group (`id`, `name`, `title`, `description`, `source`, `saved_search_id`, `is_active`, `visibility`, `group_type`)
+VALUES (1, 'Administrators', '{ts escape="sql"}Administrators{/ts}', '{ts escape="sql"}Contacts in this group are assigned Administrator role permissions.{/ts}', NULL, NULL, 1, 'User and User Admin Only', '\ 11\ 1');
 
 -- Assign above Group (entity) to the Administrator Role
 INSERT INTO civicrm_acl_entity_role