Permissions code cleanup

author Coleman Watts <coleman@civicrm.org>

Thu, 21 Jan 2016 22:01:49 +0000 (17:01 -0500)

committer Coleman Watts <coleman@civicrm.org>

Thu, 21 Jan 2016 22:01:49 +0000 (17:01 -0500)
author Coleman Watts <coleman@civicrm.org>
Thu, 21 Jan 2016 22:01:49 +0000 (17:01 -0500)
committer Coleman Watts <coleman@civicrm.org>
Thu, 21 Jan 2016 22:01:49 +0000 (17:01 -0500)
diff --git a/CRM/Core/DAO/permissions.php b/CRM/Core/DAO/permissions.php

index e9a9ffca857a97c8c6465ffa51a2f69713b8abdd..f63519d4ab866c82109a677030d7a2ee77daef25 100644 (file)
--- a/CRM/Core/DAO/permissions.php
+++ b/CRM/Core/DAO/permissions.php
@@ -196,9 +196,10 @@ function _civicrm_api3_permissions($entity, $action, &$params) {
    // Campaign permissions
    $permissions['campaign'] = array(
      'get' => array('access CiviCRM'),
-    'create' => array(array('administer CiviCampaign', 'manage campaign')),
-    'update' => array(array('administer CiviCampaign', 'manage campaign')),
-    'delete' => array(array('administer CiviCampaign', 'manage campaign')),
+    'default' => array(
+      // nested array = OR
+      array('administer CiviCampaign', 'manage campaign')
+    ),
    );
    $permissions['survey'] = $permissions['campaign'];
  
@@ -570,7 +571,7 @@ function _civicrm_api3_permissions($entity, $action, &$params) {
    if ($action == 'replace' || $snippet == 'del') {
      // 'Replace' is a combination of get+create+update+delete; however, the permissions
      // on each of those will be tested separately at runtime. This is just a sniff-test
-    // based on the heuristic that 'delete' tends to be the most closesly guarded
+    // based on the heuristic that 'delete' tends to be the most closely guarded
      // of the necessary permissions.
      $action = 'delete';
    }
author	Coleman Watts <coleman@civicrm.org>
	Thu, 21 Jan 2016 22:01:49 +0000 (17:01 -0500)
committer	Coleman Watts <coleman@civicrm.org>
	Thu, 21 Jan 2016 22:01:49 +0000 (17:01 -0500)