Fix missing links on contact summary relationships tab

diff --git a/CRM/Contact/BAO/Relationship.php b/CRM/Contact/BAO/Relationship.php
index df0e9b49ec788771c9d20a1fe31dc82de2585290..98a29ff922186e28b91cf9433ecd1c33ced56856 100644 (file)
--- a/CRM/Contact/BAO/Relationship.php
+++ b/CRM/Contact/BAO/Relationship.php
@@ -2279,7 +2279,7 @@ SELECT count(*)
       if (empty($record["contact_id_$ab"]) && !empty($record['id'])) {
         $record["contact_id_$ab"] = CRM_Core_DAO::getFieldValue(__CLASS__, $record['id'], "contact_id_$ab");
       }
-      if (!\Civi\Api4\Utils\CoreUtil::checkAccessDelegated('Contact', 'update', ['id' => $record["contact_id_$ab"]], $userID)) {
+      if (!empty($record["contact_id_$ab"]) && !\Civi\Api4\Utils\CoreUtil::checkAccessDelegated('Contact', 'update', ['id' => $record["contact_id_$ab"]], $userID)) {
         return FALSE;
       }
     }

diff --git a/Civi/Api4/Action/GetLinks.php b/Civi/Api4/Action/GetLinks.php
index baaf6058f5d1f75f78037a7704979cf2f9af9f6d..32930ef39c87543aebefdbd2918a58fe112f49ca 100644 (file)
--- a/Civi/Api4/Action/GetLinks.php
+++ b/Civi/Api4/Action/GetLinks.php
@@ -151,9 +151,8 @@ class GetLinks extends BasicGetAction {
     if (!$this->getCheckPermissions()) {
       return;
     }
-    $allowedApiActions = $this->getAllowedEntityActions();
     foreach ($links as $index => $link) {
-      if (!in_array($link['api_action'], $allowedApiActions, TRUE)) {
+      if (!$this->isActionAllowed($link['entity'], $link['api_action'])) {
         unset($links[$index]);
         continue;
       }
@@ -167,9 +166,13 @@ class GetLinks extends BasicGetAction {
     }
   }
 
-  private function getAllowedEntityActions(): array {
+  private function isActionAllowed(string $entityName, string $actionName): bool {
+    $allowedApiActions = $this->getAllowedEntityActions($entityName);
+    return in_array($actionName, $allowedApiActions, TRUE);
+  }
+
+  private function getAllowedEntityActions(string $entityName): array {
     $uid = \CRM_Core_Session::getLoggedInContactID();
-    $entityName = $this->getEntityName();
     if (!isset(\Civi::$statics[__CLASS__]['actions'][$entityName][$uid])) {
       \Civi::$statics[__CLASS__]['actions'][$entityName][$uid] = civicrm_api4($entityName, 'getActions', ['checkPermissions' => TRUE])->column('name');
     }

diff --git a/ext/search_kit/tests/phpunit/api/v4/SearchDisplay/SearchRunTest.php b/ext/search_kit/tests/phpunit/api/v4/SearchDisplay/SearchRunTest.php
index 9814d53882231bf723be0c829e57538fe93c9342..4cd399708e8e7e7d05ec78668fc15e79d57601f3 100644 (file)
--- a/ext/search_kit/tests/phpunit/api/v4/SearchDisplay/SearchRunTest.php
+++ b/ext/search_kit/tests/phpunit/api/v4/SearchDisplay/SearchRunTest.php
@@ -415,9 +415,7 @@ class SearchRunTest extends Api4TestBase implements TransactionalInterface {
     // 1st link is to a quickform-based action
     $this->assertArrayNotHasKey('task', $result[0]['columns'][1]['links'][0]);
     $this->assertStringContainsString('id=' . $relationships[0]['id'], $result[0]['columns'][1]['links'][0]['url']);
-    // 2nd link is to the native SK bulk-delete task
-    $this->assertArrayNotHasKey('url', $result[0]['columns'][1]['links'][1]);
-    $this->assertEquals('delete', $result[0]['columns'][1]['links'][1]['task']);
+    // 2nd link is to delete
     $this->assertEquals('fa-trash', $result[0]['columns'][1]['links'][1]['icon']);
     // Ensure "empty" titles are still returned
     $this->assertEquals('0', $result[0]['columns'][1]['links'][1]['title']);