/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses = [];
$permittedActivityTypeIDs = self::getPermittedActivityTypes();
if (!empty($conditions['activity_type_id'])) {
$contactClause = implode(' AND contact_id ', $contactClause);
$clauses['id'][] = "IN (SELECT activity_id FROM civicrm_activity_contact WHERE contact_id $contactClause)";
}
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
// We always return an array with these keys, even if they are empty,
// because this tells the query builder that we have considered these fields for acls
$clauses = [
)
)";
}
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
return [
// Reuse case acls
'case_id' => CRM_Utils_SQL::mergeSubquery('Case'),
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
// We always return an array with these keys, even if they are empty,
// because this tells the query builder that we have considered these fields for acls
$clauses = [
'id' => (array) CRM_Contact_BAO_Contact_Permission::cacheSubquery(),
'is_deleted' => CRM_Core_Permission::check('access deleted contacts') ? [] : ['!= 1'],
];
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses = [];
if (!CRM_Core_Permission::check([['edit all contacts', 'view all contacts']])) {
$allowedGroups = CRM_Core_Permission::group(NULL, FALSE);
$groupsIn = $allowedGroups ? implode(',', array_keys($allowedGroups)) : '0';
$clauses['id'][] = "IN ($groupsIn)";
}
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @return array
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
// Permission for this entity depends on access to the two related contacts.
$contactClause = CRM_Utils_SQL::mergeSubquery('Contact');
$clauses = [
'near_contact_id' => $contactClause,
'far_contact_id' => $contactClause,
];
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses['contribution_id'] = CRM_Utils_SQL::mergeSubquery('Contribution');
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
/**
* ACL clause for an APIv4 custom pseudo-entity (aka multi-record custom group extending Contact).
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @return array
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
// To-date, custom-value-based entities are only supported for contacts.
// If this changes, $entityName variable contains the name of this custom group,
// and could be used to lookup the type of entity this custom group joins to.
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
// TODO: This seemded like a good idea... piggybacking off the ACL clause of EntityFile
// however that's too restrictive because entityFile ACLs are limited to just attachments,
// so this would prevent access to other file fields (e.g. custom fields)
// Disabling this function for now by calling the parent instead.
- return parent::addSelectWhereClause($entityName, $conditions);
- $clauses = [
- 'id' => [],
- ];
- // File ACLs are driven by the EntityFile table
- $entityFileClause = CRM_Core_DAO_EntityFile::getDynamicFkAclClauses();
- if ($entityFileClause) {
- $clauses['id'] = 'IN (SELECT file_id FROM `civicrm_entity_file` WHERE (' . implode(') OR (', $entityFileClause) . '))';
- }
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
- return $clauses;
+ return parent::addSelectWhereClause('File', $userId, $conditions);
+ // $clauses = [
+ // 'id' => [],
+ // ];
+ // // File ACLs are driven by the EntityFile table
+ // $entityFileClause = CRM_Core_DAO_EntityFile::getDynamicFkAclClauses();
+ // if ($entityFileClause) {
+ // $clauses['id'] = 'IN (SELECT file_id FROM `civicrm_entity_file` WHERE (' . implode(') OR (', $entityFileClause) . '))';
+ // }
+ // CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
+ // return $clauses;
}
/**
}
}
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses = [];
$relatedClauses = self::getDynamicFkAclClauses('entity_table', 'entity_id', $conditions['entity_table'] ?? NULL);
if ($relatedClauses) {
],
];
}
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
* Override base method which assumes permissions should be based on entity_table.
*
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @return array
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses = [];
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
// Prevent default behavior of joining ACLs onto the contact_id field.
$clauses = [];
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
* 'view all contacts' etc.
*
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses = [];
if (!\CRM_Core_Permission::check('administer queues')) {
// @todo - the is_template should really be prefixed. We need to add support
// for that in the compiler & then this would be `{table}.is_template`
$clauses['created_id'] = '= ' . (int) CRM_Core_Session::getLoggedInContactID() . ' OR is_template = 1';
}
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
* Name of the entity being queried (for normal BAO files implementing this method, this variable is redundant
* as there is a 1-1 relationship between most entities and most BAOs. However the variable is passed in to support
* dynamic entities such as ECK).
+ * @param int|null $userId
+ * Contact id of the current user.
+ * This param is more aspirational than functional for now. Someday the API may support checking permissions
+ * for contacts other than the current user, but at present this is always NULL which defaults to the current user.
* @param array $conditions
* Contains field/value pairs gleaned from the WHERE clause or ON clause
* (depending on how the entity was added to the query).
* Can be used for optimization/deduping of clauses.
* @return array
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses = [];
$fields = $this::getSupportedFields();
foreach ($fields as $fieldName => $field) {
*
* With acls from related entities + additional clauses from hook_civicrm_selectWhereClause
*
- * @param string $tableAlias
- * @param string $entityName
+ * DO NOT OVERRIDE THIS FUNCTION
+ *
+ * @TODO: ADD `final` keyword to function signature
+ *
+ * @param string|null $tableAlias
+ * @param string|null $entityName
* @param array $conditions
* Values from WHERE or ON clause
* @return array
$entityName = $entityName ?? CRM_Core_DAO_AllCoreTables::getBriefName($bao::class);
$finalClauses = [];
$fields = static::getSupportedFields();
- $selectWhereClauses = $bao->addSelectWhereClause($entityName, $conditions);
+ $selectWhereClauses = $bao->addSelectWhereClause($entityName, NULL, $conditions);
foreach ($selectWhereClauses as $fieldName => $fieldClauses) {
$finalClauses[$fieldName] = NULL;
if ($fieldClauses) {
* and membership tables just seem too non-performant.
*
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses['contribution_id'] = CRM_Utils_SQL::mergeSubquery('Contribution');
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
*/
class CRM_Queue_BAO_Queue extends CRM_Queue_DAO_Queue implements \Civi\Core\HookInterface {
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses = [];
if (!\CRM_Core_Permission::check('administer queues')) {
$cid = (int) CRM_Core_Session::getLoggedInContactID();
$clauses['id'] = "IN (SELECT queue_id FROM `civicrm_user_job` WHERE created_id = $cid)";
}
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
/**
* @param string|CRM_Core_DAO $entity
* @param array $clauses
- * @return mixed
+ * @param int|null $userId
+ * User contact id. NULL == current user.
+ * @param array $conditions
+ * Values from WHERE or ON clause
*/
- public static function selectWhereClause($entity, &$clauses) {
+ public static function selectWhereClause($entity, array &$clauses, int $userId = NULL, array $conditions = []): void {
$entityName = is_object($entity) ? CRM_Core_DAO_AllCoreTables::getBriefName($entity::class) : $entity;
$null = NULL;
- return self::singleton()->invoke(['entity', 'clauses'], $entityName, $clauses,
- $null, $null, $null, $null,
+ $userId = $userId ?? (int) CRM_Core_Session::getLoggedInContactID();
+ self::singleton()->invoke(['entity', 'clauses', 'userId', 'conditions'],
+ $entityName, $clauses, $userId, $conditions,
+ $null, $null,
'civicrm_selectWhereClause'
);
}
/**
* @param string|null $entityName
+ * @param int|null $userId
* @param array $conditions
* @inheritDoc
*/
- public function addSelectWhereClause(string $entityName = NULL, array $conditions = []): array {
+ public function addSelectWhereClause(string $entityName = NULL, int $userId = NULL, array $conditions = []): array {
$clauses = [];
$loggedInContactID = CRM_Core_Session::getLoggedInContactID();
else {
$clauses['contact_id'][] = "= -1";
}
- CRM_Utils_Hook::selectWhereClause($this, $clauses);
+ CRM_Utils_Hook::selectWhereClause($this, $clauses, $userId, $conditions);
return $clauses;
}
projects / civicrm-core.git / commitdiff