Ensure that we only check permissions if we want to in getActions follow up to #26823

Make it more readable as per coleman

diff --git a/Civi/Api4/Action/GetActions.php b/Civi/Api4/Action/GetActions.php
index 1705a10b26925dc96df5d0721d9f882c80c5afeb..144254330814bdf3cc4c52f37e8ed0dca4bce542 100644 (file)
--- a/Civi/Api4/Action/GetActions.php
+++ b/Civi/Api4/Action/GetActions.php
@@ -79,8 +79,8 @@ class GetActions extends BasicGetAction {
     try {
       if (!isset($this->_actions[$actionName]) && (!$this->_actionsToGet || in_array($actionName, $this->_actionsToGet))) {
         $action = \Civi\API\Request::create($this->getEntityName(), $actionName, ['version' => 4]);
-        $authorized = \Civi::service('civi_api_kernel')->runAuthorize($this->getEntityName(), $actionName, ['version' => 4]);
-        if (is_object($action) && (!$this->checkPermissions || $authorized)) {
+        $authorized = !$this->checkPermissions || \Civi::service('civi_api_kernel')->runAuthorize($this->getEntityName(), $actionName, ['version' => 4]);
+        if (is_object($action) && $authorized) {
           $this->_actions[$actionName] = ['name' => $actionName];
           if ($this->_isFieldSelected('description', 'comment', 'see')) {
             $vars = ['entity' => $this->getEntityName(), 'action' => $actionName];

diff --git a/tests/phpunit/api/v4/Action/GetActionsTest.php b/tests/phpunit/api/v4/Action/GetActionsTest.php
index f251aa65b773ccb3cd3ab5b296fb3ab6e8495f5d..69a7cd99b11851bc32d67e29ad719fd1bfc45c98 100644 (file)
--- a/tests/phpunit/api/v4/Action/GetActionsTest.php
+++ b/tests/phpunit/api/v4/Action/GetActionsTest.php
@@ -43,7 +43,7 @@ class GetActionsTest extends Api4TestBase implements HookInterface, Transactiona
     }
   }
 
-  public function testContactIconAutocomplete(): void {
+  public function testActionPermissionsOverride(): void {
     $contact = $this->createTestRecord('Contact', [
       'first_name' => 'GetActions',
       'last_name' => 'testContact',