From: Coleman Watts <coleman@civicrm.org>
Date: Fri, 25 Jan 2019 21:28:35 +0000 (-0500)
Subject: Fix permission checks on contact create popups
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=acf315d1d52a57d36673dd92a758689efb95a063;p=civicrm-core.git

Fix permission checks on contact create popups
---

diff --git a/CRM/Contact/BAO/Contact.php b/CRM/Contact/BAO/Contact.php
index 77761d4d18..da45da8e39 100644
--- a/CRM/Contact/BAO/Contact.php
+++ b/CRM/Contact/BAO/Contact.php
@@ -3651,7 +3651,7 @@ LEFT JOIN civicrm_address ON ( civicrm_address.contact_id = civicrm_contact.id )
    * @return bool
    */
   public static function entityRefCreateLinks() {
-    return CRM_Core_Permission::check([['edit all contacts', 'add contacts']]);
+    return CRM_Core_Permission::check([['profile create', 'profile listings and forms']]);
   }
 
 }
diff --git a/CRM/Core/BAO/UFGroup.php b/CRM/Core/BAO/UFGroup.php
index 9fc2793259..952e70aedf 100644
--- a/CRM/Core/BAO/UFGroup.php
+++ b/CRM/Core/BAO/UFGroup.php
@@ -3328,6 +3328,9 @@ AND    ( entity_id IS NULL OR entity_id <= 0 )
    * @return array
    */
   public static function getCreateLinks($profiles = '', $appendProfiles = array()) {
+    if (!CRM_Contact_BAO_Contact::entityRefCreateLinks()) {
+      return [];
+    }
     // Default to contact profiles
     if (!$profiles) {
       $profiles = array('new_individual', 'new_organization', 'new_household');