From 082d771a3ebb5991f8147b3b3e99c7f5c699d02b Mon Sep 17 00:00:00 2001 From: Coleman Watts Date: Wed, 10 Apr 2013 16:57:26 -0700 Subject: [PATCH] code reformatting CRM-11329 --- CRM/Core/DAO/permissions.php | 1025 +++++++++++++++++----------------- 1 file changed, 514 insertions(+), 511 deletions(-) diff --git a/CRM/Core/DAO/permissions.php b/CRM/Core/DAO/permissions.php index d8595b4056..587d22dc14 100644 --- a/CRM/Core/DAO/permissions.php +++ b/CRM/Core/DAO/permissions.php @@ -27,523 +27,526 @@ */ /** + * Decide what permissions to check for an api call + * The contact must have all of the returned permissions for the api call to be allowed * - * @package CRM - * @copyright CiviCRM LLC (c) 2004-2013 - * $Id$ + * @param $entity: (str) api entity + * @param $action: (str) api action + * @param $params: (array) api params * + * @return array of permissions to check for this entity-action combo */ - function _civicrm_api3_permissions($entity, $action, &$params) { $entity = strtolower($entity); $action = strtolower($action); - $permissions = array( - 'activity' => array( - 'delete' => array( - 'access CiviCRM', - 'delete activities', - ), - 'get' => array( - 'access CiviCRM', - 'view all activities', - ), - ), - 'address' => array( - 'create' => array( - 'access CiviCRM', - 'add contacts', - ), - 'delete' => array( - 'access CiviCRM', - 'delete contacts', - ), - 'get' => array( - 'access CiviCRM', - 'view all contacts', - ), - 'update' => array( - 'access CiviCRM', - 'edit all contacts', - ), - ), - 'contact' => array( - 'create' => array( - 'access CiviCRM', - 'add contacts', - ), - 'delete' => array( - 'access CiviCRM', - 'delete contacts', - ), - 'get' => array(),// managed by query object - 'update' => array( - 'access CiviCRM', - 'edit all contacts', - ), - 'getquick' => array('access CiviCRM'), - ), - 'contribution' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviContribute', - 'edit contributions', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviContribute', - 'delete in CiviContribute', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviContribute', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviContribute', - 'edit contributions', - ), - ), - 'custom_field' => array( - 'create' => array( - 'administer CiviCRM', - 'access CiviCRM', - 'access all custom data', - ), - 'delete' => array( - 'administer CiviCRM', - 'access CiviCRM', - 'access all custom data', - ), - 'get' => array( - 'administer CiviCRM', - 'access CiviCRM', - 'access all custom data', - ), - 'update' => array( - 'administer CiviCRM', - 'access CiviCRM', - 'access all custom data', - ), - ), - 'custom_group' => array( - 'create' => array( - 'administer CiviCRM', - 'access CiviCRM', - 'access all custom data', - ), - 'delete' => array( - 'administer CiviCRM', - 'access CiviCRM', - 'access all custom data', - ), - 'get' => array( - 'administer CiviCRM', - 'access CiviCRM', - 'access all custom data', - ), - 'update' => array( - 'administer CiviCRM', - 'access CiviCRM', - 'access all custom data', - ), - ), - 'email' => array( - 'create' => array( - 'access CiviCRM', - 'add contacts', - ), - 'delete' => array( - 'access CiviCRM', - 'delete contacts', - ), - 'get' => array( - 'access CiviCRM', - 'view all contacts', - ), - 'update' => array( - 'access CiviCRM', - 'edit all contacts', - ), - ), - 'event' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviEvent', - 'edit all events', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviEvent', - 'delete in CiviEvent', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviEvent', - 'view event info', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviEvent', - 'edit all events', - ), - ), - 'file' => array( - 'create' => array( - 'access CiviCRM', - 'access uploaded files', - ), - 'delete' => array( - 'access CiviCRM', - 'access uploaded files', - ), - 'get' => array( - 'access CiviCRM', - 'access uploaded files', - ), - 'update' => array( - 'access CiviCRM', - 'access uploaded files', - ), - ), - 'files_by_entity' => array( - 'create' => array( - 'access CiviCRM', - 'access uploaded files', - ), - 'delete' => array( - 'access CiviCRM', - 'access uploaded files', - ), - 'get' => array( - 'access CiviCRM', - 'access uploaded files', - ), - 'update' => array( - 'access CiviCRM', - 'access uploaded files', - ), - ), - 'group' => array( - 'create' => array( - 'access CiviCRM', - 'edit groups', - ), - 'delete' => array( - 'access CiviCRM', - 'edit groups', - ), - 'update' => array( - 'access CiviCRM', - 'edit groups', - ), - ), - 'group_contact' => array( - 'create' => array( - 'access CiviCRM', - 'edit groups', - ), - 'delete' => array( - 'access CiviCRM', - 'edit groups', - ), - 'update' => array( - 'access CiviCRM', - 'edit groups', - ), - ), - 'group_nesting' => array( - 'create' => array( - 'access CiviCRM', - 'edit groups', - ), - 'delete' => array( - 'access CiviCRM', - 'edit groups', - ), - 'update' => array( - 'access CiviCRM', - 'edit groups', - ), - ), - 'group_organization' => array( - 'create' => array( - 'access CiviCRM', - 'edit groups', - ), - 'delete' => array( - 'access CiviCRM', - 'edit groups', - ), - 'update' => array( - 'access CiviCRM', - 'edit groups', - ), - ), - 'location' => array( - 'create' => array( - 'access CiviCRM', - 'add contacts', - ), - 'delete' => array( - 'access CiviCRM', - 'delete contacts', - ), - 'get' => array( - 'access CiviCRM', - 'view all contacts', - ), - 'update' => array( - 'access CiviCRM', - 'edit all contacts', - ), - ), - 'membership' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviMember', - 'edit memberships', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviMember', - 'delete in CiviMember', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviMember', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviMember', - 'edit memberships', - ), - ), - 'membership_payment' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviMember', - 'edit memberships', - 'access CiviContribute', - 'edit contributions', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviMember', - 'delete in CiviMember', - 'access CiviContribute', - 'delete in CiviContribute', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviMember', - 'access CiviContribute', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviMember', - 'edit memberships', - 'access CiviContribute', - 'edit contributions', - ), - ), - 'membership_status' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviMember', - 'edit memberships', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviMember', - 'delete in CiviMember', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviMember', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviMember', - 'edit memberships', - ), - ), - 'membership_type' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviMember', - 'edit memberships' - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviMember', - 'delete in CiviMember', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviMember', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviMember', - 'edit memberships', - ), - ), - 'note' => array( - 'create' => array( - 'access CiviCRM', - 'add contacts' - ), - 'delete' => array( - 'access CiviCRM', - 'delete contacts', - ), - 'get' => array( - 'access CiviCRM', - 'view all contacts', - ), - 'update' => array( - 'access CiviCRM', - 'edit all contacts', - ), - ), - 'participant' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviEvent', - 'register for events', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviEvent', - 'edit event participants', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviEvent', - 'view event participants', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviEvent', - 'edit event participants', - ), - ), - 'participant_payment' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviEvent', - 'register for events', - 'access CiviContribute', - 'edit contributions', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviEvent', - 'edit event participants', - 'access CiviContribute', - 'delete in CiviContribute', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviEvent', - 'view event participants', - 'access CiviContribute', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviEvent', - 'edit event participants', - 'access CiviContribute', - 'edit contributions', - ), - ), - 'phone' => array( - 'create' => array( - 'access CiviCRM', - 'add contacts', - ), - 'delete' => array( - 'access CiviCRM', - 'delete contacts', - ), - 'get' => array( - 'access CiviCRM', - 'view all contacts', - ), - 'update' => array( - 'access CiviCRM', - 'edit all contacts', - ), - ), - 'pledge' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviPledge', - 'edit pledges', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviPledge', - 'delete in CiviPledge', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviPledge', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviPledge', - 'edit pledges', - ), - ), - 'pledge_payment' => array( - 'create' => array( - 'access CiviCRM', - 'access CiviPledge', - 'edit pledges', - 'access CiviContribute', - 'edit contributions', - ), - 'delete' => array( - 'access CiviCRM', - 'access CiviPledge', - 'delete in CiviPledge', - 'access CiviContribute', - 'delete in CiviContribute', - ), - 'get' => array( - 'access CiviCRM', - 'access CiviPledge', - 'access CiviContribute', - ), - 'update' => array( - 'access CiviCRM', - 'access CiviPledge', - 'edit pledges', - 'access CiviContribute', - 'edit contributions', - ), - ), - 'system' => array( - 'flush' => array('administer CiviCRM'), - ), - 'website' => array( - 'create' => array( - 'access CiviCRM', - 'add contacts', - ), - 'delete' => array( - 'access CiviCRM', - 'delete contacts', - ), - 'get' => array( - 'access CiviCRM', - 'view all contacts', - ), - 'update' => array( - 'access CiviCRM', - 'edit all contacts', - ), + $permissions = array(); + + $permissions['activity'] = array( + 'delete' => array( + 'access CiviCRM', + 'delete activities', + ), + 'get' => array( + 'access CiviCRM', + 'view all activities', + ), + ); + $permissions['address'] = array( + 'create' => array( + 'access CiviCRM', + 'add contacts', + ), + 'delete' => array( + 'access CiviCRM', + 'delete contacts', + ), + 'get' => array( + 'access CiviCRM', + 'view all contacts', + ), + 'update' => array( + 'access CiviCRM', + 'edit all contacts', + ), + ); + $permissions['contact'] = array( + 'create' => array( + 'access CiviCRM', + 'add contacts', + ), + 'delete' => array( + 'access CiviCRM', + 'delete contacts', + ), + // managed by query object + 'get' => array(), + 'update' => array( + 'access CiviCRM', + 'edit all contacts', + ), + 'getquick' => array('access CiviCRM'), + ); + $permissions['contribution'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviContribute', + 'edit contributions', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviContribute', + 'delete in CiviContribute', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviContribute', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviContribute', + 'edit contributions', + ), + ); + $permissions['custom_field'] = array( + 'create' => array( + 'administer CiviCRM', + 'access CiviCRM', + 'access all custom data', + ), + 'delete' => array( + 'administer CiviCRM', + 'access CiviCRM', + 'access all custom data', + ), + 'get' => array( + 'administer CiviCRM', + 'access CiviCRM', + 'access all custom data', + ), + 'update' => array( + 'administer CiviCRM', + 'access CiviCRM', + 'access all custom data', + ), + ); + $permissions['custom_group'] = array( + 'create' => array( + 'administer CiviCRM', + 'access CiviCRM', + 'access all custom data', + ), + 'delete' => array( + 'administer CiviCRM', + 'access CiviCRM', + 'access all custom data', + ), + 'get' => array( + 'administer CiviCRM', + 'access CiviCRM', + 'access all custom data', + ), + 'update' => array( + 'administer CiviCRM', + 'access CiviCRM', + 'access all custom data', + ), + ); + $permissions['email'] = array( + 'create' => array( + 'access CiviCRM', + 'add contacts', + ), + 'delete' => array( + 'access CiviCRM', + 'delete contacts', + ), + 'get' => array( + 'access CiviCRM', + 'view all contacts', + ), + 'update' => array( + 'access CiviCRM', + 'edit all contacts', + ), + ); + $permissions['event'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviEvent', + 'edit all events', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviEvent', + 'delete in CiviEvent', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviEvent', + 'view event info', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviEvent', + 'edit all events', + ), + ); + $permissions['file'] = array( + 'create' => array( + 'access CiviCRM', + 'access uploaded files', + ), + 'delete' => array( + 'access CiviCRM', + 'access uploaded files', + ), + 'get' => array( + 'access CiviCRM', + 'access uploaded files', + ), + 'update' => array( + 'access CiviCRM', + 'access uploaded files', + ), + ); + $permissions['files_by_entity'] = array( + 'create' => array( + 'access CiviCRM', + 'access uploaded files', + ), + 'delete' => array( + 'access CiviCRM', + 'access uploaded files', + ), + 'get' => array( + 'access CiviCRM', + 'access uploaded files', + ), + 'update' => array( + 'access CiviCRM', + 'access uploaded files', + ), + ); + $permissions['group'] = array( + 'create' => array( + 'access CiviCRM', + 'edit groups', + ), + 'delete' => array( + 'access CiviCRM', + 'edit groups', + ), + 'update' => array( + 'access CiviCRM', + 'edit groups', + ), + ); + $permissions['group_contact'] = array( + 'create' => array( + 'access CiviCRM', + 'edit groups', + ), + 'delete' => array( + 'access CiviCRM', + 'edit groups', + ), + 'update' => array( + 'access CiviCRM', + 'edit groups', + ), + ); + $permissions['group_nesting'] = array( + 'create' => array( + 'access CiviCRM', + 'edit groups', + ), + 'delete' => array( + 'access CiviCRM', + 'edit groups', + ), + 'update' => array( + 'access CiviCRM', + 'edit groups', + ), + ); + $permissions['group_organization'] = array( + 'create' => array( + 'access CiviCRM', + 'edit groups', + ), + 'delete' => array( + 'access CiviCRM', + 'edit groups', + ), + 'update' => array( + 'access CiviCRM', + 'edit groups', + ), + ); + $permissions['location'] = array( + 'create' => array( + 'access CiviCRM', + 'add contacts', + ), + 'delete' => array( + 'access CiviCRM', + 'delete contacts', + ), + 'get' => array( + 'access CiviCRM', + 'view all contacts', + ), + 'update' => array( + 'access CiviCRM', + 'edit all contacts', + ), + ); + $permissions['membership'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviMember', + 'edit memberships', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviMember', + 'delete in CiviMember', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviMember', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviMember', + 'edit memberships', + ), + ); + $permissions['membership_payment'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviMember', + 'edit memberships', + 'access CiviContribute', + 'edit contributions', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviMember', + 'delete in CiviMember', + 'access CiviContribute', + 'delete in CiviContribute', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviMember', + 'access CiviContribute', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviMember', + 'edit memberships', + 'access CiviContribute', + 'edit contributions', + ), + ); + $permissions['membership_status'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviMember', + 'edit memberships', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviMember', + 'delete in CiviMember', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviMember', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviMember', + 'edit memberships', + ), + ); + $permissions['membership_type'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviMember', + 'edit memberships' + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviMember', + 'delete in CiviMember', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviMember', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviMember', + 'edit memberships', + ), + ); + $permissions['note'] = array( + 'create' => array( + 'access CiviCRM', + 'add contacts' + ), + 'delete' => array( + 'access CiviCRM', + 'delete contacts', + ), + 'get' => array( + 'access CiviCRM', + 'view all contacts', + ), + 'update' => array( + 'access CiviCRM', + 'edit all contacts', + ), + ); + $permissions['participant'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviEvent', + 'register for events', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviEvent', + 'edit event participants', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviEvent', + 'view event participants', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviEvent', + 'edit event participants', + ), + ); + $permissions['participant_payment'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviEvent', + 'register for events', + 'access CiviContribute', + 'edit contributions', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviEvent', + 'edit event participants', + 'access CiviContribute', + 'delete in CiviContribute', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviEvent', + 'view event participants', + 'access CiviContribute', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviEvent', + 'edit event participants', + 'access CiviContribute', + 'edit contributions', + ), + ); + $permissions['phone'] = array( + 'create' => array( + 'access CiviCRM', + 'add contacts', + ), + 'delete' => array( + 'access CiviCRM', + 'delete contacts', + ), + 'get' => array( + 'access CiviCRM', + 'view all contacts', + ), + 'update' => array( + 'access CiviCRM', + 'edit all contacts', + ), + ); + $permissions['pledge'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviPledge', + 'edit pledges', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviPledge', + 'delete in CiviPledge', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviPledge', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviPledge', + 'edit pledges', + ), + ); + $permissions['pledge_payment'] = array( + 'create' => array( + 'access CiviCRM', + 'access CiviPledge', + 'edit pledges', + 'access CiviContribute', + 'edit contributions', + ), + 'delete' => array( + 'access CiviCRM', + 'access CiviPledge', + 'delete in CiviPledge', + 'access CiviContribute', + 'delete in CiviContribute', + ), + 'get' => array( + 'access CiviCRM', + 'access CiviPledge', + 'access CiviContribute', + ), + 'update' => array( + 'access CiviCRM', + 'access CiviPledge', + 'edit pledges', + 'access CiviContribute', + 'edit contributions', + ), + ); + $permissions['system'] = array( + 'flush' => array('administer CiviCRM'), + ); + $permissions['website'] = array( + 'create' => array( + 'access CiviCRM', + 'add contacts', + ), + 'delete' => array( + 'access CiviCRM', + 'delete contacts', + ), + 'get' => array( + 'access CiviCRM', + 'view all contacts', + ), + 'update' => array( + 'access CiviCRM', + 'edit all contacts', ), ); -- 2.25.1