From 56f2669ea2f0f5107f1b27abf18b1a636b4376d6 Mon Sep 17 00:00:00 2001 From: colemanw Date: Mon, 2 Oct 2023 01:13:35 -0400 Subject: [PATCH] SearchKit - Don't crash if join entity doesn't exist --- Civi/Api4/Query/Api4SelectQuery.php | 5 +++-- Civi/Api4/Utils/CoreUtil.php | 4 ++++ .../Api4/Action/SearchDisplay/AbstractRunAction.php | 10 +++++++--- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/Civi/Api4/Query/Api4SelectQuery.php b/Civi/Api4/Query/Api4SelectQuery.php index 5a85139c77..44833e9c6d 100644 --- a/Civi/Api4/Query/Api4SelectQuery.php +++ b/Civi/Api4/Query/Api4SelectQuery.php @@ -421,7 +421,7 @@ class Api4SelectQuery extends Api4Query { */ public function checkEntityAccess($entity) { if (!$this->getCheckPermissions()) { - return TRUE; + return CoreUtil::entityExists($entity); } if (!isset($this->entityAccess[$entity])) { try { @@ -431,7 +431,8 @@ class Api4SelectQuery extends Api4Query { ])->first(); } // Anonymous users might not even be allowed to use 'getActions' - catch (UnauthorizedException $e) { + // Or tne entity might not exist + catch (\CRM_Core_Exception $e) { $this->entityAccess[$entity] = FALSE; } } diff --git a/Civi/Api4/Utils/CoreUtil.php b/Civi/Api4/Utils/CoreUtil.php index 298aa32418..75dc24b5fb 100644 --- a/Civi/Api4/Utils/CoreUtil.php +++ b/Civi/Api4/Utils/CoreUtil.php @@ -20,6 +20,10 @@ use CRM_Core_DAO_AllCoreTables as AllCoreTables; class CoreUtil { + public static function entityExists(string $entityName): bool { + return (bool) self::getInfoItem($entityName, 'name'); + } + /** * @param $entityName * diff --git a/ext/search_kit/Civi/Api4/Action/SearchDisplay/AbstractRunAction.php b/ext/search_kit/Civi/Api4/Action/SearchDisplay/AbstractRunAction.php index d77f84ab37..1f935c565e 100644 --- a/ext/search_kit/Civi/Api4/Action/SearchDisplay/AbstractRunAction.php +++ b/ext/search_kit/Civi/Api4/Action/SearchDisplay/AbstractRunAction.php @@ -590,6 +590,9 @@ abstract class AbstractRunAction extends \Civi\Api4\Generic\AbstractAction { private function getPermittedLinkAction(string $entityName, string $actionName): ?string { // Load api actions and cache for performance (this function may be called hundreds of times per request) if (!isset($this->entityActions[$entityName])) { + if (!CoreUtil::entityExists($entityName)) { + return NULL; + } $this->entityActions[$entityName] = [ 'all' => civicrm_api4($entityName, 'getActions', ['checkPermissions' => FALSE])->column('name'), 'allowed' => civicrm_api4($entityName, 'getActions', ['checkPermissions' => TRUE])->column('name'), @@ -668,10 +671,11 @@ abstract class AbstractRunAction extends \Civi\Api4\Generic\AbstractAction { 'text' => '', 'title' => '', 'prefix' => '', + 'key' => '', ]; $entity = $link['entity']; - $idKey = $this->getIdKeyName($link['entity']); - if ($entity) { + if ($entity && CoreUtil::entityExists($entity)) { + $idKey = $this->getIdKeyName($entity); // Hack to support links to relationships if ($entity === 'Relationship') { $entity = 'RelationshipCache'; @@ -715,8 +719,8 @@ abstract class AbstractRunAction extends \Civi\Api4\Generic\AbstractAction { $link['action'] = $task['apiBatch']['action'] ?? NULL; } } + $link['key'] = $link['prefix'] . $idKey; } - $link['key'] = $link['prefix'] . $idKey; return $link; } -- 2.25.1