From 829072f050df932933f0abd6cda0992b140742bc Mon Sep 17 00:00:00 2001
From: Mattias Michaux <mattias.michaux@gmail.com>
Date: Mon, 16 May 2016 22:06:50 +0200
Subject: [PATCH] Correctly add 'or' permissions to the UnauthorizedException.

---
 Civi/API/Subscriber/PermissionCheck.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Civi/API/Subscriber/PermissionCheck.php b/Civi/API/Subscriber/PermissionCheck.php
index e36e9a6107..b2c7900d4e 100644
--- a/Civi/API/Subscriber/PermissionCheck.php
+++ b/Civi/API/Subscriber/PermissionCheck.php
@@ -75,6 +75,11 @@ class PermissionCheck implements EventSubscriberInterface {
 
       if (!\CRM_Core_Permission::check($permissions) and !self::checkACLPermission($apiRequest)) {
         if (is_array($permissions)) {
+          foreach ($permissions as &$permission) {
+            if (is_array($permission)) {
+              $permission = '( ' . implode(' or ', $permission) . ' )';
+            }
+          }
           $permissions = implode(' and ', $permissions);
         }
         // FIXME: Generating the exception ourselves allows for detailed error
-- 
2.25.1