From eeb45e43cc4504d17464c3a886843ebfaef8a899 Mon Sep 17 00:00:00 2001
From: Coleman Watts <coleman@civicrm.org>
Date: Thu, 21 Apr 2016 15:06:30 -0400
Subject: [PATCH] CRM-18456 - Catch api case permission exceptions

---
 CRM/Case/BAO/Case.php | 36 +++++++++++++++++++++++++++---------
 1 file changed, 27 insertions(+), 9 deletions(-)

diff --git a/CRM/Case/BAO/Case.php b/CRM/Case/BAO/Case.php
index abad487d52..ea347d0dda 100644
--- a/CRM/Case/BAO/Case.php
+++ b/CRM/Case/BAO/Case.php
@@ -1901,7 +1901,7 @@ SELECT civicrm_contact.id as casemanager_id,
    * @param int $contactId
    * @param bool $excludeDeleted
    *
-   * @return null|string
+   * @return int
    */
   public static function caseCount($contactId = NULL, $excludeDeleted = TRUE) {
     $params = array('check_permissions' => TRUE);
@@ -1911,7 +1911,13 @@ SELECT civicrm_contact.id as casemanager_id,
     if ($contactId) {
       $params['contact_id'] = $contactId;
     }
-    return civicrm_api3('Case', 'getcount', $params);
+    try {
+      return civicrm_api3('Case', 'getcount', $params);
+    }
+    catch (CiviCRM_API3_Exception $e) {
+      // Lack of permissions will throw an exception
+      return 0;
+    }
   }
 
   /**
@@ -2542,12 +2548,18 @@ WHERE id IN (' . implode(',', $copiedActivityIds) . ')';
     if (in_array($operation, $caseActOperations)) {
       static $caseCount;
       if (!isset($caseCount)) {
-        $caseCount = civicrm_api3('Case', 'getcount', array(
-          'check_permissions' => TRUE,
-          'status_id' => array('!=' => 'Closed'),
-          'is_deleted' => 0,
-          'end_date' => array('IS NULL' => 1),
-        ));
+        try {
+          $caseCount = civicrm_api3('Case', 'getcount', array(
+            'check_permissions' => TRUE,
+            'status_id' => array('!=' => 'Closed'),
+            'is_deleted' => 0,
+            'end_date' => array('IS NULL' => 1),
+          ));
+        }
+        catch (CiviCRM_API3_Exception $e) {
+          // Lack of permissions will throw an exception
+          $caseCount = 0;
+        }
       }
       if ($operation == 'File On Case') {
         $allow = !empty($caseCount);
@@ -2793,7 +2805,13 @@ WHERE id IN (' . implode(',', $copiedActivityIds) . ')';
     if ($denyClosed && !CRM_Core_Permission::check('access all cases and activities')) {
       $params['status_id'] = array('!=' => 'Closed');
     }
-    return (bool) civicrm_api3('Case', 'getcount', $params);
+    try {
+      return (bool) civicrm_api3('Case', 'getcount', $params);
+    }
+    catch (CiviCRM_API3_Exception $e) {
+      // Lack of permissions will throw an exception
+      return FALSE;
+    }
   }
 
   /**
-- 
2.25.1