From f7e18e64a0bbf1a32417a1fdab9cf176c3775230 Mon Sep 17 00:00:00 2001
From: Coleman Watts <coleman@civicrm.org>
Date: Fri, 18 Feb 2022 10:26:38 -0500
Subject: [PATCH] CiviGrant - Declare API permissions

This allows the current user to access the grant api (e.g. through SearchKit)
without needing the "administer CiviCRM" permission.
---
 ext/civigrant/Civi/Api4/Grant.php | 17 +++++++++++++++++
 ext/civigrant/civigrant.php       | 22 ++++++++++++++++++++++
 2 files changed, 39 insertions(+)

diff --git a/ext/civigrant/Civi/Api4/Grant.php b/ext/civigrant/Civi/Api4/Grant.php
index b7327f6d54..96caf2375e 100644
--- a/ext/civigrant/Civi/Api4/Grant.php
+++ b/ext/civigrant/Civi/Api4/Grant.php
@@ -23,4 +23,21 @@ namespace Civi\Api4;
  */
 class Grant extends Generic\DAOEntity {
 
+  public static function permissions() {
+    return [
+      'get' => [
+        'access CiviGrant',
+      ],
+      'delete' => [
+        'delete in CiviGrant',
+      ],
+      'create' => [
+        'edit grants',
+      ],
+      'update' => [
+        'edit grants',
+      ],
+    ];
+  }
+
 }
diff --git a/ext/civigrant/civigrant.php b/ext/civigrant/civigrant.php
index 12b5bccbd3..e3df6eb489 100644
--- a/ext/civigrant/civigrant.php
+++ b/ext/civigrant/civigrant.php
@@ -68,6 +68,28 @@ function civigrant_civicrm_permission(&$permissions) {
   ];
 }
 
+/**
+ * Implements hook_civicrm_alterAPIPermissions().
+ *
+ * Set CiviGrant permissions for APIv3.
+ */
+function civigrant_civicrm_alterAPIPermissions($entity, $action, &$params, &$permissions) {
+  $permissions['grant'] = [
+    'get' => [
+      'access CiviGrant',
+    ],
+    'delete' => [
+      'delete in CiviGrant',
+    ],
+    'create' => [
+      'edit grants',
+    ],
+    'update' => [
+      'edit grants',
+    ],
+  ];
+}
+
 /**
  * Implements hook_civicrm_queryObjects().
  *
-- 
2.25.1