Financial type hook clean up and fix towards dev/core#2454 Extend financial acls view limitations to ContributionR…

[eileenmcnaughton]

Overview

This does some cleanup on the financial type acl code moving the addition of permissions to a hook in the extension and adds ContributionRecur to the entities which get financial_type_id added as a filter for non-permissioned users

Before

Code all in core. No handling for contribution recur entity

After

Contribution recur should be limited via the api / any functions that actually call the api with checkPermissions (which many likely don't)

Technical Details

Comments

[civibot]

(Standard links)

• If this is your first pull-request for CiviCRM, please browse CONTRIBUTING.md for information about the development and testing processes.
• If you are reviewing this pull-request, you may wish to consult the test sites and the Review Standards (long template, short template).

[eileenmcnaughton]

test this please

[colemanw]

@eileenmcnaughton is this good, bad, or neutral vis-a-vis our goal of migrating the one-off financial type ACL code to the standard api permission model using BAO::getSelectWhereClause().

[eileenmcnaughton]

@colemanw mostly neutral - in that this deals with the available permissions declaration, not the application of them.

However, the ongoing more of financial type acl code out of core to the core extension is working towards the right implementation

[colemanw]

Ok, I see this is mostly about restructuring code not changing functionality. Merge on pass.

[eileenmcnaughton]

@colemanw - I have the next commit - 8c0c0f6 - but now have some more thoughts so still working on it (I am worried that sites need to be able to remove the super permission - so will rework to that

[seamuslee001]

@eileenmcnaughton just a small thing this probably should be E::ts rather than ts given we are in an extension

[eileenmcnaughton]

Yeah I guess so - it works like that for core ext?

[colemanw]

Yes it does.