Fix search display access for non-admin users

[colemanw]

Overview

Non-admin users should be allowed to view any search display that doesn't have permission checks disabled;
for those displays that disable permission checks, non-admins will only be able to view it if embedded in an afform.

Fixes dev/core#2737

Before

Permission checks too strict

After

Permission checks just right

[civibot]

(Standard links)

• If this is your first pull-request for CiviCRM, please browse CONTRIBUTING.md for information about the development and testing processes.
• If you are reviewing this pull-request, you may wish to consult the test sites and the Review Standards (long template, short template).

[eileenmcnaughton]

@colemanw fail relates

[colemanw]

Fixed it @eileenmcnaughton

[eileenmcnaughton]

@colemanw this looks right now - so my take on this is that this is what you thought you had done in the first place? (hence it was hard to convince you it needed doing)

[colemanw]

Yea, the missing 'get' permission was an oversight.

[eileenmcnaughton]

@colemanw so to get it to render I also needed

+++ b/Civi/Api4/SavedSearch.php
@@ -22,4 +22,10 @@ namespace Civi\Api4;
  */
 class SavedSearch extends Generic\DAOEntity {
 
+
+  public static function permissions() {
+    $permissions = parent::permissions();
+    $permissions['get'] = ['access CiviCRM'];
+    return $permissions;
+  }

In addition I hit problems that were entity related - ie my contact had permission to view contributions but not the ability to view financial records related to them - I can put that in gitlab

[eileenmcnaughton]

I added https://lab.civicrm.org/dev/core/-/issues/2752

[eileenmcnaughton]

I would also note I think we could have cleaner error handling - ie the difference between 'there are no results' and 'you don't have permission' would ideally be clearer - in this case there are no results because the permissions on the payments are 'too' tight - per the above gitlab

[colemanw]

@eileenmcnaughton I've made that addition to the SavedSearch permissions.

[eileenmcnaughton]

@colemanw so - is there any case where we would not want people with access civicrm to find saved searches? I feel like it could expose some data about what you do business process wise - but I'm not sure.

OTOH it does seem like that would need to be restricted in some way that is less than blanket

@seamuslee001 any thoughts?

[eileenmcnaughton]

I'm OK with this but going with merge-ready due to the comments about about extending saved search get permissions

[colemanw]

I don't think it's a problem @eileenmcnaughton. The SavedSearch entity contains metadata and search criteria but no contact data.

[eileenmcnaughton]

Ok - well 5 days merge ready is enough