SearchKit - Fix anonymous access to running search displays #21752
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
Recently SearchKit added the ability for anonymous users to access search displays. However, due to an oversight the feature doesn't actually work for anonymous users. This fixes the problem.
Technical Details
This is the same fix as used by afform_civicrm_alterApiRoutePermissions() to remove the barrier to entry for anonymous users.
Comments
It was decided that opening up apis to anonymous access one-at-a-time via this hook "feels safer" than doing it system-wide for all of APIv4. However there's no known reason why that can't be done, as each API action performs its own permission check right after this outer later, so it's pretty much redundant.
But to get this fixed in the RC, this is the lowest-risk solution.