Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CRM-19494 Refactoring of permission code #9246

Merged
merged 22 commits into from
Oct 24, 2016
Merged

CRM-19494 Refactoring of permission code #9246

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
dddf4bf
added new list permission functions
bjendres Oct 11, 2016
2b8d25f
added check for 'view/edit my contact'
bjendres Oct 11, 2016
9a41e16
cleanup and documentation
bjendres Oct 11, 2016
ea8011f
started unit tests for new list permission functions
bjendres Oct 11, 2016
67df140
adding new list permission functions (wip)
bjendres Oct 12, 2016
134b2b6
unit tests for new list permission functions (wip)
bjendres Oct 12, 2016
c1ebd31
unit tests for new list permission functions (wip)
bjendres Oct 12, 2016
19f13a7
fixed: EDIT implies VIEW
bjendres Oct 12, 2016
c0e8730
fixed bug in the original function
bjendres Oct 12, 2016
3c64583
finished unit tests
bjendres Oct 12, 2016
730afb4
using new Permission::allowList to fix CRM-12645
bjendres Oct 12, 2016
e4541c5
obeying master jenkins
bjendres Oct 12, 2016
340be2e
implementing @eileen's suggestions:
bjendres Oct 13, 2016
163bfad
Fix enotice
eileenmcnaughton Oct 13, 2016
e8a0f9e
Minor in-passing tidy-ups
eileenmcnaughton Oct 13, 2016
98445ac
CRM-12645 fix the code that calls the links function to not whomp it.
eileenmcnaughton Oct 13, 2016
0f76544
CRM-18120 make acl query less debilitating
eileenmcnaughton Feb 29, 2016
135367a
CRM-12645 fix regression in previous refactor
eileenmcnaughton Oct 14, 2016
680a52d
CRM-12645 remove replaced function
eileenmcnaughton Oct 14, 2016
8210399
CRM-12645 remove unused function
eileenmcnaughton Oct 14, 2016
5f652ac
Return explicit FALSE for test expectation
eileenmcnaughton Oct 14, 2016
9aea8e1
CRM-19557 Fix ACL caching function to not use inefficient query for v…
eileenmcnaughton Oct 24, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 9 additions & 4 deletions CRM/ACL/API.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,10 @@ public static function check($str, $contactID = NULL) {
* @param bool $skipDeleteClause
* Don't add delete clause if this is true,.
* this means it is handled by generating query
* @param bool $skipOwnContactClause
* Do not add 'OR contact_id = $userID' to the where clause.
* This is a hideously inefficient query and should be avoided
* wherever possible.
*
* @return string
* the group where clause for this user
Expand All @@ -94,7 +98,8 @@ public static function whereClause(
&$whereTables,
$contactID = NULL,
$onlyDeleted = FALSE,
$skipDeleteClause = FALSE
$skipDeleteClause = FALSE,
$skipOwnContactClause = FALSE
) {
// the default value which is valid for the final AND
$deleteClause = ' ( 1 ) ';
Expand Down Expand Up @@ -131,9 +136,9 @@ public static function whereClause(
)
);

// Add permission on self
if ($contactID && (CRM_Core_Permission::check('edit my contact') ||
$type == self::VIEW && CRM_Core_Permission::check('view my contact'))
// Add permission on self if we really hate our server or have hardly any contacts.
if (!$skipOwnContactClause && $contactID && (CRM_Core_Permission::check('edit my contact') ||
$type == self::VIEW && CRM_Core_Permission::check('view my contact'))
) {
$where = "(contact_a.id = $contactID OR ($where))";
}
Expand Down
Loading