Documentation

CRM_Core_Permission_Standalone extends CRM_Core_Permission_Base
in package

Permissions class for Standalone.

Note that CRM_Core_Permission_Base is unrelated to CRM_Core_Permission This class, and the _Base class, is to do with CMS permissions, whereas the CRM_Core_Permission class deals with Civi-specific permissioning.

Table of Contents

Properties

$permissions  : array<string|int, mixed>
permission mapping to stub check() calls
$_editAdminUser  : mixed
$_editPermission  : mixed
$_viewAdminUser  : bool
Is this user someone with access for the entire system.
$_viewPermission  : bool
Am in in view permission or edit permission?

Methods

check()  : bool
Given a permission string, check for access requirements.
checkGroupRole()  : bool
Given a roles array, check for access requirements
getAllModulePermissions()  : array<string|int, mixed>
Get the permissions defined in the hook_civicrm_permission implementation in all enabled CiviCRM module extensions.
getAvailablePermissions()  : array<string|int, mixed>
Get the palette of available permissions in the CMS's user-management system.
getModulePermissions()  : array<string|int, mixed>
Get the permissions defined in the hook_civicrm_permission implementation of the given module.
getPermission()  : int|string|null
Get the maximum permission of the current user with respect to _any_ contact records.
getPermissionedStaticGroupClause()  : string
Get the permissioned where clause for the user when trying to see groups.
group()  : array<string|int, mixed>
Get all groups from database, filtered by permissions for this user
groupClause()  : string
Get group clause for this user.
isModulePermissionSupported()  : bool
Determine whether the permission store allows us to store a list of permissions generated dynamically (eg by hook_civicrm_permissions.)
permissionEmails()  : mixed
Get all the contact emails for users that have a specific permission.
roleEmails()  : mixed
Get all the contact emails for users that have a specific role.
translatePermission()  : null|string
Translate permission.
upgradePermissions()  : mixed
Ensure that the CMS supports all the permissions defined by CiviCRM and its extensions. If there are stale permissions, they should be deleted. This is useful during module upgrade when the newer module version has removed permission that were defined in the older version.
whereClause()  : string
Get the permissioned where clause for the user.

Properties

$permissions

permission mapping to stub check() calls

public array<string|int, mixed> $permissions = \NULL

$_editAdminUser

protected mixed $_editAdminUser = \FALSE

$_editPermission

protected mixed $_editPermission = \FALSE

$_viewAdminUser

Is this user someone with access for the entire system.

protected bool $_viewAdminUser = \FALSE

$_viewPermission

Am in in view permission or edit permission?

protected bool $_viewPermission = \FALSE

Methods

check()

Given a permission string, check for access requirements.

public check(string $permissionName[, int $userId = NULL ]) : bool

Note this differs from CRM_Core_Permission::check() which handles composite permissions (ORs etc), implied permission hierarchies, and Contacts.

Parameters
$permissionName : string

The permission to check.

$userId : int = NULL
Return values
bool

true if yes, else false

checkGroupRole()

Given a roles array, check for access requirements

public checkGroupRole(array<string|int, mixed> $array) : bool
Parameters
$array : array<string|int, mixed>

The roles to check.

Return values
bool

true if yes, else false

getAllModulePermissions()

Get the permissions defined in the hook_civicrm_permission implementation in all enabled CiviCRM module extensions.

public getAllModulePermissions() : array<string|int, mixed>
Tags
throws
RuntimeException
Return values
array<string|int, mixed>

Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions().

getAvailablePermissions()

Get the palette of available permissions in the CMS's user-management system.

public getAvailablePermissions() : array<string|int, mixed>
Tags
inheritdoc

on Standalone we don't want to add any "synthetic" cms permissions because we have concrete equivalents, provided by e.g. standaloneusers extension so we override the base class to suppress the synthetic ones

Return values
array<string|int, mixed>

List of permissions, keyed by symbolic name. Each item may have fields:

  • title: string
  • description: string

The permission-name should correspond to the Civi notation used by 'CRM_Core_Permission::check()'. For CMS-specific permissions, these are translated names (eg "WordPress:list_users" or "Drupal:post comments").

The list should include only CMS permissions. Exclude Civi-native permissions.

getModulePermissions()

Get the permissions defined in the hook_civicrm_permission implementation of the given module.

public getModulePermissions(mixed $module) : array<string|int, mixed>

Note: At time of writing, this is only used with native extension-modules, so there's one, predictable calling convention (regardless of CMS).

Parameters
$module : mixed
Tags
see
CRM_Core_Permission::getCorePermissions
Return values
array<string|int, mixed>

Array of permissions, in the same format as CRM_Core_Permission::getCorePermissions().

getPermission()

Get the maximum permission of the current user with respect to _any_ contact records.

public getPermission() : int|string|null
Tags
see
CRM_Core_Permission::getPermission()
Return values
int|string|null

getPermissionedStaticGroupClause()

Get the permissioned where clause for the user when trying to see groups.

public getPermissionedStaticGroupClause(int $type, array<string|int, mixed> &$tables, array<string|int, mixed> &$whereTables) : string
Parameters
$type : int

The type of permission needed.

$tables : array<string|int, mixed>

(reference ) add the tables that are needed for the select clause.

$whereTables : array<string|int, mixed>

(reference ) add the tables that are needed for the where clause.

Return values
string

the group where clause for this user

group()

Get all groups from database, filtered by permissions for this user

public group([string $groupType = NULL ][, bool $excludeHidden = TRUE ]) : array<string|int, mixed>
Parameters
$groupType : string = NULL

Type of group(Access/Mailing).

$excludeHidden : bool = TRUE

exclude hidden groups.

Return values
array<string|int, mixed>

array reference of all groups.

groupClause()

Get group clause for this user.

public groupClause(int $type, array<string|int, mixed> &$tables, array<string|int, mixed> &$whereTables) : string
Parameters
$type : int

The type of permission needed.

$tables : array<string|int, mixed>

(reference ) add the tables that are needed for the select clause.

$whereTables : array<string|int, mixed>

(reference ) add the tables that are needed for the where clause.

Return values
string

the group where clause for this user

isModulePermissionSupported()

Determine whether the permission store allows us to store a list of permissions generated dynamically (eg by hook_civicrm_permissions.)

public isModulePermissionSupported() : bool
Return values
bool

permissionEmails()

Get all the contact emails for users that have a specific permission.

public permissionEmails(string $permissionName) : mixed
Parameters
$permissionName : string

Name of the permission we are interested in.

Tags
throws
CRM_Core_Exception

roleEmails()

Get all the contact emails for users that have a specific role.

public roleEmails(string $roleName) : mixed
Parameters
$roleName : string

Name of the role we are interested in.

Tags
throws
CRM_Core_Exception

translatePermission()

Translate permission.

public translatePermission(string $perm, string $nativePrefix, array<string|int, mixed> $map) : null|string
Parameters
$perm : string

Permission string e.g "administer CiviCRM", "cms:access user record", "Drupal:administer content", "Joomla:action:com_asset"

$nativePrefix : string
$map : array<string|int, mixed>

Array($portableName => $nativeName).

Return values
null|string

a permission name

upgradePermissions()

Ensure that the CMS supports all the permissions defined by CiviCRM and its extensions. If there are stale permissions, they should be deleted. This is useful during module upgrade when the newer module version has removed permission that were defined in the older version.

public upgradePermissions(array<string|int, mixed> $permissions) : mixed
Parameters
$permissions : array<string|int, mixed>

Same format as CRM_Core_Permission::getCorePermissions().

Tags
throws
CRM_Core_Exception
see
CRM_Core_Permission::getCorePermissions

whereClause()

Get the permissioned where clause for the user.

public whereClause(int $type, array<string|int, mixed> &$tables, array<string|int, mixed> &$whereTables) : string
Parameters
$type : int

The type of permission needed.

$tables : array<string|int, mixed>

(reference ) add the tables that are needed for the select clause.

$whereTables : array<string|int, mixed>

(reference ) add the tables that are needed for the where clause.

Return values
string

the group where clause for this user


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results