/**
* Validate user permission across
* edit or view or with supportable acls.
*
* return boolean true/false.
**/
static function giveMeAllACLs()
{
if (CRM_Core_Permission::check('view all contacts') || CRM_Core_Permission::check('edit all contacts')) {
return TRUE;
}
$session = CRM_Core_Session::singleton();
$contactID = $session->get('userID');
if (self::isMultisiteEnabled()) {
// For multisite just check if there are contacts in acl_contact_cache table for now.
// FixMe: so even if a user in multisite has very limited permission could still
// see search / contact navigation options for example.
return CRM_Contact_BAO_Contact_Permission::hasContactsInCache(CRM_Core_Permission::VIEW, $contactID);
}
//check for acl.
$aclPermission = self::getPermission();
if (in_array($aclPermission, array(CRM_Core_Permission::EDIT, CRM_Core_Permission::VIEW))) {
return TRUE;
}
// run acl where hook and see if the user is supplying an ACL clause
// that is not false
$tables = $whereTables = array();
$where = NULL;
CRM_Utils_Hook::aclWhereClause(CRM_Core_Permission::VIEW, $tables, $whereTables, $contactID, $where);
return empty($whereTables) ? FALSE : TRUE;
}
