/** * @param string $entity * @param string $action * @param array $params * @param bool $throws whether we should pass any exceptions for authorization failures * * @throws API_Exception * @throws Exception * @return bool TRUE or FALSE depending on the outcome of the authorization check */ function runPermissionCheck($entity, $action, $params, $throws = FALSE) { $dispatcher = new \Symfony\Component\EventDispatcher\EventDispatcher(); $dispatcher->addSubscriber(new \Civi\API\Subscriber\PermissionCheck()); $kernel = new \Civi\API\Kernel($dispatcher); $apiRequest = \Civi\API\Request::create($entity, $action, $params, NULL); try { $kernel->authorize(NULL, $apiRequest); return TRUE; } catch (\API_Exception $e) { $extra = $e->getExtraParams(); if (!$throws && $extra['error_code'] == API_Exception::UNAUTHORIZED) { return FALSE; } else { throw $e; } } }
public function testBasicArrayGetReturn() { $records = array(array('snack_id' => 'a', 'fruit' => 'apple', 'cheese' => 'swiss'), array('snack_id' => 'b', 'fruit' => 'grape', 'cheese' => 'cheddar'), array('snack_id' => 'c', 'fruit' => 'apple', 'cheese' => 'cheddar')); $kernel = new \Civi\API\Kernel(new \Symfony\Component\EventDispatcher\EventDispatcher()); $provider = new \Civi\API\Provider\AdhocProvider(3, 'Widget'); $provider->addAction('get', 'access CiviCRM', function ($apiRequest) use($records) { return _civicrm_api3_basic_array_get('Widget', $apiRequest['params'], $records, 'snack_id', array('snack_id', 'fruit', 'cheese')); }); $kernel->registerApiProvider($provider); $r1 = $kernel->run('Widget', 'get', array('version' => 3, 'snack_id' => 'b', 'return' => 'fruit')); $this->assertAPISuccess($r1); $this->assertEquals(array('b' => array('id' => 'b', 'fruit' => 'grape')), $r1['values']); $r2 = $kernel->run('Widget', 'get', array('version' => 3, 'snack_id' => 'b', 'return' => array('fruit', 'cheese'))); $this->assertAPISuccess($r2); $this->assertEquals(array('b' => array('id' => 'b', 'fruit' => 'grape', 'cheese' => 'cheddar')), $r2['values']); $r3 = $kernel->run('Widget', 'get', array('version' => 3, 'cheese' => 'cheddar', 'return' => array('fruit'))); $this->assertAPISuccess($r3); $this->assertEquals(array('b' => array('id' => 'b', 'fruit' => 'grape'), 'c' => array('id' => 'c', 'fruit' => 'apple')), $r3['values']); }
/** * @param \Symfony\Component\EventDispatcher\EventDispatcher $dispatcher * @param $magicFunctionProvider * * @return \Civi\API\Kernel */ public function createApiKernel($dispatcher, $magicFunctionProvider) { $dispatcher->addSubscriber(new \Civi\API\Subscriber\ChainSubscriber()); $dispatcher->addSubscriber(new \Civi\API\Subscriber\TransactionSubscriber()); $dispatcher->addSubscriber(new \Civi\API\Subscriber\I18nSubscriber()); $dispatcher->addSubscriber($magicFunctionProvider); $dispatcher->addSubscriber(new \Civi\API\Subscriber\PermissionCheck()); $dispatcher->addSubscriber(new \Civi\API\Subscriber\APIv3SchemaAdapter()); $dispatcher->addSubscriber(new \Civi\API\Subscriber\WrapperAdapter(array(\CRM_Utils_API_HTMLInputCoder::singleton(), \CRM_Utils_API_NullOutputCoder::singleton(), \CRM_Utils_API_ReloadOption::singleton(), \CRM_Utils_API_MatchOption::singleton()))); $dispatcher->addSubscriber(new \Civi\API\Subscriber\XDebugSubscriber()); $kernel = new \Civi\API\Kernel($dispatcher); $reflectionProvider = new \Civi\API\Provider\ReflectionProvider($kernel); $dispatcher->addSubscriber($reflectionProvider); $dispatcher->addSubscriber(new \Civi\API\Subscriber\DynamicFKAuthorization($kernel, 'Attachment', array('create', 'get', 'delete'), 'SELECT if(cf.id,1,0) as is_valid, cef.entity_table, cef.entity_id FROM civicrm_file cf LEFT JOIN civicrm_entity_file cef ON cf.id = cef.file_id WHERE cf.id = %1', 'SELECT concat("custom_",fld.id) as field_name, grp.table_name as table_name, grp.extends as extends FROM civicrm_custom_field fld INNER JOIN civicrm_custom_group grp ON fld.custom_group_id = grp.id WHERE fld.data_type = "File" ', array('civicrm_activity', 'civicrm_mailing', 'civicrm_contact'))); $kernel->setApiProviders(array($reflectionProvider, $magicFunctionProvider)); return $kernel; }
/** * @param \Symfony\Component\EventDispatcher\EventDispatcher $dispatcher * @param $magicFunctionProvider * * @return \Civi\API\Kernel */ public function createApiKernel($dispatcher, $magicFunctionProvider) { $dispatcher->addSubscriber(new \Civi\API\Subscriber\ChainSubscriber()); $dispatcher->addSubscriber(new \Civi\API\Subscriber\TransactionSubscriber()); $dispatcher->addSubscriber(new \Civi\API\Subscriber\I18nSubscriber()); $dispatcher->addSubscriber($magicFunctionProvider); $dispatcher->addSubscriber(new \Civi\API\Subscriber\PermissionCheck()); $dispatcher->addSubscriber(new \Civi\API\Subscriber\APIv3SchemaAdapter()); $dispatcher->addSubscriber(new \Civi\API\Subscriber\WrapperAdapter(array(\CRM_Utils_API_HTMLInputCoder::singleton(), \CRM_Utils_API_NullOutputCoder::singleton(), \CRM_Utils_API_ReloadOption::singleton(), \CRM_Utils_API_MatchOption::singleton()))); $dispatcher->addSubscriber(new \Civi\API\Subscriber\XDebugSubscriber()); $kernel = new \Civi\API\Kernel($dispatcher); $reflectionProvider = new \Civi\API\Provider\ReflectionProvider($kernel); $dispatcher->addSubscriber($reflectionProvider); $kernel->setApiProviders(array($reflectionProvider, $magicFunctionProvider)); return $kernel; }