/** * Should we be adding ACLs in this instance. If we don't add them the user * will not be able to see anything. We check if the install has the permissions * hook implemented correctly & if so only allow view & edit based on those. * * Otherwise all users get these permissions added (4.2 vs 4.3 / other CMS issues) * * @param integer $type type of operation * * @return bool */ function _multisite_add_permissions($type) { $hookclass = 'CRM_Utils_Hook'; if (!method_exists($hookclass, 'permissions')) { // ie. unpatched 4.2 so we can't check for extra declared permissions // & default to applying this to all return TRUE; } // extra check to make sure that hook is properly implemented // if not we won't check for it. NB view all contacts in domain is enough checking $declaredPermissions = CRM_Core_Permission::getCorePermissions(); if (!array_key_exists('view all contacts in domain', $declaredPermissions)) { drupal_set_message('here'); return TRUE; } if (CRM_ACL_BAO_ACL::matchType($type, 'View') && CRM_Core_Permission::check('view all contacts in domain')) { return TRUE; } if (CRM_ACL_BAO_ACL::matchType($type, 'Edit') && CRM_Core_Permission::check('edit all contacts in domain')) { return TRUE; } return FALSE; }
/** * Should we be adding ACLs in this instance. If we don't add them the user * will not be able to see anything. We check if the install has the permissions * hook implemented correctly & if so only allow view & edit based on those. * * Otherwise all users get these permissions added (4.2 vs 4.3 / other CMS issues) * * @param integer $type type of operation */ function _multisite_add_permissions($type) { $hookclass = 'CRM_Utils_Hook'; if (!method_exists($hookclass, 'permissions') && !method_exists($hookclass, 'permission')) { // ie. unpatched 4.2 so we can't check for extra declared permissions // & default to applying this to all return TRUE; } if ($type == 'group') { // @fixme only handling we have for this at the moment return TRUE; } // extra check to make sure that hook is properly implemented // if not we won't check for it. NB view all contacts in domain is enough checking $declaredPermissions = CRM_Core_Permission::basicPermissions(); if (!array_key_exists('view all contacts in domain', $declaredPermissions)) { return TRUE; } if (CRM_ACL_BAO_ACL::matchType($type, 'View') && CRM_Core_Permission::check('view all contacts in domain')) { return TRUE; } if (CRM_ACL_BAO_ACL::matchType($type, 'Edit') && CRM_Core_Permission::check('edit all contacts in domain')) { return TRUE; } return FALSE; }