/** * Handle a create event. * * @param array $params * * @return array * API Success Array * @throws \API_Exception * @throws \Civi\API\Exception\UnauthorizedException */ function civicrm_api3_mailing_create($params) { if (CRM_Mailing_Info::workflowEnabled()) { // Note: 'schedule mailings' and 'approve mailings' can update certain fields, but can't create. if (empty($params['id'])) { if (!CRM_Core_Permission::check('access CiviMail') && !CRM_Core_Permission::check('create mailings')) { throw new \Civi\API\Exception\UnauthorizedException("Cannot create new mailing. Required permission: 'access CiviMail' or 'create mailings'"); } } $safeParams = array(); $fieldPerms = CRM_Mailing_BAO_Mailing::getWorkflowFieldPerms(); foreach (array_keys($params) as $field) { if (CRM_Core_Permission::check($fieldPerms[$field])) { $safeParams[$field] = $params[$field]; } } } else { $safeParams = $params; } $safeParams['_evil_bao_validator_'] = 'CRM_Mailing_BAO_Mailing::checkSendable'; return _civicrm_api3_basic_create(_civicrm_api3_get_BAO(__FUNCTION__), $safeParams); }