/** * Check API for ACL permission. * * @param array $apiRequest * * @return bool */ public function checkACLPermission($apiRequest) { switch ($apiRequest['entity']) { case 'UFGroup': case 'UFField': $ufGroups = \CRM_Core_PseudoConstant::get('CRM_Core_DAO_UFField', 'uf_group_id'); $aclCreate = \CRM_ACL_API::group(\CRM_Core_Permission::CREATE, NULL, 'civicrm_uf_group', $ufGroups); $aclEdit = \CRM_ACL_API::group(\CRM_Core_Permission::EDIT, NULL, 'civicrm_uf_group', $ufGroups); $ufGroupId = $apiRequest['entity'] == 'UFGroup' ? $apiRequest['params']['id'] : $apiRequest['params']['uf_group_id']; if (in_array($ufGroupId, $aclEdit) or $aclCreate) { return TRUE; } break; //CRM-16777: Disable schedule reminder with ACLs. //CRM-16777: Disable schedule reminder with ACLs. case 'ActionSchedule': $events = \CRM_Event_BAO_Event::getEvents(); $aclEdit = \CRM_ACL_API::group(\CRM_Core_Permission::EDIT, NULL, 'civicrm_event', $events); $param = array('id' => $apiRequest['params']['id']); $eventId = \CRM_Core_BAO_ActionSchedule::retrieve($param, $value = array()); if (in_array($eventId->entity_value, $aclEdit)) { return TRUE; } break; } return FALSE; }