Details
-
Type:
Patch
-
Status: Done/Fixed
-
Priority:
Trivial
-
Resolution: Fixed/Completed
-
Affects Version/s: 4.1.1
-
Fix Version/s: 4.2.0
-
Component/s: None
-
Labels:None
Description
Just debugging something & noticed that
CRM_ACL_API::groupPermission()
caches permissions based on the string
$key = "{$tableName}{$type}{$contactID}";
& it seemed confusing to me that the string wasn;t passed in & that the patch below might make sense. Also because at some point the caching might be stored in the DB I guess?
Index: CRM/Contact/BAO/Group.php
===================================================================
— CRM/Contact/BAO/Group.php (revision 39653)
+++ CRM/Contact/BAO/Group.php (working copy)
@@ -285,16 +285,20 @@
{
$allGroups = CRM_Core_PseudoConstant::allGroup( );
-
+ $session = CRM_Core_Session::singleton();
+ $contactID = NULL;
+ if ($session->get( 'userID' ))
$permissions = null;
if ( CRM_Core_Permission::check( 'edit all contacts' ) ||
- CRM_ACL_API::groupPermission( CRM_ACL_API::EDIT, $id, null,
+ CRM_ACL_API::groupPermission( CRM_ACL_API::EDIT, $id, $contactID,
'civicrm_saved_search', $allGroups ) ) { $permissions[] = CRM_Core_Permission::EDIT; }
if ( CRM_Core_Permission::check( 'view all contacts' ) ||
- CRM_ACL_API::groupPermission( CRM_ACL_API::VIEW, $id, null,
+ CRM_ACL_API::groupPermission( CRM_ACL_API::VIEW, $id, $contactID,
'civicrm_saved_search', $allGroups ) ) { $permissions[] = CRM_Core_Permission::VIEW; }