Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-19165

Use permission sensitive function to create strip-numeric function

    Details

    • Type: Bug
    • Status: Done/Fixed
    • Priority: Minor
    • Resolution: Fixed/Completed
    • Affects Version/s: 4.7.10
    • Fix Version/s: 4.7.13
    • Component/s: None
    • Labels:
      None
    • Documentation Required?:
      Developer Doc
    • Funding Source:
      Contributed Code

      Description

      In 4.7 we introduced a setting 'logging_no_trigger_permission' to reflect the fact some instances of CiviCRM (notably those with database replication enabled) require SUPER permission to create triggers and opt to manage the creation of the triggers offline rather than reduce the security of their environment.

      Queries called like this
      Civi::service('sql_triggers')->enqueueQuery($query);

      will run if 'logging_no_trigger_permission' has not been set (ie under normal operation) but if it has been set then the sql commands will be logged to a file.

      I'm proposing to also create the strip_numeric function within this wrapper. It hits exactly the same issues (SUPER permissions are required but not necessarily appropriate in a replicated environment).

      There are some wording issues that are a little uncomfortable - ie the references are all to 'triggers' not 'triggers_or_functions' - but on the other hand this is a narrow edge case usage and I'm inclined to live with that ambiguity in order to keep the change minimal & the code simple

        Attachments

          Activity

            People

            • Assignee:
              eileen Eileen McNaughton
              Reporter:
              eileen Eileen McNaughton
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: