Cannot search CiviCampaign/CiviCase activities or report CiviCampaign activities

Most Civi components provide the primary permission "access <component_name>".

Two exceptions are:

• CiviCampaign: "administer CiviCampaign"
• CiviCase: "access all cases and activities", "access my cases and activities"

Several areas of the code fail to check these permissions properly:

• CRM/Activity/Selector/Search.php::__construct(): checks permissions prior to activity search using "access <component_name>", failing on CiviCampaign and CiviCase activities.
• CRM/Report/Form/Activity.php::__construct(): checks permissions prior to creating an activity report using "access all cases and activities" for CiviCase activities, "access <component_name>" for others, and failing on CiviCampaign activities.

I will shortly submit a PR to correct the above two issues, restoring search/reporting on CiviCampaign and CiviCase activities.

Supplemental information

In addition to these issues, I have identified two additional areas that seem to be lacking the proper permission checks for one or both of these two special-case components, but I was unable to identify a test case that demonstrates a failure. I will therefore not make any changes to these areas:

• CRM/Activity/Form/Task.php::preProcessCommon(): Checks only for "access <component_name>"
• CRM/Core/Permission.php::access(): Checks CiviCase for ("access all cases and activities" OR "access my cases and activities"), and checks all other components for "access <component_name>".