Details
-
Type:
Bug
-
Status: Won't Do
-
Priority:
Major
-
Resolution: Won't Do
-
Affects Version/s: 4.7.19
-
Fix Version/s: None
-
Component/s: Core CiviCRM
-
Labels:
-
Versioning Impact:Patch (backwards-compatible bug fixes)
-
Documentation Required?:None
-
Funding Source:Needs Funding
-
Verified?:No
Description
The activity api is doing a per-row permission check. We should refactor to be a tonne cleverer following on from CRM-20441
I think the first step is to remove VIEW calls to here:
CRM_Activity_BAO_Activity::checkPermission($this->_activityId, CRM_Core_Action::(VIEW);
Then only the api will be using that for view-based checking & we can clean up the way it checks related tables, possibly separating view from edit.
We should also look at the retrieve function on the activity BAO with a view to removal & using the api for similar reasons
Attachments
Issue Links
- supplements
-
-
- Done/Fixed
-
- links to
(2 links to)