Attachments patches

Included in CiviCRM version: N/A Core PRs: - civicrm#9875 - civicrm#10010
compucorp · Jul 14, 2019 · 99a0ecb · 99a0ecb
1 parent ac7af20
commit 99a0ecb
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 26 deletions.
diff --git a/Civi/API/Subscriber/DynamicFKAuthorization.php b/Civi/API/Subscriber/DynamicFKAuthorization.php
@@ -221,32 +221,27 @@ public function authorizeDelegate($action, $entityTable, $entityId, $apiRequest)
       throw new \Civi\API\Exception\UnauthorizedException("Authorization failed on ($entity): Missing entity_id");
     }
 
-    /**
-     * @var \Exception $exception
-     */
-    $exception = NULL;
-    $self = $this;
-    \CRM_Core_Transaction::create(TRUE)->run(function($tx) use ($entity, $action, $entityId, &$exception, $self) {
-      // Just to be safe.
-      $tx->rollback();
-
-      $params = [
-        'version' => 3,
-        'check_permissions' => 1,
-        'id' => $entityId,
-      ];
+    if (!$this->isAuthorized($entity, $action, $entityId)) {
+      throw new \Civi\API\Exception\UnauthorizedException("Authorization failed on ($entity, $entityId)");
+    }
+  }
 
-      $result = $self->kernel->run($entity, $self->getDelegatedAction($action), $params);
-      if ($result['is_error'] || empty($result['values'])) {
-        $exception = new \Civi\API\Exception\UnauthorizedException("Authorization failed on ($entity,$entityId)", [
-          'cause' => $result,
-        ]);
-      }
-    });
+  /**
+   * @param string $entity
+   * @param string $action
+   * @param int $entityId
+   *
+   * @return bool
+   * @throws \Exception
+   */
+  private function isAuthorized($entity, $action, $entityId) {
+    $params = [
+      'version' => 3,
+      'check_permissions' => 1,
+      'id' => $entityId
+    ];
 
-    if ($exception) {
-      throw $exception;
-    }
+    return $this->kernel->runAuthorize($entity, $this->getDelegatedAction($action), $params);
   }
 
   /**

diff --git a/Civi/Core/Container.php b/Civi/Core/Container.php
@@ -404,8 +404,7 @@ public function createApiKernel($dispatcher, $magicFunctionProvider) {
        FROM civicrm_custom_field fld
        INNER JOIN civicrm_custom_group grp ON fld.custom_group_id = grp.id
        WHERE fld.data_type = "File"
-      ',
-      ['civicrm_activity', 'civicrm_mailing', 'civicrm_contact', 'civicrm_grant']
+      '
     ));
 
     $kernel->setApiProviders([