Document how permissions should be implemented for new DAO
Created by: eileenmcnaughton
@colemanw built a pretty clever structure whereby the permissions / ACL structure is pretty extendable but I don't think it's documented. @colemanw I'm making a start - can you flesh out
As I understand it
- basic_get
- apiv3 (to some extent)
- apiv4
- civi reports (to some extent)
- build in search (very patchy)
All implement ACLs based on calling the relevant BAO/DAO's addSelectWhereClause if
- check_permissions is true (e.g per setting in an API call, or always in search)
- it exists (otherwise fall back it to the Core_DAO one)
This is called from basic_get & from reports that call buildPermissions (extended reports now does this, sketchy in core)
And generally implements a hook per BAO/DAO
Edited by ErikHommel