COMCL-722: Allow user with with award review permission access option…

… value

CRM/CiviAwards/Event/Listener/AlterPermission.php

@@ -0,0 +1,61 @@
+<?php
+
+use Civi\API\Event\AuthorizeEvent;
+use Civi\Api4\Generic\AbstractAction;
+use CRM_CiviAwards_Hook_AlterAPIPermissions_Award as AwardPermission;
+
+/**
+ * Award filter while fetching cases.
+ */
+class CRM_CiviAwards_Event_Listener_AlterPermission {
+
+  /**
+   * Fetches cases by the given award filters.
+   *
+   * @param \Civi\API\Event\PrepareEvent $event
+   *   API Prepare Event Object.
+   */
+  public static function authorize(AuthorizeEvent $event) {
+    $apiRequest = $event->getApiRequest();
+    if ($apiRequest['version'] != 4) {
+      return;
+    }
+
+    if (!self::shouldRun($apiRequest)) {
+      return;
+    }
+
+    $hasPermission = CRM_Core_Permission::check(AwardPermission::REVIEW_FIELD_SET_PERM);
+    if (!$hasPermission) {
+      return;
+    }
+
+    $params = CRM_Utils_Request::retrieve('params', 'String');
+    if (is_null($params)) {
+      return;
+    }
+
+    try {
+      $params = json_decode($params);
+      $formName = $params->formName ?? NULL;
+      $event->setAuthorized($formName == 'qf:CRM_CiviAwards_Form_AwardReview');
+    }
+    catch (\Throwable $th) {
+    }
+  }
+
+  /**
+   * Determines if the processing will run.
+   *
+   * @param array $apiRequest
+   *   Api request data.
+   *
+   * @return bool
+   *   TRUE if processing should run, FALSE otherwise.
+   */
+  protected static function shouldRun(AbstractAction $apiRequest) {
+    return $apiRequest['entity'] == 'OptionValue' &&
+      $apiRequest['action'] == 'get';
+  }
+
+}

civiawards.php

@@ -20,6 +20,12 @@ function civiawards_civicrm_config(&$config) {
     ['CRM_CiviAwards_Event_Listener_AwardCaseFilter', 'onPrepare'],
     10
   );
+
+  Civi::dispatcher()->addListener(
+    'civi.api.authorize',
+    ['CRM_CiviAwards_Event_Listener_AlterPermission', 'authorize'],
+    10
+  );
 }
 
 /**