Skip to content

CiviCRM Documentation

hook_civicrm_alterApiRoutePermissions

Home > Developer Guide > Hooks > Permission Hooks

hook_civicrm_alterApiRoutePermissions

Summary

This hook is called when API version 4 permissions are checked. Note that this does not apply to API version 3.

Notes

This hook can alter the $permissions structure from CRM/Core/DAO/permissions.php based on the $entity and $action (or unconditionally).

!!! Note If a given entity/action permissions are unset, the default "administer CiviCRM" permission is enforced.

Definition

hook_civicrm_alterApiRoutePermissions($permissions, $entity, $action)

Parameters

string $entity - the API entity (like 'Contact')
string $action - the API action (like 'get')
array $permissions - the associative permissions array (probably to be altered by this hook)

Returns

null

Availability

This hook was first available in CiviCRM 5.36.

Example

/**
 * Gives a user with the permission "remote monitoring" to access API4 System.check.
 */
function monitoring_civicrm_alterApiRoutePermissions(&$permissions, $entity, $action) {
  if ($entity === 'System' && $action === 'check') {
    $permissions[0][] = 'remote monitoring';
  }
}