Degrade consistently when civi_report not enabled but logging is

[eileenmcnaughton]

Overview

Degrade consistently when civi_report not enabled but logging is

Before

If logging is enabled but Civi-report is disabled a user with 'Admiister CiviCRM' who accesses the Change Log table will see

A non-admin user will see

After

Both users see

Technical Details

The code to determine if the report is accessible uses a (deprecated) BAO function that just looks it up in the database. It finds the report even if CiviReport is disabled and then internally does a permission check based on the db record. Hence for the admin user it attempts to load the report because nothing in the lookup it is doing tells it the report is disabled.

This switches to loading the report using a permissioned api call which delegates the permission checking to civi-report and will also fail / return FALSE if civi-report is disabled.

Note that separately I put up a PR to warn about this configuration #28863

Comments

[civibot]

🤖 Thank you for contributing to CiviCRM! ❤️ We will need to test and review this PR. 👷

Introduction for new contributors...

• If this is your first PR, an admin will greenlight automated testing with the command ok to test or add to whitelist.
• A series of tests will automatically run. You can see the results at the bottom of this page (if there are any problems, it will include a link to see what went wrong).
• A demo site will be built where anyone can try out a version of CiviCRM that includes your changes.
• If this process needs to be repeated, an admin will issue the command test this please to rerun tests and build a new demo site.
• Before this PR can be merged, it needs to be reviewed. Please keep in mind that reviewers are volunteers, and their response time can vary from a few hours to a few weeks depending on their availability and their knowledge of this particular part of CiviCRM.
• A great way to speed up this process is to "trade reviews" with someone - find an open PR that you feel able to review, and leave a comment like "I'm reviewing this now, could you please review mine?" (include a link to yours). You don't have to wait for a response to get started (and you don't have to stop at one!) the more you review, the faster this process goes for everyone 😄
• To ensure that you are credited properly in the final release notes, please add yourself to contributor-key.yml
• For more information about contributing, see CONTRIBUTING.md.

Quick links for reviewers...

• ➡️ PR Demo site (can be rebuilt with the command test this please).
• 📖 Review standards
• 🗒️ Review template (brief or verbose)

➡️ Online demo of this PR 🔗

[demeritcowboy]

jenkins retest this please