function access_user_object_access in Access Control Kit 7
Determines whether a user has a permission on an object via an access grant.
Parameters
string $string: The permission string (e.g., edit any page).
string $object_type: The type of access-controlled object (e.g., node, menu_link).
mixed $object: The access-controlled object.
object $account: (optional) The account to check. Defaults to the currently logged in user.
array $schemes: (optional) An array of schemes in which to check access on the object. If omitted, access will be checked in all available schemes that apply to the object type.
Return value
bool Boolean TRUE if the user has the requested permission on the object in any of the tested schemes.
3 calls to access_user_object_access()
- AccessAPITest::testHandlerMethods in ./
access.test - Test access arbitration through our dummy handler.
- ack_menu_link_access in ack_menu/
ack_menu.module - Access callback for editing or deleting a menu link.
- ack_node_node_access in ack_node/
ack_node.module - Implements hook_node_access().
File
- ./
access.module, line 937 - The access control kit module.
Code
function access_user_object_access($string, $object_type, $object, $account = NULL, $schemes = NULL) {
global $user;
if (!isset($account)) {
$account = $user;
}
// Sanity check to make sure that the user has the permission at all.
if (user_access($string, $account)) {
if (!isset($schemes)) {
$schemes = access_object_schemes($object_type);
}
// Get the list of realms wherein the user has the permission.
$user_realms = access_user_permission_realms($string, $account, $schemes);
// Get the object's realm memberships.
$object_realms = access_object_realms($object_type, $object, $schemes);
// If the user has the permission in any realm of which the object is also a
// member, return TRUE to allow access.
foreach ($schemes as $scheme) {
$matches = array_intersect($user_realms[$scheme->machine_name], $object_realms[$scheme->machine_name]);
if (!empty($matches)) {
return TRUE;
}
}
}
return FALSE;
}