function access_by_ref_node_access in Access by Reference 7

Same name and namespace in other branches

1. 8.2 access_by_ref.module \access_by_ref_node_access()
2. 8 access_by_ref.module \access_by_ref_node_access()

File

./access_by_ref.module, line 2

Code

function access_by_ref_node_access($node, $op, $account) {

  // exit if there is nothing to do here
  if (!isset($account) || $account->uid == 0 || $op != 'update' || !isset($node) || $account->uid == $node->uid || !user_permission('access node by reference', $account)) {
    return NODE_ACCESS_IGNORE;
  }
  $type = is_string($node) ? $node : $node->type;

  //"SHARED"
  $uvars = variable_get('access_by_ref_user_field', '');

  // look for something that matches in the user's profile
  if (strpos($uvars, $type) !== FALSE) {
    $tests = explode("\n", $uvars);
    foreach ($tests as $testpair) {
      $test = explode("|", $testpair);

      // this gets us to the content_type|field_id pair
      if ($type == $test[0]) {

        // this is a test to run on this content type
        $items = field_get_items('node', $node, trim($test[1]));
        if ($items) {
          $user = user_load($account->uid);
          $userfields = field_get_items('user', $user, trim($test[1]));
          if ($userfields) {
            foreach ($items as $item) {
              foreach ($userfields as $userfield) {
                if (isset($item['value']) && $item['value'] == $userfield['value'] || isset($item['target_id']) && $item['target_id'] == $userfield['target_id']) {
                  drupal_set_message("You may edit this because your profile ({$test[1]}) matches");
                  return NODE_ACCESS_ALLOW;

                  // they match.  We're in
                }
              }
            }
          }
        }
      }
    }
  }
  $fvars = variable_get('access_by_ref_referenced', '');

  //if you can edit the referenced node, you can edit this
  if (strpos($fvars, $type) !== FALSE) {
    $tests = explode("\r\n", $fvars);
    foreach ($tests as $testpair) {
      $test = explode("|", $testpair);

      // this gets us to the content_type|field_id pair
      if ($type == $test[0]) {

        // this is a test to run on this content type
        $items = field_get_items('node', $node, trim($test[1]));
        if ($items) {
          foreach ($items as $item) {
            $refnode = node_load($item['target_id']);
            if ($item['target_id'] == $node->nid) {
              continue;
            }

            // yeah, don't go on looking at yourself
            if (access_by_ref_node_access($refnode, $op, $account) == NODE_ACCESS_ALLOW || node_node_access($refnode, $op, $account) == NODE_ACCESS_ALLOW) {
              drupal_set_message("You may edit this because you manage a referenced ({$test[1]})");
              return NODE_ACCESS_ALLOW;
            }
          }
        }
      }
    }
  }
  $uvars = variable_get('access_by_ref_user_reference_field', '');

  // look for something that matches in the user's profile
  if (strpos($uvars, $type) !== FALSE) {
    $tests = explode("\n", $uvars);
    foreach ($tests as $testpair) {
      $test = explode("|", $testpair);

      // this gets us to the content_type|field_id pair
      if ($type == $test[0]) {

        // this is a test to run on this content type
        $items = field_get_items('node', $node, trim($test[1]));
        if ($items) {
          foreach ($items as $item) {
            if ($item['target_id'] == $account->uid) {
              drupal_set_message("You may edit this because you are listed as an editor");
              return NODE_ACCESS_ALLOW;

              // they match.  We're in
            }
          }
        }
      }
    }
  }

  //"USER EMAIL"
  $uvars = variable_get('access_by_ref_user_email', '');

  // look for something that matches in the user's profile
  if (strpos($uvars, $type) !== FALSE) {
    $tests = explode("\n", $uvars);
    foreach ($tests as $testpair) {
      $test = explode("|", $testpair);

      // this gets us to the content_type|field_id pair
      if ($type == $test[0]) {

        // this is a test to run on this content type
        $items = field_get_items('node', $node, trim($test[1]));
        if ($items) {
          $usermail = $account->mail;
          if ($account->uid == 75) {
            drupal_set_message("Hello {$usermail}");
          }
          if ($usermail) {
            foreach ($items as $item) {

              // compare without case
              if (isset($item['value']) && strcasecmp($item['value'], $usermail) == 0) {
                return NODE_ACCESS_ALLOW;

                // they match.  We're in
              }
              if (isset($item['email']) && strcasecmp($item['email'], $usermail) == 0) {
                return NODE_ACCESS_ALLOW;

                // they match.  We're in
              }
            }
          }
        }
      }
    }
  }
  return NODE_ACCESS_IGNORE;

  // no config for this node type.  Quit
}