function _administerusersbyrole_check_access in Administer Users by Role 7.2
Check access to perform an operation on an account.
This function checks the permissions of this module only. The calling code needs to check any Drupal core permissions that should also allow access.
6 calls to _administerusersbyrole_check_access()
- administerusersbyrole_cancel_confirm_wrapper in ./
administerusersbyrole.module - Wrapper function for the cancel confirm form that first elevates to 'administer users' permission if required.
- administerusersbyrole_form_user_admin_account_alter in ./
administerusersbyrole.module - Implements hook_form_FORM_ID_alter().
- administerusersbyrole_form_user_multiple_cancel_confirm_alter in ./
administerusersbyrole.module - Implements hook_form_FORM_ID_alter().
- administerusersbyrole_form_user_profile_form_alter in ./
administerusersbyrole.module - Implements hook_form_FORM_ID_alter().
- administerusersbyrole_metadata_user_access in ./
administerusersbyrole.module - Access callback for the user entity.
1 string reference to '_administerusersbyrole_check_access'
- administerusersbyrole_menu_alter in ./
administerusersbyrole.module - Implements hook_menu_alter().
File
- ./
administerusersbyrole.module, line 307 - Provides fine-grained permissions for creating, editing, and deleting users.
Code
function _administerusersbyrole_check_access($account, $op, $check_as = NULL) {
// Never allow uid 0 (anonymous) or 1 (master admin).
if ($account->uid <= 1) {
return FALSE;
}
// We may have been passed a mock account object. If so, load the user to ensure
// that we have roles to check against.
if (!isset($account->roles)) {
$account = user_load($account->uid);
}
foreach ($account->roles as $rid => $role) {
// If there is only DRUPAL_AUTHENTICATED_RID, then we must test for it, otherwise skip it.
if ($rid === DRUPAL_AUTHENTICATED_RID && count($account->roles) > 1) {
continue;
}
if (!user_access(_administerusersbyrole_build_perm_string($rid, $op), $check_as)) {
return FALSE;
}
}
return TRUE;
}