You are here

Home » API reference » Bean (for Drupal 7) 7 » bean.module

function bean_access in Bean (for Drupal 7) 7

Determines whether the given user has access to a bean.

Parameters

$op: The operation being performed. One of 'view', 'update', 'create', 'delete' or just 'edit' (being the same as 'create' or 'update').

$bean: Optionally a bean or a bean type to check access for. If nothing is given, access for all beans is determined.

$account: The user to check for. Leave it to NULL to check for the current user.

Return value

boolean Whether access is allowed or not.

1 call to bean_access()
PanelizerEntityBean::entity_access in plugins/entity/PanelizerEntityBean.class.php
Access callback.
3 string references to 'bean_access'
bean_bean_cache_clear in ./bean.module
Implements hook_bean_cache_clear().
bean_entity_info in ./bean.module
Implements hook_entity_info().
bean_menu in ./bean.module
Implements hook_menu().

File

./bean.module, line 704
Block Entity

Code

function bean_access($op, $bean = NULL, $account = NULL) {
  $rights =& drupal_static(__FUNCTION__, array());

  // Only real permissions are view, delete, create and edit
  switch ($op) {
    case 'view':
    case 'delete':
    case 'create':
      $op = $op;
      break;
    case 'add':
      $op = 'create';
      break;
    default:
      $op = 'edit';
  }

  // If no user object is supplied, the access check is for the current user.
  if (empty($account)) {
    $account = $GLOBALS['user'];
  }
  $cid = is_object($bean) ? $bean->bid : $bean;

  // If we've already checked access for this node, user and op, return from cache.
  if (isset($rights[$account->uid][$cid][$op])) {
    return $rights[$account->uid][$cid][$op];
  }
  if (user_access('administer beans', $account)) {
    return TRUE;
  }

  // We grant access to the bean if both of the following conditions are met:
  // - No modules say to deny access.
  // - At least one module says to grant access.
  // If no module specified either allow or deny, we fall back to the default.
  $access = module_invoke_all('bean_access', $bean, $op, $account);
  if (in_array(FALSE, $access, TRUE)) {
    $rights[$account->uid][$cid][$op] = FALSE;
    return FALSE;
  }
  elseif (in_array(TRUE, $access, TRUE)) {
    $rights[$account->uid][$cid][$op] = TRUE;
    return TRUE;
  }
  if (isset($bean) && isset($bean->type)) {
    if (user_access("{$op} any {$bean->type} bean", $account)) {
      $rights[$account->uid][$cid][$op] = TRUE;
      return TRUE;
    }
  }
  elseif (isset($bean) && is_string($bean)) {
    if (user_access("{$op} any {$bean} bean", $account)) {
      $rights[$account->uid][$cid][$op] = TRUE;
      return TRUE;
    }
  }
  else {

    // Here we are looking for access to any of the types.
    foreach (bean_get_types() as $bean_type) {
      $perm = $op . ' any ' . $bean_type->type . ' bean';
      if (user_access($perm, $account)) {
        $rights[$account->uid][$cid][$op] = TRUE;
        return TRUE;
      }
    }
  }
  return FALSE;
}