You are here

Home » API reference » Book access 7.2 » book_access.module » BookAccess

public static function BookAccess::checkGrant in Book access 7.2

Same name and namespace in other branches
  1. 6.2 book_access.module \BookAccess::checkGrant()

Checks if a user has access to the book passed as argument.

Parameters

$bid: The ID of the book to check.

$grant: The permission to check for. Can either be in the form "grant_update" or "update" though the former is now preferred for consistency.

$account: The user account for which the permission is checked; if it is not passed, the permission is checked against the current logged in user.

Return value

TRUE if the user has the permission, FALSE otherwise.

11 calls to BookAccess::checkGrant()
BookAccessTestCase::caseAuthorDefaultsPropagateToNewNode in ./book_access_test_case.test
BookAccessTestCase::caseAuthorVsAdminDefaults in ./book_access_test_case.test
BookAccessTestCase::caseChildDefaultsDoNotAffectParentBook in ./book_access_test_case.test
BookAccessTestCase::caseDeletingBookDoesNotDeleteGrants in ./book_access_test_case.test
BookAccessTestCase::caseResetToDefaults in ./book_access_test_case.test

... See full list

File

./book_access.module, line 164
Allows to set the access control for book nodes on a per book basis. Based on forum_access.module and tac_lite.module.

Class

BookAccess
@file

Code

public static function checkGrant($bid, $grant, $account = NULL) {
  static $queries = NULL;
  if ($queries == NULL) {
    $queries = array(
      "book_access_author",
      "book_access_role",
      "book_access_user",
    );
  }
  if (!isset($account)) {
    $account = $GLOBALS['user'];
  }
  if (!preg_match('/^grant_/', $grant)) {
    $grant = "grant_{$grant}";
  }
  $roles = array_keys($account->roles);
  $resultSets = array();
  foreach ($queries as $table) {
    $queryObj = db_select($table, $table);
    $queryObj
      ->condition("nid", $bid, "=");
    if ($table == 'book_access_role') {
      $queryObj
        ->condition("rid", $roles, "IN");
    }
    else {
      $queryObj
        ->condition("uid", $account->uid, "=");
    }
    $queryObj
      ->fields($table, array(
      $grant,
    ))
      ->orderBy($grant, 'DESC')
      ->range(0, 1);
    $resultSets[$table] = $queryObj
      ->execute();
  }
  $rowCount = 0;
  $grantCount = 0;
  $explicitTables = array();
  foreach ($resultSets as $table => $resultSet) {
    if ($resultSet
      ->rowCount() > 0) {
      $row = $resultSet
        ->fetchAssoc();
      $explicitTables[$table] = TRUE;
      ++$rowCount;
      $grantCount += (int) $row[$grant];
    }
  }
  $hasPermission = $grantCount > 0;

  // if our row count is less than 3, that means taht we are missing an explicit
  // permissions entry in one of the tables.  iterate and find the missing ones
  // and check the defaults instead.
  if (!$hasPermission && $rowCount < 3) {
    $node = node_load($bid);

    // check default author permissions first
    if (!isset($explicitTables['book_access_author'])) {
      $authorDefaults = variable_get("book_access_default_author_access");
      $hasPermission = $account->uid == $node->uid && in_array($grant, $authorDefaults);
    }

    // then, failing that, check default role permissions
    if (!$hasPermission && !isset($explicitTables['book_access_role'])) {
      foreach ($roles as $role) {
        $roleDefaults = variable_get("book_access_default_role_{$role}_access");
        $hasPermission = in_array($grant, $roleDefaults);
        if ($hasPermission) {
          break;
        }
      }
    }
  }
  return $hasPermission;
}