function commerce_line_item_access in Commerce Core 7
Determines access to perform an operation on a particular line item.
Parameters
$op: The operation to perform on the line item, either 'update' or 'delete'.
$line_item: The line item object in question.
$account: The user account whose access should be checked; defaults to the current user if left NULL.
Return value
TRUE or FALSE indicating whether or not access should be granted.
2 string references to 'commerce_line_item_access'
- commerce_line_item_entity_info in modules/
line_item/ commerce_line_item.module - Implements hook_entity_info().
- commerce_line_item_views_data in modules/
line_item/ includes/ views/ commerce_line_item.views.inc - Implements hook_views_data()
File
- modules/
line_item/ commerce_line_item.module, line 705 - Defines the core Commerce line item entity and API functions interact with line items on orders.
Code
function commerce_line_item_access($op, $line_item, $account = NULL) {
global $user;
$account = isset($account) ? $account : clone $user;
// If the user has the administration permission, return TRUE now.
if (user_access('administer line items', $account)) {
return TRUE;
}
// For users who don't have the general administration permission, we have to
// determine access to update or delete a given line item through a connection
// to an Order.
if (!empty($line_item->order_id) && module_exists('commerce_order')) {
$order = commerce_order_load($line_item->order_id);
return commerce_order_access($op, $order, $account);
}
// Issue a blanket refusal of access in the event the order module is not
// enabled, as we have no other way of determining line item access outside of
// the 'administer line items' permission.
return FALSE;
}