You are here

function commerce_line_item_access in Commerce Core 7

Determines access to perform an operation on a particular line item.

Parameters

$op: The operation to perform on the line item, either 'update' or 'delete'.

$line_item: The line item object in question.

$account: The user account whose access should be checked; defaults to the current user if left NULL.

Return value

TRUE or FALSE indicating whether or not access should be granted.

2 string references to 'commerce_line_item_access'
commerce_line_item_entity_info in modules/line_item/commerce_line_item.module
Implements hook_entity_info().
commerce_line_item_views_data in modules/line_item/includes/views/commerce_line_item.views.inc
Implements hook_views_data()

File

modules/line_item/commerce_line_item.module, line 705
Defines the core Commerce line item entity and API functions interact with line items on orders.

Code

function commerce_line_item_access($op, $line_item, $account = NULL) {
  global $user;
  $account = isset($account) ? $account : clone $user;

  // If the user has the administration permission, return TRUE now.
  if (user_access('administer line items', $account)) {
    return TRUE;
  }

  // For users who don't have the general administration permission, we have to
  // determine access to update or delete a given line item through a connection
  // to an Order.
  if (!empty($line_item->order_id) && module_exists('commerce_order')) {
    $order = commerce_order_load($line_item->order_id);
    return commerce_order_access($op, $order, $account);
  }

  // Issue a blanket refusal of access in the event the order module is not
  // enabled, as we have no other way of determining line item access outside of
  // the 'administer line items' permission.
  return FALSE;
}