function commerce_cardonfile_user_access in Commerce Card on File 7.2
Same name and namespace in other branches
- 7 commerce_cardonfile.module \commerce_cardonfile_user_access()
Determines if the current user has access to the account's stored cards.
1 call to commerce_cardonfile_user_access()
File
- ./
commerce_cardonfile.module, line 453 - Supports card on file functionality for credit card payment methods by associating card data reference IDs from payment gateways with user accounts.
Code
function commerce_cardonfile_user_access($account) {
global $user;
if (user_access('administer card data') || user_access('view any card data')) {
// Grant access for any user with administer permission or view permission
// to any cards.
return TRUE;
}
elseif ($account->uid != $user->uid) {
// Otherwise deny the access if the account doesn't belong to the currently
// logged in user.
return FALSE;
}
// create a stub data array for access checks
$card_stub = commerce_cardonfile_new(array(
'uid' => $account->uid,
));
// DENY if the user DOES NOT have view access
if (!commerce_cardonfile_access('view', $card_stub, $account)) {
return FALSE;
}
// load active cards
$stored_cards = commerce_cardonfile_load_multiple_by_uid($account->uid);
// if no cards, then check create access
if (empty($stored_cards)) {
return commerce_cardonfile_add_any_access($account);
}
// ALLOW by default
return TRUE;
}