function crm_core_contact_access in CRM Core 7
Check permission for various contact operations.
Parameters
$op: Operation being performed.
object $contact: A crm_core_contact_type object.
Return value
bool TRUE if access is granted/FALSE is access is denied.
3 calls to crm_core_contact_access()
- crm_core_contact_file_download_access in modules/
crm_core_contact/ crm_core_contact.module - Implements hook_file_download_access().
- crm_core_contact_view_access_check in modules/
crm_core_contact/ plugins/ tasks/ view.inc - Callback to determine if a page is accessible.
- _crm_core_contact_resource_access in modules/
crm_core_contact/ includes/ crm_core_contact_resource.inc - Determine whether the current user can access a crm_core_contact resource.
1 string reference to 'crm_core_contact_access'
- crm_core_contact_entity_info in modules/
crm_core_contact/ crm_core_contact.module - Implements hook_entity_info().
File
- modules/
crm_core_contact/ crm_core_contact.module, line 277 - Provides default CRM Core Contact entities and the ability to create more.
Code
function crm_core_contact_access($op, $contact, $account = NULL, $entity_type = NULL) {
global $user;
if (!isset($account)) {
$account = $user;
}
if (is_object($contact)) {
$contact_type = $contact->type;
}
else {
$contact_type = $contact;
}
// First grant access to the entity for the specified operation if no other
// module denies it and at least one other module says to grant access.
$access_results = module_invoke_all('crm_core_entity_access', $op, $contact, $account, $entity_type);
if (in_array(FALSE, $access_results, TRUE)) {
return FALSE;
}
elseif (in_array(TRUE, $access_results, TRUE)) {
return TRUE;
}
$administer_contact = user_access('administer crm_core_contact entities', $account);
switch ($op) {
case 'view':
$view_any_contact = user_access('view any crm_core_contact entity', $account);
$view_type_contact = user_access('view any crm_core_contact entity of bundle ' . $contact_type, $account);
return $administer_contact || $view_any_contact || $view_type_contact;
case 'edit':
$edit_any_contact = user_access('edit any crm_core_contact entity', $account);
$edit_type_contact = user_access('edit any crm_core_contact entity of bundle ' . $contact_type, $account);
return $administer_contact || $edit_any_contact || $edit_type_contact;
case 'delete':
$delete_any_contact = user_access('delete any crm_core_contact entity', $account);
$delete_type_contact = user_access('delete any crm_core_contact entity of bundle ' . $contact_type, $account);
return $administer_contact || $delete_any_contact || $delete_type_contact;
case 'revert':
// @todo: more fine grained will be adjusting dynamic permission
// generation for reverting bundles of contact.
$revert_any_contact = user_access('revert contact record', $account);
return $administer_contact || $revert_any_contact;
case 'create_view':
// Any of the create permissions.
$create_any_contact = user_access('create crm_core_contact entities', $account);
$contact_types = array_keys(crm_core_contact_types(TRUE));
foreach ($contact_types as $type) {
$create_type_contact[] = entity_access('create', 'crm_core_contact', $type, $account);
}
// Any type of contact type create permission.
$create_type_contact_flag = in_array(TRUE, $create_type_contact);
return $administer_contact || $create_any_contact || $create_type_contact_flag;
case 'create':
default:
// make sure we are getting a contact type back
if (empty($contact_type)) {
return false;
}
// Must be able to create contact of any type (OR) specific type
// (AND) have an active contact type.
// IMPORTANT, here $contact is padded in as a string of the contact type.
$create_any_contact = user_access('create crm_core_contact entities', $account);
$create_type_contact = user_access('create crm_core_contact entities of bundle ' . $contact_type, $account);
// Load the contact type entity.
$contact_type_entity = crm_core_contact_type_load($contact_type);
$contact_type_is_active = !(bool) $contact_type_entity->disabled;
return ($administer_contact || $create_any_contact || $create_type_contact) && $contact_type_is_active;
}
}