function entity_metadata_comment_access in Entity API 7

Access callback for the comment entity.

1 string reference to 'entity_metadata_comment_access'

_entity_info_add_metadata in ./entity.module: Adds metadata and callbacks for core entities to the entity info.

File

modules/callbacks.inc, line 767: Provides various callbacks for the whole core module integration.

Code

function entity_metadata_comment_access($op, $entity = NULL, $account = NULL) {

  // When determining access to a comment, 'comment_access' does not take any
  // access restrictions to the comment's associated node into account. If a
  // comment has an associated node, the user must be able to view it in order
  // to access the comment.
  if (isset($entity->nid)) {
    if (!entity_access('view', 'node', node_load($entity->nid), $account)) {
      return FALSE;
    }
  }

  // Comment administrators are allowed to perform all operations on all
  // comments.
  if (user_access('administer comments', $account)) {
    return TRUE;
  }

  // Unpublished comments can never be accessed by non-admins.
  if (isset($entity->status) && $entity->status == COMMENT_NOT_PUBLISHED) {
    return FALSE;
  }
  if (isset($entity) && $op == 'update') {

    // Because 'comment_access' only checks the current user, we need to do our
    // own access checking if an account was specified.
    if (!isset($account)) {
      return comment_access('edit', $entity);
    }
    else {
      return $account->uid && $account->uid == $entity->uid && user_access('edit own comments', $account);
    }
  }
  if (user_access('access comments', $account) && $op == 'view') {
    return TRUE;
  }
  return FALSE;
}

You are here

function entity_metadata_comment_access in Entity API 7

File

Code

API Navigation