You are here

function entity_metadata_user_properties_access in Entity API 7

Access callback for restricted user properties.

1 string reference to 'entity_metadata_user_properties_access'
entity_metadata_user_entity_property_info in modules/user.info.inc
Implements hook_entity_property_info() on top of user module.

File

modules/callbacks.inc, line 737
Provides various callbacks for the whole core module integration.

Code

function entity_metadata_user_properties_access($op, $property, $entity = NULL, $account = NULL) {
  if (user_access('administer users', $account)) {
    return TRUE;
  }
  $account = isset($account) ? $account : $GLOBALS['user'];

  // Flag to indicate if this user entity is the own user account.
  $is_own_account = isset($entity->uid) && $account->uid == $entity->uid;
  switch ($property) {
    case 'name':

      // Allow view access to anyone with access to the entity.
      if ($op == 'view') {
        return TRUE;
      }

      // Allow edit access for own user name if the permission is satisfied.
      return $is_own_account && user_access('change own username', $account);
    case 'mail':

      // Allow access to own mail address.
      return $is_own_account;
    case 'roles':

      // Allow view access for own roles.
      return $op == 'view' && $is_own_account;
  }
  return FALSE;
}