function farm_asset_access in farmOS 7
Access callback for asset entities.
Parameters
string $op: The operation being performed. One of 'view', 'update', 'create', 'delete'.
FarmAsset|string $farm_asset: Optionally a specific asset entity to check.
object $account: The user to check for. Leave it to NULL to check for the global user.
Return value
bool Whether access is allowed or not.
7 calls to farm_asset_access()
- FarmAssetProcessor::entitySaveAccess in modules/
farm/ farm_asset/ includes/ feeds/ plugins/ FarmAssetProcessor.inc - Check that the user has permission to save a farm asset.
- farm_asset_add_access in modules/
farm/ farm_asset/ farm_asset.module - Access callback: Checks whether the user has permission to add an asset.
- farm_asset_add_types_page in modules/
farm/ farm_asset/ farm_asset.pages.inc - Page to select asset type to add new asset.
- farm_asset_farm_asset_view_access_check in modules/
farm/ farm_asset/ includes/ ctools/ farm_asset_view.inc - Callback to determine if a page is accessible.
- farm_asset_form in modules/
farm/ farm_asset/ farm_asset.pages.inc - Asset form.
2 string references to 'farm_asset_access'
- farm_asset_entity_info in modules/
farm/ farm_asset/ farm_asset.module - Implements hook_entity_info().
- farm_asset_menu in modules/
farm/ farm_asset/ farm_asset.module - Implements hook_menu().
File
- modules/
farm/ farm_asset/ farm_asset.module, line 555 - Farm asset - A farm asset entity type.
Code
function farm_asset_access($op, $farm_asset = NULL, $account = NULL) {
$rights =& drupal_static(__FUNCTION__, array());
// If $op is not one of the supported ones, deny access.
if (!in_array($op, array(
'create',
'view',
'update',
'delete',
), TRUE)) {
return FALSE;
}
// If no user object is supplied, the access check is for the current user.
if (empty($account)) {
global $user;
$account = $user;
}
// If no asset is provided, check for access to all assets.
if (empty($farm_asset)) {
return user_access('view farm assets', $account);
}
// $farm_asset may be either an object or an asset type. Since asset types
// cannot be an integer, use either id or type as the static cache id.
$cid = is_object($farm_asset) ? $farm_asset->id : $farm_asset;
// If we've already checked access for this asset, user and op, return from
// cache.
if (isset($rights[$account->uid][$cid][$op])) {
return $rights[$account->uid][$cid][$op];
}
// If the user has 'administer farm_asset module' permission, grant them
// access.
if (user_access('administer farm_asset module', $account)) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
// Check access to the asset based on it's type.
$type = is_string($farm_asset) ? $farm_asset : $farm_asset->type;
$farm_asset_types = farm_asset_types();
$type_names = array();
foreach ($farm_asset_types as $name => $farm_asset_type) {
$type_names[] = $name;
}
if (in_array($type, $type_names)) {
if ($op == 'create' && user_access('create ' . $type . ' farm assets', $account)) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
if ($op == 'view') {
if (user_access('view any ' . $type . ' farm assets', $account) || user_access('view own ' . $type . ' farm assets', $account) && $account->uid == $farm_asset->uid) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
}
if ($op == 'update') {
if (user_access('edit any ' . $type . ' farm assets', $account) || user_access('edit own ' . $type . ' farm assets', $account) && $account->uid == $farm_asset->uid) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
}
if ($op == 'delete') {
if (user_access('delete any ' . $type . ' farm assets', $account) || user_access('delete own ' . $type . ' farm assets', $account) && $account->uid == $farm_asset->uid) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
}
}
// If all else fails, deny access.
return FALSE;
}