function file_entity_access in File Entity (fieldable files) 7.3
Same name and namespace in other branches
- 7 file_entity.module \file_entity_access()
- 7.2 file_entity.module \file_entity_access()
Determine if a user may perform the given operation on the specified file.
Parameters
$op: The operation to be performed on the file. Possible values are:
- "view"
- "download"
- "update"
- "delete"
- "create"
$file: The file object on which the operation is to be performed, or file type (e.g. 'image') for "create" operation.
$account: Optional, a user object representing the user for whom the operation is to be performed. Determines access for a user other than the current user.
Return value
TRUE if the operation may be performed, FALSE otherwise.
Related topics
15 calls to file_entity_access()
- FileEntityAccessTestCase::assertFileEntityAccess in ./
file_entity.test - Asserts file_entity_access correctly grants or denies access.
- file_entity_add_upload_multiple_submit in ./
file_entity.pages.inc - Submit handler for the multiple upload form.
- file_entity_admin_files in ./
file_entity.admin.inc - Form builder: Builds the file administration overview.
- file_entity_edit in ./
file_entity.pages.inc - Page callback: Form constructor for the file edit form.
- file_entity_field_formatter_view in ./
file_entity.field.inc - Implements hook_field_formatter_view().
4 string references to 'file_entity_access'
- FileEntityAccessTestCase::assertFileEntityAccess in ./
file_entity.test - Asserts file_entity_access correctly grants or denies access.
- file_entity_entity_info_alter in ./
file_entity.module - Implements hook_entity_info_alter().
- file_entity_hook_info in ./
file_entity.module - Implements hook_hook_info().
- file_entity_menu in ./
file_entity.module - Implements hook_menu().
File
- ./
file_entity.module, line 1754 - Extends Drupal file entities to be fieldable and viewable.
Code
function file_entity_access($op, $file = NULL, $account = NULL) {
$rights =& drupal_static(__FUNCTION__, array());
if (!$file && !in_array($op, array(
'view',
'download',
'update',
'delete',
'create',
), TRUE)) {
// If there was no file to check against, and the $op was not one of the
// supported ones, we return access denied.
return FALSE;
}
// If no user object is supplied, the access check is for the current user.
if (empty($account)) {
$account = $GLOBALS['user'];
}
// $file may be either an object or a file type. Since file types cannot be
// an integer, use either fid or type as the static cache id.
$cache_id = NULL;
if (is_object($file) && !empty($file->fid)) {
$cache_id = $file->fid;
}
elseif ($op == 'create' && is_string($file)) {
$cache_id = $file;
}
elseif ($op == 'create' && is_object($file) && !empty($file->type)) {
$cache_id = $file->type;
}
else {
$cache_id = drupal_hash_base64(serialize($file));
}
// If we've already checked access for this file, user and op, return from
// cache.
if (isset($rights[$account->uid][$cache_id][$op])) {
return $rights[$account->uid][$cache_id][$op];
}
if (user_access('bypass file access', $account)) {
return $rights[$account->uid][$cache_id][$op] = TRUE;
}
// We grant access to the file if both of the following conditions are met:
// - No modules say to deny access.
// - At least one module says to grant access.
$access = module_invoke_all('file_entity_access', $op, $file, $account);
if (in_array(FILE_ENTITY_ACCESS_DENY, $access, TRUE)) {
return $rights[$account->uid][$cache_id][$op] = FALSE;
}
elseif (in_array(FILE_ENTITY_ACCESS_ALLOW, $access, TRUE)) {
return $rights[$account->uid][$cache_id][$op] = TRUE;
}
// Fall back to default behaviors on view.
if ($op == 'view' && is_object($file)) {
$scheme = file_uri_scheme($file->uri);
$wrapper = file_entity_get_stream_wrapper($scheme);
if (!empty($wrapper['private'])) {
// For private files, users can view private files if the
// user has the 'view private files' permission.
if (user_access('view private files', $account)) {
return $rights[$account->uid][$cache_id][$op] = TRUE;
}
// For private files, users can view their own private files if the
// user is not anonymous, and has the 'view own private files' permission.
if (!empty($account->uid) && $file->uid == $account->uid && user_access('view own private files', $account)) {
return $rights[$account->uid][$cache_id][$op] = TRUE;
}
}
elseif ($file->status == FILE_STATUS_PERMANENT && $file->uid == $account->uid && user_access('view own files', $account)) {
// For non-private files, allow to see if user owns the file.
return $rights[$account->uid][$cache_id][$op] = TRUE;
}
elseif ($file->status == FILE_STATUS_PERMANENT && user_access('view files', $account)) {
// For non-private files, users can view if they have the 'view files'
// permission.
return $rights[$account->uid][$cache_id][$op] = TRUE;
}
}
return FALSE;
}