function file_entity_file_entity_access in File Entity (fieldable files) 7.3
Same name and namespace in other branches
- 7.2 file_entity.module \file_entity_file_entity_access()
Implements hook_file_entity_access().
Related topics
File
- ./
file_entity.module, line 1841 - Extends Drupal file entities to be fieldable and viewable.
Code
function file_entity_file_entity_access($op, $file, $account) {
// If the op is "create," all that's needed is to check the create permission.
if ($op == 'create') {
if (user_access('create files')) {
return FILE_ENTITY_ACCESS_ALLOW;
}
}
// If the file URI is invalid, deny access.
if (is_object($file) && isset($file->uri) && !file_valid_uri($file->uri)) {
if (isset($file->is_new) && $file->is_new == true && user_access('create files')) {
return FILE_ENTITY_ACCESS_ALLOW;
}
return FILE_ENTITY_ACCESS_DENY;
}
if (!empty($file)) {
$type = is_string($file) ? $file : $file->type;
if (in_array($type, file_entity_permissions_get_configured_types())) {
if ($op == 'download') {
if (user_access('download any ' . $type . ' files', $account) || is_object($file) && user_access('download own ' . $type . ' files', $account) && $account->uid == $file->uid) {
return FILE_ENTITY_ACCESS_ALLOW;
}
}
if ($op == 'update') {
if (user_access('edit any ' . $type . ' files', $account) || is_object($file) && user_access('edit own ' . $type . ' files', $account) && $account->uid == $file->uid) {
return FILE_ENTITY_ACCESS_ALLOW;
}
}
if ($op == 'delete') {
if (user_access('delete any ' . $type . ' files', $account) || is_object($file) && user_access('delete own ' . $type . ' files', $account) && $account->uid == $file->uid) {
return FILE_ENTITY_ACCESS_ALLOW;
}
}
}
}
return FILE_ENTITY_ACCESS_IGNORE;
}