You are here

function hosting_task_menu_access in Hosting 7.4

Same name and namespace in other branches
  1. 6.2 task/hosting_task.module \hosting_task_menu_access()
  2. 7.3 task/hosting_task.module \hosting_task_menu_access()

Task access controls.

This function defines which tasks should be showed to the user but especially which will be accessible to him, in the permissions system.

@arg $node object the node object we're trying to access

@arg $task string the task type we're trying to do on the $node

See also

hosting_task_menu()

1 call to hosting_task_menu_access()
hosting_task_menu_access_csrf in task/hosting_task.module
Access callback helper for hosting task menu items.
1 string reference to 'hosting_task_menu_access'
hosting_task_fetch_tasks in task/hosting_task.module
@todo Please document this function.

File

task/hosting_task.module, line 285
Web server node type is defined here.

Code

function hosting_task_menu_access($node, $task) {
  if (user_access("create " . $task . " task")) {
    if ($node->type == 'site') {
      if (hosting_task_outstanding($node->nid, 'delete') || $node->site_status == HOSTING_SITE_DELETED) {
        return FALSE;
      }
      if ($task == 'login-reset' && $node->site_status != HOSTING_SITE_ENABLED) {
        return FALSE;
      }

      // @TODO: Un-hardcode this?
      $safe_tasks = array(
        'backup',
        'backup-delete',
        'verify',
        'enable',
        'deploy',
      );
      if (!in_array($task, $safe_tasks)) {

        // Don't show certain tasks if the site is the 'special' main aegir site.
        if ($node->nid == hosting_get_hostmaster_site_nid()) {
          return FALSE;
        }
      }
      $site_enabled = hosting_task_outstanding($node->nid, 'enable') || $node->site_status == HOSTING_SITE_ENABLED;
      $deletable = $task == "delete";
      $enabable = $task == "enable";

      // @TODO: Do not allow on protected sites.
      // @TODO: Improve UI to inform users this is a reinstall and data will be lost.
      // @TODO: Reduce tech debt, do not add to it.
      $installable = $task == "install";
      $delete_or_enable = $deletable || $enabable || $installable;

      // If the site is not enabled, we can either delete it, or enable it again.
      if (!$site_enabled) {
        return $delete_or_enable;
      }
      else {

        // Site is enabled.
        return $installable && variable_get('hosting_allow_reinstall', TRUE) || !variable_get('hosting_require_disable_before_delete', TRUE) && $deletable || !$delete_or_enable;
      }
    }
    if ($node->type == 'platform') {

      // If the user can't edit this node, he can't create tasks on it.
      if (!node_access('update', $node, $GLOBALS['user'])) {
        return FALSE;
      }

      // If the platform is in a deleted state, nothing else can be done with it.
      if (hosting_task_outstanding($node->nid, 'delete') || $node->platform_status == HOSTING_PLATFORM_DELETED) {
        return FALSE;
      }

      // If the platform's been locked, we can unlock it, delete, batch migrate existing sites or verify.
      if ($node->platform_status == HOSTING_PLATFORM_LOCKED) {
        $platform_tasks = array(
          'verify',
          'unlock',
          'delete',
          'migrate',
        );
        return in_array($task, $platform_tasks);
      }
      else {

        // If the platform's unlocked, we can lock it, delete it or batch migrate sites
        $platform_tasks = array(
          'verify',
          'lock',
          'delete',
          'migrate',
        );
      }
      return in_array($task, $platform_tasks);
    }
    if ($node->type === 'server') {

      // If the user can't edit this node, he can't create tasks on it.
      if (!node_access('update', $node, $GLOBALS['user'])) {
        return FALSE;
      }

      // todo probably need more checks
      return TRUE;
    }
  }
  return FALSE;
}