function hosting_task_menu_access in Hostmaster (Aegir) 6
Task access controls
This function defines which tasks should be showed to the user but especially which will be accessible to him, in the permissions system.
@arg $node object the node object we're trying to access
@arg $task string the task type we're trying to do on the $node
See also
2 calls to hosting_task_menu_access()
- hosting_sites_batch_process in modules/
hosting/ site/ hosting_site.module - hosting_task_menu_access_csrf in modules/
hosting/ task/ hosting_task.module - Access callback helper for hosting task menu items.
1 string reference to 'hosting_task_menu_access'
- hosting_task_fetch_tasks in modules/
hosting/ task/ hosting_task.module
File
- modules/
hosting/ task/ hosting_task.module, line 133 - Web server node type is defined here.
Code
function hosting_task_menu_access($node, $task) {
if (user_access("create " . $task . " task")) {
if ($node->type == 'site') {
if (hosting_task_outstanding($node->nid, 'delete') || $node->site_status == HOSTING_SITE_DELETED) {
return FALSE;
}
if ($task == 'login_reset' && $node->site_status != HOSTING_SITE_ENABLED) {
return FALSE;
}
$safe_tasks = array(
'backup',
'backup_delete',
'verify',
'enable',
);
if (!in_array($task, $safe_tasks)) {
// Don't show certain tasks if the site is the 'special' main aegir site
$profile = node_load($node->profile);
if ($profile->short_name == 'hostmaster') {
return FALSE;
}
}
$site_enabled = hosting_task_outstanding($node->nid, 'enable') || $node->site_status == HOSTING_SITE_ENABLED;
$deletable = $task == "delete";
$enabable = $task == "enable";
$delete_or_enable = $deletable || $enabable;
// If the site is not enabled, we can either delete it, or enable it again
if (!$site_enabled) {
return $delete_or_enable;
}
else {
// Site is enabled
return !variable_get('hosting_require_disable_before_delete', TRUE) && $deletable || !$delete_or_enable;
}
}
if ($node->type == 'platform') {
// if the user can't edit this node, he can't create tasks on it
if (!node_access('update', $node, $GLOBALS['user'])) {
return FALSE;
}
// If the platform is in a deleted state, nothing else can be done with it
if (hosting_task_outstanding($node->nid, 'delete') || $node->platform_status == HOSTING_PLATFORM_DELETED) {
return FALSE;
}
// If the platform's been locked, we can unlock it, delete, batch migrate existing sites or verify
if ($node->platform_status == HOSTING_PLATFORM_LOCKED) {
$platform_tasks = array(
'verify',
'unlock',
'delete',
'migrate',
);
}
else {
// If the platform's unlocked, we can lock it, delete it or batch migrate sites
$platform_tasks = array(
'verify',
'lock',
'delete',
'migrate',
);
}
return in_array($task, $platform_tasks);
}
if ($node->type === 'server') {
// If the user can't edit this node, he can't create tasks on it.
if (!node_access('update', $node, $GLOBALS['user'])) {
return FALSE;
}
// todo probably need more checks
return TRUE;
}
}
return FALSE;
}