You are here

function log_access in Log entity 7

Access callback for log entities.

Parameters

string $op: The operation being performed. One of 'view', 'update', 'create', 'delete'.

Log|string $log: Optionally a specific log entity to check, or a log type.

object $account: The user to check for. Leave it to NULL to check for the global user.

Return value

bool Whether access is allowed or not.

5 calls to log_access()
LogProcessor::entitySaveAccess in includes/feeds/plugins/LogProcessor.inc
Check that the user has permission to save a log.
log_add_access in ./log.module
Access callback: Checks whether the user has permission to add a log.
log_add_types_page in ./log.pages.inc
Page to select log Type to add new log.
log_form in ./log.pages.inc
Log Form.
log_properties_access in ./log.module
Access callback for log properties.
2 string references to 'log_access'
log_entity_info in ./log.module
Implements hook_entity_info().
log_menu in ./log.module
Implements hook_menu().

File

./log.module, line 763
Log - A general purpose record keeping system.

Code

function log_access($op, $log = NULL, $account = NULL) {
  $rights =& drupal_static(__FUNCTION__, array());

  // If $op is not one of the supported ones, deny access.
  if (!in_array($op, array(
    'create',
    'view',
    'update',
    'delete',
  ), TRUE)) {
    return FALSE;
  }

  // If no user object is supplied, the access check is for the current user.
  if (empty($account)) {
    global $user;
    $account = $user;
  }

  // If no log is provided, check for access to all logs.
  if (empty($log)) {
    return user_access('view all logs', $account);
  }

  // $log may be either an object or a log type. Since log types cannot be
  // an integer, use either id or type as the static cache id.
  $cid = is_object($log) ? $log->id : $log;

  // If we've already checked access for this log, user and op, return from
  // cache.
  if (isset($rights[$account->uid][$cid][$op])) {
    return $rights[$account->uid][$cid][$op];
  }

  // If the user has 'administer log module' permission, grant them access.
  if (user_access('administer log module', $account)) {
    $rights[$account->uid][$cid][$op] = TRUE;
    return TRUE;
  }

  // Check access to the log based on it's type.
  $type = is_string($log) ? $log : $log->type;
  $log_types = log_types();
  $type_names = array();
  foreach ($log_types as $name => $log_type) {
    $type_names[] = $name;
  }
  if (in_array($type, $type_names)) {
    if ($op == 'create' && user_access('create ' . $type . ' log entities', $account)) {
      $rights[$account->uid][$cid][$op] = TRUE;
      return TRUE;
    }
    if ($op == 'view') {
      if (user_access('view any ' . $type . ' log entities', $account) || user_access('view own ' . $type . ' log entities', $account) && $account->uid == $log->uid) {
        $rights[$account->uid][$cid][$op] = TRUE;
        return TRUE;
      }
    }
    if ($op == 'update') {
      if (user_access('edit any ' . $type . ' log entities', $account) || user_access('edit own ' . $type . ' log entities', $account) && $account->uid == $log->uid) {
        $rights[$account->uid][$cid][$op] = TRUE;
        return TRUE;
      }
    }
    if ($op == 'delete') {
      if (user_access('delete any ' . $type . ' log entities', $account) || user_access('delete own ' . $type . ' log entities', $account) && $account->uid == $log->uid) {
        $rights[$account->uid][$cid][$op] = TRUE;
        return TRUE;
      }
    }
  }

  // If all else fails, deny access.
  return FALSE;
}