function log_access in Log entity 7
Access callback for log entities.
Parameters
string $op: The operation being performed. One of 'view', 'update', 'create', 'delete'.
Log|string $log: Optionally a specific log entity to check, or a log type.
object $account: The user to check for. Leave it to NULL to check for the global user.
Return value
bool Whether access is allowed or not.
5 calls to log_access()
- LogProcessor::entitySaveAccess in includes/
feeds/ plugins/ LogProcessor.inc - Check that the user has permission to save a log.
- log_add_access in ./
log.module - Access callback: Checks whether the user has permission to add a log.
- log_add_types_page in ./
log.pages.inc - Page to select log Type to add new log.
- log_form in ./
log.pages.inc - Log Form.
- log_properties_access in ./
log.module - Access callback for log properties.
2 string references to 'log_access'
- log_entity_info in ./
log.module - Implements hook_entity_info().
- log_menu in ./
log.module - Implements hook_menu().
File
- ./
log.module, line 763 - Log - A general purpose record keeping system.
Code
function log_access($op, $log = NULL, $account = NULL) {
$rights =& drupal_static(__FUNCTION__, array());
// If $op is not one of the supported ones, deny access.
if (!in_array($op, array(
'create',
'view',
'update',
'delete',
), TRUE)) {
return FALSE;
}
// If no user object is supplied, the access check is for the current user.
if (empty($account)) {
global $user;
$account = $user;
}
// If no log is provided, check for access to all logs.
if (empty($log)) {
return user_access('view all logs', $account);
}
// $log may be either an object or a log type. Since log types cannot be
// an integer, use either id or type as the static cache id.
$cid = is_object($log) ? $log->id : $log;
// If we've already checked access for this log, user and op, return from
// cache.
if (isset($rights[$account->uid][$cid][$op])) {
return $rights[$account->uid][$cid][$op];
}
// If the user has 'administer log module' permission, grant them access.
if (user_access('administer log module', $account)) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
// Check access to the log based on it's type.
$type = is_string($log) ? $log : $log->type;
$log_types = log_types();
$type_names = array();
foreach ($log_types as $name => $log_type) {
$type_names[] = $name;
}
if (in_array($type, $type_names)) {
if ($op == 'create' && user_access('create ' . $type . ' log entities', $account)) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
if ($op == 'view') {
if (user_access('view any ' . $type . ' log entities', $account) || user_access('view own ' . $type . ' log entities', $account) && $account->uid == $log->uid) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
}
if ($op == 'update') {
if (user_access('edit any ' . $type . ' log entities', $account) || user_access('edit own ' . $type . ' log entities', $account) && $account->uid == $log->uid) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
}
if ($op == 'delete') {
if (user_access('delete any ' . $type . ' log entities', $account) || user_access('delete own ' . $type . ' log entities', $account) && $account->uid == $log->uid) {
$rights[$account->uid][$cid][$op] = TRUE;
return TRUE;
}
}
}
// If all else fails, deny access.
return FALSE;
}