function oa_access in Open Atrium Core 7.2
Determines if the user has a permission.
This is based on the user's membership in an Open Atrium Group or Team in the same way that user_access() is based on a user's membership in a role.
@returns boolean TRUE if the user has permission; otherwise FALSE.
Parameters
object|integer|NULL $space: The Space in which we want to perform the action. You can pass NULL if there is no Space active (this will mean that Team permissions won't be considered).
string $permission: The machine name of the permission we are checking.
object|NULL $account: (Optional) A user object representing the user to check. If NULL, it will check for the currently logged in user.
3 calls to oa_access()
- OpenAtriumAccessTestCase::testGroupAccess in modules/
oa_access/ tests/ oa_access.test - OpenAtriumAccessTestCase::testTeamAccess in modules/
oa_access/ tests/ oa_access.test - OpenAtriumAccessTestCase::testTeamOverride in modules/
oa_access/ tests/ oa_access.test
4 string references to 'oa_access'
- oa_core.module in ./
oa_core.module - OpenAtriumAccessTestCase::testGroupAccess in modules/
oa_access/ tests/ oa_access.test - OpenAtriumAccessTestCase::testTeamAccess in modules/
oa_access/ tests/ oa_access.test - _oa_access_permissions_form in modules/
oa_access/ oa_access.admin.inc - Internal form constructor for both the Group and Team permissions forms.
File
- modules/
oa_access/ oa_access.module, line 593 - Code for the Open Atrium Access module.
Code
function oa_access($space, $permission, $account = NULL) {
global $user;
if (is_null($account)) {
$account = $user;
}
// This function is most commonly called with the same $account but different
// $permissions's. So the layout of the static cache is optimized for that case.
//
// Also, when Teams come into play, access is dependent on the Space which the
// node belongs to. This is because permission gained by membership in a Team
// on Space A shouldn't give you that permission when editting content in
// Space B.
//
// So, the cache looks like this:
//
// $cache[$space_nid][$account->uid][$permission] = TRUE;
//
// However, if oa_teams is disabled, we'll use a constant for $space_nid to
// group everything togather for a modest performance boost.
//
$cache =& drupal_static(__FUNCTION__, array());
$space = !module_exists('oa_teams') ? 0 : ($space ? $space : 0);
$space_nid = is_object($space) ? $space->nid : $space;
if (!isset($cache[$space_nid][$account->uid])) {
// Get the Group and Team permissions.
$group_permissions = oa_access_get_group_permissions_combined(oa_access_user_groups($account));
$team_permissions = $space_nid ? oa_access_get_group_permissions_combined(oa_access_user_teams($space_nid, $account)) : array();
// Loop over the permissions, combining the Group and Team grants per the
// 'combine' property on the permission.
$perms = array();
foreach (oa_access_get_permissions() as $perm => $info) {
switch ($info['combine']) {
case OA_ACCESS_COMBINE_UNION:
$perms[$perm] = isset($group_permissions[$perm]) || isset($team_permissions[$perm]);
break;
case OA_ACCESS_COMBINE_INTERSECTION:
$perms[$perm] = isset($group_permissions[$perm]) && isset($team_permissions[$perm]);
break;
case OA_ACCESS_COMBINE_TEAM_OVERRIDE:
if ($space_nid && _oa_access_is_overridden($perm, $space_nid)) {
$perms[$perm] = isset($team_permissions[$perm]);
}
else {
$perms[$perm] = isset($group_permissions[$perm]) || isset($team_permissions[$perm]);
}
break;
case OA_ACCESS_COMBINE_GROUP_OVERRIDE:
if (_oa_access_is_overridden($perm, 0)) {
$perms[$perm] = isset($group_permissions[$perm]);
}
else {
$perms[$perm] = isset($group_permissions[$perm]) || isset($team_permissions[$perm]);
}
break;
}
}
$cache[$space_nid][$account->uid] = $perms;
}
return $cache[$space_nid][$account->uid][$permission];
}