You are here

Home » API reference » Organic groups 7.2 » og.module

function og_user_access_entity in Organic groups 7.2

Same name and namespace in other branches
  1. 7 og.module \og_user_access_entity()

Check if a user has access to a permission on a certain entity context.

Parameters

$perm: The organic groups permission.

$entity_type: The entity type.

$entity: The entity object, or the entity ID.

$account: (optional) The user object. If empty the current user will be used.

$skip_alter: (optional) If TRUE then user access will not be sent to other modules using drupal_alter(). This can be used by modules implementing hook_og_user_access_alter() that still want to use og_user_access(), but without causing a recursion. Defaults to FALSE.

$ignore_admin: (optional) When TRUE the specific permission is checked, ignoring the "administer group" permission if the user has it. When FALSE, a user with "administer group" will be granted all permissions. Defaults to FALSE.

Return value

Returns TRUE if the user has access to the permission, otherwise FALSE, or if the entity is not in OG context, function will return NULL. This allows a distinction between FALSE - no access, and NULL - no access as no OG context found.

3 calls to og_user_access_entity()
OgAccess::testOgAccessEntity in ./og.test
Verify og_user_access_entity() returns correct value.
og_field_access_field_access in og_field_access/og_field_access.module
Implements hook_field_access().
og_node_access in ./og.module
Implements hook_node_access().

File

./og.module, line 2250
Enable users to create and manage groups with roles and permissions.

Code

function og_user_access_entity($perm, $entity_type, $entity, $account = NULL, $skip_alter = FALSE, $ignore_admin = FALSE) {
  if (empty($account)) {
    global $user;
    $account = clone $user;
  }

  // Set the default for the case there is not a group or a group content.
  $result = NULL;
  if (empty($entity)) {

    // $entity might be NULL, so return early.
    // @see field_access().
    return $result;
  }
  elseif (is_numeric($entity)) {
    $entity = entity_load_single($entity_type, $entity);
  }
  list($id, $vid, $bundle_name) = entity_extract_ids($entity_type, $entity);
  if (empty($id)) {

    // Entity isn't saved yet.
    return $result;
  }
  $is_group = og_is_group($entity_type, $entity);
  $is_group_content = og_is_group_content_type($entity_type, $bundle_name);
  if ($is_group) {
    if (og_user_access($entity_type, $id, $perm, $account)) {
      return TRUE;
    }
    else {

      // An entity can be a group and group content in the same time. The group
      // didn't return TRUE, but the user still might have access to the
      // permission in group content context.
      $result = FALSE;
    }
  }
  if ($is_group_content && ($groups = og_get_entity_groups($entity_type, $entity))) {
    foreach ($groups as $group_type => $gids) {
      foreach ($gids as $gid) {
        if (og_user_access($group_type, $gid, $perm, $account, $skip_alter, $ignore_admin)) {
          return TRUE;
        }
      }
    }
    return FALSE;
  }

  // Either the user didn't have permission, or the entity might be a
  // disabled group or an orphaned group content.
  return $result;
}