You are here

Home » API reference » Paragraphs 7 » paragraphs.module

function paragraphs_item_access in Paragraphs 7

Access check for paragraphs.

Most of the time the access callback is on the host entity. In some cases you want specific access checks on paragraphs. You can do this by implementing hook_paragraphs_item_access().

Return value

bool Whether the user has access to a paragraphs item.

1 string reference to 'paragraphs_item_access'
paragraphs_entity_info in ./paragraphs.module
Implements hook_entity_info().

File

./paragraphs.module, line 166
Paragraphs hooks and common functions.

Code

function paragraphs_item_access($op, $entity, $account, $entity_type) {

  // If no user object is supplied, the access check is for the current user.
  if (empty($account)) {
    $account = $GLOBALS['user'];
  }
  $permissions =& drupal_static(__FUNCTION__, array());

  // If the $op was not one of the supported ones, we return access denied.
  if (!in_array($op, array(
    'view',
    'update',
    'delete',
    'create',
  ), TRUE)) {
    return FALSE;
  }

  // When we have no entity, create a generic cid.
  if (empty($entity)) {
    $cid = 'all_entities:' . $op;
  }
  elseif ($op == 'create' || isset($entity->is_new) && $entity->is_new) {
    $cid = $entity->bundle;
  }
  else {
    $cid = $entity->item_id . '_' . $entity->revision_id;
  }

  // If we've already checked access for this bundle, user and op, return from
  // cache. Otherwise, we are optimistic and consider that the user can
  // view / update / delete or create a paragraph.
  if (isset($permissions[$account->uid][$cid][$op])) {
    return $permissions[$account->uid][$cid][$op];
  }

  // We grant access to the paragraph item if both of these conditions are met:
  // - No modules say to deny access.
  // - At least one module says to grant access.
  // If no module specified either allow or deny, we always allow.
  $access = module_invoke_all('paragraphs_item_access', $entity, $op, $account);
  if (in_array(PARAGRAPHS_ITEM_ACCESS_DENY, $access, TRUE)) {
    $user_access_permission = FALSE;
  }
  elseif (in_array(PARAGRAPHS_ITEM_ACCESS_ALLOW, $access, TRUE)) {
    $user_access_permission = TRUE;
  }
  else {

    // Deny access by default.
    $user_access_permission = FALSE;
  }

  // Store the result of the permission in our matrix.
  $permissions[$account->uid][$cid][$op] = $user_access_permission;
  return $permissions[$account->uid][$cid][$op];
}