function payment_access in Payment 7
Check if a user has access to perform a certain payment operation.
Parameters
string $operation: One of the following operations:
- "create"
- "update" (does not require $payment, but only grants access if the user has permission to update any payment)
- "delete" (does not require $payment_method, but only grants access if the user has permission to delete any payment)
- "view" (does not require $payment_method, but only grants access if the user has permission to view any payment)
Payment $payment: The payment the user wants to perform the operation on.
object $account: The user account for which to check access. If NULL, the current user is used.
Return value
boolean
See also
4 calls to payment_access()
- paymentform_payment_finish in modules/
paymentform/ paymentform.module - Implements Payment::finish_callback.
- paymentreference_form_process_paymentreference in modules/
paymentreference/ paymentreference.module - Implements form process callback for paymentreference elements.
- payment_form_standalone in ./
payment.ui.inc - Implements form build callback: the payment add/edit form.
- payment_form_standalone_submit in ./
payment.ui.inc - Implements form submit callback for payment_form().
3 string references to 'payment_access'
- PaymentTestPaymentEntityPermissionWebTestCase::testPaymentEntityPermissions in tests/
payment_test/ tests/ PaymentTestPaymentEntityPermissionWebTestCase.test - payment_entity_info in ./
payment.module - Implements hook_entity_info().
- payment_menu in ./
payment.module - Implements hook_menu().
File
- ./
payment.module, line 925 - Hook implementations and shared functions.
Code
function payment_access($operation, Payment $payment = NULL, $account = NULL) {
global $user;
if (!$account) {
$account = $user;
}
switch ($operation) {
case 'create':
// We let other modules decide whether users have access to create
// new payments. There is no corresponding permission for this operation.
return TRUE;
case 'view':
case 'update':
case 'delete':
return user_access('payment.payment.' . $operation . '.any', $account) || $payment && user_access('payment.payment.' . $operation . '.own', $account) && $account->uid == $payment->uid;
}
return FALSE;
}