function _photos_access in Album Photos 6.2
Same name and namespace in other branches
- 8.4 photos.module \_photos_access()
- 7.3 photos.module \_photos_access()
1 call to _photos_access()
- photos_image_page in inc/photos.image.inc
1 string reference to '_photos_access'
- photos_menu in ./photos.module
File
- ./photos.module, line 285
Code
function _photos_access($type, $value, $id = 0) {
global $user;
switch ($type) {
case 'viewUser':
return $value->uid && user_access('view photo') && user_access('create photo', $value);
case 'imageOrig':
if (!user_access('view original')) {
return false;
}
case 'imageView':
if ($user->uid == 1) {
return true;
}
if (variable_get('photos_access_photos', 0)) {
$node = _photos_access_pass_type($value, 1);
if ($node['view']['viewid'] != 3) {
return node_access('view', (object) $node['node']);
}
else {
if ($node['view']['pass'] == $_SESSION[$node['view']['nid'] . '_' . session_id()] || !_photos_access_pass_validate($node)) {
return true;
}
}
}
else {
return user_access('view photo');
}
break;
case 'album':
return $value->type == 'photos' && node_access('view', $value);
case 'subAlbum':
return variable_get('photos_node_' . $value->type, 0) && node_access('view', $value);
case 'editAlbum':
if ($value->type == 'photos') {
return node_access('delete', $value);
}
else {
return variable_get('photos_node_' . $value->type, 0) && node_access('delete', $value);
}
case 'imageEdit':
if (!is_object($value)) {
$value = db_fetch_object(db_query('SELECT r.format, n.* FROM {node} n INNER JOIN {node_revisions} r ON n.nid = r.nid INNER JOIN {x_image} x ON n.nid = x.pid WHERE x.fid = %d', $value));
}
return node_access('update', $value) || node_access('delete', $value);
case 'imageDelete':
if (!is_object($value)) {
$value = db_fetch_object(db_query('SELECT r.format, n.* FROM {node} n INNER JOIN {node_revisions} r ON n.nid = r.nid INNER JOIN {x_image} x ON n.nid = x.pid WHERE x.fid = %d', $value));
}
return node_access('delete', $value);
}
}
