function photos_access_node_grants in Album Photos 6.0.x
Same name and namespace in other branches
- 8.5 photos_access/photos_access.module \photos_access_node_grants()
- 8.4 photos_access/photos_access.module \photos_access_node_grants()
- 7.3 photos_access/photos_access.module \photos_access_node_grants()
Implements hook_node_grants().
File
- photos_access/
photos_access.module, line 975 - Implementation of photos_access.module.
Code
function photos_access_node_grants(AccountInterface $account, $op) {
// Always grant access to view open albums.
$viewid = [
0,
];
// Set uid for author realm to access own albums.
$grants['photos_access_author'] = [
$account
->id(),
];
// Check for private albums that user has access to.
$db = \Drupal::database();
$result = $db
->query('SELECT a.*, b.* FROM {photos_access_album} a INNER JOIN {photos_access_user} b ON a.id = b.id WHERE b.uid = :uid', [
':uid' => $account
->id(),
]);
foreach ($result as $a) {
if ($a->collaborate) {
$updateid[] = $a->nid;
}
elseif ($a->viewid) {
$viewid[] = $a->nid;
}
}
// hook_photos_access()
// - Return array of nids to check for user access.
// - Only album nids that require password.
$args = \Drupal::moduleHandler()
->invokeAll('photos_access');
if (is_array($args)) {
foreach ($args as $arg) {
$result = $db
->query('SELECT id, nid, viewid, pass FROM {photos_access_album} WHERE nid = :nid', [
':nid' => $arg,
]);
foreach ($result as $a) {
// Password is required, check if password is set.
if ($a->viewid == 3 && isset($_SESSION[$a->nid . '_' . session_id()]) && $_SESSION[$a->nid . '_' . session_id()] == $a->pass) {
$viewid[] = $a->nid;
}
}
}
}
switch ($op) {
case 'view':
// Array of gid's for realm.
$grants['photos_access'] = $viewid;
if (isset($updateid[0])) {
$grants['photos_access_update'] = $updateid;
}
break;
case 'update':
if (isset($updateid[0])) {
$grants['photos_access_update'] = $updateid;
}
break;
}
return $grants;
}