function photos_access_node_grants in Album Photos 7.3

Same name and namespace in other branches

1. 8.5 photos_access/photos_access.module \photos_access_node_grants()
2. 8.4 photos_access/photos_access.module \photos_access_node_grants()
3. 6.0.x photos_access/photos_access.module \photos_access_node_grants()

Implements hook_node_grants().

File

photos_access/photos_access.module, line 516

Code

function photos_access_node_grants($ac, $op) {

  // Always grant access to view open albums.
  $viewid = array(
    0,
  );

  // Set uid for author realm to access own albums.
  $grants['photos_access_author'] = array(
    $ac->uid,
  );

  // Check for private albums that user has access to.
  $result = db_query('SELECT a.*, b.* FROM {photos_access_album} a INNER JOIN {photos_access_user} b ON a.id = b.id WHERE b.uid = :uid', array(
    ':uid' => $ac->uid,
  ));
  foreach ($result as $a) {
    if ($a->collaborate) {
      $updateid[] = $a->nid;
    }
    elseif ($a->viewid) {
      $viewid[] = $a->nid;
    }
  }

  // hook_photos_access()
  // - Return array of nids to check for user access.
  // - Only album nids that require password.
  $args = module_invoke_all('photos_access');
  if (is_array($args)) {
    foreach ($args as $arg) {
      $result = db_query('SELECT id, nid, viewid, pass FROM {photos_access_album} WHERE nid = :nid', array(
        ':nid' => $arg,
      ));
      foreach ($result as $a) {

        // Password is required, check if password is set.
        if ($a->viewid == 3 && isset($_SESSION[$a->nid . '_' . session_id()]) && $_SESSION[$a->nid . '_' . session_id()] == $a->pass) {
          $viewid[] = $a->nid;
        }
      }
    }
  }
  switch ($op) {
    case 'view':

      // Array of gid's for realm.
      $grants['photos_access'] = $viewid;
      if (isset($updateid[0])) {
        $grants['photos_access_update'] = $updateid;
      }
      break;
    case 'update':
      if (isset($updateid[0])) {
        $grants['photos_access_update'] = $updateid;
      }
      break;
  }
  return $grants;
}