You are here

function photos_access_node_grants in Album Photos 8.4

Same name and namespace in other branches
  1. 8.5 photos_access/photos_access.module \photos_access_node_grants()
  2. 7.3 photos_access/photos_access.module \photos_access_node_grants()
  3. 6.0.x photos_access/photos_access.module \photos_access_node_grants()

Implements hook_node_grants().

File

photos_access/photos_access.module, line 775
Implementation of photos_access.module.

Code

function photos_access_node_grants(AccountInterface $account, $op) {

  // Always grant access to view open albums.
  $viewid = [
    0,
  ];

  // Set uid for author realm to access own albums.
  $grants['photos_access_author'] = [
    $account
      ->id(),
  ];

  // Check for private albums that user has access to.
  $db = \Drupal::database();
  $result = $db
    ->query('SELECT a.*, b.* FROM {photos_access_album} a INNER JOIN {photos_access_user} b ON a.id = b.id WHERE b.uid = :uid', [
    ':uid' => $account
      ->id(),
  ]);
  foreach ($result as $a) {
    if ($a->collaborate) {
      $updateid[] = $a->nid;
    }
    elseif ($a->viewid) {
      $viewid[] = $a->nid;
    }
  }

  // hook_photos_access()
  // - Return array of nids to check for user access.
  // - Only album nids that require password.
  $args = \Drupal::moduleHandler()
    ->invokeAll('photos_access');
  if (is_array($args)) {
    foreach ($args as $arg) {
      $result = $db
        ->query('SELECT id, nid, viewid, pass FROM {photos_access_album} WHERE nid = :nid', [
        ':nid' => $arg,
      ]);
      foreach ($result as $a) {

        // Password is required, check if password is set.
        if ($a->viewid == 3 && isset($_SESSION[$a->nid . '_' . session_id()]) && $_SESSION[$a->nid . '_' . session_id()] == $a->pass) {
          $viewid[] = $a->nid;
        }
      }
    }
  }
  switch ($op) {
    case 'view':

      // Array of gid's for realm.
      $grants['photos_access'] = $viewid;
      if (isset($updateid[0])) {
        $grants['photos_access_update'] = $updateid;
      }
      break;
    case 'update':
      if (isset($updateid[0])) {
        $grants['photos_access_update'] = $updateid;
      }
      break;
  }
  return $grants;
}