You are here

Home » API reference » Album Photos 8.5 » photos_access.module

function photos_access_pass_validate in Album Photos 8.5

Same name and namespace in other branches
  1. 8.4 photos_access/photos_access.module \photos_access_pass_validate()
  2. 7.3 photos_access/photos_access.module \photos_access_pass_validate()
  3. 6.0.x photos_access/photos_access.module \photos_access_pass_validate()

Check password on node page.

3 calls to photos_access_pass_validate()
PhotosAccess::access in photos_access/src/Plugin/views/access/PhotosAccess.php
Determine if the current user has access or not.
PhotosAccessControlHandler::checkAccess in src/PhotosAccessControlHandler.php
Performs access checks.
photos_access_request_album_password in photos_access/photos_access.module
Album password check.

File

photos_access/photos_access.module, line 1065
Implementation of photos_access.module.

Code

function photos_access_pass_validate($t) {
  $user = \Drupal::currentUser();

  // Check if admin or author.
  if ($user
    ->id() == 1 || isset($t['view']->uid) && $t['view']->uid == $user
    ->id()) {
    return TRUE;
  }
  if (isset($t['update']->pass)) {

    // Check if collaborator.
    $db = \Drupal::database();
    $result = $db
      ->query('SELECT uid FROM {photos_access_user} WHERE id = :id', [
      ':id' => $t['update']->id,
    ]);
    foreach ($result as $a) {
      if ($a->uid == $user
        ->id()) {
        return TRUE;
      }
    }
  }
  if ($t['view']->nid) {
    if (isset($_SESSION[$t['view']->nid . '_' . session_id()])) {

      // Check if password matches node password.
      if ($_SESSION[$t['view']->nid . '_' . session_id()] == $t['view']->pass) {
        return TRUE;
      }

      // If password is set, but does not match re enter password.
      \Drupal::messenger()
        ->addMessage(t('Password has expired.'));

      // Redirect.
      $current_path = \Drupal::service('path.current')
        ->getPath();
      $redirect_url = Url::fromUri('base:privacy/pass/' . $t['view']->nid, [
        'query' => [
          'destination' => $current_path,
        ],
      ])
        ->toString();
      $response = new RedirectResponse($redirect_url);
      $response
        ->send();
      exit;
    }
    else {

      // If password is not set, password is required.
      \Drupal::messenger()
        ->addMessage(t('Password required.'));

      // Redirect.
      $current_path = \Drupal::service('path.current')
        ->getPath();
      if ($current_path == '/system/files') {

        // If current path is /system/files redirect to photo album node.
        $current_path = Url::fromRoute('entity.node.canonical', [
          'node' => $t['view']->nid,
        ])
          ->toString();
      }
      $redirect_url = Url::fromUri('base:privacy/pass/' . $t['view']->nid, [
        'query' => [
          'destination' => $current_path,
        ],
      ])
        ->toString();
      $response = new RedirectResponse($redirect_url);
      $response
        ->send();
      exit;
    }
  }
}