function redhen_contact_access in RedHen CRM 7
Checks contact access for various operations.
Parameters
string $op: The operation being performed. One of 'view', 'update', 'create' or 'delete'.
RedhenContact|string $contact: Contact to check access for, or for the create operation, the contact type. If nothing is given access permissions for all contacts are returned.
object $account: The user to check for. Leave it to NULL to check for the current user.
4 calls to redhen_contact_access()
- redhen_contact_page in modules/
redhen_contact/ includes/ redhen_contact.pages.inc - Page callback for contact overview page.
- redhen_contact_revision_list in modules/
redhen_contact/ includes/ redhen_contact.pages.inc - Page callback for listing contact revisions.
- redhen_contact_user_contact_access in modules/
redhen_contact/ redhen_contact.module - Access callback for redhen_contact_user_categories().
- redhen_contact_user_view in modules/
redhen_contact/ redhen_contact.module - Implements hook_user_view().
5 string references to 'redhen_contact_access'
- redhen_contact_entity_info in modules/
redhen_contact/ redhen_contact.module - Implements hook_entity_info().
- redhen_contact_menu in modules/
redhen_contact/ redhen_contact.module - Implements hook_menu().
- redhen_contact_rules_action_info in modules/
redhen_contact/ includes/ redhen_contact.rules.inc - Implements hook_rules_action_info().
- redhen_engagement_menu in modules/
redhen_engagement/ redhen_engagement.module - Implements hook_menu().
- redhen_registration_menu in modules/
redhen_registration/ redhen_registration.module - Implements hook_menu().
File
- modules/
redhen_contact/ redhen_contact.module, line 455 - Module file for RedHen contacts.
Code
function redhen_contact_access($op, $contact = NULL, $account = NULL) {
// Map 'update' to 'edit' which is used internally below.
$op = $op == 'update' ? 'edit' : $op;
global $user;
$redhen_relation_role_permissions = module_exists('redhen_relation') ? redhen_relation_role_get_permissions($user) : array();
$account = isset($account) ? $account : $user;
$related_orgs = $contact && module_exists('redhen_relation') ? redhen_relation_relations($contact, REDHEN_RELATION_AFFILIATION, TRUE) : array();
if ($op == 'archive' && $contact->redhen_state == REDHEN_STATE_ARCHIVED) {
return FALSE;
}
if ($op == 'unarchive' && $contact->redhen_state == REDHEN_STATE_ACTIVE) {
return FALSE;
}
if (user_access('administer redhen contacts', $account)) {
return TRUE;
}
// Set $default_revision as a shortcut variable to check, because relation
// role permissions do not currently support revisions.
if (is_object($contact) && $contact
->isDefaultRevision()) {
$default_revision = TRUE;
}
else {
$default_revision = FALSE;
}
switch ($op) {
case 'view':
if ($default_revision) {
// Regular and relation role checks.
if (user_access('access redhen contacts', $account)) {
return TRUE;
}
// Check whether user can view own contact.
if (user_access('view own redhen contact', $account) && $contact->uid == $user->uid) {
return TRUE;
}
foreach ($related_orgs as $org) {
if (isset($redhen_relation_role_permissions[$org[0]->org_id])) {
return TRUE;
}
}
}
else {
// Revision checks. Relation role permissions do not support revisions.
if (user_access('view redhen contact revisions', $account)) {
return TRUE;
}
}
break;
case 'archive':
case 'unarchive':
// We have already checked the op against the current state. Just check
// the permissions.
if (user_access('manage redhen contacts', $account)) {
return TRUE;
}
break;
case 'edit':
if ($default_revision) {
// Regular and relations role checks.
if (user_access('manage redhen contacts', $account)) {
return TRUE;
}
foreach ($related_orgs as $org) {
if (isset($redhen_relation_role_permissions[$org[0]->org_id]['edit_contact']) && $redhen_relation_role_permissions[$org[0]->org_id]['edit_contact'] !== 0) {
return TRUE;
}
}
}
else {
// Revision checks. Relation role permissions do not support revisions.
if (user_access('edit redhen contact revisions', $account)) {
return TRUE;
}
}
break;
case 'delete':
if ($default_revision) {
// Regular and relations role checks.
if (user_access('manage redhen contacts', $account)) {
return TRUE;
}
foreach ($related_orgs as $org) {
if (isset($redhen_relation_role_permissions[$org[0]->org_id]['delete_contact']) && $redhen_relation_role_permissions[$org[0]->org_id]['delete_contact'] !== 0) {
return TRUE;
}
}
}
else {
// Revision checks. Relation role permissions do not support revisions.
if (user_access('manage redhen contacts', $account)) {
return TRUE;
}
}
break;
case 'create':
if (user_access('manage redhen contacts', $account)) {
return TRUE;
}
if (isset($contact) && is_string($contact)) {
if (user_access('create ' . $contact . ' contacts', $account)) {
return TRUE;
}
}
break;
}
return FALSE;
}