function registration_access in Entity Registration 8.2
Same name and namespace in other branches
- 8 registration.module \registration_access()
- 7.2 registration.module \registration_access()
- 7 registration.module \registration_access()
Access callback: Entity API for Registration entities.
Checks if a user has permission to execute an operation on a registration entity.
Parameters
string $op: Operation user wishes to perform.
Registration $registration: (optional) A fully loaded registration object.
object $account: (optional) An user object, or omit for logged in user.
Return value
bool
See also
1 string reference to 'registration_access'
- registration_entity_info in ./
registration.module - Implements hook_entity_info().
File
- ./
registration.module, line 1920
Code
function registration_access($op, Registration $registration = NULL, $account = NULL) {
$user = \Drupal::currentUser();
$account = isset($account) ? $account : $user;
$admin = $account
->hasPermission('administer registration');
if (!isset($registration)) {
return $admin;
}
$type = $registration
->bundle();
// bypass further access checks if user can administer registration
if ($admin || $account
->hasPermission("administer {$type} registration")) {
return TRUE;
}
// First grant access to the entity for the specified operation if no other
// module denies it and at least one other module says to grant access.
$access_results = \Drupal::moduleHandler()
->invokeAll('registration_access', [
$op,
$registration,
$account,
]);
if (in_array(FALSE, $access_results, TRUE)) {
return FALSE;
}
elseif (in_array(TRUE, $access_results, TRUE)) {
return TRUE;
}
$wrapper = entity_metadata_wrapper('registration', $registration);
$author = $wrapper->author
->value();
$account_own = $author && $author->uid == $account->uid;
// Fall back to assigned permissions
switch ($op) {
case 'view':
return $account_own && $account
->hasPermission("view own {$type} registration") || $account
->hasPermission("view {$type} registration");
case 'update':
return $account_own && $account
->hasPermission("update own {$type} registration") || $account
->hasPermission("update any {$type} registration");
case 'create':
return $account
->hasPermission("create {$type} registration") || $account
->hasPermission("create own {$type} registration");
case 'delete':
return $account_own && $account
->hasPermission("delete own {$type} registration") || $account
->hasPermission("delete any {$type} registration");
}
}