You are here

Home » API reference » Search API Saved Searches 7 » search_api_saved_searches.module

function search_api_saved_search_edit_access in Search API Saved Searches 7

Determine access to the edit interface for saved searches of a given user.

This is both used to determine whether the current user can edit a specific saved search, or whether she can display the overview of the user's saved searches. For anonymous users' searches an access key is generated that allows accessing and editing the searches.

Parameters

$account: (optional) The user whose saved search(es) would be edited. NULL for guest.

SearchApiSavedSearch $search: (optional) The saved search involved, if there is just a single one.

string $key: (optional) The secret key to access the search.

Return value

boolean TRUE iff the current user is allowed to edit the saved search(es).

3 calls to search_api_saved_search_edit_access()
SearchApiSavedSearchesViewsHandlerFieldLink::render in views/handler_field_saved_search_link.inc
Render the field.
SearchApiSavedSearchesViewsHandlerFieldName::render_text in views/handler_field_saved_search_name.inc
Perform an advanced text render for the item.
_search_api_saved_searches_admin_redirect_url in ./search_api_saved_searches.pages.inc
Returns the correct redirect URL after changing a saved search.
1 string reference to 'search_api_saved_search_edit_access'
search_api_saved_searches_menu in ./search_api_saved_searches.module
Implements hook_menu().

File

./search_api_saved_searches.module, line 633
Offers the ability to save searches and be notified of new results.

Code

function search_api_saved_search_edit_access($account = NULL, SearchApiSavedSearch $search = NULL, $key = NULL) {
  global $user;
  if (empty($account)) {
    if (empty($search)) {
      return FALSE;
    }
    $account = (object) array(
      'uid' => $search->uid,
    );
  }
  if (user_access('administer search_api_saved_searches')) {
    return TRUE;
  }

  // Barring admins, the only way to edit anonymous users' saved searches is by
  // providing the access key. There is no overview of all saved searches.
  if (!empty($key) && !empty($search->options['key']) && $search->options['key'] == $key) {
    return TRUE;
  }
  if ($account->uid == 0) {
    return FALSE;
  }
  if ($account->uid != $user->uid || !user_access('use search_api_saved_searches')) {
    return FALSE;
  }
  if (isset($search)) {
    return $search->uid == $account->uid;
  }
  foreach (search_api_saved_searches_settings_load_multiple() as $settings) {

    // Allow access if users can manually create searches.
    if (!empty($settings->options['manual']['allow'])) {
      return TRUE;
    }

    // Allow access if the list should always be displayed.
    if (!empty($settings->options['show_empty_list'])) {
      return TRUE;
    }
  }

  // Let the user view the listing if there are any saved searches.
  $select = db_select('search_api_saved_search', 's')
    ->condition('uid', $account->uid);
  $select
    ->addExpression('COUNT(1)');
  return (bool) $select
    ->execute()
    ->fetchField();
}