function _shoutbox_user_access in Shoutbox 6
Same name and namespace in other branches
- 5 shoutbox.module \_shoutbox_user_access()
- 6.2 shoutbox.module \_shoutbox_user_access()
- 7.2 shoutbox.module \_shoutbox_user_access()
- 7 shoutbox.module \_shoutbox_user_access()
This function is necessary because even if a user has permission (according to the user_access function), they still should not have some permissions, such as moderating their own posts, etc.
Parameters
$permission: The user's permissions.
$shout: The shout post object.
Return value
Returns 1 if user should have accces, 0 otherwise.
8 calls to _shoutbox_user_access()
- shoutbox_add_form_submit in ./
shoutbox.module - Handles submission of a shout. Handles both ajax submission and regular form submission.
- shoutbox_delete_form_submit in ./
shoutbox.module - Handle the delete form submission.
- shoutbox_edit_form in ./
shoutbox.module - Form for editing shouts.
- shoutbox_edit_form_submit in ./
shoutbox.module - Handle the edit form submission.
- _shoutbox_block_view in ./
shoutbox.module - Returns the themed HTML to be displayed in the block.
1 string reference to '_shoutbox_user_access'
- shoutbox_menu in ./
shoutbox.module - Implementation of hook_menu().
File
- ./
shoutbox.module, line 980 - shoutbox module displays a block for users to create short messages for thw whole site. Uses AHAH to update the database and display content.
Code
function _shoutbox_user_access($permission, $shout = NULL) {
global $user;
if (user_access('administer shoutbox')) {
return TRUE;
}
$user_timeout = FALSE;
$user_owned = FALSE;
$access_granted = user_access($permission);
// If user_access says no, it's definitely no.
if ($access_granted && ($permission == 'edit own shouts' || $permission == 'delete own shouts')) {
if (_shoutbox_is_user_owned($shout)) {
// A registered user's own post.
if ($shout->uid > 0 && $shout->created < time() - 60 * variable_get('shoutbox_registered_timeout', 1440)) {
$user_timeout = TRUE;
}
else {
if ($shout->uid == 0 && $shout->created < time() - 60 * variable_get('shoutbox_anonymous_timeout', 20)) {
$user_timeout = TRUE;
}
}
$user_owned = TRUE;
}
// If not user owned the post or editing priviledges have timed out ...
$access_granted = $user_owned && !$user_timeout;
}
return $access_granted;
}