function uc_order_order_entity_access in Ubercart 7.3
Entity API "access callback" for uc_order entity.
Checks order access for various operations.
Parameters
$op: The operation being performed. One of 'view', 'update', 'create' or 'delete'.
$order: (optional) An order to check access for.
$account: (optional) The account to check, or current user if not given.
1 call to uc_order_order_entity_access()
- uc_order_order_product_access in uc_order/
uc_order.module - Entity API "access callback" for uc_order_product entity.
1 string reference to 'uc_order_order_entity_access'
- uc_order_entity_info in uc_order/
uc_order.module - Implements hook_entity_info().
File
- uc_order/
uc_order.module, line 890
Code
function uc_order_order_entity_access($op, $order = NULL, $account = NULL) {
global $user;
if (!isset($account)) {
$account = $user;
}
if ($op == 'delete') {
if (!empty($order)) {
return uc_order_can_delete($order, $account);
}
else {
return FALSE;
}
}
if ($op == 'update') {
return user_access('edit orders', $account);
}
if ($op == 'create') {
return user_access('create orders', $account);
}
if ($op == 'view') {
if (user_access('view all orders', $account)) {
return TRUE;
}
return !empty($order) && $order->uid == $account->uid && user_access('view own orders', $account);
}
}