function uc_order_order_entity_access in Ubercart 7.3

Entity API "access callback" for uc_order entity.

Checks order access for various operations.

Parameters

$op: The operation being performed. One of 'view', 'update', 'create' or 'delete'.

$order: (optional) An order to check access for.

$account: (optional) The account to check, or current user if not given.

1 call to uc_order_order_entity_access()

uc_order_order_product_access in uc_order/uc_order.module: Entity API "access callback" for uc_order_product entity.

1 string reference to 'uc_order_order_entity_access'

uc_order_entity_info in uc_order/uc_order.module: Implements hook_entity_info().

File

uc_order/uc_order.module, line 890

Code

function uc_order_order_entity_access($op, $order = NULL, $account = NULL) {
  global $user;
  if (!isset($account)) {
    $account = $user;
  }
  if ($op == 'delete') {
    if (!empty($order)) {
      return uc_order_can_delete($order, $account);
    }
    else {
      return FALSE;
    }
  }
  if ($op == 'update') {
    return user_access('edit orders', $account);
  }
  if ($op == 'create') {
    return user_access('create orders', $account);
  }
  if ($op == 'view') {
    if (user_access('view all orders', $account)) {
      return TRUE;
    }
    return !empty($order) && $order->uid == $account->uid && user_access('view own orders', $account);
  }
}

You are here

function uc_order_order_entity_access in Ubercart 7.3

Parameters

File

Code

API Navigation