uc_order_plugin_argument_validate_user_perm.inc in Ubercart 7.3
File
uc_order/views/uc_order_plugin_argument_validate_user_perm.inc
View source
<?php
class uc_order_plugin_argument_validate_user_perm extends views_plugin_argument_validate_user {
function option_definition() {
$options = parent::option_definition();
$options['perm'] = array(
'default' => 'view all orders',
);
return $options;
}
function options_form(&$form, &$form_state) {
parent::options_form($form, $form_state);
$form['restrict_roles']['#access'] = FALSE;
$form['roles']['#access'] = FALSE;
$perms = array();
$module_info = system_get_info('module');
foreach (module_implements('permission') as $module) {
$permissions = module_invoke($module, 'permission');
foreach ($permissions as $name => $perm) {
$perms[$module_info[$module]['name']][$name] = strip_tags($perm['title']);
}
}
asort($perms);
$form['perm'] = array(
'#type' => 'select',
'#options' => $perms,
'#title' => t('Permission'),
'#default_value' => $this->options['perm'],
'#description' => t('Users with the selected permission flag will be able to bypass validation.'),
);
}
function validate_argument($argument) {
$type = $this->options['type'];
if (is_numeric($argument) && $argument == (int) $argument) {
if ($type == 'uid' || $type == 'either') {
if ($argument == $GLOBALS['user']->uid) {
$account = clone $GLOBALS['user'];
}
$where = 'uid = :argument';
}
}
else {
if ($type == 'name' || $type == 'either') {
$name = !empty($GLOBALS['user']->name) ? $GLOBALS['user']->name : variable_get('anonymous', t('Anonymous'));
if ($argument == $name) {
$account = clone $GLOBALS['user'];
}
$where = "name = :argument";
}
}
if (empty($where)) {
return FALSE;
}
if (!isset($account)) {
$query = "SELECT uid, name FROM {users} WHERE {$where}";
$account = db_query($query, array(
':argument' => $argument,
))
->fetchObject();
}
if (empty($account)) {
return FALSE;
}
if ($GLOBALS['user']->uid != $account->uid && !user_access($this->options['perm'])) {
return FALSE;
}
$this->argument->argument = $account->uid;
$this->argument->validated_title = isset($account->name) ? check_plain($account->name) : check_plain(variable_get('anonymous', t('Anonymous')));
return TRUE;
}
}