class uc_order_plugin_argument_validate_user_perm in Ubercart 7.3
Validate whether an argument is the current user or has a permission.
This supports either numeric arguments (UID) or strings (username) and converts either one into the user's UID. This validator also sets the argument's title to the username.
Hierarchy
- class \views_object
Expanded class hierarchy of uc_order_plugin_argument_validate_user_perm
1 string reference to 'uc_order_plugin_argument_validate_user_perm'
- uc_order_views_plugins in uc_order/
views/ uc_order.views.inc - Implements hook_views_plugins().
File
- uc_order/
views/ uc_order_plugin_argument_validate_user_perm.inc, line 10
View source
class uc_order_plugin_argument_validate_user_perm extends views_plugin_argument_validate_user {
function option_definition() {
$options = parent::option_definition();
$options['perm'] = array(
'default' => 'view all orders',
);
return $options;
}
function options_form(&$form, &$form_state) {
parent::options_form($form, $form_state);
$form['restrict_roles']['#access'] = FALSE;
$form['roles']['#access'] = FALSE;
$perms = array();
$module_info = system_get_info('module');
// Get list of permissions
foreach (module_implements('permission') as $module) {
$permissions = module_invoke($module, 'permission');
foreach ($permissions as $name => $perm) {
$perms[$module_info[$module]['name']][$name] = strip_tags($perm['title']);
}
}
asort($perms);
$form['perm'] = array(
'#type' => 'select',
'#options' => $perms,
'#title' => t('Permission'),
'#default_value' => $this->options['perm'],
'#description' => t('Users with the selected permission flag will be able to bypass validation.'),
);
}
function validate_argument($argument) {
$type = $this->options['type'];
// is_numeric() can return false positives, so we ensure it's an integer.
// However, is_integer() will always fail, since $argument is a string.
if (is_numeric($argument) && $argument == (int) $argument) {
if ($type == 'uid' || $type == 'either') {
if ($argument == $GLOBALS['user']->uid) {
// If you assign an object to a variable in PHP, the variable
// automatically acts as a reference, not a copy, so we use
// clone to ensure that we don't actually mess with the
// real global $user object.
$account = clone $GLOBALS['user'];
}
$where = 'uid = :argument';
}
}
else {
if ($type == 'name' || $type == 'either') {
$name = !empty($GLOBALS['user']->name) ? $GLOBALS['user']->name : variable_get('anonymous', t('Anonymous'));
if ($argument == $name) {
$account = clone $GLOBALS['user'];
}
$where = "name = :argument";
}
}
// If we don't have a WHERE clause, the argument is invalid.
if (empty($where)) {
return FALSE;
}
if (!isset($account)) {
$query = "SELECT uid, name FROM {users} WHERE {$where}";
$account = db_query($query, array(
':argument' => $argument,
))
->fetchObject();
}
if (empty($account)) {
// User not found.
return FALSE;
}
// If the current user is not the account specified by the argument
// and doesn't have the correct permission, validation fails.
if ($GLOBALS['user']->uid != $account->uid && !user_access($this->options['perm'])) {
return FALSE;
}
$this->argument->argument = $account->uid;
$this->argument->validated_title = isset($account->name) ? check_plain($account->name) : check_plain(variable_get('anonymous', t('Anonymous')));
return TRUE;
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
uc_order_plugin_argument_validate_user_perm:: |
function |
Provide the default form for setting options. Overrides views_plugin_argument_validate_user:: |
||
uc_order_plugin_argument_validate_user_perm:: |
function |
Retrieve the options when this is a new access control plugin. Overrides views_plugin_argument_validate_user:: |
||
uc_order_plugin_argument_validate_user_perm:: |
function |
Overrides views_plugin_argument_validate_user:: |
||
views_object:: |
public | property | Handler's definition. | |
views_object:: |
public | property | Except for displays, options for the object will be held here. | 1 |
views_object:: |
function | Collect this handler's option definition and alter them, ready for use. | ||
views_object:: |
public | function | Views handlers use a special construct function. | 4 |
views_object:: |
public | function | Destructor. | 2 |
views_object:: |
public | function | 1 | |
views_object:: |
public | function | ||
views_object:: |
public | function | Always exports the option, regardless of the default value. | |
views_object:: |
public | function | Set default options on this object. | 1 |
views_object:: |
public | function | Set default options. | |
views_object:: |
public | function | Let the handler know what its full definition is. | |
views_object:: |
public | function | Unpack options over our existing defaults, drilling down into arrays so that defaults don't get totally blown away. | |
views_object:: |
public | function | Unpack a single option definition. | |
views_object:: |
public | function | Unpacks each handler to store translatable texts. | |
views_object:: |
public | function | ||
views_plugin:: |
public | property | The current used views display. | |
views_plugin:: |
public | property | The plugin name of this plugin, for example table or full. | |
views_plugin:: |
public | property | The plugin type of this plugin, for example style or query. | |
views_plugin:: |
public | property |
The top object of a view. Overrides views_object:: |
1 |
views_plugin:: |
public | function | Provide a list of additional theme functions for the theme info page. | |
views_plugin:: |
public | function | Return the human readable name of the display. | |
views_plugin:: |
public | function | Add anything to the query that we might need to. | 7 |
views_plugin:: |
public | function | Returns the summary of the settings in the display. | 8 |
views_plugin:: |
public | function | Provide a full list of possible theme templates used by this style. | |
views_plugin:: |
public | function | Validate that the plugin is correct and can be saved. | 3 |
views_plugin_argument_validate:: |
public | function | Determine if the administrator has the privileges to use this plugin. | 1 |
views_plugin_argument_validate:: |
public | function | If we don't have access to the form but are showing it anyway, ensure that the form is safe and cannot be changed from user input. | |
views_plugin_argument_validate:: |
public | function | Initialize this plugin with the view and the argument it is linked to. | 1 |
views_plugin_argument_validate:: |
public | function |
Provide the default form form for validating options. Overrides views_plugin:: |
|
views_plugin_argument_validate_user:: |
public | function |
Convert options from the older style. Overrides views_plugin_argument_validate:: |
|
views_plugin_argument_validate_user:: |
public | function |
Provide the default form form for submitting options Overrides views_plugin_argument_validate:: |
|
views_plugin_argument_validate_user:: |
public | function |
Process the summary arguments for displaying. Overrides views_plugin_argument_validate:: |