You are here

Home » API reference » Ubercart 7.3 » uc_order_plugin_argument_validate_user_perm.inc

class uc_order_plugin_argument_validate_user_perm in Ubercart 7.3

Validate whether an argument is the current user or has a permission.

This supports either numeric arguments (UID) or strings (username) and converts either one into the user's UID. This validator also sets the argument's title to the username.

Hierarchy

Expanded class hierarchy of uc_order_plugin_argument_validate_user_perm

1 string reference to 'uc_order_plugin_argument_validate_user_perm'
uc_order_views_plugins in uc_order/views/uc_order.views.inc
Implements hook_views_plugins().

File

uc_order/views/uc_order_plugin_argument_validate_user_perm.inc, line 10

View source 
class uc_order_plugin_argument_validate_user_perm extends views_plugin_argument_validate_user {
  function option_definition() {
    $options = parent::option_definition();
    $options['perm'] = array(
      'default' => 'view all orders',
    );
    return $options;
  }
  function options_form(&$form, &$form_state) {
    parent::options_form($form, $form_state);
    $form['restrict_roles']['#access'] = FALSE;
    $form['roles']['#access'] = FALSE;
    $perms = array();
    $module_info = system_get_info('module');

    // Get list of permissions
    foreach (module_implements('permission') as $module) {
      $permissions = module_invoke($module, 'permission');
      foreach ($permissions as $name => $perm) {
        $perms[$module_info[$module]['name']][$name] = strip_tags($perm['title']);
      }
    }
    asort($perms);
    $form['perm'] = array(
      '#type' => 'select',
      '#options' => $perms,
      '#title' => t('Permission'),
      '#default_value' => $this->options['perm'],
      '#description' => t('Users with the selected permission flag will be able to bypass validation.'),
    );
  }
  function validate_argument($argument) {
    $type = $this->options['type'];

    // is_numeric() can return false positives, so we ensure it's an integer.
    // However, is_integer() will always fail, since $argument is a string.
    if (is_numeric($argument) && $argument == (int) $argument) {
      if ($type == 'uid' || $type == 'either') {
        if ($argument == $GLOBALS['user']->uid) {

          // If you assign an object to a variable in PHP, the variable
          // automatically acts as a reference, not a copy, so we use
          // clone to ensure that we don't actually mess with the
          // real global $user object.
          $account = clone $GLOBALS['user'];
        }
        $where = 'uid = :argument';
      }
    }
    else {
      if ($type == 'name' || $type == 'either') {
        $name = !empty($GLOBALS['user']->name) ? $GLOBALS['user']->name : variable_get('anonymous', t('Anonymous'));
        if ($argument == $name) {
          $account = clone $GLOBALS['user'];
        }
        $where = "name = :argument";
      }
    }

    // If we don't have a WHERE clause, the argument is invalid.
    if (empty($where)) {
      return FALSE;
    }
    if (!isset($account)) {
      $query = "SELECT uid, name FROM {users} WHERE {$where}";
      $account = db_query($query, array(
        ':argument' => $argument,
      ))
        ->fetchObject();
    }
    if (empty($account)) {

      // User not found.
      return FALSE;
    }

    // If the current user is not the account specified by the argument
    // and doesn't have the correct permission, validation fails.
    if ($GLOBALS['user']->uid != $account->uid && !user_access($this->options['perm'])) {
      return FALSE;
    }
    $this->argument->argument = $account->uid;
    $this->argument->validated_title = isset($account->name) ? check_plain($account->name) : check_plain(variable_get('anonymous', t('Anonymous')));
    return TRUE;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
uc_order_plugin_argument_validate_user_perm::options_form function Provide the default form for setting options. Overrides views_plugin_argument_validate_user::options_form
uc_order_plugin_argument_validate_user_perm::option_definition function Retrieve the options when this is a new access control plugin. Overrides views_plugin_argument_validate_user::option_definition
uc_order_plugin_argument_validate_user_perm::validate_argument function Overrides views_plugin_argument_validate_user::validate_argument
views_object::$definition public property Handler's definition.
views_object::$options public property Except for displays, options for the object will be held here. 1
views_object::altered_option_definition function Collect this handler's option definition and alter them, ready for use.
views_object::construct public function Views handlers use a special construct function. 4
views_object::destroy public function Destructor. 2
views_object::export_option public function 1
views_object::export_options public function
views_object::export_option_always public function Always exports the option, regardless of the default value.
views_object::options Deprecated public function Set default options on this object. 1
views_object::set_default_options public function Set default options.
views_object::set_definition public function Let the handler know what its full definition is.
views_object::unpack_options public function Unpack options over our existing defaults, drilling down into arrays so that defaults don't get totally blown away.
views_object::unpack_translatable public function Unpack a single option definition.
views_object::unpack_translatables public function Unpacks each handler to store translatable texts.
views_object::_set_option_defaults public function
views_plugin::$display public property The current used views display.
views_plugin::$plugin_name public property The plugin name of this plugin, for example table or full.
views_plugin::$plugin_type public property The plugin type of this plugin, for example style or query.
views_plugin::$view public property The top object of a view. Overrides views_object::$view 1
views_plugin::additional_theme_functions public function Provide a list of additional theme functions for the theme info page.
views_plugin::plugin_title public function Return the human readable name of the display.
views_plugin::query public function Add anything to the query that we might need to. 7
views_plugin::summary_title public function Returns the summary of the settings in the display. 8
views_plugin::theme_functions public function Provide a full list of possible theme templates used by this style.
views_plugin::validate public function Validate that the plugin is correct and can be saved. 3
views_plugin_argument_validate::access public function Determine if the administrator has the privileges to use this plugin. 1
views_plugin_argument_validate::check_access public function If we don't have access to the form but are showing it anyway, ensure that the form is safe and cannot be changed from user input.
views_plugin_argument_validate::init public function Initialize this plugin with the view and the argument it is linked to. 1
views_plugin_argument_validate::options_validate public function Provide the default form form for validating options. Overrides views_plugin::options_validate
views_plugin_argument_validate_user::convert_options public function Convert options from the older style. Overrides views_plugin_argument_validate::convert_options
views_plugin_argument_validate_user::options_submit public function Provide the default form form for submitting options Overrides views_plugin_argument_validate::options_submit
views_plugin_argument_validate_user::process_summary_arguments public function Process the summary arguments for displaying. Overrides views_plugin_argument_validate::process_summary_arguments