function userprotect_get_user_protection in User protect 7
Same name and namespace in other branches
- 5 userprotect.module \userprotect_get_user_protection()
- 6 userprotect.module \userprotect_get_user_protection()
Checks to see if the specified user has the specified protection.
Parameters
object $account: The user object to check.
string $protection: The protection to check for.
Return value
bool TRUE if the user has the specified protection. FALSE otherwise.
5 calls to userprotect_get_user_protection()
- userprotect_form_alter in ./
userprotect.module - Implements hook_form_alter().
- userprotect_form_user_profile_form_alter in ./
userprotect.module - Implements hook_form_user_profile_form_alter().
- userprotect_user_admin_account_validate in ./
userprotect.module - Custom validation function for protecting users from the user administration operations.
- userprotect_user_cancel_access in ./
userprotect.module - Access callback for user cancel pages.
- userprotect_user_edit_access in ./
userprotect.module - Access callback for user edit pages.
File
- ./
userprotect.module, line 876 - Main module file for the userprotect module.
Code
function userprotect_get_user_protection($account, $protection) {
$protections =& drupal_static(__FUNCTION__, array());
$role_protections =& drupal_static(__FUNCTION__ . '_roles', NULL);
$uid = $account->uid;
$roles = $account->roles;
// Users editing their own accounts have the permissions for e-mail
// and password determined by the role-based setting in the userprotect
// section at admin/config/people/permissions. This is done for consistency
// with the way core handles the self-editing of usernames.
if ($uid == $GLOBALS['user']->uid && in_array($protection, array(
'up_name',
'up_mail',
'up_pass',
'up_openid',
'up_edit',
))) {
switch ($protection) {
case 'up_name':
return !user_access('change own username');
case 'up_mail':
return !user_access('change own e-mail');
case 'up_pass':
return !user_access('change own password');
case 'up_openid':
return !user_access('change own openid');
case 'up_edit':
return !user_access('edit own account');
}
}
// If this user hasn't been added to the result array yet, then pull their
// information.
if (!isset($protections[$uid])) {
$result = db_query("SELECT * FROM {userprotect} WHERE uid = :uid AND up_type = :up_type", array(
':uid' => $uid,
':up_type' => 'user',
));
if ($user_array = $result
->fetchAssoc()) {
$protections[$uid] = $user_array;
}
}
// If per-user protections exist for this user, stop here and return the value
// of the protection.
if (isset($protections[$uid][$protection])) {
return $protections[$uid][$protection];
}
// Grab the role protections if they haven't already been initialized.
if (!isset($role_protections)) {
$role_protections = variable_get('userprotect_role_protections', array());
}
if (!empty($role_protections)) {
// For each role, check to see if it's enabled for that protection.
// Return TRUE as soon as we find a protected role.
foreach ($roles as $rid => $role) {
if (!empty($role_protections[$rid][$protection])) {
return TRUE;
}
}
}
// No protection enabled.
return FALSE;
}