-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprivate_biodata.module
139 lines (122 loc) · 4.1 KB
/
private_biodata.module
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
<?php
/**
* @file
* The main functionality for the module.
*/
require_once('includes/TripalFields/private_biodata.fields.inc');
/**
* Implements hook_permission().
*/
function private_biodata_permission() {
$permissions = [];
// Add 'View Private' permissions for each content type.
$bundles = tripal_get_content_types();
foreach ($bundles as $bundle) {
$permissions['view private ' . $bundle->name] = [
'title' => t('%label: View Private Content', ['%label' => $bundle->label]),
'description' => t('Allow the user to view private %label content. Content is indicated to be private using the "Private Tripal Content" field.', ['%label' => $bundle->label]),
];
}
return $permissions;
}
/**
* Implements hook_entity_info_alter().
*/
function private_biodata_entity_info_alter(&$entity_info) {
// We need to override the original access callback
// in order to allow our module to revoke access.
// @see tripal/includes/tripal_entity.inc::tripal_entity_access line 488
// @code (excerpt from the above file)
// $results = module_invoke_all($entity_type . '_access', $entity, $op, $account);
// if (in_array(TRUE, $results)) {
// return TRUE;
// }
// @endcode
$entity_info['TripalEntity']['access callback'] = 'private_biodata_access';
}
/**
* Implements hook_menu_alter().
*/
function private_biodata_menu_alter(&$items) {
// We also need to alter the menu to ensure it uses our new callback.
$items['bio_data/%']['access callback'] = 'private_biodata_access';
$items['bio_data/%/view']['access callback'] = 'private_biodata_access';
}
/**
* Checks access permissions for a given entity.
*
* This function is set for TripalEntity access checking in the
* tripal_entity_info() under the 'access callback' element.
*
* @param $op
* The operation. One of: create, view, edit, delete.
* @param $entity
* The entity to check access for.
* @param $account
* The user account.
* @param $entity_type
* The type of entity (will always be TripalEntity).
*/
function private_biodata_access($op, $entity = NULL, $account = NULL, $entity_type = NULL) {
global $user;
$cache = &drupal_static(__FUNCTION__, NULL);
if (!isset($account)) {
$account = $user;
}
if (is_object($entity) && is_a($entity, 'TripalEntity')) {
$bundle_name = $entity->bundle;
$entity_id = $entity->id;
}
elseif (is_numeric($entity)) {
$entity_id = $entity;
if (!isset($cache)) {
$cache = cache_get("tripal_entity_access_cache");
if (isset($cache->data)) {
$cache = $cache->data;
}
}
if (empty($cache)) {
$cache = [];
}
if (isset($cache[$entity])) {
$bundle_name = $cache[$entity];
}
else {
$sql = 'SELECT {bundle} FROM tripal_entity WHERE id = :id';
$bundle_name = db_query($sql, [':id' => $entity])->fetchField();
$cache[$entity] = $bundle_name;
cache_set("tripal_entity_access_cache", $cache);
}
}
else {
return FALSE;
}
if (!$entity_type) {
if (is_object($entity)) {
$entity_type = $entity->type;
}
else {
$entity_type = 'TripalEntity';
}
}
// --- What's different from Tripal Core -------------------------------
// The bit above is also done in Tripal Core but we need the variables
// so we had to duplicate it. The code will not be run 2X because we can
// pass the already determined values into tripal_entity_access below.
// We only care about viewing.
if ($op == 'view') {
// We also only care if this entity is private...
$is_private = db_query('SELECT private FROM {private_biodata}
WHERE entity_id=:id',
[':id' => $entity_id])->fetchField();
// If we have it marked as private...
if ($is_private) {
// then return the custom permission provided by this module.
return user_access('view private ' . $bundle_name, $account);
}
}
// If we reach here then this is not a situation this module cares about.
// as such, defer to Tripal Core.
return tripal_entity_access($op, $entity, $account, $entity_type);
// ---------------------------------------------------------------------
}