1 comment.entity.inc | public Comment::access($op, $account = NULL) |
Overrides Entity::access().
Parameters
string $op: The operation to be performed on the node. Possible values are:
- view
- update
- approve
- delete
User|AnonymousUser|object $account: (optional) The user to check for. Leave it to NULL to check for the global user.
Return value
bool: TRUE if access is granted, FALSE otherwise.
Overrides Entity::access
File
- core/
modules/ comment/ comment.entity.inc, line 164 - Entity controller and class for comments.
Class
- Comment
- Defines the comment entity class.
Code
public function access($op, $account = NULL) {
// Casting class with private property causes errors due to added prefix.
// e.g. "\0" . 'Comment' . "\0". So use static array instead.
$rights = &backdrop_static(__METHOD__, array());
if ($op == 'create') {
return self::createAccess(NULL, $account);
}
elseif (!in_array($op, array('view', 'update', 'approve', 'delete'), TRUE)) {
// If the $op was not one of the supported ones, we return access denied.
return FALSE;
}
// If no user object is supplied, the access check is for the current user.
if (empty($account)) {
$account = $GLOBALS['user'];
}
$cid = $this->id();
// If we've already checked access for this node, user and op, return from
// cache.
if (isset($rights[$account->uid][$cid][$op])) {
return $rights[$account->uid][$cid][$op];
}
if ($op == 'view') {
$rights[$account->uid][$cid][$op] = user_access('access comments', $account);
return $rights[$account->uid][$cid][$op];
}
elseif ($op == 'update') {
$rights[$account->uid][$cid][$op] = ($account->uid && $account->uid == $this->uid && $this->status == COMMENT_PUBLISHED && user_access('edit own comments', $account)) || user_access('administer comments', $account);
return $rights[$account->uid][$cid][$op];
}
elseif ($op == 'approve') {
$rights[$account->uid][$cid][$op] = user_access('administer comments', $account);
return $rights[$account->uid][$cid][$op];
}
elseif ($op == 'delete') {
$rights[$account->uid][$cid][$op] = user_access('administer comments', $account);
return $rights[$account->uid][$cid][$op];
}
$rights[$account->uid][$cid][$op] = FALSE;
return $rights[$account->uid][$cid][$op];
}