Elgg\Mocks\Database\EntityTable::validateRowAccess PHP Method

EntityTable Class Documentation Datei anzeigen Open project: elgg/elgg

validateRowAccess() public method

Check if the user logged in when the query is run, has access to a given data row This is a reverse engineered approach to an SQL query generated by AccessCollections::getWhereSql()

public validateRowAccess ( stdClass $row ) : boolean
$row	stdClass	Data row
return	boolean

    public function validateRowAccess($row)
    {
        if (elgg_get_ignore_access()) {
            return true;
        }
        if ($row->access_id == ACCESS_PUBLIC) {
            return true;
        }
        $user = elgg_get_logged_in_user_entity();
        if (!$user) {
            return false;
        }
        if ($row->access_id == ACCESS_LOGGED_IN && elgg_is_logged_in()) {
            return true;
        }
        if ($user->isAdmin()) {
            return true;
        }
        if ($row->owner_guid == $user->guid) {
            return true;
        }
        if ($row->access_id == ACCESS_PRIVATE && $row->owner_guid == $user->guid) {
            return true;
        }
        if ($row->access_id == ACCESS_FRIENDS && check_entity_relationship($row->owner_guid, 'friend', $user->guid)) {
            return true;
        }
        $access_list = _elgg_services()->accessCollections->getAccessList($user->guid);
        if (in_array($row->access_id, $access_list)) {
            return true;
        }
    }

EntityTable

addDeleteQuerySpecs

addInsertQuerySpecs

addQuerySpecs

addSelectQuerySpecs

addUpdateQuerySpecs

clearQuerySpecs

insertRow

iterate

setup

updateRow

validateRowAccess