Révision dd54aff9
Ajouté par Assos Assos il y a plus de 10 ans
htmltest/sites/all/modules/entity/includes/entity.wrapper.inc | ||
---|---|---|
228 | 228 |
* If there is no access information for this property, TRUE is returned. |
229 | 229 |
*/ |
230 | 230 |
public function access($op, $account = NULL) { |
231 |
if (empty($this->info['parent']) && $this instanceof EntityDrupalWrapper) { |
|
232 |
// If there is no parent just incorporate entity based access. |
|
233 |
return $this->entityAccess($op == 'edit' ? 'update' : 'view', $account); |
|
234 |
} |
|
235 | 231 |
return !empty($this->info['parent']) ? $this->info['parent']->propertyAccess($this->info['name'], $op, $account) : TRUE; |
236 | 232 |
} |
237 | 233 |
|
... | ... | |
500 | 496 |
|
501 | 497 |
protected function propertyAccess($name, $op, $account = NULL) { |
502 | 498 |
$info = $this->getPropertyInfo($name); |
503 |
// If the property should be accessed and it's an entity, make sure the user |
|
504 |
// is allowed to view that entity. |
|
505 |
if ($op == 'view' && $this->$name instanceof EntityDrupalWrapper && !$this->$name->entityAccess($op, $account)) { |
|
506 |
return FALSE; |
|
507 |
} |
|
508 |
// If a property should be edited and this is an entity, make sure the user |
|
509 |
// has update access for this entity. |
|
499 |
|
|
500 |
// If a property should be edited and this is part of an entity, make sure |
|
501 |
// the user has update access for this entity. |
|
510 | 502 |
if ($op == 'edit') { |
511 | 503 |
$entity = $this; |
512 | 504 |
while (!($entity instanceof EntityDrupalWrapper) && isset($entity->info['parent'])) { |
... | ... | |
804 | 796 |
return $this->type; |
805 | 797 |
} |
806 | 798 |
|
799 |
/** |
|
800 |
* {@inheritdoc} |
|
801 |
* |
|
802 |
* Note that this method checks property access, but can be used for checking |
|
803 |
* entity access *only* if the wrapper is not a property (i.e. has no parent |
|
804 |
* wrapper). |
|
805 |
* To be safe, better use EntityDrupalWrapper::entityAccess() for checking |
|
806 |
* entity access. |
|
807 |
*/ |
|
808 |
public function access($op, $account = NULL) { |
|
809 |
if (!empty($this->info['parent'])) { |
|
810 |
// If this is a property, make sure the user is able to view the |
|
811 |
// currently referenced entity also. |
|
812 |
return $this->entityAccess('view', $account) && parent::access($op, $account); |
|
813 |
} |
|
814 |
else { |
|
815 |
// This is not a property, so fallback on entity access. |
|
816 |
return $this->entityAccess($op == 'edit' ? 'update' : 'view', $account); |
|
817 |
} |
|
818 |
} |
|
819 |
|
|
807 | 820 |
/** |
808 | 821 |
* Checks whether the operation $op is allowed on the entity. |
809 | 822 |
* |
Formats disponibles : Unified diff
Weekly update of contrib modules