/**
* validates that the current can create a node with these values
*
* @param array Array of field => value pairs which define the record.
* @param string Parameters to be checked for permission
*
* @return bool
*/
public function validate(&$data, $action = self::ACTION_ADD, $nodeid = false, $nodes = false)
{
//One extra check. If the node would otherwise be viewable but viewperms is zero for an album, the the current user
//is the owner or follows the owner, they can see it.
if (parent::validate($data, $action, $nodeid, $nodes)) {
return true;
}
if ($action == self::ACTION_VIEW) {
if (empty($data) and !empty($nodeid)) {
$data = vB_Library::instance('node')->getNodeBare($nodeid);
}
if (isset($data['nodeid']) and isset($data['userid']) and isset($data['parentid']) and isset($data['viewperms'])) {
$nodes = array($data);
} else {
if (!is_array($nodeid)) {
$nodeid = array($nodeid);
}
if (!$nodes) {
$nodes = vB_Api::instanceInternal('node')->getNodes($nodeid);
}
}
$albumChannel = vB_Library::instance('node')->fetchAlbumChannel();
$following = vB_Api::instanceInternal('follow')->getFollowingParameters();
if (empty($following['user'])) {
$following = array(vB::getCurrentSession()->get('userid'));
} else {
$following = $following['user'];
$following[] = vB::getCurrentSession()->get('userid');
}
foreach ($nodes as $node) {
if ($node['parentid'] != $albumChannel or $node['viewperms'] != 0 or !in_array($node['userid'], $following)) {
return false;
}
}
//If we got here all is O.K.
return true;
}
return false;
}