protected function checkEntityAccess($op, $entity_type, $entity)
{
$request = $this->getRequest();
if ($request['vsite']) {
spaces_set_space(spaces_load('og', $request['vsite']));
}
if (empty($entity->nid)) {
// This is still a new node. Skip.
return;
}
if ($is_group = og_is_group($entity_type, $entity)) {
$group = $entity;
} else {
$wrapper = entity_metadata_wrapper('node', $entity);
$group = $wrapper->{OG_AUDIENCE_FIELD}->get(0)->value();
}
if (empty($request['vsite'])) {
spaces_set_space(spaces_load('og', $group->nid));
}
$manager = og_user_access('node', $group->nid, 'administer users', $this->getAccount());
if ($is_group) {
// In addition to the node access check, we need to see if the user can
// manage groups.
return $manager && !vsite_access_node_access($group, 'view', $this->getAccount()) == NODE_ACCESS_DENY;
} else {
$app = os_get_app_by_bundle($entity->type);
$space = spaces_get_space();
$application_settings = $space->controllers->variable->get('spaces_features');
switch ($application_settings[$app]) {
case OS_DISABLED_APP:
return FALSE;
case OS_PRIVATE_APP:
return og_is_member('node', $group->nid, 'user', $this->getAccount()) && parent::checkEntityAccess($op, $entity_type, $entity);
default:
case OS_PUBLIC_APP:
return parent::checkEntityAccess($op, $entity_type, $entity);
}
}
}
/**
* Get the role of a user in a group.
*
* @return
* 0 - if user is not a member of the group.
* 1 - user has a role which is not the role given.
* 2 - user has the role given
*/
public static function checkUserRoleInGroup($name, $role, $group)
{
drupal_static_reset();
$gid = self::GetNodeId($group);
$user = user_load_by_name($name);
if (!og_is_member('node', $gid, 'user', $user)) {
return 1;
}
$user_roles = og_get_user_roles('node', $gid, $user->uid);
return !in_array($role, $user_roles) ? 1 : 2;
}