/**
* Determines if the current user is allowed to run authorize.php.
*
* The killswitch in settings.php overrides all else, otherwise, the user must
* have access to the 'administer software updates' permission.
*
* @return
* TRUE if the current user can run authorize.php, and FALSE if not.
*/
function authorize_access_allowed()
{
return settings_get('allow_authorize_operations', TRUE) && user_access('administer software updates');
}
/**
* Determines if the current user is allowed to run update.php.
*
* @return
* TRUE if the current user should be granted access, or FALSE otherwise.
*/
function update_access_allowed()
{
global $user;
// Allow the global variable in settings.php to override the access check.
if (settings_get('update_free_access')) {
return TRUE;
}
// Calls to user_access() might fail during the update process,
// so we fall back on requiring that the user be logged in as user #1.
try {
require_once BACKDROP_ROOT . '/' . backdrop_get_path('module', 'user') . '/user.module';
return user_access('administer software updates');
} catch (Exception $e) {
return $user->uid == 1;
}
}
