function advise_user_can_view_advising_session_access_callback
Search API
| 7.x advise.module | advise_user_can_view_advising_session_access_callback() |
| 6.x advise.module | advise_user_can_view_advising_session_access_callback() |
| 4.x advise.module | advise_user_can_view_advising_session_access_callback() |
| 5.x advise.module | advise_user_can_view_advising_session_access_callback() |
This is an access callback. Can the user view the advising session specified in the REQUEST?
File
- modules/
advise/ advise.module, line 1127
Code
function advise_user_can_view_advising_session_access_callback() {
global $user;
if (user_has_permission("view_any_advising_session")) {
return TRUE;
}
if (user_has_permission("view_own_advising_session") || user_has_permission("view_advisee_advising_session")) {
$advising_session_id = $_REQUEST ["advising_session_id"];
// First, what was the student's CWID associated with that advising_session_id?
$res = db_query("SELECT student_id FROM advising_sessions
WHERE advising_session_id = ? ", $advising_session_id);
$cur = db_fetch_array($res);
if (user_has_permission("view_own_advising_session") && $user->cwid == $cur ["student_id"]) {
return TRUE;
}
if (user_has_permission("view_advisee_advising_session")) {
$faculty_advisees = advise_get_advisees();
if (in_array($cur ["student_id"], $faculty_advisees)) {
return TRUE;
}
}
}
return FALSE;
}