Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

collection_readable()

Parameters

ColumnTypeDefaultDescription
$collection

Location

include/collections_functions.php lines 729 to 784

Definition

 
function collection_readable($collection)
    {
    global 
$userref$usergroup$ignore_collection_access$collection_commenting;

    
$k getval('k''');

    
# Fetch collection details.
    
if (!is_numeric($collection)) {return false;}
    
$collectiondata=get_collection($collection);
    if(
$collectiondata === false)
        {
        return 
false;
        }

    
# Load a list of attached users
    
$attached ps_array("SELECT user value FROM user_collection WHERE collection = ?",["i",$collection]);
    
$attached_groups ps_array("SELECT usergroup value FROM usergroup_collection WHERE collection = ?",["i",$collection]);

    
# Access if collection_commenting is enabled and request feedback checked
    # Access if it's a public collection (or featured collection to which user has access to)
    # Access if k is not empty or option to ignore collection access is enabled and k is empty
    
if (
        (
$collection_commenting && $collectiondata['request_feedback'] == 1)
        || 
$collectiondata['type'] == COLLECTION_TYPE_PUBLIC
        
|| ($collectiondata['type'] == COLLECTION_TYPE_FEATURED && featured_collection_check_access_control($collection))
        || 
$k!=""
        
|| ($k=="" && $ignore_collection_access)
    )
        {
        return 
true;
        }

        
# Perform these checks only if a user is logged in
        # Access if:
        #   - It's their collection
        #   - It's a public collection (or featured collection to which user has access to)
        #   - They have the 'access and edit all collections' admin permission
        #   - They are attached to this collection
        #   - Option to ignore collection access is enabled and k is empty
        
if(
            
is_numeric($userref)
            && (
$userref == $collectiondata["user"]
            || 
$collectiondata['type'] == COLLECTION_TYPE_PUBLIC
            
|| ($collectiondata['type'] == COLLECTION_TYPE_FEATURED && featured_collection_check_access_control($collection))
            || 
checkperm("h")
            || 
in_array($userref$attached)
            || 
in_array($usergroup$attached_groups)
            || 
checkperm("R")
            || 
$k!=""
            
|| ($k=="" && $ignore_collection_access))
        ) {
            return 
true;
        }

    return 
false;
    }

This article was last updated 4th December 2024 08:35 Europe/London time based on the source file dated 27th November 2024 15:30 Europe/London time.