Merge a0cd6954b8 into fe12defee4

islandora.module

@@ -379,6 +379,48 @@ function islandora_object_datastream_tokened_access_callback($perm, $object = NU
   return islandora_object_datastream_access_callback($perm, $object, $datastream, $token_account);
 }
 
+/**
+ * Checks whether the user who added the token can access the given object and datastream with
+ * the given permission.
+ *
+ * Checks for object existance, accessiblitly, namespace permissions,
+ * and user permissions
+ *
+ * @see islandora_object_load() To find potential solutions to enable page
+ *   not found errors.
+ *
+ * @param string $perm
+ *   The user permission to test for.
+ * @param FedoraObject $object
+ *   The object to test, if NULL given the object doesn't exist or is
+ *   inaccessible.
+ * @param FedoraDatastream $datastream
+ *   The datastream to test, if NULL given the datastream doesn't exist
+ *   or is inaccessible.
+ *
+ * @return boolean
+ *   TRUE if the user is allowed to access this object.
+ *   TRUE if the user who created the token is allowed to access the object
+ *   FALSE otherwise
+ */
+function islandora_object_datastream_tokened_access_callback($perm, $object = NULL, $datastream = NULL) {
+  module_load_include('inc', 'islandora', 'includes/utilities');
+  $drupal_access = islandora_object_datastream_access_callback($perm, $object, $datastream);
+  $token_access = FALSE;
+  if($drupal_access) {
+    return $drupal_access;
+  }
+  if (array_key_exists('token', $_GET)) {
+    $token = filter_input(INPUT_GET, 'token', FILTER_SANITIZE_STRING);
+    $token_user = islandora_validate_object_token($object->id, $datastream->id, $token);
+    if (isset($token_user)) {
+      $token_account = user_load(array('uid' => $token_user->uid));
+      $token_access = user_access($perm, $token_account);
+    }
+  }
+  return $token_access;
+}
+
 /**
  * Checks whether the user can access the given object's manage tab
  * with the given array of permissions.