| 1 |
<?php
|
| 2 |
// $Id: forum_access.node.inc,v 1.6 2009/10/04 22:43:46 salvis Exp $
|
| 3 |
|
| 4 |
/**
|
| 5 |
* @file forum_access.node.inc
|
| 6 |
*
|
| 7 |
* Include file for forum_access.module, containing (sub-)page handling
|
| 8 |
* (form_alter) code for the node and comment forms as well as code
|
| 9 |
* for temporarily assigning the Forum Moderator role and managing
|
| 10 |
* the resulting rights.
|
| 11 |
*/
|
| 12 |
|
| 13 |
/**
|
| 14 |
* Rewrite the taxonomy item on the node form.
|
| 15 |
*/
|
| 16 |
function _forum_access_node_form(&$form, &$form_state) {
|
| 17 |
global $user;
|
| 18 |
$vid = variable_get('forum_nav_vocabulary', '');
|
| 19 |
|
| 20 |
if (!isset($form['taxonomy'][$vid]['#options'])) {
|
| 21 |
return;
|
| 22 |
}
|
| 23 |
|
| 24 |
// Node administrators are all powerful and do NOT get their forms rewritten here.
|
| 25 |
if (user_access('administer nodes') && empty($user->_forum_access_moderator)) {
|
| 26 |
return;
|
| 27 |
}
|
| 28 |
|
| 29 |
$roles = _forum_access_get_roles($user);
|
| 30 |
$result = db_query("SELECT tid FROM {forum_access} WHERE rid IN (%s) AND grant_create = 1", $roles);
|
| 31 |
while ($obj = db_fetch_object($result)) {
|
| 32 |
$tids[$obj->tid] = $obj->tid;
|
| 33 |
}
|
| 34 |
|
| 35 |
// Also get all forums they happen to be able to moderate.
|
| 36 |
$result = db_query("SELECT a.name AS tid FROM {acl} a INNER JOIN {acl_user} u ON a.acl_id = u.acl_id WHERE a.module = 'forum_access' AND u.uid = %d", $user->uid);
|
| 37 |
while ($obj = db_fetch_object($result)) {
|
| 38 |
$tids[$obj->tid] = $obj->tid;
|
| 39 |
}
|
| 40 |
|
| 41 |
// Ensure the forum they're trying to post to directly is allowed, otherwise
|
| 42 |
// there will be much confusion.
|
| 43 |
$forum_tid = arg(3);
|
| 44 |
if (isset($forum_tid) && is_numeric($forum_tid) && !isset($tids[$forum_tid])) {
|
| 45 |
drupal_access_denied();
|
| 46 |
module_invoke_all('exit');
|
| 47 |
exit;
|
| 48 |
}
|
| 49 |
|
| 50 |
foreach ($form['taxonomy'][$vid]['#options'] as $tid => $name) {
|
| 51 |
if (!is_numeric($tid)) {
|
| 52 |
$options[$tid] = $name;
|
| 53 |
}
|
| 54 |
elseif (is_object($name)) {
|
| 55 |
foreach ($name->option as $sub_tid => $sub_name) {
|
| 56 |
if (!empty($tids[$sub_tid])) {
|
| 57 |
$options[$tid]->option[$sub_tid] = $sub_name;
|
| 58 |
}
|
| 59 |
}
|
| 60 |
}
|
| 61 |
elseif ($tids[$tid]) {
|
| 62 |
$options[$tid] = $name;
|
| 63 |
}
|
| 64 |
}
|
| 65 |
|
| 66 |
if ($options) {
|
| 67 |
$form['taxonomy'][$vid]['#options'] = $options;
|
| 68 |
}
|
| 69 |
else {
|
| 70 |
unset($form['taxonomy'][$vid]);
|
| 71 |
}
|
| 72 |
|
| 73 |
// Apply modifications for Moderators (by role or uid).
|
| 74 |
if (!empty($user->_forum_access_moderator)) {
|
| 75 |
// We gave this user the 'administer nodes' permission, which he doesn't
|
| 76 |
// normally have. Remove controls that should be reserved to true node
|
| 77 |
// administrators.
|
| 78 |
_forum_access_disable_moderator(); // not needed anymore
|
| 79 |
$allowed_elements = variable_get('forum_access_allowed_node_edit_elements', array('nid', 'vid', 'uid', 'created', 'type', 'changed', 'title', 'shadow', 'body_field', 'revision_information', 'form_build_id', 'form_token', 'form_id', 'comment_settings', 'taxonomy'));
|
| 80 |
$allowed_options = variable_get('forum_access_allowed_node_edit_options', array('status', 'sticky', 'subscriptions_notify'));
|
| 81 |
foreach (element_children($form) as $key) {
|
| 82 |
switch ($key) {
|
| 83 |
case 'options':
|
| 84 |
foreach (element_children($form[$key]) as $key2) {
|
| 85 |
if (array_search($key2, $allowed_options) === FALSE) {
|
| 86 |
$form[$key][$key2]['#access'] = FALSE;
|
| 87 |
}
|
| 88 |
}
|
| 89 |
break;
|
| 90 |
case 'buttons':
|
| 91 |
$tid = $form['taxonomy'][$vid]['#default_value'][0];
|
| 92 |
if (!forum_access_access($tid, 'update')) {
|
| 93 |
$form['buttons']['submit']['#access'] = FALSE;
|
| 94 |
$form['buttons']['preview']['#access'] = FALSE;
|
| 95 |
}
|
| 96 |
if (!forum_access_access($tid, 'delete')) {
|
| 97 |
$form['buttons']['delete']['#access'] = FALSE;
|
| 98 |
}
|
| 99 |
break;
|
| 100 |
default:
|
| 101 |
if (array_search($key, $allowed_elements) === FALSE) {
|
| 102 |
$form[$key]['#access'] = FALSE;
|
| 103 |
}
|
| 104 |
}
|
| 105 |
}
|
| 106 |
if ($user->_forum_access_moderator == 1) {
|
| 107 |
$form['options']['#access'] = FALSE;
|
| 108 |
$form['comment_settings']['#access'] = FALSE;
|
| 109 |
}
|
| 110 |
}
|
| 111 |
}
|
| 112 |
|
| 113 |
/**
|
| 114 |
* Remove the in-line 'Post new comment' form, if the user does not have the
|
| 115 |
* 'create' permission (see below).
|
| 116 |
* (This needs forum_access_preprocess_box() to clean up afterwards.)
|
| 117 |
*
|
| 118 |
* Also, deny access if the user tries to enter a comment URL directly,
|
| 119 |
* and sanitize the Administration options for users with Edit grants.
|
| 120 |
*/
|
| 121 |
function _forum_access_comment_form(&$form, &$form_state) {
|
| 122 |
global $user;
|
| 123 |
if ($user->uid != 1 && isset($form['nid']['#value'])) {
|
| 124 |
$node = node_load($form['nid']['#value']);
|
| 125 |
if ($tid = _forum_access_get_tid($node)) {
|
| 126 |
if (!forum_access_access($tid, 'create')) {
|
| 127 |
switch (arg(0))
|
| 128 |
{
|
| 129 |
case 'node':
|
| 130 |
$form = NULL; // remove the in-line comment form
|
| 131 |
break;
|
| 132 |
case 'comment':
|
| 133 |
drupal_access_denied();
|
| 134 |
module_invoke_all('exit');
|
| 135 |
exit;
|
| 136 |
}
|
| 137 |
}
|
| 138 |
else {
|
| 139 |
if (isset($form['admin']) && !empty($user->_forum_access_moderator)) {
|
| 140 |
switch ($user->_forum_access_moderator) {
|
| 141 |
case 2:
|
| 142 |
foreach (element_children($form['admin']) as $key) {
|
| 143 |
if ($key != 'status') {
|
| 144 |
$form['admin'][$key]['#access'] = FALSE;
|
| 145 |
}
|
| 146 |
}
|
| 147 |
break;
|
| 148 |
case 1:
|
| 149 |
$form['admin']['#access'] = FALSE;
|
| 150 |
}
|
| 151 |
}
|
| 152 |
}
|
| 153 |
}
|
| 154 |
}
|
| 155 |
}
|
| 156 |
|
| 157 |
/*
|
| 158 |
* Give the user the 'administer nodes' and 'administer comments' permissions for this request.
|
| 159 |
*/
|
| 160 |
function _forum_access_enable_moderator() {
|
| 161 |
global $user;
|
| 162 |
$rid = _forum_access_get_moderator_rid();
|
| 163 |
$user->roles[$rid] = '(forum_access temporary)';
|
| 164 |
user_access('', NULL, TRUE); // clear the permissions cache to activate the new role
|
| 165 |
}
|
| 166 |
|
| 167 |
/*
|
| 168 |
* Remove the moderator permissions.
|
| 169 |
*/
|
| 170 |
function _forum_access_disable_moderator() {
|
| 171 |
global $user;
|
| 172 |
$rid = _forum_access_get_moderator_rid();
|
| 173 |
unset($user->roles[$rid]);
|
| 174 |
user_access('', NULL, TRUE); // clear the permissions cache to revert to normal
|
| 175 |
}
|
| 176 |
|
| 177 |
/*
|
| 178 |
* Retrieve the rid of the Forum Moderator role; if the role does not exist,
|
| 179 |
* then create it.
|
| 180 |
*/
|
| 181 |
function _forum_access_get_moderator_rid($verbose = FALSE)
|
| 182 |
{
|
| 183 |
$rid = variable_get('forum_access_moderator_rid', NULL);
|
| 184 |
if ($rid !== NULL) {
|
| 185 |
if (db_result(db_query("SELECT COUNT(rid) FROM {role} WHERE rid = %d", $rid)) == 1) {
|
| 186 |
return $rid;
|
| 187 |
}
|
| 188 |
}
|
| 189 |
module_load_include('admin.inc', 'forum_access');
|
| 190 |
return _forum_access_create_moderator_rid($verbose);
|
| 191 |
}
|
| 192 |
|
| 193 |
/*
|
| 194 |
* Return the roles for forum_access_node_access_explain().
|
| 195 |
*/
|
| 196 |
function _forum_access_get_all_roles() {
|
| 197 |
$roles = user_roles();
|
| 198 |
$moderator_rid = variable_get('forum_access_moderator_rid', NULL);
|
| 199 |
if (isset($roles[$moderator_rid])) {
|
| 200 |
$roles[$moderator_rid] .= ' '. t('(!Forum_Access temporary role, does not need any grants.)', array('!Forum_Access' => 'Forum Access'));
|
| 201 |
}
|
| 202 |
return $roles;
|
| 203 |
}
|
| 204 |
|
| 205 |
/**
|
| 206 |
* Recreate comment links (they've already been themed), and
|
| 207 |
* remove those that aren't accessible to the user.
|
| 208 |
*/
|
| 209 |
function _forum_access_preprocess_comment(&$variables) {
|
| 210 |
global $user;
|
| 211 |
if (!empty($user->_forum_access_moderator)) {
|
| 212 |
_forum_access_enable_moderator(); // this allows us to retrieve the comment links (without setting precedent!)
|
| 213 |
}
|
| 214 |
|
| 215 |
$tid = $variables['node']->tid;
|
| 216 |
$links = module_invoke_all('link', 'comment', $variables['comment'], 0);
|
| 217 |
|
| 218 |
if (!empty($user->_forum_access_moderator) && arg(0) == 'node' && arg(2) == NULL) {
|
| 219 |
_forum_access_disable_moderator();
|
| 220 |
}
|
| 221 |
|
| 222 |
if (isset($links['comment_reply']) && (!preg_match('#<li class="[^"]*comment_reply[^"]*".*</li>#U', $variables['links']) || !forum_access_access($tid, 'create'))) {
|
| 223 |
unset($links['comment_reply']);
|
| 224 |
}
|
| 225 |
if (isset($links['comment_edit']) && !forum_access_access($tid, 'update') && !comment_access('edit', $variables['comment'])) {
|
| 226 |
unset($links['comment_edit']);
|
| 227 |
}
|
| 228 |
if (isset($links['comment_delete']) && !forum_access_access($tid, 'delete')) {
|
| 229 |
unset($links['comment_delete']);
|
| 230 |
}
|
| 231 |
foreach(array_keys($links) as $link) {
|
| 232 |
if (!in_array($link, array('comment_reply', 'comment_edit', 'comment_delete')) && !preg_match('#<li class="[^"]*'. $link .'[^"]*".*</li>#U', $variables['links'])) {
|
| 233 |
unset($links[$link]); // eliminate possible additional unknown links that came in for 'administer_comments'
|
| 234 |
}
|
| 235 |
}
|
| 236 |
if (empty($links)) {
|
| 237 |
$links['comment_forbidden'] = array(
|
| 238 |
'title' => theme('comment_post_forbidden', $variables['node']),
|
| 239 |
'html' => TRUE,
|
| 240 |
);
|
| 241 |
}
|
| 242 |
$variables['links'] = theme('links', $links);
|
| 243 |
}
|
Parent Directory
| 
Revision Log
| 
Revision Graph