modules/image_gallery_access/image_gallery_access.node.inc

<?php
// $Id: image_gallery_access.node.inc,v 1.3 2009/03/18 22:26:38 salvis Exp $

/**
 * @file image_gallery_access.node.inc
 *
 * Include file for image_gallery_access.module, containing (sub-)page handling
 * (form_alter) code for the node form.
 *
 */

/**
 * Rewrite the taxonomy item on the node form.
 */
function _image_gallery_access_node_form(&$form, &$form_state) {
  global $user;
  $vid = _image_gallery_get_vid();
  if (!isset($form['taxonomy'][$vid]['#options'])) {
    return;
  }

  // image and node administrators are all powerful and do NOT get their forms rewritten here.
  if (user_access('administer image galleries') || user_access('administer nodes')) {
    return;
  }
  $roles = _image_gallery_access_get_roles($user);
  $result = db_query("SELECT tid FROM {image_gallery_access} WHERE rid IN (%s) AND grant_create = 1", $roles);
  while ($obj = db_fetch_object($result)) {
    $tids[$obj->tid] = $obj->tid;
  }

  // Also get all image galleries they happen to be able to moderate.
  $result = db_query("SELECT a.name AS tid FROM {acl} a INNER JOIN {acl_user} u ON a.acl_id = u.acl_id WHERE a.module = 'image_gallery_access' AND u.uid = %d", $user->uid);
  while ($obj = db_fetch_object($result)) {
    $tids[$obj->tid] = $obj->tid;
  }

  // Ensure the image gallery they're trying to post to directly is allowed, otherwise
  // there will be much confusion.
  $gallery_tid = arg(3);
  if (isset($gallery_tid) && is_numeric($gallery_tid) && !isset($tids[$gallery_tid])) {
    drupal_access_denied();
    module_invoke_all('exit');
    exit;
  }

  foreach ($form['taxonomy'][$vid]['#options'] as $tid => $name) {
    if (!is_numeric($tid)) {
      $options[$tid] = $name;
    }
    elseif (is_object($name)) {
      foreach ($name->option as $sub_tid => $sub_name) {
        if (!empty($tids[$sub_tid])) {
          $options[$tid]->option[$sub_tid] = $sub_name;
        }
      }
    }
    elseif ($tids[$tid]) {
      $options[$tid] = $name;
    }
  }

  if ($options) {
    $form['taxonomy'][$vid]['#options'] = $options;
  }
  else {
    unset($form['taxonomy'][$vid]);
  }
}

1	<?php
2	// $Id: image_gallery_access.node.inc,v 1.3 2009/03/18 22:26:38 salvis Exp $
3
4	/**
5	* @file image_gallery_access.node.inc
6	*
7	* Include file for image_gallery_access.module, containing (sub-)page handling
8	* (form_alter) code for the node form.
9	*
10	*/
11
12	/**
13	* Rewrite the taxonomy item on the node form.
14	*/
15	function _image_gallery_access_node_form(&$form, &$form_state) {
16	global $user;
17	$vid = _image_gallery_get_vid();
18	if (!isset($form['taxonomy'][$vid]['#options'])) {
19	return;
20	}
21
22	// image and node administrators are all powerful and do NOT get their forms rewritten here.
23	if (user_access('administer image galleries') \|\| user_access('administer nodes')) {
24	return;
25	}
26	$roles = _image_gallery_access_get_roles($user);
27	$result = db_query("SELECT tid FROM {image_gallery_access} WHERE rid IN (%s) AND grant_create = 1", $roles);
28	while ($obj = db_fetch_object($result)) {
29	$tids[$obj->tid] = $obj->tid;
30	}
31
32	// Also get all image galleries they happen to be able to moderate.
33	$result = db_query("SELECT a.name AS tid FROM {acl} a INNER JOIN {acl_user} u ON a.acl_id = u.acl_id WHERE a.module = 'image_gallery_access' AND u.uid = %d", $user->uid);
34	while ($obj = db_fetch_object($result)) {
35	$tids[$obj->tid] = $obj->tid;
36	}
37
38	// Ensure the image gallery they're trying to post to directly is allowed, otherwise
39	// there will be much confusion.
40	$gallery_tid = arg(3);
41	if (isset($gallery_tid) && is_numeric($gallery_tid) && !isset($tids[$gallery_tid])) {
42	drupal_access_denied();
43	module_invoke_all('exit');
44	exit;
45	}
46
47	foreach ($form['taxonomy'][$vid]['#options'] as $tid => $name) {
48	if (!is_numeric($tid)) {
49	$options[$tid] = $name;
50	}
51	elseif (is_object($name)) {
52	foreach ($name->option as $sub_tid => $sub_name) {
53	if (!empty($tids[$sub_tid])) {
54	$options[$tid]->option[$sub_tid] = $sub_name;
55	}
56	}
57	}
58	elseif ($tids[$tid]) {
59	$options[$tid] = $name;
60	}
61	}
62
63	if ($options) {
64	$form['taxonomy'][$vid]['#options'] = $options;
65	}
66	else {
67	unset($form['taxonomy'][$vid]);
68	}
69	}
70