modules/na_arbitrator/acl.module

<?php
// $Id: acl.module,v 1.6 2006/04/08 23:51:34 merlinofchaos Exp $

/** 
 * @file acl.module
 * 
 * This module handls ACLs on behalf of other modules. The two main reasons
 * to do this are so that modules using ACLs can share them with each
 * other without having to actually know much about them, and so that
 * ACLs can easily co-exist with the existing node_access system.
 */

/**
 * Implementation of hook_help
 */
function acl_help($section) {
  switch($section) {
    case 'admin/modules#description':
      return t('acls module provides an API for other modules to use Access Control List. It contains no user-serviceable parts.');
  }
}

/**
 * Create a new ACL.
 */
function acl_create_new_acl($module, $name) {
  $acl_id = db_next_id('acl_id');
  db_query("INSERT INTO {acl} (acl_id, module, name) VALUES (%d, '%s', '%s')", $acl_id, $module, $name);
  return $acl_id;
}

/**
 * Delete an existing ACL.
 */
function acl_delete_acl($acl_id) {
  db_query("DELETE FROM {acl} WHERE acl_id = %d", $acl_id);
  db_query("DELETE FROM {acl_user} WHERE acl_id = %d", $acl_id);
  db_query("DELETE FROM {acl_node} WHERE acl_id = %d", $acl_id);
}

/**
 * Add the specified UID to an ACL.
 */
function acl_add_user($acl_id, $uid) {
  $test_uid = db_result(db_query("SELECT uid FROM {acl_user} WHERE acl_id = $d AND uid = %d ", $acl_id, $uid));
  if (!$test_uid) {
    db_query("INSERT INTO {acl_user} (acl_id, uid) VALUES (%d, %d)", $acl_id, $uid);
  }
}

/**
 * Remove the specified UID from an ACL.
 */
function acl_remove_user($acl_id, $uid) {
  db_query("DELETE FROM {acl_user} WHERE acl_id = $d AND uid = %d ", $acl_id, $uid);
}

/**
 * Provide a special button type that doesn't get its #name blasted.
 */
function acl_elements() {
  $type['acl_button'] = array('#input' => TRUE, '#button_type' => 'submit', '#form_submitted' => FALSE);
  return $type;
}

function theme_acl_button($element) {
  $element['#value'] = $element['#label'];
  return theme('button', $element);
}

/**
 * Provide a form to edit the ACL that can be embedded in other
 * forms.
 */
function acl_edit_form($acl_id, $label = NULL) {
  // Ensure the ACL in question even exists.
  if (!$acl_name = db_result(db_query("SELECT name FROM {acl} WHERE acl_id = %d", $acl_id))) {
    return $form;
  }
  if (!$label) {
    $label = $acl_name;
  }

  $form = array(
    '#type' => 'fieldset', 
    '#collapsible' => true, 
    '#title' => $label,
    '#tree' => true);


  $result = db_query("SELECT u.uid, u.name FROM {users} u LEFT JOIN {acl_user} aclu ON aclu.uid = u.uid WHERE acl_id = %d", $acl_id);
  $users = array();
  while ($user = db_fetch_object($result)) {
    $users[$user->uid] = $user->name;
  }

  $form['acl_id'] = array('#type' => 'value', '#value' => $acl_id);

  $form['deletions'] = array('#type' => 'hidden'); // placeholder
  $form['delete_button'] = array(
    '#type' => 'acl_button',
    '#label' => t('Remove Checked')
  );

  $form['add'] = array(
    '#type' => 'textfield', 
    '#title' => t('Add user'), 
    '#maxlength' => 60, 
    '#size' => 40,
    '#autocomplete_path' => 'user/autocomplete', 
  );
  $form['add_button'] = array(
    '#type' => 'acl_button',
    '#label' => t('Add User'),
  );

  $form['user_list'] = array(
    '#type' => 'hidden',
    '#default_value' => serialize($users),
  );

  $form['#after_build'] = array('acl_edit_form_after_build');
  
  return $form;
}

/**
 * Write the results of a form.
 */
function acl_save_form($form) {
  $users = unserialize($form['user_list']);
  db_query('DELETE FROM {acl_user} WHERE acl_id = %d', $form['acl_id']);
  foreach ($users as $uid => $name) {
    db_query('INSERT INTO {acl_user} (acl_id, uid) VALUES (%d, %d)', $form['acl_id'], $uid);
  }
}

/**
 * Process a form that had our buttons on it.
 */
function acl_edit_form_after_build($form, $form_values) {
  // We can't use form_values because it's the entire structure
  // and we have no clue where our values actually are. That's
  // ok tho cause #value still works for us.
  $user_list = unserialize($form['user_list']['#value']);
  if ($form['delete_button']['#value'] && is_array($form['deletions']['#value'])) {
    foreach($form['deletions']['#value'] as $uid) {
      unset($user_list[$uid]);
    }
  }
  else if ($form['add_button']['#value']) {
    $name = $form['add']['#value'];
    $u = db_fetch_object(db_query("SELECT uid, name FROM {users} WHERE name = '%s'", $name));
    if (!$u->uid) {
      form_error($form['add'], "Invalid user.");
    }
    else {
      $user_list[$u->uid] = $u->name;
      $form['add']['#value'] = NULL;
    }
  }

  if (count($user_list) != 0) {
    $form['deletions']['#type'] = 'checkboxes';
    $form['deletions']['#title'] = t("Current users");
    $form['deletions']['#options'] = $user_list;
    $form['deletions']['#value'] = array(); // don't carry value through.
    // need $form_id and have no way to get it but from $_POST that
    // I can find; and if we got here that variable's already been
    // checked.
    $form['deletions'] = form_builder($_POST['form_id'], $form['deletions']);
  }
  else {
    $form['delete_button']['#type'] = 'value';
  }
  $form['user_list']['#value'] = serialize($user_list);
  return $form;
}


/**
 * Provide access control to a node based upon an ACL id. 
 */
function acl_node_add_acl($nid, $acl_id, $view, $update, $delete) {
  db_query("DELETE FROM {acl_node} WHERE acl_id = %d AND nid = %d", $acl_id, $nid);
  db_query("INSERT INTO {acl_node} (acl_id, nid, grant_view, grant_update, grant_delete) VALUES (%d, %d, %d, %d, %d)", $acl_id, $nid, $view, $update, $delete);
}

/**
 * Remove an ACL completely from a node.
 */
function acl_node_remove_acl($nid, $acl_id) {
  db_query("DELETE FROM {acl_node} WHERE acl_id = %d AND nid = %d", $acl_id, $nid);
}

/**
 * Clear all of a module's ACL's from a node.
 */
function acl_node_clear_acls($nid, $module) {
  $result = db_query("SELECT acl_id FROM {acl} WHERE module = '%s'", $module);
  while ($o = db_fetch_object($result)) {
    $acls[] = $o->acl_id;
  }
  if ($acls) {
    db_query("DELETE FROM {acl_node} WHERE nid = %d AND acl_id in (%s)", $nid,
      implode(',', $acls));
  }
}

/**
 * Implementation of hook_node_access_grants (from na_arbitrator)
 */
function acl_node_access_grants($node) {
  if (!$node->nid) {
    return;
  }
  $result = db_query("SELECT *, 'acl' AS realm, acl_id AS gid FROM {acl_node} WHERE nid = %d", $node->nid);
  while ($grant = db_fetch_array($result)) {
    $grants[] = $grant;
  }
  return $grants;
}

/**
 * hunmonk's module dependency check: see http://drupal.org/node/54463
 */
function acl_form_alter($form_id, &$form) {
  if ($form_id == 'system_modules' && !$_POST) {
    acl_system_module_validate($form);
  }
}

/**
 * hunmonk's module dependency check: see http://drupal.org/node/54463
 */
function acl_system_module_validate(&$form) {
  $module = 'acl';
  $dependencies = array('na_arbitrator');
  foreach ($dependencies as $dependency) {
      if (!in_array($dependency, $form['status']['#default_value'])) {
        $missing_dependency = TRUE;
        $missing_dependency_list[] = $dependency;
      }
  }
  if (in_array($module, $form['status']['#default_value']) && isset($missing_dependency)) {
    db_query("UPDATE {system} SET status = 0 WHERE type = 'module' AND name = '%s'", $module);
    $key = array_search($module, $form['status']['#default_value']);
    unset($form['status']['#default_value'][$key]);
    drupal_set_message(t('The module %module was deactivated--it requires the following disabled/non-existent modules to function properly: %dependencies', array('%module' => $module, '%dependencies' => implode(', ', $missing_dependency_list))), 'error');
  }
}

1	<?php
2	// $Id: acl.module,v 1.6 2006/04/08 23:51:34 merlinofchaos Exp $
3
4	/**
5	* @file acl.module
6	*
7	* This module handls ACLs on behalf of other modules. The two main reasons
8	* to do this are so that modules using ACLs can share them with each
9	* other without having to actually know much about them, and so that
10	* ACLs can easily co-exist with the existing node_access system.
11	*/
12
13	/**
14	* Implementation of hook_help
15	*/
16	function acl_help($section) {
17	switch($section) {
18	case 'admin/modules#description':
19	return t('acls module provides an API for other modules to use Access Control List. It contains no user-serviceable parts.');
20	}
21	}
22
23	/**
24	* Create a new ACL.
25	*/
26	function acl_create_new_acl($module, $name) {
27	$acl_id = db_next_id('acl_id');
28	db_query("INSERT INTO {acl} (acl_id, module, name) VALUES (%d, '%s', '%s')", $acl_id, $module, $name);
29	return $acl_id;
30	}
31
32	/**
33	* Delete an existing ACL.
34	*/
35	function acl_delete_acl($acl_id) {
36	db_query("DELETE FROM {acl} WHERE acl_id = %d", $acl_id);
37	db_query("DELETE FROM {acl_user} WHERE acl_id = %d", $acl_id);
38	db_query("DELETE FROM {acl_node} WHERE acl_id = %d", $acl_id);
39	}
40
41	/**
42	* Add the specified UID to an ACL.
43	*/
44	function acl_add_user($acl_id, $uid) {
45	$test_uid = db_result(db_query("SELECT uid FROM {acl_user} WHERE acl_id = $d AND uid = %d ", $acl_id, $uid));
46	if (!$test_uid) {
47	db_query("INSERT INTO {acl_user} (acl_id, uid) VALUES (%d, %d)", $acl_id, $uid);
48	}
49	}
50
51	/**
52	* Remove the specified UID from an ACL.
53	*/
54	function acl_remove_user($acl_id, $uid) {
55	db_query("DELETE FROM {acl_user} WHERE acl_id = $d AND uid = %d ", $acl_id, $uid);
56	}
57
58	/**
59	* Provide a special button type that doesn't get its #name blasted.
60	*/
61	function acl_elements() {
62	$type['acl_button'] = array('#input' => TRUE, '#button_type' => 'submit', '#form_submitted' => FALSE);
63	return $type;
64	}
65
66	function theme_acl_button($element) {
67	$element['#value'] = $element['#label'];
68	return theme('button', $element);
69	}
70
71	/**
72	* Provide a form to edit the ACL that can be embedded in other
73	* forms.
74	*/
75	function acl_edit_form($acl_id, $label = NULL) {
76	// Ensure the ACL in question even exists.
77	if (!$acl_name = db_result(db_query("SELECT name FROM {acl} WHERE acl_id = %d", $acl_id))) {
78	return $form;
79	}
80	if (!$label) {
81	$label = $acl_name;
82	}
83
84	$form = array(
85	'#type' => 'fieldset',
86	'#collapsible' => true,
87	'#title' => $label,
88	'#tree' => true);
89
90
91	$result = db_query("SELECT u.uid, u.name FROM {users} u LEFT JOIN {acl_user} aclu ON aclu.uid = u.uid WHERE acl_id = %d", $acl_id);
92	$users = array();
93	while ($user = db_fetch_object($result)) {
94	$users[$user->uid] = $user->name;
95	}
96
97	$form['acl_id'] = array('#type' => 'value', '#value' => $acl_id);
98
99	$form['deletions'] = array('#type' => 'hidden'); // placeholder
100	$form['delete_button'] = array(
101	'#type' => 'acl_button',
102	'#label' => t('Remove Checked')
103	);
104
105	$form['add'] = array(
106	'#type' => 'textfield',
107	'#title' => t('Add user'),
108	'#maxlength' => 60,
109	'#size' => 40,
110	'#autocomplete_path' => 'user/autocomplete',
111	);
112	$form['add_button'] = array(
113	'#type' => 'acl_button',
114	'#label' => t('Add User'),
115	);
116
117	$form['user_list'] = array(
118	'#type' => 'hidden',
119	'#default_value' => serialize($users),
120	);
121
122	$form['#after_build'] = array('acl_edit_form_after_build');
123
124	return $form;
125	}
126
127	/**
128	* Write the results of a form.
129	*/
130	function acl_save_form($form) {
131	$users = unserialize($form['user_list']);
132	db_query('DELETE FROM {acl_user} WHERE acl_id = %d', $form['acl_id']);
133	foreach ($users as $uid => $name) {
134	db_query('INSERT INTO {acl_user} (acl_id, uid) VALUES (%d, %d)', $form['acl_id'], $uid);
135	}
136	}
137
138	/**
139	* Process a form that had our buttons on it.
140	*/
141	function acl_edit_form_after_build($form, $form_values) {
142	// We can't use form_values because it's the entire structure
143	// and we have no clue where our values actually are. That's
144	// ok tho cause #value still works for us.
145	$user_list = unserialize($form['user_list']['#value']);
146	if ($form['delete_button']['#value'] && is_array($form['deletions']['#value'])) {
147	foreach($form['deletions']['#value'] as $uid) {
148	unset($user_list[$uid]);
149	}
150	}
151	else if ($form['add_button']['#value']) {
152	$name = $form['add']['#value'];
153	$u = db_fetch_object(db_query("SELECT uid, name FROM {users} WHERE name = '%s'", $name));
154	if (!$u->uid) {
155	form_error($form['add'], "Invalid user.");
156	}
157	else {
158	$user_list[$u->uid] = $u->name;
159	$form['add']['#value'] = NULL;
160	}
161	}
162
163	if (count($user_list) != 0) {
164	$form['deletions']['#type'] = 'checkboxes';
165	$form['deletions']['#title'] = t("Current users");
166	$form['deletions']['#options'] = $user_list;
167	$form['deletions']['#value'] = array(); // don't carry value through.
168	// need $form_id and have no way to get it but from $_POST that
169	// I can find; and if we got here that variable's already been
170	// checked.
171	$form['deletions'] = form_builder($_POST['form_id'], $form['deletions']);
172	}
173	else {
174	$form['delete_button']['#type'] = 'value';
175	}
176	$form['user_list']['#value'] = serialize($user_list);
177	return $form;
178	}
179
180
181	/**
182	* Provide access control to a node based upon an ACL id.
183	*/
184	function acl_node_add_acl($nid, $acl_id, $view, $update, $delete) {
185	db_query("DELETE FROM {acl_node} WHERE acl_id = %d AND nid = %d", $acl_id, $nid);
186	db_query("INSERT INTO {acl_node} (acl_id, nid, grant_view, grant_update, grant_delete) VALUES (%d, %d, %d, %d, %d)", $acl_id, $nid, $view, $update, $delete);
187	}
188
189	/**
190	* Remove an ACL completely from a node.
191	*/
192	function acl_node_remove_acl($nid, $acl_id) {
193	db_query("DELETE FROM {acl_node} WHERE acl_id = %d AND nid = %d", $acl_id, $nid);
194	}
195
196	/**
197	* Clear all of a module's ACL's from a node.
198	*/
199	function acl_node_clear_acls($nid, $module) {
200	$result = db_query("SELECT acl_id FROM {acl} WHERE module = '%s'", $module);
201	while ($o = db_fetch_object($result)) {
202	$acls[] = $o->acl_id;
203	}
204	if ($acls) {
205	db_query("DELETE FROM {acl_node} WHERE nid = %d AND acl_id in (%s)", $nid,
206	implode(',', $acls));
207	}
208	}
209
210	/**
211	* Implementation of hook_node_access_grants (from na_arbitrator)
212	*/
213	function acl_node_access_grants($node) {
214	if (!$node->nid) {
215	return;
216	}
217	$result = db_query("SELECT *, 'acl' AS realm, acl_id AS gid FROM {acl_node} WHERE nid = %d", $node->nid);
218	while ($grant = db_fetch_array($result)) {
219	$grants[] = $grant;
220	}
221	return $grants;
222	}
223
224	/**
225	* hunmonk's module dependency check: see http://drupal.org/node/54463
226	*/
227	function acl_form_alter($form_id, &$form) {
228	if ($form_id == 'system_modules' && !$_POST) {
229	acl_system_module_validate($form);
230	}
231	}
232
233	/**
234	* hunmonk's module dependency check: see http://drupal.org/node/54463
235	*/
236	function acl_system_module_validate(&$form) {
237	$module = 'acl';
238	$dependencies = array('na_arbitrator');
239	foreach ($dependencies as $dependency) {
240	if (!in_array($dependency, $form['status']['#default_value'])) {
241	$missing_dependency = TRUE;
242	$missing_dependency_list[] = $dependency;
243	}
244	}
245	if (in_array($module, $form['status']['#default_value']) && isset($missing_dependency)) {
246	db_query("UPDATE {system} SET status = 0 WHERE type = 'module' AND name = '%s'", $module);
247	$key = array_search($module, $form['status']['#default_value']);
248	unset($form['status']['#default_value'][$key]);
249	drupal_set_message(t('The module %module was deactivated--it requires the following disabled/non-existent modules to function properly: %dependencies', array('%module' => $module, '%dependencies' => implode(', ', $missing_dependency_list))), 'error');
250	}
251	}
252