| 1 |
<?php |
<?php |
| 2 |
// $Id: nodeaccess.module,v 1.4.2.7.2.7 2007/04/30 19:35:18 debtman7 Exp $ |
// $Id: nodeaccess.module,v 1.4.2.7.2.8 2007/06/08 16:24:51 debtman7 Exp $ |
| 3 |
|
|
| 4 |
/** |
/** |
| 5 |
* Implementation of hook_help(). |
* Implementation of hook_help(). |
| 6 |
*/ |
*/ |
| 7 |
function nodeaccess_help($section) { |
function nodeaccess_help($section) { |
| 8 |
if (preg_match('|^node/\d+/grant|', $section)) { |
if (preg_match('|^node/\d+/grant|', $section)) { |
| 9 |
$message = t('You can set grants per users.'); |
return '<small>' . t('You can set grants per users. Enter a name or a partial name in the box and click Search or press return. You need to check the Keep? checkbox if you want to keep the user for granting. Note that user grants are additional to those coming from roles.') . '</small>'; |
|
$message .= t(' You need to check the Keep checkbox if you want to keep the user for granting. Users with Keep checkbox checked remain in the user table between searches. Note that user rights are additional to those coming from roles.'); |
|
| 10 |
} |
} |
| 11 |
} |
} |
| 12 |
|
|
|
|
|
| 13 |
/** |
/** |
| 14 |
* Implementation of hook_menu(). |
* Implementation of hook_menu(). |
| 15 |
*/ |
*/ |
| 16 |
function nodeaccess_menu($may_cache) { |
function nodeaccess_menu($may_cache) { |
| 17 |
$items = array(); |
$items = array(); |
| 18 |
if ($may_cache) { |
if ($may_cache) { |
| 19 |
$items[] = array('path' => 'admin/user/nodeaccess', 'title' => t('Nodeaccess'), |
$items[] = array('path' => 'admin/user/nodeaccess', |
| 20 |
'callback' => 'nodeaccess_admin', 'access' => user_access('administer nodeaccess'), |
'title' => t('Nodeaccess'), |
| 21 |
'description' => t('Change default settings for the nodeaccess module')); |
'callback' => 'nodeaccess_admin', |
| 22 |
|
'access' => user_access('administer nodeaccess'), |
| 23 |
|
'description' => t('Change default settings for the Nodeaccess module.')); |
| 24 |
} |
} |
| 25 |
else { |
else { |
| 26 |
if (arg(0) == 'node' && is_numeric(arg(1))) { |
if (arg(0) == 'node' && is_numeric(arg(1))) { |
| 27 |
$node = node_load(arg(1)); |
$node = node_load(arg(1)); |
| 28 |
$types = variable_get('nodeaccess-types', array()); |
if (nodeaccess_access('grant', $node)) { |
| 29 |
global $user; |
$items[] = array('path' => 'node/'. $node->nid .'/grant', |
| 30 |
if ($node->nid && $types[$node->type] && (user_access('grant node permissions') || (user_access('grant own node permissions') && $node->uid == $user->uid))) { |
'title' => t('Grant'), |
| 31 |
$items[] = array('path' => 'node/'. $node->nid .'/grant', 'title' => t('Grant'), |
'callback' => 'nodeaccess_grants', |
| 32 |
'callback' => 'nodeaccess_page', 'callback arguments' => $node->nid, |
'callback arguments' => $node->nid, |
| 33 |
'access' => nodeaccess_access('grant', $node), |
'access' => nodeaccess_access('grant', $node), |
| 34 |
'weight' => 5, |
'weight' => 5, |
| 35 |
'type' => MENU_LOCAL_TASK); |
'type' => MENU_LOCAL_TASK); |
| 36 |
} |
} |
| 37 |
} |
} |
| 38 |
} |
} |
| 43 |
* Implementation of hook_perm(). |
* Implementation of hook_perm(). |
| 44 |
*/ |
*/ |
| 45 |
function nodeaccess_perm() { |
function nodeaccess_perm() { |
| 46 |
return array('administer nodeaccess', 'grant node permissions', 'grant own node permissions'); |
return array('administer nodeaccess', 'grant node permissions', 'grant editable node permissions', 'grant deletable node permissions', 'grant own node permissions'); |
| 47 |
} |
} |
| 48 |
|
|
| 49 |
/** |
/** |
| 51 |
*/ |
*/ |
| 52 |
function nodeaccess_access($op, $node) { |
function nodeaccess_access($op, $node) { |
| 53 |
global $user; |
global $user; |
| 54 |
|
$allowed_types = variable_get('nodeaccess-types', array()); |
| 55 |
if ($op == 'grant') { |
if ($op == 'grant') { |
| 56 |
if (user_access('grant node permissions') || (user_access('grant own node permissions') && ($user->uid == $node->uid))) { |
if ($node->nid && $allowed_types[$node->type] && |
| 57 |
|
(user_access('grant node permissions') || |
| 58 |
|
(user_access('grant editable node permissions') && node_access('update', $node)) || |
| 59 |
|
(user_access('grant deletable node permissions') && node_access('delete', $node)) || |
| 60 |
|
(user_access('grant own node permissions') && ($user->uid == $node->uid)))) { |
| 61 |
return TRUE; |
return TRUE; |
| 62 |
} |
} |
| 63 |
} |
} |
| 64 |
|
return FALSE; |
| 65 |
} |
} |
| 66 |
|
|
| 67 |
/** |
/** |
| 68 |
* Menu callback. Draws the page. |
* Menu callback. Draws the admin page. |
| 69 |
*/ |
*/ |
|
function nodeaccess_page($nid) { |
|
|
$output = drupal_get_form('nodeaccess_grants_form', $nid); |
|
|
|
|
|
$node = node_load($nid); |
|
|
drupal_set_title(check_plain($node->title)); |
|
|
return $output; |
|
|
} |
|
|
|
|
|
function nodeaccess_grants_form($nid) { |
|
|
$node = node_load($nid); |
|
|
|
|
|
// build our form |
|
|
$edit = _nodeaccess_populate($nid); |
|
|
|
|
|
$roles = $edit['rid']; |
|
|
$users = $edit['uid']; |
|
|
|
|
|
$form['nid'] = array('#type' => 'value', '#value' => $nid); |
|
|
|
|
|
// roles table |
|
|
if (is_array($roles)) { |
|
|
$form['rid'] = array('#tree' => TRUE); |
|
|
$allowed = variable_get('nodeaccess-roles', array()); |
|
|
foreach ($roles as $key => $field) { |
|
|
if ($allowed[$key]) { |
|
|
$form['rid'][$key]['name'] = array('#type' => 'hidden', '#value' => $field['name']); |
|
|
$form['rid'][$key]['grant_view'] = array('#type' => 'checkbox', '#default_value' => $field['grant_view']); |
|
|
$form['rid'][$key]['grant_update'] = array('#type' => 'checkbox', '#default_value' => $field['grant_update']); |
|
|
$form['rid'][$key]['grant_delete'] = array('#type' => 'checkbox', '#default_value' => $field['grant_delete']); |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
// users table |
|
|
if (is_array($users)) { |
|
|
$form['uid'] = array('#tree' => TRUE); |
|
|
foreach ($users as $key => $field) { |
|
|
$form['uid'][$key]['name'] = array('#type' => 'hidden', '#value' => $field['name']); |
|
|
$form['uid'][$key]['keep'] = array('#type' => 'checkbox', '#default_value' => $field['keep']); |
|
|
$form['uid'][$key]['grant_view'] = array('#type' => 'checkbox', '#default_value' => $field['grant_view']); |
|
|
$form['uid'][$key]['grant_update'] = array('#type' => 'checkbox', '#default_value' => $field['grant_update']); |
|
|
$form['uid'][$key]['grant_delete'] = array('#type' => 'checkbox', '#default_value' => $field['grant_delete']); |
|
|
} |
|
|
} |
|
|
|
|
|
// deal with searching |
|
|
$form['old_keys'] = array('#type' => 'hidden', '#value' => $edit['keys']); |
|
|
|
|
|
// autocomplete returns errors if users don't have access to profiles |
|
|
if (user_access('access user profiles')) { |
|
|
$form['keys'] = array('#type' => 'textfield', '#default_value' => $edit['keys'], '#size' => 40, '#autocomplete_path' => 'user/autocomplete'); |
|
|
} |
|
|
else { |
|
|
$form['keys'] = array('#type' => 'textfield', '#default_value' => $edit['keys'], '#size' => 40); |
|
|
} |
|
|
|
|
|
$form['search'] = array('#type' => 'button', '#value' => t('Search')); |
|
|
|
|
|
$form['submit'] = array('#type' => 'submit', '#value' => t('Save Grants')); |
|
|
|
|
|
return $form; |
|
|
} |
|
|
|
|
|
function theme_nodeaccess_grants_form($form) { |
|
|
// role table |
|
|
$roles = element_children($form['rid']); |
|
|
if (count($roles) > 0) { |
|
|
$header = array(t('Role'), t('View'), t('Edit'), t('Delete')); |
|
|
foreach ($roles as $key) { |
|
|
$row = array(); |
|
|
$row[] = $form['rid'][$key]['name']['#value'] . drupal_render($form['rid'][$key]['name']); |
|
|
$row[] = drupal_render($form['rid'][$key]['grant_view']); |
|
|
$row[] = drupal_render($form['rid'][$key]['grant_update']); |
|
|
$row[] = drupal_render($form['rid'][$key]['grant_delete']); |
|
|
$rows[] = $row; |
|
|
} |
|
|
$output .= theme('table', $header, $rows); |
|
|
} |
|
|
|
|
|
// search form |
|
|
$output .= '<p /><div class="search-form">'; |
|
|
$output .= '<b>' . t('Enter names to search for users:') . '</b>'; |
|
|
$output .= '<div class="container-inline">'; |
|
|
$output .= drupal_render($form['old_keys']); |
|
|
$output .= drupal_render($form['keys']); |
|
|
$output .= drupal_render($form['search']); |
|
|
$output .= '</div></div>'; |
|
|
|
|
|
// user table |
|
|
unset($rows); |
|
|
$users = element_children($form['uid']); |
|
|
if (count($users) > 0) { |
|
|
$header = array(t('User'), t('Keep?'), t('View'), t('Edit'), t('Delete')); |
|
|
foreach ($users as $key) { |
|
|
$row = array(); |
|
|
$row[] = $form['uid'][$key]['name']['#value']; |
|
|
$row[] = drupal_render($form['uid'][$key]['keep']); |
|
|
$row[] = drupal_render($form['uid'][$key]['grant_view']); |
|
|
$row[] = drupal_render($form['uid'][$key]['grant_update']); |
|
|
$row[] = drupal_render($form['uid'][$key]['grant_delete']); |
|
|
$rows[] = $row; |
|
|
} |
|
|
$output .= theme('table', $header, $rows); |
|
|
} |
|
|
|
|
|
$output .= drupal_render($form); |
|
|
|
|
|
return $output; |
|
|
} |
|
|
|
|
|
function nodeaccess_grants_form_submit($form_id, $form_values) { |
|
|
global $user; |
|
|
$grants = array(); |
|
|
$nid = $form_values['nid']; |
|
|
$save = array(); |
|
|
$node->nid = $nid; |
|
|
|
|
|
foreach (array('uid', 'rid') as $type) { |
|
|
$realm = 'nodeaccess_' . $type; |
|
|
if (is_array($form_values[$type])) { |
|
|
$grants = array(); |
|
|
foreach ($form_values[$type] as $gid => $line) { |
|
|
$grant = array('gid' => $gid, 'realm' => $realm, 'grant_view' => $line['grant_view'], |
|
|
'grant_update' => $line['grant_update'], 'grant_delete' => $line['grant_delete']); |
|
|
$grants[] = $grant; |
|
|
$save[] = $grant; |
|
|
} |
|
|
} |
|
|
node_access_write_grants($node, $grants, $realm); |
|
|
} |
|
|
|
|
|
// add author grants |
|
|
// holy crap same piece of code used 3 times aaaah! |
|
|
$author_prefs = variable_get('nodeaccess_authors', array()); |
|
|
$agrant = $author_prefs[$node->type]; |
|
|
if (variable_get('nodeaccess-priority', 0)) { |
|
|
$priority = 1; |
|
|
} |
|
|
else { |
|
|
$priority = 0; |
|
|
} |
|
|
if ($agrant['grant_view'] || $agrant['grant_update'] || $agrant['grant_delete']) { |
|
|
$grants[] = array( |
|
|
'realm' => 'nodeaccess_author', |
|
|
'gid' => $node->uid, |
|
|
'grant_view' => $agrant['grant_view'], |
|
|
'grant_update' => $agrant['grant_update'], |
|
|
'grant_delete' => $agrant['grant_delete'], |
|
|
'priority' => $priority |
|
|
); |
|
|
node_access_write_grants($node, $grants, 'nodeaccess_author'); |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// save it to our own table, thanks to the new api.... |
|
|
_nodeaccess_save_new($nid, $save); |
|
|
|
|
|
drupal_set_message(t('Grants saved.')); |
|
|
} |
|
|
|
|
|
/** |
|
|
* Popupate $edit. Loads all roles, gathers uids from node_access and search, |
|
|
* and calculates the grants for the users. |
|
|
* |
|
|
* This queries the node_access tables, but it doesn't write so hopefully that's ok |
|
|
* |
|
|
*/ |
|
|
function _nodeaccess_populate($nid) { |
|
|
$edit = $_POST; |
|
|
//dprint_r($edit); |
|
|
// delete what is not kept |
|
|
if (is_array($edit['uid'])) { |
|
|
foreach ($edit['uid'] as $uid => $row) { |
|
|
if (!$row['keep']) { |
|
|
unset($edit['uid'][$uid]); |
|
|
} |
|
|
} |
|
|
} |
|
|
if (!$edit) { |
|
|
$edit = array(); |
|
|
// load all roles |
|
|
$result = db_query("SELECT rid, name, na.* FROM {role} LEFT JOIN {node_access} na ON rid=gid AND realm='%s' AND nid=%d ORDER BY name", 'nodeaccess_rid', $nid); |
|
|
while ($grant = db_fetch_object($result)) { |
|
|
$edit['rid'][$grant->rid] = array('name' => $grant->name, 'grant_view' => $grant->grant_view, 'grant_update' => $grant->grant_update, 'grant_delete' => $grant->grant_delete); |
|
|
} |
|
|
// load uids from node_access |
|
|
$result = db_query("SELECT uid, name FROM {node_access} na LEFT JOIN {users} ON uid=gid WHERE nid=%d AND realm='%s'", $nid, 'nodeaccess_uid'); |
|
|
while ($account = db_fetch_object($result)) { |
|
|
$edit['uid'][$account->uid] = array('name' => $account->name, 'keep' => 1); |
|
|
} |
|
|
} |
|
|
// perform search |
|
|
if ($edit['keys'] && $edit['old_keys'] != $edit['keys']) { |
|
|
$sql = "SELECT uid, name FROM {users} WHERE name LIKE '%%%s%%'"; |
|
|
$params = array(preg_replace('!\*+!', '%', $edit['keys'])); |
|
|
if (is_array($edit['uid'])) { |
|
|
$sql .= ' AND uid NOT IN (%s)'; |
|
|
$params[] = implode(',', array_keys($edit['uid'])); |
|
|
} |
|
|
$result = db_query($sql, $params); |
|
|
while ($account = db_fetch_object($result)) { |
|
|
$edit['uid'][$account->uid] = array('name' => $account->name); |
|
|
} |
|
|
} |
|
|
// calculate node grants for users |
|
|
if (is_array($edit['uid'])) { |
|
|
foreach (array_keys($edit['uid']) as $uid) { |
|
|
if (!isset($edit['uid'][$uid]['grant_view'])) { |
|
|
foreach (array('grant_view', 'grant_update', 'grant_delete') as $grant_type) { |
|
|
$edit['uid'][$uid][$grant_type] = db_num_rows(db_query_range("SELECT * FROM {node_access} na LEFT JOIN {users_roles} r ON na.gid=r.rid WHERE nid=%d AND realm='%s' AND uid=%d AND %s=1", $nid, 'nodeaccess_rid', $uid, $grant_type, 0, 1)) || db_num_rows(db_query_range("SELECT * FROM {node_access} na WHERE nid=%d AND realm='%s' AND gid=%d AND %s=1", $nid, 'nodeaccess_uid', $uid, $grant_type, 0, 1)); |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
return $edit; |
|
|
} |
|
|
|
|
|
function _nodeaccess_save_new($nid, $grants) { |
|
|
db_query("DELETE FROM {nodeaccess} WHERE nid=%d", $nid); |
|
|
foreach ($grants as $grant) { |
|
|
db_query("INSERT INTO {nodeaccess} (nid, gid, realm, grant_view, grant_update, grant_delete) VALUES (%d, %d, '%s', %d, %d, %d)", |
|
|
$nid, $grant['gid'], $grant['realm'], $grant['grant_view'], $grant['grant_update'], $grant['grant_delete']); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
function nodeaccess_node_grants($user, $op) { |
|
|
global $user; |
|
|
|
|
|
$roles = is_array($user->roles) ? array_keys($user->roles) : array(-1); |
|
|
return array('nodeaccess_rid' => $roles, 'nodeaccess_uid' => array($user->uid), 'nodeaccess_author' => array($user->uid)); |
|
|
} |
|
|
|
|
|
function nodeaccess_nodeapi(&$node, $op) { |
|
|
switch ($op) { |
|
|
case 'delete': |
|
|
db_query('DELETE FROM {nodeaccess} WHERE nid=%d', $node->nid); |
|
|
break; |
|
|
} |
|
|
} |
|
|
|
|
| 70 |
function nodeaccess_admin() { |
function nodeaccess_admin() { |
|
// define our settings form |
|
|
// need to set defaults from variable_get |
|
| 71 |
return drupal_get_form('nodeaccess_admin_form'); |
return drupal_get_form('nodeaccess_admin_form'); |
| 72 |
} |
} |
| 73 |
|
|
| 74 |
function nodeaccess_admin_form() { |
/** |
| 75 |
|
* Menu callback. Draws the admin page. |
| 76 |
|
*/ |
| 77 |
|
function nodeaccess_admin_form($form_values = NULL) { |
| 78 |
|
// Set defaults from variable_get. |
| 79 |
$show = variable_get('nodeaccess-types', array()); |
$show = variable_get('nodeaccess-types', array()); |
| 80 |
$roles = user_roles(); |
$roles = nodeaccess_get_role_aliases(); |
| 81 |
$useroles = variable_get('nodeaccess-roles', array()); |
$allowed_roles = variable_get('nodeaccess-roles', array()); |
| 82 |
|
$allowed_grants = variable_get('nodeaccess-grants', array()); |
| 83 |
|
|
| 84 |
$form['priority'] = array('#type' => 'checkbox', |
$form['priority'] = array('#type' => 'checkbox', |
| 85 |
'#title' => t('Give node grants priority'), |
'#title' => t('Give node grants priority'), |
| 86 |
'#default_value' => variable_get('nodeaccess-priority', 0), |
'#default_value' => variable_get('nodeaccess-priority', 0), |
| 87 |
'#description' => t('If you are only using this access control module, you can safely ignore this. If you are using multiple access control modules, and you want the grants given on individual nodes to override any grants given by other modules, you should check this box.')); |
'#description' => '<small>' . t('If you are only using this access control module, you can safely ignore this. If you are using multiple access control modules, and you want the grants given on individual nodes to override any grants given by other modules, you should check this box.') . '</small>'); |
| 88 |
|
|
| 89 |
$form['role'] = array('#type' => 'fieldset', '#collapsible' => TRUE, '#collapsed' => TRUE, '#title' => t('Allowed Roles'), '#tree' => TRUE, '#description' => t('The selected roles will be listed on individual node grants. If you wish for certain roles to be hidden from users on the node grants tab, make sure they are not selected here')); |
// Select whether to preserve hidden grants. |
| 90 |
|
$form['preserve'] = array('#type' => 'checkbox', |
| 91 |
|
'#title' => t('Preserve hidden grants'), |
| 92 |
|
'#default_value' => variable_get('nodeaccess-preserve', 1), |
| 93 |
|
'#description' => '<small>' . t('If you check this box, any hidden grants are preserved when you save grants. Otherwise all grants users are not allowed to view or edit are revoked on save.') . '</small>'); |
| 94 |
|
|
| 95 |
|
// Select permissions you want to allow users to view and edit. |
| 96 |
|
$form['grant'] = array('#type' => 'fieldset', |
| 97 |
|
'#collapsible' => TRUE, |
| 98 |
|
'#collapsed' => TRUE, |
| 99 |
|
'#title' => t('Allowed Grants'), |
| 100 |
|
'#tree' => TRUE, |
| 101 |
|
'#description' => '<small>' . t('The selected grants will be listed on individual node grants. If you wish for certain grants to be hidden from users on the node grants tab, make sure they are not selected here.') . '</small>'); |
| 102 |
|
$form['grant']['view'] = array('#type' => 'checkbox', '#title' => t('View'), '#default_value' => $allowed_grants['view']); |
| 103 |
|
$form['grant']['edit'] = array('#type' => 'checkbox', '#title' => t('Edit'), '#default_value' => $allowed_grants['edit']); |
| 104 |
|
$form['grant']['delete'] = array('#type' => 'checkbox', '#title' => t('Delete'), '#default_value' => $allowed_grants['delete']); |
| 105 |
|
|
| 106 |
|
// Select roles the permissions of which you want to allow users to |
| 107 |
|
// view and edit, and the aliases and weights of those roles. |
| 108 |
|
$form['role'] = array('#type' => 'fieldset', |
| 109 |
|
'#collapsible' => TRUE, |
| 110 |
|
'#collapsed' => TRUE, |
| 111 |
|
'#title' => t('Allowed Roles'), |
| 112 |
|
'#tree' => TRUE, |
| 113 |
|
'#theme' => 'nodeaccess_admin_form_roles', |
| 114 |
|
'#description' => '<small>' . t('The selected roles will be listed on individual node grants. If you wish for certain roles to be hidden from users on the node grants tab, make sure they are not selected here. You may also provide an alias for each role to be displayed to the user and a weight to order them by. This is useful if your roles have machine-readable names not intended for human users.') . '</small>'); |
| 115 |
foreach ($roles as $id => $role) { |
foreach ($roles as $id => $role) { |
| 116 |
$form['role'][$id] = array('#type' => 'checkbox', '#title' => $role, '#default_value' => $useroles[$id]); |
// Catch NULL values. |
| 117 |
|
if (!$role['alias']) { |
| 118 |
|
$role['alias'] = ''; |
| 119 |
|
} |
| 120 |
|
if (!$role['weight']) { |
| 121 |
|
$role['weight'] = 0; |
| 122 |
|
} |
| 123 |
|
$form['role'][$id]['name'] = array('#type' => 'hidden', '#value' => $role['name']); |
| 124 |
|
$form['role'][$id]['allow'] = array('#type' => 'checkbox', '#title' => $role['name'], '#default_value' => $allowed_roles[$id]); |
| 125 |
|
$form['role'][$id]['alias'] = array('#type' => 'textfield', '#default_value' => $role['alias'], '#size' => 50, '#maxlength' => 50); |
| 126 |
|
$form['role'][$id]['weight'] = array('#type' => 'weight', '#default_value' => $role['weight'], '#delta' => 10); |
| 127 |
} |
} |
| 128 |
|
|
| 129 |
|
// Generate fieldsets for each node type. |
| 130 |
foreach (node_get_types() as $type => $name) { |
foreach (node_get_types() as $type => $name) { |
| 131 |
$form['nodeaccess'][$type] = array('#type' => 'fieldset', |
$form['nodeaccess'][$type] = array('#type' => 'fieldset', |
| 132 |
'#collapsible' => TRUE, |
'#collapsible' => TRUE, |
| 133 |
'#collapsed' => TRUE, |
'#collapsed' => TRUE, |
| 134 |
'#title' => $name->name, |
'#title' => $name->name, |
| 135 |
'#tree' => TRUE, |
'#tree' => TRUE, |
| 136 |
'#theme' => 'nodeaccess_admin_fieldset'); |
'#theme' => 'nodeaccess_admin_form_types'); |
| 137 |
|
|
| 138 |
$form['nodeaccess'][$type]['show'] = array('#type' => 'checkbox', |
$form['nodeaccess'][$type]['show'] = array('#type' => 'checkbox', |
| 139 |
'#title' => t('Show grant tab for this node type'), |
'#title' => t('Show grant tab for this node type'), |
| 140 |
'#default_value' => $show[$type]); |
'#default_value' => $show[$type]); |
| 141 |
|
|
| 142 |
// preference for author settings |
// Set default author permissions for node type. |
| 143 |
$author_prefs = variable_get('nodeaccess_authors', array()); |
$author_prefs = variable_get('nodeaccess_authors', array()); |
| 144 |
$form['nodeaccess'][$type]['author']['grant_view'] = array('#type' => 'checkbox', '#default_value' => $author_prefs[$type]['grant_view']); |
$form['nodeaccess'][$type]['author']['grant_view'] = array('#type' => 'checkbox', '#default_value' => $author_prefs[$type]['grant_view']); |
| 145 |
$form['nodeaccess'][$type]['author']['grant_update'] = array('#type' => 'checkbox', '#default_value' => $author_prefs[$type]['grant_update']); |
$form['nodeaccess'][$type]['author']['grant_update'] = array('#type' => 'checkbox', '#default_value' => $author_prefs[$type]['grant_update']); |
| 146 |
$form['nodeaccess'][$type]['author']['grant_delete'] = array('#type' => 'checkbox', '#default_value' => $author_prefs[$type]['grant_delete']); |
$form['nodeaccess'][$type]['author']['grant_delete'] = array('#type' => 'checkbox', '#default_value' => $author_prefs[$type]['grant_delete']); |
| 147 |
|
|
| 148 |
$perms = variable_get('nodeaccess_' . $type, array()); |
$perms = variable_get('nodeaccess_' . $type, array()); |
| 149 |
foreach ($perms as $perm) { |
foreach ($perms as $perm) { |
| 150 |
$opts[$perm['gid']] = $perm; |
$opts[$perm['gid']] = $perm; |
| 151 |
} |
} |
| 152 |
// go through our roles |
// Set default role permissions for node type. |
| 153 |
foreach (user_roles() as $id => $role) { |
foreach (user_roles() as $id => $role) { |
| 154 |
$form['nodeaccess'][$type]['roles'][$id]['name'] = array('#value' => $role); |
$form['nodeaccess'][$type]['roles'][$id]['name'] = array('#value' => $role); |
| 155 |
$form['nodeaccess'][$type]['roles'][$id]['grant_view'] = array('#type' => 'checkbox', '#default_value' => $opts[$id]['grant_view']); |
$form['nodeaccess'][$type]['roles'][$id]['grant_view'] = array('#type' => 'checkbox', '#default_value' => $opts[$id]['grant_view']); |
| 161 |
return $form; |
return $form; |
| 162 |
} |
} |
| 163 |
|
|
| 164 |
function theme_nodeaccess_admin_fieldset($form) { |
/** |
| 165 |
|
* Submit function for nodeaccess_admin_form. |
| 166 |
|
*/ |
| 167 |
|
function nodeaccess_admin_form_submit($form_id, $form_values) { |
| 168 |
|
// Save priority. |
| 169 |
|
variable_set('nodeaccess-priority', $form_values['priority']); |
| 170 |
|
// Save preserve. |
| 171 |
|
variable_set('nodeaccess-preserve', $form_values['preserve']); |
| 172 |
|
// Save allowed grants. |
| 173 |
|
foreach ($form_values['grant'] as $id => $val) { |
| 174 |
|
$allowed_grants[$id] = $val; |
| 175 |
|
} |
| 176 |
|
variable_set('nodeaccess-grants', $allowed_grants); |
| 177 |
|
// Save allowed roles, role aliases and weights. |
| 178 |
|
foreach ($form_values['role'] as $id => $val) { |
| 179 |
|
$allowed_roles[$id] = $val['allow']; |
| 180 |
|
// Save alias and weight only for allowed roles. |
| 181 |
|
if ($val['allow']) { |
| 182 |
|
// If alias is empty, default to role name. |
| 183 |
|
if ($val['alias']) { |
| 184 |
|
$alias_prefs[$id]['name'] = $val['alias']; |
| 185 |
|
} else { |
| 186 |
|
$alias_prefs[$id]['name'] = $val['name']; |
| 187 |
|
} |
| 188 |
|
$alias_prefs[$id]['weight'] = $val['weight']; |
| 189 |
|
} |
| 190 |
|
} |
| 191 |
|
variable_set('nodeaccess-roles', $allowed_roles); |
| 192 |
|
nodeaccess_save_role_aliases($alias_prefs); |
| 193 |
|
// Save author and role permissions for each node type. |
| 194 |
|
$author_prefs = array(); |
| 195 |
|
foreach (node_get_types() as $type => $name) { |
| 196 |
|
$grants = array(); |
| 197 |
|
foreach ($form_values[$type]['roles'] as $role => $val) { |
| 198 |
|
$grants[] = array('gid' => $role, 'realm' => 'nodeaccess_rid', 'grant_view' => $val['grant_view'], 'grant_update' => $val['grant_update'], 'grant_delete' => $val['grant_delete']); |
| 199 |
|
} |
| 200 |
|
variable_set('nodeaccess_' . $type, $grants); |
| 201 |
|
if ($form_values[$type]['show']) { |
| 202 |
|
$allowed_types[$type] = 1; |
| 203 |
|
} |
| 204 |
|
else { |
| 205 |
|
$allowed_types[$type] = 0; |
| 206 |
|
} |
| 207 |
|
$author_prefs[$type] = $form_values[$type]['author']; |
| 208 |
|
} |
| 209 |
|
variable_set('nodeaccess_authors', $author_prefs); |
| 210 |
|
// Save allowed node types. |
| 211 |
|
variable_set('nodeaccess-types', $allowed_types); |
| 212 |
|
node_access_rebuild(); |
| 213 |
|
drupal_set_message(t('Grants saved.')); |
| 214 |
|
} |
| 215 |
|
|
| 216 |
|
/** |
| 217 |
|
* Theme functions for nodeaccess_admin_form. |
| 218 |
|
*/ |
| 219 |
|
function theme_nodeaccess_admin_form_roles($form) { |
| 220 |
|
$roles = element_children($form); |
| 221 |
|
$header = array(t('Allow Role'), t('Alias'), t('Weight')); |
| 222 |
|
foreach ($roles as $role) { |
| 223 |
|
$row = array(); |
| 224 |
|
$row[] = drupal_render($form[$role]['allow']); |
| 225 |
|
$row[] = drupal_render($form[$role]['alias']); |
| 226 |
|
$row[] = drupal_render($form[$role]['weight']); |
| 227 |
|
$rows[] = $row; |
| 228 |
|
} |
| 229 |
|
$output .= theme('table', $header, $rows); |
| 230 |
|
return $output; |
| 231 |
|
} |
| 232 |
|
|
| 233 |
|
function theme_nodeaccess_admin_form_types($form) { |
| 234 |
$output = drupal_render($form['show']); |
$output = drupal_render($form['show']); |
| 235 |
$roles = element_children($form['roles']); |
$roles = element_children($form['roles']); |
| 236 |
$header = array(t('Role'), t('View'), t('Edit'), t('Delete')); |
$header = array(t('Role'), t('View'), t('Edit'), t('Delete')); |
| 252 |
$row[] = drupal_render($form['author']['grant_delete']); |
$row[] = drupal_render($form['author']['grant_delete']); |
| 253 |
|
|
| 254 |
$output .= theme('table', $header, array($row)); |
$output .= theme('table', $header, array($row)); |
| 255 |
$output .= '<small>' . t('The settings selected for the node author will define what permissions the node author has. This cannot be changed on individual node grants') . '</small>'; |
$output .= '<small>' . t('The settings selected for the node author will define what permissions the node author has. This cannot be changed on individual node grants.') . '</small>'; |
| 256 |
return $output; |
return $output; |
| 257 |
} |
} |
| 258 |
|
|
| 259 |
function nodeaccess_admin_form_submit($form_id, $form_values) { |
/** |
| 260 |
|
* Menu callback. Draws the grant tab. |
| 261 |
|
*/ |
| 262 |
|
function nodeaccess_grants($nid) { |
| 263 |
|
$node = node_load($nid); |
| 264 |
|
drupal_set_title(check_plain($node->title)); |
| 265 |
|
return drupal_get_form('nodeaccess_grants_form', $node->nid); |
| 266 |
|
} |
| 267 |
|
|
| 268 |
variable_set('nodeaccess-priority', $form_values['priority']); |
/** |
| 269 |
|
* Menu callback. Draws the grant tab. |
| 270 |
|
*/ |
| 271 |
|
function nodeaccess_grants_form($nid, $form_values = NULL) { |
| 272 |
|
$node = node_load($nid); |
| 273 |
|
$form_values = $_POST; |
| 274 |
|
if (!$form_values) { |
| 275 |
|
$form_values = array(); |
| 276 |
|
// Load all roles. |
| 277 |
|
$result = db_query("SELECT r.rid, nra.name, na.grant_view, na.grant_update, na.grant_delete FROM {role} r LEFT JOIN {nodeaccess_role_alias} nra ON r.rid = nra.rid LEFT JOIN {node_access} na ON r.rid = na.gid AND na.realm = '%s' AND na.nid = %d ORDER BY nra.weight, nra.name", 'nodeaccess_rid', $node->nid); |
| 278 |
|
while ($grant = db_fetch_object($result)) { |
| 279 |
|
$form_values['rid'][$grant->rid] = array('name' => $grant->name, 'grant_view' => (boolean)$grant->grant_view, 'grant_update' => (boolean)$grant->grant_update, 'grant_delete' => (boolean)$grant->grant_delete); |
| 280 |
|
} |
| 281 |
|
// Load users from node_access. |
| 282 |
|
$result = db_query("SELECT uid, name, grant_view, grant_update, grant_delete FROM {node_access} LEFT JOIN {users} ON uid = gid WHERE nid = %d AND realm = '%s' ORDER BY name", $node->nid, 'nodeaccess_uid'); |
| 283 |
|
while ($account = db_fetch_object($result)) { |
| 284 |
|
$form_values['uid'][$account->uid] = array('name' => $account->name, 'keep' => 1, 'grant_view' => $account->grant_view, 'grant_update' => $account->grant_update, 'grant_delete' => $account->grant_delete); |
| 285 |
|
} |
| 286 |
|
} else { |
| 287 |
|
// Delete unkept users. |
| 288 |
|
if (is_array($form_values['uid'])) { |
| 289 |
|
foreach ($form_values['uid'] as $uid => $row) { |
| 290 |
|
if (!$row['keep']) { |
| 291 |
|
unset($form_values['uid'][$uid]); |
| 292 |
|
} |
| 293 |
|
} |
| 294 |
|
} |
| 295 |
|
if (!$form_values['uid']) { |
| 296 |
|
unset($form_values['uid']); |
| 297 |
|
} |
| 298 |
|
// Perform search. |
| 299 |
|
if ($form_values['keys']) { |
| 300 |
|
$sql = "SELECT uid, name FROM {users} WHERE name LIKE '%%%s%%'"; |
| 301 |
|
$params = array(preg_replace('!\*+!', '%', $form_values['keys'])); |
| 302 |
|
if (is_array($form_values['uid'])) { |
| 303 |
|
$sql .= ' AND uid NOT IN (%s)'; |
| 304 |
|
$params[] = implode(',', array_keys($form_values['uid'])); |
| 305 |
|
} |
| 306 |
|
$result = db_query($sql, $params); |
| 307 |
|
while ($account = db_fetch_object($result)) { |
| 308 |
|
$form_values['uid'][$account->uid] = array('name' => $account->name, 'keep' => 0); |
| 309 |
|
} |
| 310 |
|
} |
| 311 |
|
// Calculate default grants for found users. |
| 312 |
|
if (is_array($form_values['uid'])) { |
| 313 |
|
foreach (array_keys($form_values['uid']) as $uid) { |
| 314 |
|
if (!$form_values['uid'][$uid]['keep']) { |
| 315 |
|
foreach (array('grant_view', 'grant_update', 'grant_delete') as $grant_type) { |
| 316 |
|
$form_values['uid'][$uid][$grant_type] = db_result(db_query("SELECT count(*) FROM {node_access} na LEFT JOIN {users_roles} r ON na.gid = r.rid WHERE nid = %d AND realm = '%s' AND uid = %d AND %s = 1 LIMIT 1 OFFSET 0", $node->nid, 'nodeaccess_rid', $uid, $grant_type)) || db_result(db_query("SELECT count(*) FROM {node_access} na WHERE nid = %d AND realm = '%s' AND gid = %d AND %s = 1 LIMIT 1 OFFSET 0", $node->nid, 'nodeaccess_uid', $uid, $grant_type)); |
| 317 |
|
} |
| 318 |
|
} |
| 319 |
|
} |
| 320 |
|
} |
| 321 |
|
} |
| 322 |
|
$roles = $form_values['rid']; |
| 323 |
|
$users = $form_values['uid']; |
| 324 |
|
|
| 325 |
foreach ($form_values['role'] as $id => $val) { |
$form['nid'] = array('#type' => 'value', '#value' => $node->nid); |
| 326 |
$pref[$id] = $val; |
|
| 327 |
|
$allowed_roles = variable_get('nodeaccess-roles', array()); |
| 328 |
|
$allowed_grants = variable_get('nodeaccess-grants', array()); |
| 329 |
|
// If $preserve is true, the fields the user is not allowed to view or |
| 330 |
|
// edit are included in the form as hidden fields to preserve them. |
| 331 |
|
$preserve = variable_get('nodeaccess-preserve', 1); |
| 332 |
|
|
| 333 |
|
// Roles table. |
| 334 |
|
if (is_array($roles)) { |
| 335 |
|
$form['rid'] = array('#tree' => TRUE); |
| 336 |
|
foreach ($roles as $key => $field) { |
| 337 |
|
if ($allowed_roles[$key]) { |
| 338 |
|
$form['rid'][$key]['name'] = array('#type' => 'hidden', '#value' => $field['name']); |
| 339 |
|
if ($allowed_grants['view']) { |
| 340 |
|
$form['rid'][$key]['grant_view'] = array('#type' => 'checkbox', '#default_value' => $field['grant_view']); |
| 341 |
|
} else if ($preserve) { |
| 342 |
|
$form['rid'][$key]['grant_view'] = array('#type' => 'hidden', '#value' => $field['grant_view']); |
| 343 |
|
} |
| 344 |
|
if ($allowed_grants['edit']) { |
| 345 |
|
$form['rid'][$key]['grant_update'] = array('#type' => 'checkbox', '#default_value' => $field['grant_update']); |
| 346 |
|
} else if ($preserve) { |
| 347 |
|
$form['rid'][$key]['grant_update'] = array('#type' => 'hidden', '#value' => $field['grant_update']); |
| 348 |
|
} |
| 349 |
|
if ($allowed_grants['delete']) { |
| 350 |
|
$form['rid'][$key]['grant_delete'] = array('#type' => 'checkbox', '#default_value' => $field['grant_delete']); |
| 351 |
|
} else if ($preserve) { |
| 352 |
|
$form['rid'][$key]['grant_delete'] = array('#type' => 'hidden', '#value' => $field['grant_delete']); |
| 353 |
|
} |
| 354 |
|
} else if ($preserve) { |
| 355 |
|
$form['rid'][$key]['name'] = array('#type' => 'hidden', '#value' => $field['name']); |
| 356 |
|
$form['rid'][$key]['grant_view'] = array('#type' => 'hidden', '#value' => $field['grant_view']); |
| 357 |
|
$form['rid'][$key]['grant_update'] = array('#type' => 'hidden', '#value' => $field['grant_update']); |
| 358 |
|
$form['rid'][$key]['grant_delete'] = array('#type' => 'hidden', '#value' => $field['grant_delete']); |
| 359 |
|
} |
| 360 |
|
} |
| 361 |
} |
} |
| 362 |
|
|
| 363 |
variable_set('nodeaccess-roles', $pref); |
// Users table. |
| 364 |
|
if (is_array($users)) { |
| 365 |
|
$form['uid'] = array('#tree' => TRUE); |
| 366 |
|
foreach ($users as $key => $field) { |
| 367 |
|
$form['uid'][$key]['name'] = array('#type' => 'hidden', '#value' => $field['name']); |
| 368 |
|
$form['uid'][$key]['keep'] = array('#type' => 'checkbox', '#default_value' => $field['keep']); |
| 369 |
|
if ($allowed_grants['view']) { |
| 370 |
|
$form['uid'][$key]['grant_view'] = array('#type' => 'checkbox', '#default_value' => $field['grant_view']); |
| 371 |
|
// Because of a bug in the form API, dynamic checkboxes |
| 372 |
|
// must be checked explicitly. |
| 373 |
|
if ($field['grant_view']) { |
| 374 |
|
$form['uid'][$key]['grant_view']['#attributes'] = array('checked' => 'checked'); |
| 375 |
|
} |
| 376 |
|
} else if ($preserve) { |
| 377 |
|
// Dynamic hidden fields work fine. |
| 378 |
|
$form['uid'][$key]['grant_view'] = array('#type' => 'hidden', '#value' => $field['grant_view']); |
| 379 |
|
} |
| 380 |
|
if ($allowed_grants['edit']) { |
| 381 |
|
$form['uid'][$key]['grant_update'] = array('#type' => 'checkbox', '#default_value' => $field['grant_update']); |
| 382 |
|
if ($field['grant_update']) { |
| 383 |
|
$form['uid'][$key]['grant_update']['#attributes'] = array('checked' => 'checked'); |
| 384 |
|
} |
| 385 |
|
} else if ($preserve) { |
| 386 |
|
$form['uid'][$key]['grant_update'] = array('#type' => 'hidden', '#value' => $field['grant_update']); |
| 387 |
|
} |
| 388 |
|
if ($allowed_grants['delete']) { |
| 389 |
|
$form['uid'][$key]['grant_delete'] = array('#type' => 'checkbox', '#default_value' => $field['grant_delete']); |
| 390 |
|
if ($field['grant_delete']) { |
| 391 |
|
$form['uid'][$key]['grant_delete']['#attributes'] = array('checked' => 'checked'); |
| 392 |
|
} |
| 393 |
|
} else if ($preserve) { |
| 394 |
|
$form['uid'][$key]['grant_delete'] = array('#type' => 'hidden', '#value' => $field['grant_delete']); |
| 395 |
|
} |
| 396 |
|
} |
| 397 |
|
} |
| 398 |
|
|
| 399 |
$author_prefs = array(); |
// Autocomplete returns errors if users don't have access to profiles. |
| 400 |
|
if (user_access('access user profiles')) { |
| 401 |
foreach (node_get_types() as $type => $name) { |
$form['keys'] = array('#type' => 'textfield', '#default_value' => $form_values['keys'], '#size' => 40, '#autocomplete_path' => 'user/autocomplete'); |
| 402 |
$grants = array(); |
} |
| 403 |
// update grants |
else { |
| 404 |
foreach ($form_values[$type]['roles'] as $role => $val) { |
$form['keys'] = array('#type' => 'textfield', '#default_value' => $form_values['keys'], '#size' => 40); |
| 405 |
$grants[] = array('gid' => $role, 'realm' => 'nodeaccess_rid', 'grant_view' => $val['grant_view'], 'grant_update' => $val['grant_update'], 'grant_delete' => $val['grant_delete']); |
} |
| 406 |
|
|
| 407 |
|
$form['search'] = array('#type' => 'button', '#value' => t('Search')); |
| 408 |
|
|
| 409 |
|
$form['submit'] = array('#type' => 'submit', '#value' => t('Save Grants')); |
| 410 |
|
|
| 411 |
|
return $form; |
| 412 |
|
} |
| 413 |
|
|
| 414 |
|
/** |
| 415 |
|
* Validate function for nodeaccess_grants_form. |
| 416 |
|
*/ |
| 417 |
|
function nodeaccess_grants_form_validate($form_id, $form_values) { |
| 418 |
|
global $form_values; |
| 419 |
|
// Delete unkept users. |
| 420 |
|
if (is_array($form_values['uid'])) { |
| 421 |
|
foreach ($form_values['uid'] as $uid => $row) { |
| 422 |
|
if (!$row['keep']) { |
| 423 |
|
unset($form_values['uid'][$uid]); |
| 424 |
|
} |
| 425 |
} |
} |
| 426 |
variable_set('nodeaccess_' . $type, $grants); |
} |
| 427 |
if ($form_values[$type]['show']) { |
if (!$form_values['uid']) { |
| 428 |
$showing[$type] = 1; |
unset($form_values['uid']); |
| 429 |
} |
} |
| 430 |
else { |
} |
| 431 |
$showing[$type] = 0; |
|
| 432 |
|
/** |
| 433 |
|
* Submit function for nodeaccess_grants_form. |
| 434 |
|
*/ |
| 435 |
|
function nodeaccess_grants_form_submit($form_id, $form_values) { |
| 436 |
|
global $form_values; |
| 437 |
|
global $user; |
| 438 |
|
$grants = array(); |
| 439 |
|
$nid = $form_values['nid']; |
| 440 |
|
$node->nid = $nid; |
| 441 |
|
|
| 442 |
|
foreach (array('uid', 'rid') as $type) { |
| 443 |
|
$realm = 'nodeaccess_' . $type; |
| 444 |
|
if (is_array($form_values[$type])) { |
| 445 |
|
foreach ($form_values[$type] as $gid => $line) { |
| 446 |
|
$grant = array( |
| 447 |
|
'gid' => $gid, |
| 448 |
|
'realm' => $realm, |
| 449 |
|
'grant_view' => $line['grant_view'], |
| 450 |
|
'grant_update' => $line['grant_update'], |
| 451 |
|
'grant_delete' => $line['grant_delete'] |
| 452 |
|
); |
| 453 |
|
if ($grant['grant_view'] || $grant['grant_update'] || $grant['grant_delete']) { |
| 454 |
|
$grants[] = $grant; |
| 455 |
|
} |
| 456 |
|
} |
| 457 |
} |
} |
| 458 |
|
node_access_write_grants($node, $grants, $realm); |
| 459 |
|
} |
| 460 |
|
|
| 461 |
$author_prefs[$type] = $form_values[$type]['author']; |
// Save role and user grants to our own table. |
| 462 |
|
db_query("DELETE FROM {nodeaccess} WHERE nid = %d", $nid); |
| 463 |
|
foreach ($grants as $grant) { |
| 464 |
|
db_query("INSERT INTO {nodeaccess} (nid, gid, realm, grant_view, grant_update, grant_delete) VALUES (%d, %d, '%s', %d, %d, %d)", |
| 465 |
|
$nid, $grant['gid'], $grant['realm'], $grant['grant_view'], $grant['grant_update'], $grant['grant_delete']); |
| 466 |
} |
} |
| 467 |
|
|
| 468 |
// set author prefs |
drupal_set_message(t('Grants saved.')); |
| 469 |
|
} |
| 470 |
|
|
| 471 |
variable_set('nodeaccess_authors', $author_prefs); |
/** |
| 472 |
|
* Theme function for nodeaccess_grants_form. |
| 473 |
|
*/ |
| 474 |
|
function theme_nodeaccess_grants_form($form) { |
| 475 |
|
$allowed_roles = variable_get('nodeaccess-roles', array()); |
| 476 |
|
$allowed_grants = variable_get('nodeaccess-grants', array()); |
| 477 |
|
|
| 478 |
variable_set('nodeaccess-types', $showing); |
// Roles table. |
| 479 |
node_access_rebuild(); |
$roles = element_children($form['rid']); |
| 480 |
drupal_set_message(t('Grants Saved'), 'status'); |
if (count($roles) > 0) { |
| 481 |
|
$header = array(); |
| 482 |
|
$header[] = t('Role'); |
| 483 |
|
if ($allowed_grants['view']) { |
| 484 |
|
$header[] = t('View'); |
| 485 |
|
} |
| 486 |
|
if ($allowed_grants['edit']) { |
| 487 |
|
$header[] = t('Edit'); |
| 488 |
|
} |
| 489 |
|
if ($allowed_grants['delete']) { |
| 490 |
|
$header[] = t('Delete'); |
| 491 |
|
} |
| 492 |
|
foreach ($roles as $key) { |
| 493 |
|
if ($allowed_roles[$key]) { |
| 494 |
|
$row = array(); |
| 495 |
|
$row[] = $form['rid'][$key]['name']['#value'] . drupal_render($form['rid'][$key]['name']); |
| 496 |
|
if ($allowed_grants['view']) { |
| 497 |
|
$row[] = drupal_render($form['rid'][$key]['grant_view']); |
| 498 |
|
} |
| 499 |
|
if ($allowed_grants['edit']) { |
| 500 |
|
$row[] = drupal_render($form['rid'][$key]['grant_update']); |
| 501 |
|
} |
| 502 |
|
if ($allowed_grants['delete']) { |
| 503 |
|
$row[] = drupal_render($form['rid'][$key]['grant_delete']); |
| 504 |
|
} |
| 505 |
|
$rows[] = $row; |
| 506 |
|
} |
| 507 |
|
} |
| 508 |
|
$output .= theme('table', $header, $rows); |
| 509 |
|
} |
| 510 |
|
|
| 511 |
|
// Search form. |
| 512 |
|
$output .= '<p><div class="search-form">'; |
| 513 |
|
$output .= '<strong>' . t('Enter names to search for users:') . '</strong>'; |
| 514 |
|
$output .= '<div class="container-inline">'; |
| 515 |
|
$output .= drupal_render($form['keys']); |
| 516 |
|
$output .= drupal_render($form['search']); |
| 517 |
|
$output .= '</div></div></p>'; |
| 518 |
|
|
| 519 |
|
// Users table. |
| 520 |
|
unset($rows); |
| 521 |
|
$users = element_children($form['uid']); |
| 522 |
|
if (count($users) > 0) { |
| 523 |
|
$header = array(); |
| 524 |
|
$header[] = t('User'); |
| 525 |
|
$header[] = t('Keep?'); |
| 526 |
|
if ($allowed_grants['view']) { |
| 527 |
|
$header[] = t('View'); |
| 528 |
|
} |
| 529 |
|
if ($allowed_grants['edit']) { |
| 530 |
|
$header[] = t('Edit'); |
| 531 |
|
} |
| 532 |
|
if ($allowed_grants['delete']) { |
| 533 |
|
$header[] = t('Delete'); |
| 534 |
|
} |
| 535 |
|
foreach ($users as $key) { |
| 536 |
|
$row = array(); |
| 537 |
|
$row[] = $form['uid'][$key]['name']['#value']; |
| 538 |
|
$row[] = drupal_render($form['uid'][$key]['keep']); |
| 539 |
|
if ($allowed_grants['view']) { |
| 540 |
|
$row[] = drupal_render($form['uid'][$key]['grant_view']); |
| 541 |
|
} |
| 542 |
|
if ($allowed_grants['edit']) { |
| 543 |
|
$row[] = drupal_render($form['uid'][$key]['grant_update']); |
| 544 |
|
} |
| 545 |
|
if ($allowed_grants['delete']) { |
| 546 |
|
$row[] = drupal_render($form['uid'][$key]['grant_delete']); |
| 547 |
|
} |
| 548 |
|
$rows[] = $row; |
| 549 |
|
} |
| 550 |
|
$output .= theme('table', $header, $rows); |
| 551 |
|
} |
| 552 |
|
|
| 553 |
|
$output .= drupal_render($form); |
| 554 |
|
|
| 555 |
|
return $output; |
| 556 |
} |
} |
| 557 |
|
|
| 558 |
|
/** |
| 559 |
|
* Implementation of hook_node_grants(). |
| 560 |
|
*/ |
| 561 |
|
function nodeaccess_node_grants($account, $op) { |
| 562 |
|
global $user; |
| 563 |
|
|
| 564 |
|
$roles = is_array($user->roles) ? array_keys($user->roles) : array(-1); |
| 565 |
|
return array('nodeaccess_rid' => $roles, 'nodeaccess_uid' => array($user->uid), 'nodeaccess_author' => array($user->uid)); |
| 566 |
|
} |
| 567 |
|
|
| 568 |
|
/** |
| 569 |
|
* Implementation of hook_nodeapi(). |
| 570 |
|
*/ |
| 571 |
|
function nodeaccess_nodeapi(&$node, $op) { |
| 572 |
|
switch ($op) { |
| 573 |
|
case 'delete': |
| 574 |
|
// Deleting node, delete related permissions. |
| 575 |
|
db_query('DELETE FROM {nodeaccess} WHERE nid = %d', $node->nid); |
| 576 |
|
foreach(array('uid', 'rid', 'author') as $type) { |
| 577 |
|
$realm = 'nodeaccess_' . $type; |
| 578 |
|
node_access_write_grants($node, array(), $realm); |
| 579 |
|
} |
| 580 |
|
break; |
| 581 |
|
} |
| 582 |
|
} |
| 583 |
|
|
| 584 |
|
/** |
| 585 |
|
* Implementation of hook_node_access_records(). |
| 586 |
|
*/ |
| 587 |
function nodeaccess_node_access_records($node) { |
function nodeaccess_node_access_records($node) { |
| 588 |
if (nodeaccess_disabling()) { |
if (nodeaccess_disabling()) { |
| 589 |
return; |
return; |
| 590 |
} |
} |
| 591 |
|
// Need to find out if node has own grants or whether to use defaults. |
|
// need to figure out if we're going for the defaults, or if this node has a preference |
|
| 592 |
$default = variable_get('nodeaccess_' . $node->type, array()); |
$default = variable_get('nodeaccess_' . $node->type, array()); |
| 593 |
|
// Load priority setting. |
| 594 |
if (variable_get('nodeaccess-priority', 0)) { |
$priority = variable_get('nodeaccess-priority', 0); |
| 595 |
$priority = 1; |
$result = db_result(db_query("SELECT count(*) FROM {nodeaccess} WHERE nid = %d", $node->nid)); |
| 596 |
} |
if ($result < 1) { |
| 597 |
else { |
// Node has no own grants, use defaults. |
|
$priority = 0; |
|
|
} |
|
|
$result = db_query("SELECT nid, gid, realm, grant_view, grant_update, grant_delete FROM {nodeaccess} where nid = %d", $node->nid); |
|
|
if (db_num_rows($result) < 1) { |
|
| 598 |
$grants = $default; |
$grants = $default; |
| 599 |
foreach ($grants as $id => $grant) { |
foreach ($grants as $id => $grant) { |
| 600 |
$grants[$id]['priority'] = $priority; |
$grants[$id]['priority'] = $priority; |
| 601 |
} |
} |
| 602 |
} |
} |
| 603 |
else { |
else { |
| 604 |
// this node has a custom access set apart from the defaults, so return that |
// Node has own grants, use them. |
| 605 |
|
$result = db_query("SELECT nid, gid, realm, grant_view, grant_update, grant_delete FROM {nodeaccess} WHERE nid = %d", $node->nid); |
| 606 |
$grants = array(); |
$grants = array(); |
| 607 |
while ($row = db_fetch_object($result)) { |
while ($row = db_fetch_object($result)) { |
| 608 |
$grants[] = array( |
$grants[] = array( |
|
'realm' => $row->realm, |
|
| 609 |
'gid' => $row->gid, |
'gid' => $row->gid, |
| 610 |
|
'realm' => $row->realm, |
| 611 |
'grant_view' => $row->grant_view, |
'grant_view' => $row->grant_view, |
| 612 |
'grant_update' => $row->grant_update, |
'grant_update' => $row->grant_update, |
| 613 |
'grant_delete' => $row->grant_delete, |
'grant_delete' => $row->grant_delete, |
| 614 |
'priority' => $priority); |
'priority' => $priority |
| 615 |
|
); |
| 616 |
} |
} |
| 617 |
} |
} |
| 618 |
|
// Apply author grants. |
|
// add author grants |
|
| 619 |
$author_prefs = variable_get('nodeaccess_authors', array()); |
$author_prefs = variable_get('nodeaccess_authors', array()); |
| 620 |
$agrant = $author_prefs[$node->type]; |
// Array is prepopulated with grant values. |
| 621 |
if ($agrant['grant_view'] || $agrant['grant_update'] || $agrant['grant_delete']) { |
$grant = $author_prefs[$node->type]; |
| 622 |
$grants[] = array( |
$grant['gid'] = $node->uid; |
| 623 |
'realm' => 'nodeaccess_author', |
$grant['realm'] = 'nodeaccess_author'; |
| 624 |
'gid' => $node->uid, |
$grant['priority'] = $priority; |
| 625 |
'grant_view' => $agrant['grant_view'], |
// Include author grant even with all values false, it may be |
| 626 |
'grant_update' => $agrant['grant_update'], |
// needed to overwrite an older value. |
| 627 |
'grant_delete' => $agrant['grant_delete'], |
$grants[] = $grant; |
|
'priority' => $priority |
|
|
); |
|
|
} |
|
| 628 |
return $grants; |
return $grants; |
| 629 |
} |
} |
| 630 |
|
|
| 631 |
|
/** |
| 632 |
|
* Implementation of hook_enable(). |
| 633 |
|
*/ |
| 634 |
function nodeaccess_enable() { |
function nodeaccess_enable() { |
| 635 |
node_access_rebuild(); |
node_access_rebuild(); |
| 636 |
} |
} |
| 637 |
|
|
| 638 |
|
/** |
| 639 |
|
* Implementation of hook_disable(). |
| 640 |
|
*/ |
| 641 |
function nodeaccess_disable() { |
function nodeaccess_disable() { |
| 642 |
nodeaccess_disabling(TRUE); |
nodeaccess_disabling(TRUE); |
| 643 |
node_access_rebuild(); |
node_access_rebuild(); |
| 644 |
} |
} |
| 645 |
|
|
| 646 |
function nodeaccess_disabling($set = NULL) { |
function nodeaccess_disabling($set = NULL) { |
| 647 |
static $disabling = false; |
static $disabling = FALSE; |
| 648 |
if ($set !== NULL) { |
if ($set !== NULL) { |
| 649 |
$disabling = $set; |
$disabling = $set; |
| 650 |
} |
} |
| 651 |
return $disabling; |
return $disabling; |
| 652 |
} |
} |
| 653 |
|
|
| 654 |
|
/** |
| 655 |
|
* Implementation of hook_node_type(). |
| 656 |
|
*/ |
| 657 |
function nodeaccess_node_type($op, $info) { |
function nodeaccess_node_type($op, $info) { |
| 658 |
switch($op) { |
switch($op) { |
| 659 |
case 'delete': |
case 'delete': |
| 660 |
// node type is being deleted, get rid of prefs |
// Node type is being deleted, delete its preferences. |
| 661 |
variable_del('nodeaccess_' . $info->type); |
variable_del('nodeaccess_' . $info->type); |
| 662 |
break; |
$author_prefs = variable_get('nodeaccess_authors', array()); |
| 663 |
|
unset($author_prefs[$info->type]); |
| 664 |
|
variable_set('nodeaccess_authors', $author_prefs); |
| 665 |
|
break; |
| 666 |
case 'update': |
case 'update': |
| 667 |
// node type has changed |
// Node type has changed, move preferences to new type. |
| 668 |
if (!empty($info->old_type) && $info->old_type != $info->type) { |
if (!empty($info->old_type) && $info->old_type != $info->type) { |
| 669 |
$setting = variable_get('nodeaccess_'. $info->old_type, array()); |
$setting = variable_get('nodeaccess_'. $info->old_type, array()); |
| 670 |
variable_del('nodeaccess_'. $info->old_type); |
variable_del('nodeaccess_'. $info->old_type); |
| 671 |
variable_set('nodeaccess_'. $info->type, $setting); |
variable_set('nodeaccess_'. $info->type, $setting); |
| 672 |
|
$author_prefs = variable_get('nodeaccess_authors', array()); |
| 673 |
|
$author_prefs[$info->type] = array( |
| 674 |
|
'grant_view' => $author_prefs[$info->old_type]['grant_view'], |
| 675 |
|
'grant_update' => $author_prefs[$info->old_type]['grant_update'], |
| 676 |
|
'grant_delete' => $author_prefs[$info->old_type]['grant_delete'] |
| 677 |
|
); |
| 678 |
|
unset($author_prefs[$info->old_type]); |
| 679 |
|
variable_set('nodeaccess_authors', $author_prefs); |
| 680 |
} |
} |
| 681 |
break; |
break; |
| 682 |
case 'insert': |
case 'insert': |
| 683 |
// new node type, default to all viewing |
// New node type, default to view for authenticated and |
| 684 |
$grants[] = array('gid' => 1, 'realm' => 'nodeaccess_rid', 'grant_view' => 1, |
// anonymous users, and all permissions for author. |
| 685 |
'grant_update' => 0, 'grant_delete' => 0); |
$grants[] = array('gid' => 1, 'realm' => 'nodeaccess_rid', 'grant_view' => 1, 'grant_update' => 0, 'grant_delete' => 0); |
| 686 |
$grants[] = array('gid' => 2, 'realm' => 'nodeaccess_rid', 'grant_view' => 1, 'grant_update' => 0, 'grant_delete' => 0); |
$grants[] = array('gid' => 2, 'realm' => 'nodeaccess_rid', 'grant_view' => 1, 'grant_update' => 0, 'grant_delete' => 0); |
| 687 |
|
variable_set('nodeaccess_' . $info->type, $grants); |
| 688 |
$author_prefs = variable_get('nodeaccess_authors', array()); |
$author_prefs = variable_get('nodeaccess_authors', array()); |
| 689 |
$author_prefs[$info->type] = array('grant_view' => 1, 'grant_update' => 1, 'grant_delete' => 1); |
$author_prefs[$info->type] = array('grant_view' => 1, 'grant_update' => 1, 'grant_delete' => 1); |
| 690 |
variable_set('nodeaccess_' . $info->type, $grants); |
variable_set('nodeaccess_authors', $author_prefs); |
| 691 |
node_access_rebuild(); |
node_access_rebuild(); |
| 692 |
break; |
break; |
| 693 |
|
} |
| 694 |
|
} |
| 695 |
|
|
| 696 |
|
function nodeaccess_get_role_aliases() { |
| 697 |
|
$aliases = array(); |
| 698 |
|
$sql = db_query('SELECT r.rid, r.name, a.name AS alias, a.weight FROM {role} r LEFT JOIN {nodeaccess_role_alias} a ON r.rid = a.rid ORDER BY r.name'); |
| 699 |
|
while ($a = db_fetch_object($sql)) { |
| 700 |
|
$aliases[$a->rid]['name'] = $a->name; |
| 701 |
|
$aliases[$a->rid]['alias'] = $a->alias; |
| 702 |
|
$aliases[$a->rid]['weight'] = $a->weight; |
| 703 |
|
} |
| 704 |
|
return $aliases; |
| 705 |
|
} |
| 706 |
|
|
| 707 |
|
function nodeaccess_save_role_aliases($edit) { |
| 708 |
|
db_query('DELETE FROM {nodeaccess_role_alias}'); |
| 709 |
|
$success = TRUE; |
| 710 |
|
if (is_array($edit)) { |
| 711 |
|
foreach ($edit as $key => $value) { |
| 712 |
|
$success = $success && db_query("INSERT INTO {nodeaccess_role_alias} (rid, name, weight) VALUES (%d, '%s', %d)", $key, $value['name'], $value['weight']); |
| 713 |
|
} |
| 714 |
|
} |
| 715 |
|
if (!$success) { |
| 716 |
|
drupal_set_message(t("There was a problem saving to the database")); |
| 717 |
} |
} |
| 718 |
|
return $success; |
| 719 |
} |
} |
| 720 |
|
|
| 721 |
?> |
?> |
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch