| 1 |
<?php
|
| 2 |
// $Id: og_user_roles.module,v 1.41 2009/08/14 15:51:34 sun Exp $
|
| 3 |
|
| 4 |
/**
|
| 5 |
* @file
|
| 6 |
* Assign additional user roles to members of organic groups within the group context.
|
| 7 |
*
|
| 8 |
* For detailed documentation:
|
| 9 |
* @see og_user_roles_init()
|
| 10 |
*/
|
| 11 |
|
| 12 |
/**
|
| 13 |
* Implementation of hook_help().
|
| 14 |
*/
|
| 15 |
function og_user_roles_help($path, $arg) {
|
| 16 |
switch ($path) {
|
| 17 |
case 'admin/og/og_user_roles':
|
| 18 |
$output = '<p>' . t('Group members with the %permission <a href="@permissions-url">permission</a> can assign additional roles to individual users of a group that only apply within the context of a group.', array('%permission' => 'configure member roles', '@permissions-url' => url('admin/user/permissions'))) . '</p>';
|
| 19 |
return $output;
|
| 20 |
|
| 21 |
case 'og/users/%/roles':
|
| 22 |
$output = '<p>' . t('This form allows to grant additional user roles to individual members of this group. Any additional permissions only apply to the context of this group and not globally.') . '</p>';
|
| 23 |
return $output;
|
| 24 |
}
|
| 25 |
}
|
| 26 |
|
| 27 |
/**
|
| 28 |
* Implementation of hook_perm().
|
| 29 |
*/
|
| 30 |
function og_user_roles_perm() {
|
| 31 |
return array(
|
| 32 |
'configure member roles',
|
| 33 |
'override group default role',
|
| 34 |
);
|
| 35 |
}
|
| 36 |
|
| 37 |
/**
|
| 38 |
* Implementation of hook_menu().
|
| 39 |
*/
|
| 40 |
function og_user_roles_menu() {
|
| 41 |
$items['admin/og/og_user_roles'] = array(
|
| 42 |
'title' => 'User roles',
|
| 43 |
'description' => 'Configure user roles in groups.',
|
| 44 |
'page callback' => 'drupal_get_form',
|
| 45 |
'page arguments' => array('og_user_roles_admin_settings'),
|
| 46 |
'access arguments' => array('administer organic groups'),
|
| 47 |
'file' => 'og_user_roles.pages.inc',
|
| 48 |
);
|
| 49 |
$items['og/users/%node/roles'] = array(
|
| 50 |
'title' => 'Configure roles',
|
| 51 |
'page callback' => 'og_user_roles_page',
|
| 52 |
'page arguments' => array(2),
|
| 53 |
'access callback' => 'og_user_roles_is_allowed',
|
| 54 |
'access arguments' => array(2),
|
| 55 |
'weight' => 5,
|
| 56 |
'type' => MENU_LOCAL_TASK,
|
| 57 |
'file' => 'og_user_roles.pages.inc',
|
| 58 |
);
|
| 59 |
return $items;
|
| 60 |
}
|
| 61 |
|
| 62 |
/**
|
| 63 |
* Menu access callback; Determine access to group member role configuration.
|
| 64 |
*/
|
| 65 |
function og_user_roles_is_allowed($node) {
|
| 66 |
if (!user_access('configure member roles')) {
|
| 67 |
return FALSE;
|
| 68 |
}
|
| 69 |
// Only allow access to member role configuration if there are roles to assign.
|
| 70 |
$roles = array_filter(variable_get("og_user_roles_roles_{$node->type}", array()));
|
| 71 |
if (og_is_group_type($node->type) && !empty($roles)) {
|
| 72 |
return TRUE;
|
| 73 |
}
|
| 74 |
return FALSE;
|
| 75 |
}
|
| 76 |
|
| 77 |
/**
|
| 78 |
* Implementation of hook_theme().
|
| 79 |
*/
|
| 80 |
function og_user_roles_theme() {
|
| 81 |
return array(
|
| 82 |
'og_user_roles_page_form' => array(
|
| 83 |
'arguments' => array('form' => array()),
|
| 84 |
'file' => 'og_user_roles.pages.inc',
|
| 85 |
),
|
| 86 |
);
|
| 87 |
}
|
| 88 |
|
| 89 |
/**
|
| 90 |
* @defgroup og_user_roles_privilege_escalation OG user roles privilege escalation
|
| 91 |
* @{
|
| 92 |
*/
|
| 93 |
|
| 94 |
/**
|
| 95 |
* Implementation of hook_init().
|
| 96 |
*
|
| 97 |
* In og_init(), Organic Groups invokes menu_get_item() via
|
| 98 |
* og_determine_context(). menu_get_item() performs an access check for the
|
| 99 |
* current path, which is irreversible (statically cached). Since we want to
|
| 100 |
* alter the user's roles before the rest of the system (especially the menu
|
| 101 |
* system) performs access checks, we need to invoke a fork of
|
| 102 |
* og_determine_context(), which uses custom implementations of menu_get_item()
|
| 103 |
* and menu_get_object() to retrieve the current group context, so we can
|
| 104 |
* properly assign additional roles for the user. After this manipulation, the
|
| 105 |
* rest of the system behaves as usual - i.e. og_init() consults the menu system
|
| 106 |
* to determine the context, and if the additional user roles allow access to
|
| 107 |
* the current path, the menu system will allow access and cache that
|
| 108 |
* statically.
|
| 109 |
*
|
| 110 |
* This manipulation is only possible, since we decreased the module weight of
|
| 111 |
* og_user_roles, so og_user_roles_init() runs before og_init() and probably
|
| 112 |
* before most other implementations of hook_init().
|
| 113 |
* hook_boot() cannot be used, because the path system is not yet initialized
|
| 114 |
* there.
|
| 115 |
*
|
| 116 |
* @see og_determine_context()
|
| 117 |
* @see og_user_roles_determine_context()
|
| 118 |
* @see og_user_roles_menu_get_item()
|
| 119 |
* @see og_user_roles_menu_get_object()
|
| 120 |
*/
|
| 121 |
function og_user_roles_init() {
|
| 122 |
global $user;
|
| 123 |
|
| 124 |
// Try to determine group context using customized menu system functions.
|
| 125 |
$group_node = og_user_roles_determine_context();
|
| 126 |
// Assign additional user roles to current user (if any).
|
| 127 |
og_user_roles_grant_roles($user, $group_node);
|
| 128 |
}
|
| 129 |
|
| 130 |
/**
|
| 131 |
* Set group context using the menu system.
|
| 132 |
*
|
| 133 |
* The only difference to the original og_determine_context() is that we are
|
| 134 |
* intentionally using our own menu system functions, so we can determine
|
| 135 |
* the group context without setting access for the current menu path (which
|
| 136 |
* is statically cached in menu_get_item()).
|
| 137 |
*
|
| 138 |
* @return
|
| 139 |
* A group node object, or NULL if not a group page.
|
| 140 |
*
|
| 141 |
* @see og_determine_context()
|
| 142 |
*/
|
| 143 |
function og_user_roles_determine_context() {
|
| 144 |
$item = og_user_roles_menu_get_item();
|
| 145 |
$object = og_user_roles_menu_get_object();
|
| 146 |
|
| 147 |
// Use the menu system to get the path.
|
| 148 |
$path = $item['path'];
|
| 149 |
|
| 150 |
// Check if this is an existing node.
|
| 151 |
if (!empty($object->nid)) {
|
| 152 |
$node = $object;
|
| 153 |
}
|
| 154 |
// Check if we are in the node add page.
|
| 155 |
elseif (strpos($path, 'node/add') === 0 && !empty($_REQUEST['gids'])) {
|
| 156 |
// URL pattern: node/add/story?gids[]=1
|
| 157 |
$gid = intval(current($_REQUEST['gids']));
|
| 158 |
$node = node_load($gid);
|
| 159 |
}
|
| 160 |
elseif ((!empty($item['map'][0]) && $item['map'][0] == 'og' && !empty($item['map'][2])) || $path == 'comment/reply/%') {
|
| 161 |
$node = og_user_roles_menu_get_object('node', 2);
|
| 162 |
}
|
| 163 |
elseif ($path == 'comment/edit' || $path == 'comment/delete') {
|
| 164 |
// Get the node from the comment object.
|
| 165 |
$comment = _comment_load($item['page_arguments'][0]);
|
| 166 |
$node = node_load($comment->nid);
|
| 167 |
}
|
| 168 |
|
| 169 |
if (!empty($node) && ($group_node = og_determine_context_get_group($node))) {
|
| 170 |
return $group_node;
|
| 171 |
}
|
| 172 |
}
|
| 173 |
|
| 174 |
/**
|
| 175 |
* Get a router item.
|
| 176 |
*
|
| 177 |
* Due to the static $router_items, our initial query in hook_init() would
|
| 178 |
* perform a real access check for the current path and we would be no longer
|
| 179 |
* be able to grant privileges.
|
| 180 |
*
|
| 181 |
* In Drupal 7, this fork can probably be replaced with
|
| 182 |
* @code
|
| 183 |
* drupal_static_reset('menu_get_item');
|
| 184 |
* @endcode
|
| 185 |
*
|
| 186 |
* @see menu_get_item()
|
| 187 |
*/
|
| 188 |
function og_user_roles_menu_get_item($path = NULL, $router_item = NULL) {
|
| 189 |
static $router_items;
|
| 190 |
if (!isset($path)) {
|
| 191 |
$path = $_GET['q'];
|
| 192 |
}
|
| 193 |
if (isset($router_item)) {
|
| 194 |
$router_items[$path] = $router_item;
|
| 195 |
}
|
| 196 |
if (!isset($router_items[$path])) {
|
| 197 |
$original_map = arg(NULL, $path);
|
| 198 |
$parts = array_slice($original_map, 0, MENU_MAX_PARTS);
|
| 199 |
list($ancestors, $placeholders) = menu_get_ancestors($parts);
|
| 200 |
|
| 201 |
if ($router_item = db_fetch_array(db_query_range('SELECT * FROM {menu_router} WHERE path IN ('. implode (',', $placeholders) .') ORDER BY fit DESC', $ancestors, 0, 1))) {
|
| 202 |
// OGUR: Allow privilege escalation; do not invoke access callbacks.
|
| 203 |
$map = og_user_roles_menu_translate($router_item, $original_map);
|
| 204 |
if ($map === FALSE) {
|
| 205 |
$router_items[$path] = FALSE;
|
| 206 |
return FALSE;
|
| 207 |
}
|
| 208 |
// OGUR: Allow privilege escalation; always load map.
|
| 209 |
//if ($router_item['access']) {
|
| 210 |
$router_item['map'] = $map;
|
| 211 |
$router_item['page_arguments'] = array_merge(menu_unserialize($router_item['page_arguments'], $map), array_slice($map, $router_item['number_parts']));
|
| 212 |
//}
|
| 213 |
}
|
| 214 |
$router_items[$path] = $router_item;
|
| 215 |
}
|
| 216 |
return $router_items[$path];
|
| 217 |
}
|
| 218 |
|
| 219 |
/**
|
| 220 |
* Handles dynamic path translation and menu access control.
|
| 221 |
*
|
| 222 |
* Certain menu access callbacks (like _node_revision_access()) statically cache
|
| 223 |
* the result of the access check for performance. We only want to retrieve and
|
| 224 |
* determine the group context in og_user_roles_init(), resp.
|
| 225 |
* og_user_roles_menu_get_item(), where no additional roles have been granted
|
| 226 |
* yet. _menu_translate() would normally also invoke the access callback for the
|
| 227 |
* current page. Therefore, certain menu access callbacks, which statically
|
| 228 |
* cache their result, would return that result in subsequent invocations (i.e.
|
| 229 |
* FALSE when the user does not have permissions).
|
| 230 |
*
|
| 231 |
* Since OG user roles only wants to retrieve context and all of the regular
|
| 232 |
* menu system's behavior is and should not be modified, we simply skip the
|
| 233 |
* access check in this fork.
|
| 234 |
*
|
| 235 |
* In Drupal 7, this wrapper can probably be replaced with (or similar):
|
| 236 |
* @code
|
| 237 |
* drupal_static_reset('_node_revision_access');
|
| 238 |
* @endcode
|
| 239 |
*
|
| 240 |
* @see _menu_translate()
|
| 241 |
* @see og_user_roles_menu_get_item()
|
| 242 |
*/
|
| 243 |
function og_user_roles_menu_translate(&$router_item, $map, $to_arg = FALSE) {
|
| 244 |
if ($to_arg) {
|
| 245 |
// Fill in missing path elements, such as the current uid.
|
| 246 |
_menu_link_map_translate($map, $router_item['to_arg_functions']);
|
| 247 |
}
|
| 248 |
// The $path_map saves the pieces of the path as strings, while elements in
|
| 249 |
// $map may be replaced with loaded objects.
|
| 250 |
$path_map = $map;
|
| 251 |
if (!_menu_load_objects($router_item, $map)) {
|
| 252 |
// An error occurred loading an object.
|
| 253 |
$router_item['access'] = FALSE;
|
| 254 |
return FALSE;
|
| 255 |
}
|
| 256 |
|
| 257 |
// Generate the link path for the page request or local tasks.
|
| 258 |
$link_map = explode('/', $router_item['path']);
|
| 259 |
for ($i = 0; $i < $router_item['number_parts']; $i++) {
|
| 260 |
if ($link_map[$i] == '%') {
|
| 261 |
$link_map[$i] = $path_map[$i];
|
| 262 |
}
|
| 263 |
}
|
| 264 |
$router_item['href'] = implode('/', $link_map);
|
| 265 |
$router_item['options'] = array();
|
| 266 |
// OGUR: Allow privilege escalation; do not invoke access callbacks.
|
| 267 |
//_menu_check_access($router_item, $map);
|
| 268 |
|
| 269 |
// For performance, don't localize an item the user can't access.
|
| 270 |
if (!empty($router_item['access'])) {
|
| 271 |
_menu_item_localize($router_item, $map);
|
| 272 |
}
|
| 273 |
|
| 274 |
return $map;
|
| 275 |
}
|
| 276 |
|
| 277 |
/**
|
| 278 |
* Get a loaded object from a router item.
|
| 279 |
*
|
| 280 |
* @see menu_get_object()
|
| 281 |
* @see og_user_roles_menu_get_item()
|
| 282 |
*/
|
| 283 |
function og_user_roles_menu_get_object($type = 'node', $position = 1, $path = NULL) {
|
| 284 |
$router_item = og_user_roles_menu_get_item($path);
|
| 285 |
if (isset($router_item['load_functions'][$position]) && !empty($router_item['map'][$position]) && $router_item['load_functions'][$position] == $type .'_load') {
|
| 286 |
return $router_item['map'][$position];
|
| 287 |
}
|
| 288 |
}
|
| 289 |
|
| 290 |
/**
|
| 291 |
* Implementation of hook_user().
|
| 292 |
*/
|
| 293 |
function og_user_roles_user($op, &$edit, &$account, $category = NULL) {
|
| 294 |
switch ($op) {
|
| 295 |
case 'load':
|
| 296 |
// In case the global user object is reloaded from scratch, re-assign
|
| 297 |
// our additional roles.
|
| 298 |
if ($account->uid == $GLOBALS['user']->uid) {
|
| 299 |
og_user_roles_grant_roles($account);
|
| 300 |
}
|
| 301 |
break;
|
| 302 |
|
| 303 |
case 'update':
|
| 304 |
// Remove obsolete user properties from previous OG user roles versions.
|
| 305 |
$edit['og_user_roles_regcode'] = NULL;
|
| 306 |
// While being there, also remove other mistakes.
|
| 307 |
$edit['form_build_id'] = NULL;
|
| 308 |
break;
|
| 309 |
|
| 310 |
case 'delete':
|
| 311 |
// Remove user info from og_users_roles table.
|
| 312 |
db_query("DELETE FROM {og_users_roles} WHERE uid = %d", $account->uid);
|
| 313 |
break;
|
| 314 |
}
|
| 315 |
}
|
| 316 |
|
| 317 |
/**
|
| 318 |
* Retrieve and assign additional roles for a user in the current group context.
|
| 319 |
*
|
| 320 |
* @param $account
|
| 321 |
* The user object of the current user.
|
| 322 |
* @param $group_node
|
| 323 |
* A group context determined by og_user_roles_determine_context()
|
| 324 |
*
|
| 325 |
* @see og_user_roles_init()
|
| 326 |
*/
|
| 327 |
function og_user_roles_grant_roles(&$account, $group_node = NULL) {
|
| 328 |
static $roles;
|
| 329 |
|
| 330 |
// Sanity check for first and repeated calls.
|
| 331 |
// @see og_user_roles_init()
|
| 332 |
// @see og_user_roles_user()
|
| 333 |
if (!isset($group_node) && !isset($roles)) {
|
| 334 |
return array();
|
| 335 |
}
|
| 336 |
|
| 337 |
if (!isset($roles)) {
|
| 338 |
// Retrieve additional roles for current context.
|
| 339 |
$args = array($group_node->nid);
|
| 340 |
$placeholders = db_placeholders($args);
|
| 341 |
array_unshift($args, $account->uid);
|
| 342 |
// INNER JOIN as extra sanity check (not only for role name).
|
| 343 |
$result = db_query("SELECT ogur.rid, r.name FROM {og_users_roles} ogur INNER JOIN {role} r ON r.rid = ogur.rid WHERE ogur.uid = %d AND ogur.gid IN ($placeholders)", $args);
|
| 344 |
while ($role = db_fetch_object($result)) {
|
| 345 |
// Add roles to account first, so we can statically cache all roles
|
| 346 |
// afterwards.
|
| 347 |
$account->roles[$role->rid] = $role->name;
|
| 348 |
}
|
| 349 |
$roles = $account->roles;
|
| 350 |
}
|
| 351 |
else {
|
| 352 |
// Grant all stored roles.
|
| 353 |
$account->roles = $roles;
|
| 354 |
}
|
| 355 |
|
| 356 |
// Reload user permissions.
|
| 357 |
user_access(NULL, $account, TRUE);
|
| 358 |
|
| 359 |
return $roles;
|
| 360 |
}
|
| 361 |
|
| 362 |
/**
|
| 363 |
* @} End of "defgroup og_user_roles_privilege_escalation".
|
| 364 |
*/
|
| 365 |
|
| 366 |
/**
|
| 367 |
* Implementation of hook_og().
|
| 368 |
*
|
| 369 |
* @param $op
|
| 370 |
* The operation performed; 'user insert', 'user update', 'user delete'.
|
| 371 |
* @param $nid
|
| 372 |
* Node ID of the group.
|
| 373 |
* @param $uid
|
| 374 |
* The user ID.
|
| 375 |
* @param $args
|
| 376 |
* Associative array containing details about the subscription.
|
| 377 |
*/
|
| 378 |
function og_user_roles_og($op, $nid, $uid, $args = array()) {
|
| 379 |
switch ($op) {
|
| 380 |
case 'user insert':
|
| 381 |
// Add default role for new group members, if configured.
|
| 382 |
if ($default_role = og_user_roles_get_group_default_role($nid)) {
|
| 383 |
og_user_roles_role_add($nid, $uid, $default_role);
|
| 384 |
}
|
| 385 |
|
| 386 |
// Add default role for new group admins, if configured.
|
| 387 |
if (isset($args['is_admin']) && $args['is_admin']) {
|
| 388 |
if (($default_admin_role = variable_get('og_user_roles_default_admin_role', 0)) && $default_admin_role != $default_role) {
|
| 389 |
og_user_roles_role_add($nid, $uid, $default_admin_role);
|
| 390 |
}
|
| 391 |
}
|
| 392 |
break;
|
| 393 |
|
| 394 |
case 'user update':
|
| 395 |
$default_admin_role = variable_get('og_user_roles_default_admin_role', 0);
|
| 396 |
$default_role = og_user_roles_get_group_default_role($nid);
|
| 397 |
if ($default_admin_role > 0 && $default_admin_role != $default_role) {
|
| 398 |
// Grant role for new group admin.
|
| 399 |
if (isset($args['is_admin']) && $args['is_admin']) {
|
| 400 |
og_user_roles_role_add($nid, $uid, $default_admin_role);
|
| 401 |
}
|
| 402 |
// Delete role for obsolete group admin.
|
| 403 |
else {
|
| 404 |
og_user_roles_role_delete($nid, $uid, $default_admin_role);
|
| 405 |
}
|
| 406 |
}
|
| 407 |
break;
|
| 408 |
|
| 409 |
case 'user delete':
|
| 410 |
// Remove all group roles for unsubscribed user.
|
| 411 |
og_user_roles_role_delete($nid, $uid);
|
| 412 |
break;
|
| 413 |
}
|
| 414 |
}
|
| 415 |
|
| 416 |
/**
|
| 417 |
* Implementation of hook_nodeapi().
|
| 418 |
*/
|
| 419 |
function og_user_roles_nodeapi(&$node, $op, $teaser = NULL, $page = NULL) {
|
| 420 |
switch ($op) {
|
| 421 |
case 'load':
|
| 422 |
if (og_is_group_type($node->type)) {
|
| 423 |
$rid = db_result(db_query("SELECT default_role FROM {og_users_roles_group} WHERE gid = %d", $node->nid));
|
| 424 |
if ($rid) {
|
| 425 |
$node->og_user_roles_default_role = $rid;
|
| 426 |
}
|
| 427 |
}
|
| 428 |
break;
|
| 429 |
|
| 430 |
case 'insert':
|
| 431 |
if (!empty($node->og_user_roles_default_role) && og_is_group_type($node->type)) {
|
| 432 |
db_query("INSERT INTO {og_users_roles_group} (gid, default_role) VALUES (%d, %d)", $node->nid, $node->og_user_roles_default_role);
|
| 433 |
}
|
| 434 |
break;
|
| 435 |
|
| 436 |
case 'update':
|
| 437 |
if (!empty($node->og_user_roles_default_role) && og_is_group_type($node->type)) {
|
| 438 |
db_query("UPDATE {og_users_roles_group} SET default_role = %d WHERE gid = %d", $node->og_user_roles_default_role, $node->nid);
|
| 439 |
if (!db_affected_rows()) {
|
| 440 |
db_query("INSERT INTO {og_users_roles_group} (gid, default_role) VALUES (%d, %d)", $node->nid, $node->og_user_roles_default_role);
|
| 441 |
}
|
| 442 |
}
|
| 443 |
break;
|
| 444 |
|
| 445 |
case 'delete':
|
| 446 |
// Remove all data for a deleted group.
|
| 447 |
if (og_is_group_type($node->type)) {
|
| 448 |
db_query("DELETE FROM {og_users_roles} WHERE gid = %d", $node->nid);
|
| 449 |
db_query("DELETE FROM {og_users_roles_group} WHERE gid = %d", $node->nid);
|
| 450 |
}
|
| 451 |
break;
|
| 452 |
}
|
| 453 |
}
|
| 454 |
|
| 455 |
/**
|
| 456 |
* Implementation of hook_form_FORM_ID_alter().
|
| 457 |
*/
|
| 458 |
function og_user_roles_form_user_admin_role_alter(&$form, $form_state) {
|
| 459 |
$form['delete']['#submit'][] = 'og_user_roles_user_admin_role_delete_submit';
|
| 460 |
}
|
| 461 |
|
| 462 |
/**
|
| 463 |
* Form submit handler for user role delete button.
|
| 464 |
*/
|
| 465 |
function og_user_roles_user_admin_role_delete_submit($form, &$form_state) {
|
| 466 |
// Remove all role assignments for deleted user role.
|
| 467 |
db_query('DELETE FROM {og_users_roles} WHERE rid = %d', $form_state['values']['rid']);
|
| 468 |
db_query("DELETE FROM {og_users_roles_group} WHERE default_role = %d", $form_state['values']['rid']);
|
| 469 |
// Invoke default submit handler (not converted to button submit handler yet).
|
| 470 |
user_admin_role_submit($form, $form_state);
|
| 471 |
}
|
| 472 |
|
| 473 |
/**
|
| 474 |
* Implementation of hook_link_alter().
|
| 475 |
*
|
| 476 |
* @todo Move into OG.
|
| 477 |
*/
|
| 478 |
function og_user_roles_link_alter(&$links, $node) {
|
| 479 |
if (isset($links['book_add_child'])) {
|
| 480 |
$group_node = og_get_group_context();
|
| 481 |
if (is_object($group_node) && !empty($group_node->nid)) {
|
| 482 |
$links['book_add_child']['query'] .= '&gids[]=' . $group_node->nid;
|
| 483 |
}
|
| 484 |
}
|
| 485 |
}
|
| 486 |
|
| 487 |
/**
|
| 488 |
* Return assigned roles for a user in a group.
|
| 489 |
*/
|
| 490 |
function og_user_roles_get_roles_by_group($gid, $uid) {
|
| 491 |
$assigned_roles = array();
|
| 492 |
$result = db_query("SELECT rid FROM {og_users_roles} WHERE uid = %d AND gid = %d", $uid, $gid);
|
| 493 |
while ($rid = db_result($result)) {
|
| 494 |
$assigned_roles[$rid] = $rid;
|
| 495 |
}
|
| 496 |
return $assigned_roles;
|
| 497 |
}
|
| 498 |
|
| 499 |
/**
|
| 500 |
* Grant a role for a user in a group.
|
| 501 |
*
|
| 502 |
* @param $gid
|
| 503 |
* The group ID.
|
| 504 |
* @param $uid
|
| 505 |
* The user ID.
|
| 506 |
* @param $rid
|
| 507 |
* The role ID to grant.
|
| 508 |
*/
|
| 509 |
function og_user_roles_role_add($gid, $uid, $rid) {
|
| 510 |
$granted = db_result(db_query_range("SELECT rid FROM {og_users_roles} WHERE gid = %d AND uid = %d AND rid = %d", $gid, $uid, $rid, 0, 1));
|
| 511 |
if (!$granted) {
|
| 512 |
db_query("INSERT INTO {og_users_roles} (uid, gid, rid) VALUES (%d, %d, %d)", $uid, $gid, $rid);
|
| 513 |
}
|
| 514 |
}
|
| 515 |
|
| 516 |
/**
|
| 517 |
* Revoke a role or all roles for a user in a group.
|
| 518 |
*
|
| 519 |
* @param $gid
|
| 520 |
* The group ID.
|
| 521 |
* @param $uid
|
| 522 |
* The user ID.
|
| 523 |
* @param $rid
|
| 524 |
* (Optional) The role ID to remove. If omitted, all roles are removed.
|
| 525 |
*/
|
| 526 |
function og_user_roles_role_delete($gid, $uid, $rid = NULL) {
|
| 527 |
if (is_null($rid)) {
|
| 528 |
db_query("DELETE FROM {og_users_roles} WHERE gid = %d AND uid = %d", $gid, $uid);
|
| 529 |
}
|
| 530 |
else {
|
| 531 |
db_query("DELETE FROM {og_users_roles} WHERE gid = %d AND uid = %d AND rid = %d", $gid, $uid, $rid);
|
| 532 |
}
|
| 533 |
}
|
| 534 |
|
| 535 |
/**
|
| 536 |
* Retrieve all roles assignable in a group.
|
| 537 |
*/
|
| 538 |
function og_user_roles_get_group_roles($node_type) {
|
| 539 |
$roles = array();
|
| 540 |
$allowed_roles = array_filter(variable_get("og_user_roles_roles_{$node_type}", array()));
|
| 541 |
$user_roles = user_roles();
|
| 542 |
foreach ($allowed_roles as $rid => $checked) {
|
| 543 |
$roles[$rid] = $user_roles[$rid];
|
| 544 |
}
|
| 545 |
return $roles;
|
| 546 |
}
|
| 547 |
|
| 548 |
/**
|
| 549 |
* Implementation of hook_form_alter().
|
| 550 |
*/
|
| 551 |
function og_user_roles_form_alter(&$form, &$form_state, $form_id) {
|
| 552 |
// Add default user role option to node form.
|
| 553 |
// @todo Consider a better UI location for this.
|
| 554 |
if (isset($form['#node']) && $form_id == $form['#node']->type . '_node_form') {
|
| 555 |
$node = $form['#node'];
|
| 556 |
if (og_is_group_type($node->type) && user_access('override group default role')) {
|
| 557 |
$default = (!empty($node->og_user_roles_default_role) ? $node->og_user_roles_default_role : 0);
|
| 558 |
$options = array(0 => t('<default>'));
|
| 559 |
$options += og_user_roles_get_group_roles($node->type);
|
| 560 |
|
| 561 |
$form['og_user_roles_default_role'] = array(
|
| 562 |
'#type' => 'select',
|
| 563 |
'#title' => t('Default role for new members'),
|
| 564 |
'#options' => $options,
|
| 565 |
'#default_value' => $default,
|
| 566 |
'#description' => t('Configure a default role to be assigned to new group members.'),
|
| 567 |
);
|
| 568 |
}
|
| 569 |
}
|
| 570 |
}
|
| 571 |
|
| 572 |
/**
|
| 573 |
* Implementation of hook_content_extra_fields().
|
| 574 |
*/
|
| 575 |
function og_user_roles_content_extra_fields($type_name) {
|
| 576 |
if (og_is_group_type($type_name)) {
|
| 577 |
$extra['og_user_roles_default_role'] = array(
|
| 578 |
'label' => t('Default role for new members'),
|
| 579 |
'description' => t('Configure a default role to be assigned to new group members.'),
|
| 580 |
'weight' => 0,
|
| 581 |
);
|
| 582 |
return $extra;
|
| 583 |
}
|
| 584 |
}
|
| 585 |
|
| 586 |
/**
|
| 587 |
* Return default role for a group.
|
| 588 |
*/
|
| 589 |
function og_user_roles_get_group_default_role($nid) {
|
| 590 |
$default_role = db_result(db_query("SELECT default_role FROM {og_users_roles_group} WHERE gid = %d", $nid));
|
| 591 |
if (!$default_role) {
|
| 592 |
$default_role = variable_get('og_user_roles_default_role', 0);
|
| 593 |
}
|
| 594 |
return $default_role;
|
| 595 |
}
|
Parent Directory
| 
Revision Log
| 
Revision Graph