/[drupal]/contributions/modules/simple_access/simple_access.module
ViewVC logotype

Contents of /contributions/modules/simple_access/simple_access.module

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.51 - (show annotations) (download) (as text)
Tue Nov 3 12:40:54 2009 UTC (3 weeks, 3 days ago) by gordon
Branch: MAIN
CVS Tags: DRUPAL-7--2-0-ALPHA1, HEAD
Changes since 1.50: +5 -6 lines
File MIME type: text/x-php 
* Fix up the saving of the node data.
1 <?php
2 // $Id: simple_access.module,v 1.50 2009/11/03 12:33:09 gordon Exp $
3
4
5 /**
6 * @file
7 * This module allows administrators to make nodes viewable by specific
8 * 'access groups'. Each access group can contain any number of roles.
9 * If a node is not assigned to any access groups, it will remain viewable
10 * by all users.
11 *
12 * Database definition:
13 * @code
14 * @endcode
15 *
16 */
17
18 /**
19 * Implements hook_menu().
20 */
21 function simple_access_menu() {
22 $items['admin/config/simple-access'] = array(
23 'title' => 'Simple Access',
24 'description' => 'Configure node access',
25 'position' => 'right',
26 'page callback' => 'system_admin_menu_block_page',
27 'access arguments' => array('access administration pages'),
28 'file' => 'system.admin.inc',
29 'file path' => drupal_get_path('module', 'system'),
30 );
31 $items['admin/config/simple-access/settings'] = array(
32 'title' => 'Settings',
33 'page callback' => 'drupal_get_form',
34 'page arguments' => array('simple_access_settings_page'),
35 'access callback' => 'user_access',
36 'access arguments' => array('manage simple access'),
37 'type' => MENU_NORMAL_ITEM,
38 'description' => 'Configure which kinds of access (view, edit, delete) users with permission to use Simple Access can define for each node.',
39 'file' => 'simple_access.admin.inc',
40 'weight' => -1,
41 );
42 $items['admin/config/simple-access/groups'] = array(
43 'title' => 'Groups',
44 'access callback' => 'user_access',
45 'access arguments' => array('manage simple access'),
46 'page callback' => 'drupal_get_form',
47 'page arguments' => array('simple_access_page_overview'),
48 'type' => MENU_NORMAL_ITEM,
49 'description' => 'Manage groups of users for node-specific access control.',
50 'file' => 'simple_access.admin.inc',
51 );
52 $items['admin/config/simple-access/groups/list'] = array(
53 'title' => 'List',
54 'access callback' => 'user_access',
55 'access arguments' => array('manage simple access'),
56 'type' => MENU_DEFAULT_LOCAL_TASK,
57 'weight' => -8,
58 'file' => 'simple_access.admin.inc',
59 );
60 $items['admin/config/simple-access/groups/add'] = array(
61 'title' => 'Add',
62 'page callback' => 'drupal_get_form',
63 'page arguments' => array('simple_access_group_form'),
64 'access callback' => 'user_access',
65 'access arguments' => array('manage simple access'),
66 'type' => MENU_LOCAL_TASK,
67 'weight' => -6,
68 'file' => 'simple_access.admin.inc',
69 );
70 $items['admin/config/simple-access/groups/%simple_access_group/edit'] = array(
71 'title' => 'Edit Group',
72 'page callback' => 'drupal_get_form',
73 'page arguments' => array('simple_access_group_form', 4),
74 'access callback' => 'user_access',
75 'access arguments' => array('manage simple access'),
76 'type' => MENU_CALLBACK,
77 'file' => 'simple_access.admin.inc',
78 );
79 $items['admin/config/simple-access/groups/%simple_access_group/delete'] = array(
80 'title' => 'Delete Group',
81 'page callback' => 'drupal_get_form',
82 'page arguments' => array('simple_access_delete_group_confirm', 4),
83 'access callback' => 'user_access',
84 'access arguments' => array('manage simple access'),
85 'type' => MENU_CALLBACK,
86 'file' => 'simple_access.admin.inc',
87 );
88 $items['admin/config/simple-access/profiles'] = array(
89 'title' => 'Profiles',
90 'page callback' => 'drupal_get_form',
91 'page arguments' => array('simple_access_profile_list'),
92 'access callback' => 'user_access',
93 'access arguments' => array('manage simple access'),
94 'type' => MENU_NORMAL_ITEM,
95 'description' => 'Maintain access profiles',
96 'file' => 'simple_access.admin.inc',
97 );
98 $items['admin/config/simple-access/profiles/list'] = array(
99 'title' => 'List',
100 'access callback' => 'user_access',
101 'access arguments' => array('manage simple access'),
102 'type' => MENU_DEFAULT_LOCAL_TASK,
103 'weight' => -9,
104 'file' => 'simple_access.admin.inc',
105 );
106 $items['admin/config/simple-access/profiles/add'] = array(
107 'title' => 'Add',
108 'page callback' => 'drupal_get_form',
109 'page arguments' => array('simple_access_profile_form'),
110 'access callback' => 'user_access',
111 'access arguments' => array('manage simple access'),
112 'type' => MENU_LOCAL_TASK,
113 'file' => 'simple_access.admin.inc',
114 );
115 $items['admin/config/simple-access/profiles/%simple_access_profile/edit'] = array(
116 'title' => 'Edit Profile',
117 'page callback' => 'drupal_get_form',
118 'page arguments' => array('simple_access_profile_form', 4),
119 'access callback' => 'user_access',
120 'access arguments' => array('manage simple access'),
121 'type' => MENU_CALLBACK,
122 'file' => 'simple_access.admin.inc',
123 );
124 $items['admin/config/simple-access/profiles/%simple_access_profile/delete'] = array(
125 'title' => 'Delete Profile',
126 'page callback' => 'drupal_get_form',
127 'page arguments' => array('simple_access_profile_delete_confirm', 4),
128 'access callback' => 'user_access',
129 'access arguments' => array('manage simple access'),
130 'type' => MENU_CALLBACK,
131 'file' => 'simple_access.admin.inc',
132 );
133 return $items;
134 }
135
136 /**
137 * Implements hook_perm().
138 */
139 function simple_access_permission() {
140 return array(
141 'Administer simple access' => array(
142 'title' => t('Administer Simple Access'),
143 'description' => t('Allow access to administration pages for simple access.'),
144 ),
145 'assign access to nodes' => array(
146 'title' => t('Assign access to nodes'),
147 'description' => t('Allow assigning of group access to nodes.'),
148 ),
149 'assign profiles to nodes' => array(
150 'title' => t('Assign profiles to nodes'),
151 'description' => t('Allow assigning of access profiles to nodes.'),
152 ),
153 'assign owner permissions' => array(
154 'title' => t('Assign owner permissions'),
155 'description' => t('Allow assigning of owner permissions to nodes.'),
156 ),
157 );
158 }
159
160 /**
161 * Implements hook_node_prepare().
162 */
163 function simple_access_node_prepare($node) {
164 // Only use the defaults if this is a new node.
165 if (empty($node->nid)) {
166 $defaults = variable_get('simple_access_' . $node->type, array('simple_access' => array(), 'simple_access_profiles' => array(), 'simple_access_owner' => array()));
167 }
168 else {
169 $defaults = array('simple_access' => array(), 'simple_access_profiles' => array(), 'simple_access_owner' => array());
170 }
171 foreach ($defaults as $key => $value) {
172 if (!isset($node->{$key})) {
173 $node->{$key} = $value;
174 }
175 }
176 }
177
178 /**
179 * Implement hook_node_load().
180 */
181 function simple_access_node_load($nodes, $types) {
182 foreach ($nodes as $node) {
183
184 if ($row = db_select('simple_access_owner', 'o')->fields('o', array('sa_view', 'sa_update', 'sa_delete'))->condition('nid', $node->nid)->execute()->fetchAssoc()) {
185 $node->simple_access_owner = $row;
186 }
187 else {
188 $node->simple_access_owner = array('sa_view' => 0, 'sa_update' => 0, 'sa_delete' => 0);
189 }
190
191 $node->simple_access = db_select('simple_access_node', 'na')
192 ->fields('na', array('gid', 'sa_view', 'sa_update', 'sa_delete'))
193 ->condition('nid', $node->nid)
194 ->execute()
195 ->fetchAllAssoc('gid', PDO::FETCH_ASSOC);
196
197 $node->simple_access_profiles = db_select('simple_access_profiles_node', 'pn')
198 ->fields('pn', array('pid'))
199 ->condition('nid', $node->nid)
200 ->execute()
201 ->fetchAllAssoc('pid', PDO::FETCH_ASSOC);
202
203 $nodes[$node->nid] = $node;
204 }
205 }
206
207 /**
208 * Implements hook_node_insert().
209 */
210 function simple_access_node_insert($node) {
211 simple_access_node_save($node);
212 }
213
214 /**
215 * Implements hook_node_update().
216 */
217 function simple_access_node_update($node) {
218 simple_access_node_save($node);
219 }
220
221 /**
222 * Save node information
223 */
224 function simple_access_node_save($node) {
225 if ($node->uid && ($node->simple_access_owner['sa_view'] || $node->simple_access_owner['sa_update'] || $node->simple_access_owner['sa_update'])) {
226 $query = db_merge('simple_access_owner')
227 ->key(array('nid' => $node->nid))
228 ->fields(array(
229 'sa_view' => $node->simple_access_owner['sa_view'],
230 'sa_update' => $node->simple_access_owner['sa_update'],
231 'sa_delete' => $node->simple_access_owner['sa_delete'],
232 ))
233 ->execute();
234 }
235 else {
236 db_delete('simple_access_owner')
237 ->condition('nid', $node->nid)
238 ->execute();
239 }
240 db_delete('simple_access_node')
241 ->condition('nid', $node->nid)
242 ->execute();
243 if (isset($node->simple_access)) {
244 foreach ($node->simple_access as $gid => $access) {
245 if ($access['sa_view'] || $access['sa_update'] || $access['sa_delete']) {
246 db_insert('simple_access_node')
247 ->fields(array(
248 'nid' => $node->nid,
249 'gid' => $gid,
250 'sa_view' => $access['sa_view'],
251 'sa_update' => $access['sa_update'],
252 'sa_delete' => $access['sa_delete'],
253 ))
254 ->execute();
255 }
256 }
257 }
258
259 db_delete('simple_access_profiles_node')
260 ->condition('nid', $node->nid)
261 ->execute();
262 if (isset($node->simple_access_profiles)) {
263 foreach (array_filter($node->simple_access_profiles) as $pid) {
264 db_insert('simple_access_profiles_node')
265 ->fields(array(
266 'nid' => $node->nid,
267 'pid' => $pid,
268 ))
269 ->execute();
270 }
271 }
272 }
273
274 /**
275 * Implements hook_node_delete().
276 */
277 function simple_access_node_delete($node) {
278 foreach (array('simple_access_node', 'simple_access_owner', 'simple_access_profiles_node') as $table) {
279 db_delete($table)
280 ->condition('pid', $pid)
281 ->execute();
282 }
283 }
284
285 /**
286 * Implements hook_node_access_records().
287 */
288 function simple_access_node_access_records($node) {
289 $records = array();
290
291 if (!empty($node->simple_access_profiles)) {
292 foreach (array_filter($node->simple_access_profiles) as $pid) {
293 $records[] = array(
294 'realm' => 'simple_access_profile',
295 'gid' => $pid,
296 'grant_view' => 1,
297 'grant_update' => 1,
298 'grant_delete' => 1,
299 'priority' => 0,
300 );
301 }
302 }
303
304 if (!empty($node->simple_access)) {
305 // loop through simple_access arrays from page submission
306 // $type is either 'view', 'update', or 'delete'
307
308 foreach ($node->simple_access as $gid => $access) {
309 if ($access['sa_view'] || $access['sa_update'] || $access['sa_delete']) {
310 $records[] = array(
311 'realm' => 'simple_access',
312 'gid' => $gid,
313 'grant_view' => $access['sa_view'],
314 'grant_update' => $access['sa_update'],
315 'grant_delete' => $access['sa_delete'],
316 'priority' => 0,
317 );
318 }
319 }
320 }
321 if ($node->uid && ($node->simple_access_owner['sa_view'] || $node->simple_access_owner['sa_update'] || $node->simple_access_owner['sa_delete'])) {
322 $records[] = array(
323 'realm' => 'simple_access_author',
324 'gid' => $node->uid,
325 'grant_view' => $node->simple_access_owner['sa_view'],
326 'grant_update' => $node->simple_access_owner['sa_update'],
327 'grant_delete' => $node->simple_access_owner['sa_delete'],
328 'priority' => 0,
329 );
330 }
331 return $records;
332 }
333
334 /**
335 * Implements hook_node_grants().
336 *
337 * @TODO implement to correcly return groups in all cases.
338 */
339 function simple_access_node_grants($account, $op) {
340 $gids = simple_access_groups_from_roles(array_keys($account->roles));
341 $grants['simple_access'] = $gids;
342
343 if (in_array($op, array('view', 'update', 'delete')) && !empty($gids)) {
344 $pids = db_select('simple_access_profiles_access', 'p')
345 ->fields('p', array('pid'))
346 ->condition('sa_' . $op, '1')
347 ->condition('gid', $gids, 'IN')
348 ->distinct()
349 ->execute()
350 ->fetchAllAssoc('pid', PDO::FETCH_ASSOC);
351
352 if (!empty($pids)) {
353 $grants['simple_access_profiles'] = $pids;
354 }
355 }
356 $grants['simple_access_author'] = array($account->uid);
357 return $grants;
358 }
359
360 /**
361 * Implements hook_node_access_explain().
362 */
363 function simple_access_node_access_explain($row) {
364 switch ($row->realm) {
365 case 'simple_access_author':
366 return t('Access for the content owner');
367
368 case 'simple_access':
369 $groups = simple_access_get_groups();
370 return t('Access restrictions for the "%group" group', array('%group' => $groups[$row->gid]['name']));
371
372 case 'simple_access_profile':
373 $groups = simple_access_get_groups();
374 $profiles = simple_access_get_profiles();
375 $profile = $profiles[$row->gid];
376
377 $message = t('Access restrictions for profile "%profile"<br /><dt>', array('%profile' => $profile['name']));
378
379 if (!empty($profile['access'])) {
380 foreach ($profile['access'] as $gid => $access) {
381 $message .= t('"%group" group can @perm.', array('%group' => $groups[$gid]['name'], '@perm' => implode(', ', array_keys(array_filter($access)))));
382 }
383 }
384 $message .= '</dt>';
385
386 return $message;
387 }
388 }
389
390 function simple_access_form_alter(&$form, &$form_state, $form_id) {
391 // if this is a node form...
392 if (!empty($form['#node_edit_form'])) {
393 if ($simple_access_form = simple_access_form($form['#node'])) {
394 $form = array_merge($form, $simple_access_form);
395 }
396 }
397 }
398
399 function simple_access_form_node_type_form_alter(&$form, &$form_state) {
400 $type = $form['old_type']['#value'];
401 $default = variable_get('simple_access_' . $type, array('simple_access' => array(), 'simple_access_profiles' => array(), 'simple_access_owner' => array()));
402
403 $tmp_form = simple_access_form((object)$default, TRUE);
404
405 $form['simple_access'] = $tmp_form['sa'];
406 $form['simple_access']['simple_access']['owner']['#parents'] = array('simple_access', 'simple_access_owner');
407 $form['simple_access']['#tree'] = TRUE;
408
409 $form['#submit'][] = 'simple_access_node_type_submit';
410 }
411
412 function simple_access_node_type_submit(&$form, &$form_state) {
413 $op = isset($form_state['values']['op']) ? $form_state['values']['op'] : '';
414 $type = $form_state['values']['type'];
415
416 if ($op == t('Save content type')) {
417 variable_set('simple_access_' . $type, $form_state['values']['simple_access']);
418 }
419 }
420
421 function simple_access_theme() {
422 return array(
423 'simple_access_form' => array(
424 'render element' => 'form',
425 'file' => 'simple_access.theme.inc',
426 ),
427 'simple_access_page_overview_list' => array(
428 'render element' => 'form',
429 'file' => 'simple_access.theme.inc',
430 ),
431 'simple_access_profile_list' => array(
432 'render element' => 'form',
433 'file' => 'simple_access.theme.inc',
434 ),
435 );
436 }
437
438 function simple_access_form($node, $admin = FALSE) {
439 // Get the array of checkbox options to use for each form element.
440 // If the "Show groups even when user is not a member" setting is
441 // enabled, or if the current user has 'administer nodes', let
442 // them choose from any of the SA groups.
443 $groups = simple_access_group_select();
444 $profiles = simple_access_get_profiles_select();
445
446 if (empty($groups) && empty($profiles) && !user_access('assign owner permissions')) {
447 return;
448 }
449
450 $user_groups = is_array($node->simple_access) ? array_filter($node->simple_access, '_simple_access_filter_access') : array();
451 $owner_priv = is_array($node->simple_access_owner) ? array_filter($node->simple_access_owner) : array();
452 // set up the outer fieldset
453 $form['sa'] = array(
454 '#title' => t('Access'),
455 '#type' => 'fieldset',
456 '#collapsible' => TRUE,
457 '#collapsed' => empty($user_groups) && empty($node->simple_access_profiles) && empty($owner_priv),
458 '#access' => user_access('assign access to profiles') || user_access('assign access to nodes') || user_access('administer nodes'),
459 '#attributes' => array(
460 'class' => array('simple-access-settings'),
461 ),
462 '#weight' => (module_exists('content') && isset($form['type'])) ? content_extra_field_weight($form['type']['#value'], 'sa') : 20,
463 '#group' => 'additional_settings',
464 '#attached' => array(
465 'js' => array(drupal_get_path('module', 'simple_access') . '/simple_access.js'),
466 ),
467 );
468 if (!empty($profiles)) {
469 $form['sa']['simple_access_profiles'] = array(
470 '#type' => 'checkboxes',
471 '#title' => t('Access profile'),
472 '#default_value' => $node->simple_access_profiles,
473 '#options' => $profiles,
474 '#access' => user_access('assign access to profiles') || user_access('administer nodes'),
475 );
476 }
477 if (!empty($groups) || user_access('assign owner permissions')) {
478 $form['sa']['simple_access'] = array(
479 '#tree' => TRUE,
480 '#weight' => 5,
481 '#access' => user_access('assign access to nodes') || user_access('administer nodes') || user_access('assign owner permissions'),
482 '#theme' => 'simple_access_form',
483 );
484
485 if ($admin) {
486 $form['sa']['simple_access']['#admin'] = TRUE;
487 }
488
489 // Load the owner perminisions.
490 $group = array(
491 'name' => t('Owner permissions'),
492 'access' => user_access('assign owner permissions') && isset($node->uid) && $node->uid,
493 );
494 $access = array('owner' => $node->simple_access_owner);
495 $form['sa']['simple_access']['owner'] = simple_access_form_row('owner', $group, $access, $admin);
496 $form['sa']['simple_access']['owner']['#parents'] = array('simple_access_owner');
497
498 // See what form elements we should include. If not configured,
499 // only enable the 'view' elements by default.
500 $variable = variable_get('sa_display', array('view' => 1));
501
502 foreach ($groups as $gid => $group) {
503 $form['sa']['simple_access'][$gid] = simple_access_form_row($gid, $group, $node->simple_access, $admin);
504 }
505 }
506 return $form;
507 }
508
509 function simple_access_form_row($gid, $group, $access, $admin = FALSE) {
510 if ($admin) {
511 $variable = array('view' => 1, 'update' => 1, 'delete' => 1);
512 }
513 else {
514 $variable = variable_get('sa_display', array(
515 'view' => 1, 'update' => 0, 'delete' => 0)
516 );
517 }
518
519 $defaults = array('sa_view' => NULL, 'sa_update' => NULL, 'sa_delete' => NULL);
520 if (empty($access[$gid])) {
521 $access[$gid] = $defaults;
522 }
523 else {
524 $access[$gid]+= $defaults;
525 }
526
527 $priv = $group['access'] || user_access('administer nodes');
528 $form = array(
529 '#access' => $priv,
530 );
531
532 if ($admin) {
533 $form['#admin'] = $admin;
534 }
535
536 $form['name'] = array(
537 '#markup' => $group['name'],
538 '#access' => $priv,
539 );
540 $form['sa_view'] = array(
541 '#type' => 'checkbox',
542 '#default_value' => $access[$gid]['sa_view'],
543 '#access' => $priv && $variable['view'],
544 );
545 $form['sa_update'] = array(
546 '#type' => 'checkbox',
547 '#default_value' => $access[$gid]['sa_update'],
548 '#access' => $priv && $variable['update'],
549 );
550 $form['sa_delete'] = array(
551 '#type' => 'checkbox',
552 '#default_value' => $access[$gid]['sa_delete'],
553 '#access' => $priv && $variable['delete'],
554 );
555
556 return $form;
557 }
558
559 function simple_access_get_roles($gid) {
560 $result = db_select('simple_access_roles', 'r')
561 ->fields('r', array('rid'))
562 ->condition('gid', $gid)
563 ->execute();
564
565 return array_keys($result->fetchAllAssoc('rid', PDO::FETCH_ASSOC));
566 }
567
568 function simple_access_get_profiles_select() {
569 $profiles = simple_access_get_profiles();
570
571 return array_map('_simple_access_filter_profiles', $profiles);
572 }
573
574 function _simple_access_filter_profiles($a) {
575 return $a['name'];
576 }
577
578 function simple_access_get_profiles($pid = NULL) {
579 $profiles = array();
580
581 $query = db_select('simple_access_profiles', 'p')
582 ->fields('p', array('pid', 'name'))
583 ->orderBy('weight', 'ASC')
584 ->orderBy('name');
585
586 if ($pid) {
587 $query->condition('pid', $pid);
588 }
589 $profiles = $query->execute()
590 ->fetchAllAssoc('pid', PDO::FETCH_ASSOC);
591
592
593 $query = db_select('simple_access_profiles_access', 'a')
594 ->fields('a', array('pid', 'gid', 'sa_view', 'sa_update', 'sa_delete'))
595 ->orderBy('pid');
596
597 if ($pid) {
598 $query->condition('pid', $pid);
599 }
600 $result = $query->execute();
601
602 while ($a = $result->fetchAssoc(PDO::FETCH_ASSOC)) {
603 if (isset($profiles[$a['pid']])) {
604 $profiles[$a['pid']]['access'][$a['gid']] = $a;
605 }
606 }
607 return isset($pid) ? $profiles[$pid] : $profiles;
608 }
609
610 function simple_access_get_groups($gid = NULL) {
611 $groups = array();
612 $query = db_select('simple_access_groups', 'g')
613 ->fields('g', array('gid', 'name', 'weight'))
614 ->orderBy('weight', 'ASC')
615 ->orderBy('name', 'ASC')
616 ->distinct(TRUE);
617
618 if ($gid) {
619 $query->condition('gid', $gid);
620 }
621 $result = $query->execute();
622
623 foreach ($result->fetchAllAssoc('gid', PDO::FETCH_ASSOC) as $g) {
624 $groups[$g['gid']]['name'] = $g['name'];
625 $groups[$g['gid']]['gid'] = $g['gid'];
626 $groups[$g['gid']]['weight'] = $g['weight'];
627 $groups[$g['gid']]['roles'] = simple_access_get_roles($g['gid']);
628 }
629 return $gid ? $groups[$gid] : $groups;
630 }
631
632 function simple_access_group_select() {
633 static $groups;
634
635 if (empty($groups)) {
636 global $user;
637 $default_access = user_access('administer nodes');
638
639 $groups = array();
640 $result = db_select('simple_access_groups', 'g')
641 ->fields('g', array('gid', 'name'))
642 ->orderBy('weight')
643 ->orderBy('name')
644 ->execute();
645
646 while ($group = $result->fetchAssoc(PDO::FETCH_ASSOC)) {
647 $groups[$group['gid']] = $group;
648 $groups[$group['gid']]['access'] = $default_access;
649 }
650
651 if (!$default_access) {
652 // return just groups for which user is a member
653 $roles = array_keys($user->roles);
654 $result = db_select('simple_access_groups', 'g')
655 ->fields('g', array('gid'))
656 ->innerJoin('simple_access_roles', 'r', 'g.gid = r.gid')
657 ->condition('rid', $roles, 'IN')
658 ->groupBy('gid')
659 ->execute();
660 while ($group = $result->fetchAssoc(PDO::FETCH_ASSOC)) {
661 $groups[$group['gid']]['access'] = TRUE;
662 }
663 }
664 }
665 return $groups;
666 }
667
668 /**
669 * Get a list of group/grant ids based on a list of user roles
670 * $roles should be a linear list a role ids
671 */
672 function simple_access_groups_from_roles($roles) {
673 // there probably should be some 'static' stuff going on here
674 // always return gid 0 just to be safe.
675 $gids = array();
676 $result = db_select('simple_access_roles', 'r')
677 ->fields('r', array('gid'))
678 ->condition('rid', $roles, 'IN')
679 ->execute();
680
681 $gids = $result->fetchAllAssoc('gid', PDO::FETCH_ASSOC);
682 return $gids;
683 }
684
685 /**
686 *
687 */
688 function simple_access_groups_check_user($groups) {
689 global $user;
690
691 $roles = array_keys($user->roles);
692 $roles[] = $user->uid ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID;
693
694 $user_groups = simple_access_groups_from_roles($roles);
695 return array_intersect(array_filter($groups, $user_groups));
696 }
697
698 /**
699 * Save group of roles into the database
700 */
701 function simple_access_save_group($edit) {
702 $affected = 0;
703 if (!empty($edit['gid'])) {
704 db_merge('simple_access_groups')
705 ->key(array('gid' => $edit['gid']))
706 ->fields(array(
707 'name' => $edit['name'],
708 'weight' => $edit['weight'],
709 ))
710 ->execute();
711 }
712 else {
713 $edit['gid'] = db_insert('simple_access_groups', array('return' => Database::RETURN_INSERT_ID))
714 ->fields(array(
715 'name' => $edit['name'],
716 'weight' => $edit['weight'],
717 ))
718 ->execute();
719 }
720 db_delete('simple_access_roles')
721 ->condition('gid', $edit['gid'])
722 ->execute();
723 if (is_array($edit['roles'])) {
724 foreach ($edit['roles'] as $key => $value) {
725 if ($value) {
726 db_insert('simple_access_roles')
727 ->fields(array(
728 'rid' => $key,
729 'gid' => $edit['gid']
730 ))
731 ->execute();
732 }
733 }
734 }
735 }
736
737 function simple_access_delete_profile($pid) {
738 foreach (array('simple_access_profiles', 'simple_access_profiles_access', 'simple_access_profiles_node') as $table) {
739 db_delete($table)
740 ->condition('pid', $pid)
741 ->execute();
742 }
743 }
744
745 function simple_access_delete_group($gid) {
746 foreach (array('simple_access_roles', 'simple_access_groups', 'simple_access_node') as $table) {
747 db_delete($table)
748 ->condition('gid', $gid)
749 ->execute();
750 }
751 }
752
753 /**
754 * Filter the access records for the current user
755 */
756 function _simple_access_filter_access($a) {
757 $groups = simple_access_group_select();
758
759 return isset($a['gid']) && isset($groups[$a['gid']]['access']) && $groups[$a['gid']]['access'];
760 }
761
762 /**
763 * Implements hook_action_info().
764 */
765 function simple_access_action_info() {
766 return array(
767 'simple_access_owner_grant' => array(
768 'type' => 'node',
769 'description' => t('Grant permissions to content owner'),
770 'configurable' => TRUE,
771 'hooks' => array(
772 'nodeapi' => array('insert', 'update'),
773 ),
774 ),
775 'simple_access_owner_revoke' => array(
776 'type' => 'node',
777 'description' => t('Revoke permissions from content owner'),
778 'configurable' => TRUE,
779 'hooks' => array(
780 'nodeapi' => array('insert', 'update'),
781 ),
782 ),
783 'simple_access_group_grant' => array(
784 'type' => 'node',
785 'description' => t('Grant permissions to groups'),
786 'configurable' => TRUE,
787 'hooks' => array(
788 'nodeapi' => array('insert', 'update'),
789 ),
790 ),
791 'simple_access_group_revoke' => array(
792 'type' => 'node',
793 'description' => t('Revoke permissions from groups'),
794 'configurable' => TRUE,
795 'hooks' => array(
796 'nodeapi' => array('insert', 'update'),
797 ),
798 ),
799 'simple_access_profile_enable' => array(
800 'type' => 'node',
801 'description' => t('Enable access profile'),
802 'configurable' => TRUE,
803 'hooks' => array(
804 'nodeapi' => array('insert', 'update'),
805 ),
806 ),
807 'simple_access_profile_disable' => array(
808 'type' => 'node',
809 'description' => t('Disable access profile'),
810 'configurable' => TRUE,
811 'hooks' => array(
812 'nodeapi' => array('insert', 'update'),
813 ),
814 ),
815 );
816 };
817
818 /**
819 * Configure grant content owner permissions
820 */
821 function simple_access_owner_grant_form($settings = array()) {
822 $form = array();
823
824 $form['sa_owner_permissions'] = array(
825 '#type' => 'checkboxes',
826 '#title' => t('Grant owner permissions'),
827 '#default_value' => empty($settings['sa_owner_permissions']) ? array() : $settings['sa_owner_permissions'],
828 '#options' => array(
829 'sa_view' => t('View'),
830 'sa_update' => t('Update'),
831 'sa_delete' => t('Delete'),
832 ),
833 '#description' => t('Select permissions to grant for the content owner'),
834 );
835
836 return $form;
837 }
838
839 function simple_access_owner_grant_submit($form, &$form_state) {
840 $settings = array('sa_owner_permissions' => $form_state['values']['sa_owner_permissions']);
841 return $settings;
842 }
843
844 /**
845 * Action to grant permissions to the owner
846 */
847 function simple_access_owner_grant($node, $conf) {
848 foreach (array_filter($conf['sa_owner_permissions']) as $option) {
849 $node->simple_access_owner[$option] = 1;
850 }
851
852 return array('node' => $node);
853 }
854
855 /**
856 * Configure revoke content owner permissions
857 */
858 function simple_access_owner_revoke_form($settings = array()) {
859 $form = array();
860
861 $form['sa_owner_permissions'] = array(
862 '#type' => 'checkboxes',
863 '#title' => t('Revoke owner permissions'),
864 '#default_value' => empty($settings['sa_owner_permissions']) ? array() : $settings['sa_owner_permissions'],
865 '#options' => array(
866 'sa_view' => t('View'),
867 'sa_update' => t('Update'),
868 'sa_delete' => t('Delete'),
869 ),
870 '#description' => t('Select permissions to revoke for the content owner'),
871 );
872
873 return $form;
874 }
875
876 function simple_access_owner_revoke_submit($form, &$form_state) {
877 $settings = array('sa_owner_permissions' => $form_state['values']['sa_owner_permissions']);
878 return $settings;
879 }
880
881 /**
882 * Action to grant permissions to the owner
883 */
884 function simple_access_owner_revoke($node, $conf) {
885 foreach (array_filter($conf['sa_owner_permissions']) as $option) {
886 $node->simple_access_owner[$option] = 0;
887 }
888
889 return array('node' => $node);
890 }
891
892 /**
893 * Configure grant group permissions
894 */
895 function simple_access_group_grant_form($settings = array()) {
896 $form = array();
897
898 $form['sa_group_permissions'] = array(
899 '#tree' => TRUE,
900 '#theme' => 'simple_access_form',
901 '#admin' => TRUE,
902 );
903
904 $groups = simple_access_get_groups();
905
906 foreach ($groups as $gid => $group) {
907 $form['sa_group_permissions'][$gid]['name'] = array(
908 '#value' => $group['name'],
909 );
910 $form['sa_group_permissions'][$gid]['sa_view'] = array(
911 '#type' => 'checkbox',
912 '#default_value' => $settings['sa_group_permissions'][$gid]['sa_view'],
913 );
914 $form['sa_group_permissions'][$gid]['sa_update'] = array(
915 '#type' => 'checkbox',
916 '#default_value' => $settings['sa_group_permissions'][$gid]['sa_update'],
917 );
918 $form['sa_group_permissions'][$gid]['sa_delete'] = array(
919 '#type' => 'checkbox',
920 '#default_value' => $settings['sa_group_permissions'][$gid]['sa_delete'],
921 );
922 }
923
924 return $form;
925 }
926
927 function simple_access_group_grant_submit($form, &$form_state) {
928 $settings = array('sa_group_permissions' => $form_state['values']['sa_group_permissions']);
929 return $settings;
930 }
931
932 /**
933 * Action to grant permissions to the owner
934 */
935 function simple_access_group_grant($node, $conf) {
936 foreach ($conf['sa_group_permissions'] as $gid => $group) {
937 foreach (array_keys(array_filter($group)) as $option) {
938 $node->simple_access[$gid][$option] = 1;
939 }
940 }
941
942 return array('node' => $node);
943 }
944
945 /**
946 * Configure revoke group permissions
947 */
948 function simple_access_group_revoke_form($settings = array()) {
949 $form = array();
950
951 $form['sa_group_permissions'] = array(
952 '#tree' => TRUE,
953 '#theme' => 'simple_access_form',
954 '#admin' => TRUE,
955 );
956
957 $groups = simple_access_get_groups();
958
959 foreach ($groups as $gid => $group) {
960 $form['sa_group_permissions'][$gid]['name'] = array(
961 '#value' => $group['name'],
962 );
963 $form['sa_group_permissions'][$gid]['sa_view'] = array(
964 '#type' => 'checkbox',
965 '#default_value' => $settings['sa_group_permissions'][$gid]['sa_view'],
966 );
967 $form['sa_group_permissions'][$gid]['sa_update'] = array(
968 '#type' => 'checkbox',
969 '#default_value' => $settings['sa_group_permissions'][$gid]['sa_update'],
970 );
971 $form['sa_group_permissions'][$gid]['sa_delete'] = array(
972 '#type' => 'checkbox',
973 '#default_value' => $settings['sa_group_permissions'][$gid]['sa_delete'],
974 );
975 }
976
977 return $form;
978 }
979
980 function simple_access_group_revoke_submit($form, &$form_state) {
981 $settings = array('sa_group_permissions' => $form_state['values']['sa_group_permissions']);
982 return $settings;
983 }
984
985 /**
986 * Action to revoke permissions to the owner
987 */
988 function simple_access_group_revoke($node, $conf) {
989 foreach ($conf['sa_group_permissions'] as $gid => $group) {
990 foreach (array_keys(array_filter($group)) as $option) {
991 $node->simple_access[$gid][$option] = 0;
992 }
993 }
994
995 return array('node' => $node);
996 }
997
998 /**
999 * Configure enable security profile
1000 */
1001 function simple_access_profile_enable_form($settings = array()) {
1002 $form = array();
1003
1004 $form['sa_profiles'] = array(
1005 '#type' => 'checkboxes',
1006 '#title' => t('Access profiles'),
1007 '#default_value' => empty($settings['sa_profiles']) ? array() : $settings['sa_profiles'],
1008 '#options' => simple_access_get_profiles_select(),
1009 '#description' => t('Select permissions to grant for the content owner'),
1010 );
1011
1012 return $form;
1013 }
1014
1015 function simple_access_profile_enable_submit($form, &$form_state) {
1016 $settings = array('sa_profiles' => $form_state['values']['sa_profiles']);
1017 return $settings;
1018 }
1019
1020 /**
1021 * Action enable access profile
1022 */
1023 function simple_access_profile_enable($node, $conf) {
1024 foreach (array_filter($conf['sa_profiles']) as $pid) {
1025 if (!in_array($pid, $node->simple_access_profiles)) {
1026 $node->simple_access_profiles[] = $pid;
1027 }
1028 }
1029
1030 return array('node' => $node);
1031 }
1032
1033 /**
1034 * Configure disable security profile
1035 */
1036 function simple_access_profile_disable_form($settings = array()) {
1037 $form = array();
1038
1039 $form['sa_profiles'] = array(
1040 '#type' => 'checkboxes',
1041 '#title' => t('Access profiles'),
1042 '#default_value' => empty($settings['sa_profiles']) ? array() : $settings['sa_profiles'],
1043 '#options' => simple_access_get_profiles_select(),
1044 '#description' => t('Select permissions to grant for the content owner'),
1045 );
1046
1047 return $form;
1048 }
1049
1050 function simple_access_profile_disable_submit($form, &$form_state) {
1051 $settings = array('sa_profiles' => $form_state['values']['sa_profiles']);
1052 return $settings;
1053 }
1054
1055 /**
1056 * Action to disable access profile
1057 */
1058 function simple_access_profile_disable($node, $conf) {
1059 foreach (array_filter($conf['sa_profiles']) as $pid) {
1060 if (in_array($pid, $node->simple_access_profiles)) {
1061 unset($node->simple_access_profiles[array_search($pid, $node->simple_access_profiles)]);
1062 }
1063 }
1064
1065 return array('node' => $node);
1066 }
1067
1068 /**
1069 * Implements hook_views_api().
1070 */
1071 function simple_access_views_api() {
1072 return array('api' => 2.0);
1073 }
1074
1075 /**
1076 * Implements hook_content_extra_fields().
1077 */
1078 function simple_access_content_extra_fields($type_name) {
1079 $fields['simple_access'] = array(
1080 'label' => t('Simple Access'),
1081 'description' => t('Simple Access module form.'),
1082 'weight' => 20,
1083 );
1084
1085 return $fields;
1086 }
1087
1088 function simple_access_group_load($gid) {
1089 return simple_access_get_groups($gid);
1090 }
1091
1092 function simple_access_profile_load($pid) {
1093 return simple_access_get_profiles($pid);
1094 }
  ViewVC Help
Powered by ViewVC 1.1.2