Révision 0695d136
Ajouté par Assos Assos il y a plus de 9 ans
drupal7/sites/all/modules/nodeaccess/nodeaccess.module | ||
---|---|---|
11 | 11 |
function nodeaccess_help($path, $arg) { |
12 | 12 |
switch ($path) { |
13 | 13 |
case 'node/%/grant': |
14 |
return '<small>' . t('You can set grants per users. Enter a name or a partial name in the box and click Search or press return. You need to check the Keep? checkbox if you want to keep the user for granting. Note that user grants are additional to those coming from roles.') . '</small>';
|
|
14 |
return t("You can set grants for individual users. Enter a name or a partial name in the box and click Search or press return. You must check the 'Keep?' checkbox if you want to keep the user for granting. Note that user grants are in addition to those coming from roles.");
|
|
15 | 15 |
} |
16 | 16 |
} |
17 | 17 |
|
... | ... | |
140 | 140 |
} |
141 | 141 |
$allowed_types = variable_get('nodeaccess-types', array()); |
142 | 142 |
if ($op == 'grant') { |
143 |
if ($node->nid && isset($allowed_types[$node->type]) && |
|
143 |
if ($node->nid && isset($allowed_types[$node->type]) && !empty($allowed_types[$node->type]) &&
|
|
144 | 144 |
(user_access('grant node permissions', $account) || |
145 | 145 |
(user_access('grant editable node permissions', $account) && node_access('update', $node, $account)) || |
146 | 146 |
(user_access('grant deletable node permissions', $account) && node_access('delete', $node, $account)) || |
... | ... | |
157 | 157 |
function nodeaccess_theme($existing, $type, $theme, $path) { |
158 | 158 |
return array( |
159 | 159 |
'nodeaccess_admin_form_roles' => array( |
160 |
'render element' => 'role',
|
|
160 |
'render element' => 'form',
|
|
161 | 161 |
), |
162 | 162 |
'nodeaccess_admin_form_types' => array( |
163 | 163 |
'render element' => 'form', |
... | ... | |
175 | 175 |
return drupal_get_form('nodeaccess_admin_form'); |
176 | 176 |
} |
177 | 177 |
|
178 |
|
|
178 | 179 |
/** |
179 | 180 |
* Menu callback. Draws the admin page. |
180 | 181 |
*/ |
... | ... | |
189 | 190 |
'#type' => 'checkbox', |
190 | 191 |
'#title' => t('Give node grants priority'), |
191 | 192 |
'#default_value' => variable_get('nodeaccess-priority', 0), |
192 |
'#description' => '<small>' . t('If you are only using this access control module, you can safely ignore this. If you are using multiple access control modules, and you want the grants given on individual nodes to override any grants given by other modules, you should check this box.') . '</small>',
|
|
193 |
'#description' => t('If you are only using this access control module, you can safely ignore this. If you are using multiple access control modules, and you want the grants given on individual nodes to override any grants given by other modules, you should check this box.'),
|
|
193 | 194 |
); |
194 | 195 |
|
195 | 196 |
// Select whether to preserve hidden grants. |
... | ... | |
234 | 235 |
'#title' => t('Allowed Roles'), |
235 | 236 |
'#tree' => TRUE, |
236 | 237 |
'#theme' => 'nodeaccess_admin_form_roles', |
237 |
'#description' => '<small>' . t('The selected roles will be listed on individual node grants. If you wish for certain roles to be hidden from users on the node grants tab, make sure they are not selected here. You may also provide an alias for each role to be displayed to the user and a weight to order them by. This is useful if your roles have machine-readable names not intended for human users.') . '</small>',
|
|
238 |
'#description' => t('The selected roles will be listed on individual node grants. If you wish for certain roles to be hidden from users on the node grants tab, make sure they are not selected here. You may also provide an alias for each role to be displayed to the user and a weight to order them by. This is useful if your roles have machine-readable names not intended for human users.'),
|
|
238 | 239 |
); |
239 | 240 |
|
240 | 241 |
foreach ($roles as $id => $role) { |
... | ... | |
245 | 246 |
if (!$role['weight']) { |
246 | 247 |
$role['weight'] = 0; |
247 | 248 |
} |
248 |
// $form['role'][$id] = array('#tree' => TRUE); |
|
249 | 249 |
$form['role'][$id]['name'] = array( |
250 | 250 |
'#type' => 'hidden', |
251 | 251 |
'#value' => $role['name'], |
... | ... | |
397 | 397 |
} |
398 | 398 |
$alias_prefs[$id]['weight'] = $val['weight']; |
399 | 399 |
} |
400 |
else { |
|
401 |
// Otherwise, we only save alias if one was specified. |
|
402 |
if ($val['alias']) { |
|
403 |
$alias_prefs[$id]['name'] = $val['alias']; |
|
404 |
$alias_prefs[$id]['weight'] = $val['weight']; |
|
405 |
} |
|
406 |
} |
|
400 | 407 |
} |
401 | 408 |
variable_set('nodeaccess-roles', $allowed_roles); |
402 | 409 |
nodeaccess_save_role_aliases($alias_prefs); |
... | ... | |
444 | 451 |
} |
445 | 452 |
|
446 | 453 |
/** |
447 |
* Theme functions for nodeaccess_admin_form.
|
|
454 |
* Theme function for nodeaccess_admin_form. |
|
448 | 455 |
*/ |
449 | 456 |
function theme_nodeaccess_admin_form_roles($variables) { |
450 | 457 |
$output = ''; |
451 |
$roles = $variables['role']; |
|
452 |
$header = array(t('Allow Role'), t('Alias'), t('Weight')); |
|
453 |
|
|
454 |
foreach ($roles as $role) { |
|
455 |
if (!is_array($role) || !isset($role['allow'])) { |
|
456 |
continue; |
|
457 |
} |
|
458 |
$row = array(); |
|
459 |
$row[] = drupal_render($role['allow']); |
|
460 |
$row[] = drupal_render($role['alias']); |
|
461 |
$row[] = drupal_render_children($role['weight']); |
|
458 |
$form = $variables['form']; |
|
459 |
$rows = array(); |
|
460 |
foreach (element_children($form) as $rid) { |
|
461 |
// Classify the weight element for TableDrag. |
|
462 |
$form[$rid]['weight']['#attributes']['class'] = array('roles-order-weight'); |
|
463 |
|
|
464 |
// Mark the table row as draggable for TableDrag. |
|
465 |
$row = array( |
|
466 |
'data' => array(), |
|
467 |
'class' => array('draggable'), |
|
468 |
); |
|
469 |
// Render the table columns. |
|
470 |
$row['data'][] = drupal_render($form[$rid]['allow']); |
|
471 |
$row['data'][] = drupal_render($form[$rid]['alias']); |
|
472 |
$row['data'][] = drupal_render($form[$rid]['weight']); |
|
462 | 473 |
$rows[] = $row; |
463 | 474 |
} |
464 |
$output .= theme('table', array('header' => $header, 'rows' => $rows)); |
|
475 |
|
|
476 |
$header = array(t('Allow Role'), t('Alias'), t('Weight')); |
|
477 |
$output .= theme('table', array( |
|
478 |
'header' => $header, |
|
479 |
'rows' => $rows, |
|
480 |
'attributes' => array('id' => 'roles-order'), |
|
481 |
)); |
|
482 |
$output .= drupal_render_children($form); |
|
483 |
|
|
484 |
// Attach TableDrag to the table ID and contained weight elements. |
|
485 |
drupal_add_tabledrag('roles-order', 'order', 'sibling', 'roles-order-weight'); |
|
465 | 486 |
|
466 | 487 |
return $output; |
467 | 488 |
} |
... | ... | |
540 | 561 |
if (!$form_values) { |
541 | 562 |
$form_values = array(); |
542 | 563 |
// Load all roles. |
543 |
$result = db_query("SELECT r.rid, nra.name, na.grant_view, na.grant_update, na.grant_delete FROM {role} r LEFT JOIN {nodeaccess_role_alias} nra ON r.rid = nra.rid LEFT JOIN {node_access} na ON r.rid = na.gid AND na.realm = :realm AND na.nid = :nid ORDER BY nra.weight, nra.name", array(':realm' => 'nodeaccess_rid', ':nid' => $node->nid)); |
|
564 |
$result = db_query("SELECT r.rid, nra.name, na.grant_view, na.grant_update, na.grant_delete |
|
565 |
FROM {role} r |
|
566 |
LEFT JOIN {nodeaccess_role_alias} nra ON r.rid = nra.rid |
|
567 |
LEFT JOIN {node_access} na ON r.rid = na.gid AND na.realm = :realm AND na.nid = :nid |
|
568 |
ORDER BY nra.weight, nra.name", array(':realm' => 'nodeaccess_rid', ':nid' => $node->nid)); |
|
544 | 569 |
foreach ($result as $grant) { |
545 | 570 |
$form_values['rid'][$grant->rid] = array( |
546 | 571 |
'name' => $grant->name, |
... | ... | |
550 | 575 |
); |
551 | 576 |
} |
552 | 577 |
// Load users from node_access. |
553 |
$results = db_query("SELECT uid, name, grant_view, grant_update, grant_delete FROM {node_access} LEFT JOIN {users} ON uid = gid WHERE nid = :nid AND realm = :realm ORDER BY name", array( |
|
578 |
$results = db_query("SELECT uid, name, grant_view, grant_update, grant_delete |
|
579 |
FROM {node_access} |
|
580 |
LEFT JOIN {users} ON uid = gid |
|
581 |
WHERE nid = :nid AND realm = :realm |
|
582 |
ORDER BY name", array( |
|
554 | 583 |
':nid' => $node->nid, |
555 | 584 |
':realm' => 'nodeaccess_uid', |
556 | 585 |
)); |
... | ... | |
594 | 623 |
foreach (array_keys($form_values['uid']) as $uid) { |
595 | 624 |
if (!$form_values['uid'][$uid]['keep']) { |
596 | 625 |
foreach (array('grant_view', 'grant_update', 'grant_delete') as $grant_type) { |
597 |
$form_values['uid'][$uid][$grant_type] = db_query_range("SELECT count(*) FROM {node_access} na LEFT JOIN {users_roles} r ON na.gid = r.rid WHERE nid = :nid AND realm = :realm AND uid = :uid AND :type = 1",
|
|
626 |
$form_values['uid'][$uid][$grant_type] = db_query_range("SELECT count(*) FROM {node_access} na LEFT JOIN {users_roles} r ON na.gid = r.rid WHERE nid = :nid AND realm = :realm AND uid = :uid AND $grant_type = 1",
|
|
598 | 627 |
0, 1, |
599 | 628 |
array( |
600 | 629 |
':nid' => $node->nid, |
601 | 630 |
':realm' => 'nodeaccess_rid', |
602 | 631 |
':uid' => $uid, |
603 |
':type' => $grant_type, |
|
604 | 632 |
))->fetchField() || |
605 |
db_query_range("SELECT count(*) FROM {node_access} na WHERE nid = :nid AND realm = :realm AND gid = :gid AND :type = 1",
|
|
633 |
db_query_range("SELECT count(*) FROM {node_access} na WHERE nid = :nid AND realm = :realm AND gid = :gid AND $grant_type = 1",
|
|
606 | 634 |
0, 1, |
607 | 635 |
array( |
608 | 636 |
':nid' => $node->nid, |
609 | 637 |
':realm' => 'nodeaccess_uid', |
610 | 638 |
':gid' => $uid, |
611 |
':type' => $grant_type, |
|
612 | 639 |
) |
613 | 640 |
)->fetchField(); |
614 | 641 |
} |
... | ... | |
880 | 907 |
$allowed_grants = variable_get('nodeaccess-grants', array()); |
881 | 908 |
// Retrieve role names for columns. |
882 | 909 |
$role_names = user_roles(); |
910 |
$role_aliases = nodeaccess_get_role_aliases(); |
|
911 |
|
|
912 |
// Replace names with aliases. |
|
913 |
foreach ($role_names as $rid => $name) { |
|
914 |
if (isset($role_aliases[$rid]['alias'])) { |
|
915 |
$role_names[$rid] = $role_aliases[$rid]['alias']; |
|
916 |
} |
|
917 |
} |
|
918 |
|
|
883 | 919 |
// Roles table. |
884 | 920 |
$roles = element_children($form['rid']); |
885 |
|
|
886 | 921 |
if (count($roles) && count($allowed_roles)) { |
887 | 922 |
$header = array(); |
888 | 923 |
$header[] = t('Role'); |
... | ... | |
1017 | 1052 |
node_access_write_grants($node, array(), $realm); |
1018 | 1053 |
} |
1019 | 1054 |
} |
1055 |
|
|
1020 | 1056 |
/** |
1021 | 1057 |
* Implements hook_node_access_records(). |
1022 | 1058 |
*/ |
... | ... | |
1026 | 1062 |
} |
1027 | 1063 |
// Need to find out if node has own grants or whether to use defaults. |
1028 | 1064 |
$default = variable_get('nodeaccess_' . $node->type, array()); |
1029 |
// Load priority setting. |
|
1030 |
$priority = variable_get('nodeaccess-priority', 0); |
|
1065 |
|
|
1066 |
// Setup default keys that are required by node_access_write_grants(). |
|
1067 |
$grant_defaults = array( |
|
1068 |
'gid' => 0, |
|
1069 |
'realm' => 'nodeaccess_rid', |
|
1070 |
'grant_view' => 0, |
|
1071 |
'grant_update' => 0, |
|
1072 |
'grant_delete' => 0, |
|
1073 |
'priority' => variable_get('nodeaccess-priority', 0), |
|
1074 |
); |
|
1075 |
|
|
1031 | 1076 |
$result = db_query("SELECT count(*) FROM {nodeaccess} WHERE nid = :nid", array(':nid' => $node->nid))->fetchField(); |
1032 | 1077 |
if ($result < 1) { |
1033 |
// Node has no own grants, use defaults. |
|
1034 |
$grants = $default; |
|
1035 |
foreach ($grants as $id => $grant) { |
|
1036 |
$grants[$id]['priority'] = $priority; |
|
1078 |
// Node has no own grants, use defaults if published. |
|
1079 |
if ($node->status) { |
|
1080 |
$grants = $default; |
|
1081 |
} |
|
1082 |
else { |
|
1083 |
// Otherwise, check access to unpublished content for authenticated and |
|
1084 |
// anonymous users. |
|
1085 |
$role_perms = user_role_permissions(array( |
|
1086 |
DRUPAL_ANONYMOUS_RID => DRUPAL_ANONYMOUS_RID, |
|
1087 |
DRUPAL_AUTHENTICATED_RID => DRUPAL_AUTHENTICATED_RID, |
|
1088 |
)); |
|
1089 |
// Anonymous user setting. |
|
1090 |
$grants = array(); |
|
1091 |
$grants[] = array( |
|
1092 |
'gid' => DRUPAL_ANONYMOUS_RID, |
|
1093 |
'grant_view' => isset($role_perms[DRUPAL_ANONYMOUS_RID]['bypass node access']) ? |
|
1094 |
intval($role_perms[DRUPAL_ANONYMOUS_RID]['bypass node access']) : 0, |
|
1095 |
); |
|
1096 |
// Authenticated user setting. |
|
1097 |
$grants[] = array( |
|
1098 |
'gid' => DRUPAL_AUTHENTICATED_RID, |
|
1099 |
'grant_view' => isset($role_perms[DRUPAL_AUTHENTICATED_RID]['bypass node access']) ? |
|
1100 |
intval($role_perms[DRUPAL_AUTHENTICATED_RID]['bypass node access']) : 0, |
|
1101 |
); |
|
1037 | 1102 |
} |
1038 | 1103 |
} |
1039 | 1104 |
else { |
... | ... | |
1047 | 1112 |
'grant_view' => $row->grant_view, |
1048 | 1113 |
'grant_update' => $row->grant_update, |
1049 | 1114 |
'grant_delete' => $row->grant_delete, |
1050 |
'priority' => $priority, |
|
1051 | 1115 |
); |
1052 | 1116 |
} |
1053 | 1117 |
} |
... | ... | |
1057 | 1121 |
$grant = $author_prefs[$node->type]; |
1058 | 1122 |
$grant['gid'] = $node->uid; |
1059 | 1123 |
$grant['realm'] = 'nodeaccess_author'; |
1060 |
$grant['priority'] = $priority; |
|
1061 | 1124 |
// Include author grant even with all values FALSE, it may be |
1062 | 1125 |
// needed to overwrite an older value. |
1063 | 1126 |
$grants[] = $grant; |
1127 |
|
|
1128 |
foreach ($grants as $id => $grant) { |
|
1129 |
// Merge missing default grant keys. |
|
1130 |
$grants[$id] = $grants[$id] + $grant_defaults; |
|
1131 |
} |
|
1064 | 1132 |
return $grants; |
1065 | 1133 |
} |
1066 | 1134 |
|
1067 | 1135 |
/** |
1068 |
* @todo Please document this function. |
|
1069 |
* @see http://drupal.org/node/1354 |
|
1136 |
* Mark module to be in process of disabling. |
|
1137 |
* |
|
1138 |
* Prevents entries being saved to node_access while module is being disabled. |
|
1139 |
* |
|
1140 |
* @param mixed $set |
|
1141 |
* A boolean set or NULL to not change status. |
|
1070 | 1142 |
*/ |
1071 | 1143 |
function nodeaccess_disabling($set = NULL) { |
1072 | 1144 |
static $disabling = FALSE; |
... | ... | |
1135 | 1207 |
// Add all permissions for author. |
1136 | 1208 |
$author_prefs = variable_get('nodeaccess_authors', array()); |
1137 | 1209 |
$author_prefs[$info->type] = array( |
1138 |
'grant_view' => 1,
|
|
1139 |
'grant_update' => 1,
|
|
1140 |
'grant_delete' => 1,
|
|
1210 |
'grant_view' => 0,
|
|
1211 |
'grant_update' => 0,
|
|
1212 |
'grant_delete' => 0,
|
|
1141 | 1213 |
); |
1142 | 1214 |
variable_set('nodeaccess_authors', $author_prefs); |
1143 | 1215 |
node_access_needs_rebuild(TRUE); |
1144 | 1216 |
} |
1145 | 1217 |
|
1146 | 1218 |
/** |
1147 |
* @todo Please document this function. |
|
1148 |
* @see http://drupal.org/node/1354 |
|
1219 |
* Retrieve role aliases. |
|
1220 |
* |
|
1221 |
* @return array or role aliases indexed by rid. |
|
1149 | 1222 |
*/ |
1150 | 1223 |
function nodeaccess_get_role_aliases() { |
1151 | 1224 |
$aliases = array(); |
1152 |
$results = db_query('SELECT r.rid, r.name, a.name AS alias, a.weight FROM {role} r LEFT JOIN {nodeaccess_role_alias} a ON r.rid = a.rid ORDER BY r.name'); |
|
1225 |
$sql = 'SELECT r.rid, r.name, a.name AS alias, a.weight |
|
1226 |
FROM {role} r |
|
1227 |
LEFT JOIN {nodeaccess_role_alias} a ON r.rid = a.rid |
|
1228 |
ORDER BY a.weight, r.weight, a.name, r.name'; |
|
1229 |
$results = db_query($sql); |
|
1153 | 1230 |
foreach ($results as $a) { |
1154 | 1231 |
$aliases[$a->rid]['name'] = $a->name; |
1155 | 1232 |
$aliases[$a->rid]['alias'] = $a->alias; |
... | ... | |
1158 | 1235 |
return $aliases; |
1159 | 1236 |
} |
1160 | 1237 |
|
1238 |
|
|
1161 | 1239 |
/** |
1162 |
* @todo Please document this function. |
|
1163 |
* @see http://drupal.org/node/1354 |
|
1240 |
* Save a role alias. |
|
1241 |
* |
|
1242 |
* @param array $edit |
|
1243 |
* An array of aliases to save, indexed by rid. |
|
1164 | 1244 |
*/ |
1165 | 1245 |
function nodeaccess_save_role_aliases($edit) { |
1166 | 1246 |
db_delete('nodeaccess_role_alias')->execute(); |
Formats disponibles : Unified diff
Weekly update of contrib modules