1
|
<?php
|
2
|
|
3
|
/**
|
4
|
* @file Nodeaccess admin forms.
|
5
|
*/
|
6
|
|
7
|
/**
|
8
|
* Menu callback. Draws the admin page.
|
9
|
*/
|
10
|
function nodeaccess_admin() {
|
11
|
return drupal_get_form('nodeaccess_admin_form');
|
12
|
}
|
13
|
|
14
|
/**
|
15
|
* Menu callback. Draws the admin page.
|
16
|
*
|
17
|
* @param $form
|
18
|
* @param $form_state
|
19
|
*
|
20
|
* @return array $form
|
21
|
*/
|
22
|
function nodeaccess_admin_form($form, $form_state) {
|
23
|
// Set defaults from variable_get.
|
24
|
$show = variable_get('nodeaccess-types', array());
|
25
|
$roles = nodeaccess_get_role_aliases();
|
26
|
$allowed_roles = variable_get('nodeaccess-roles', array());
|
27
|
$allowed_grants = variable_get('nodeaccess-grants', array());
|
28
|
|
29
|
$form['priority'] = array(
|
30
|
'#type' => 'checkbox',
|
31
|
'#title' => t('Give node grants priority'),
|
32
|
'#default_value' => variable_get('nodeaccess-priority', 0),
|
33
|
'#description' => t('If you are only using this access control module,
|
34
|
you can safely ignore this. If you are using multiple access control
|
35
|
modules, and you want the grants given on individual nodes to override
|
36
|
any grants given by other modules, you should check this box.'),
|
37
|
);
|
38
|
|
39
|
// Select whether to preserve hidden grants.
|
40
|
$form['preserve'] = array(
|
41
|
'#type' => 'checkbox',
|
42
|
'#title' => t('Preserve hidden grants'),
|
43
|
'#default_value' => variable_get('nodeaccess-preserve', 1),
|
44
|
'#description' => '<small>' . t('If you check this box, any hidden grants
|
45
|
are preserved when you save grants. Otherwise all grants users are not
|
46
|
allowed to view or edit are revoked on save.') . '</small>',
|
47
|
);
|
48
|
|
49
|
// Select permissions you want to allow users to view and edit.
|
50
|
$form['grant'] = array(
|
51
|
'#type' => 'fieldset',
|
52
|
'#collapsible' => TRUE,
|
53
|
'#collapsed' => TRUE,
|
54
|
'#title' => t('Allowed Grants'),
|
55
|
'#tree' => TRUE,
|
56
|
'#description' => '<small>' . t('The selected grants will be listed on
|
57
|
individual node grants. If you wish for certain grants to be hidden from
|
58
|
users on the node grants tab, make sure they are not selected here.') .
|
59
|
'</small>',
|
60
|
);
|
61
|
$form['grant']['view'] = array(
|
62
|
'#type' => 'checkbox',
|
63
|
'#title' => t('View'),
|
64
|
'#default_value' => $allowed_grants['view'],
|
65
|
);
|
66
|
$form['grant']['edit'] = array(
|
67
|
'#type' => 'checkbox',
|
68
|
'#title' => t('Edit'),
|
69
|
'#default_value' => $allowed_grants['edit'],
|
70
|
);
|
71
|
$form['grant']['delete'] = array(
|
72
|
'#type' => 'checkbox',
|
73
|
'#title' => t('Delete'),
|
74
|
'#default_value' => $allowed_grants['delete'],
|
75
|
);
|
76
|
|
77
|
// Select roles the permissions of which you want to allow users to
|
78
|
// view and edit, and the aliases and weights of those roles.
|
79
|
$form['role'] = array(
|
80
|
'#type' => 'fieldset',
|
81
|
'#collapsible' => TRUE,
|
82
|
'#collapsed' => TRUE,
|
83
|
'#title' => t('Allowed Roles'),
|
84
|
'#tree' => TRUE,
|
85
|
'#theme' => 'nodeaccess_admin_form_roles',
|
86
|
'#description' => t('The selected roles will be listed on individual node
|
87
|
grants. If you wish for certain roles to be hidden from users on the node
|
88
|
grants tab, make sure they are not selected here. You may also provide an
|
89
|
alias for each role to be displayed to the user and a weight to order them
|
90
|
by. This is useful if your roles have machine-readable names not intended
|
91
|
for human users.'),
|
92
|
);
|
93
|
|
94
|
foreach ($roles as $id => $role) {
|
95
|
// Catch NULL values.
|
96
|
if (!$role['alias']) {
|
97
|
$role['alias'] = '';
|
98
|
}
|
99
|
if (!$role['weight']) {
|
100
|
$role['weight'] = 0;
|
101
|
}
|
102
|
$form['role'][$id]['name'] = array(
|
103
|
'#type' => 'hidden',
|
104
|
'#value' => $role['name'],
|
105
|
);
|
106
|
$form['role'][$id]['allow'] = array(
|
107
|
'#type' => 'checkbox',
|
108
|
'#title' => check_plain($role['name']),
|
109
|
'#default_value' => isset($allowed_roles[$id]) ? $allowed_roles[$id] : 0,
|
110
|
);
|
111
|
$form['role'][$id]['alias'] = array(
|
112
|
'#type' => 'textfield',
|
113
|
'#default_value' => $role['alias'],
|
114
|
'#size' => 50,
|
115
|
'#maxlength' => 50,
|
116
|
);
|
117
|
$form['role'][$id]['weight'] = array(
|
118
|
'#type' => 'weight',
|
119
|
'#default_value' => $role['weight'],
|
120
|
'#delta' => 10,
|
121
|
);
|
122
|
}
|
123
|
|
124
|
// Grant tab to node types.
|
125
|
$form['nodeaccess']['tabs'] = array(
|
126
|
'#type' => 'fieldset',
|
127
|
'#collapsible' => TRUE,
|
128
|
'#collapsed' => TRUE,
|
129
|
'#title' => t('Content Type Grant Tab Access'),
|
130
|
'#tree' => TRUE,
|
131
|
'#description' => t('Show grant tab for the following node types.'),
|
132
|
);
|
133
|
|
134
|
$options = array();
|
135
|
foreach (node_type_get_types() as $type => $bundle) {
|
136
|
$options[$type] = array(
|
137
|
'content_type' => check_plain($bundle->name),
|
138
|
);
|
139
|
}
|
140
|
$form['nodeaccess']['tabs']['show'] = array(
|
141
|
'#type' => 'tableselect',
|
142
|
'#header' => array(
|
143
|
'content_type' => t('Content type'),
|
144
|
),
|
145
|
'#options' => $options,
|
146
|
'#default_value' => $show,
|
147
|
'#empty' => t('No content types to add a grant tab.'),
|
148
|
);
|
149
|
|
150
|
// Generate fieldsets for each node type.
|
151
|
foreach (node_type_get_types() as $type => $bundle) {
|
152
|
$form['nodeaccess'][$type] = array(
|
153
|
'#type' => 'fieldset',
|
154
|
'#collapsible' => TRUE,
|
155
|
'#collapsed' => TRUE,
|
156
|
'#title' => check_plain($bundle->name),
|
157
|
'#tree' => TRUE,
|
158
|
'#theme' => 'nodeaccess_admin_form_types',
|
159
|
);
|
160
|
|
161
|
// Set default author permissions for node type.
|
162
|
$author_prefs = variable_get('nodeaccess_authors', array());
|
163
|
$form['nodeaccess'][$type]['author']['grant_view'] = array(
|
164
|
'#type' => 'checkbox',
|
165
|
'#default_value' => $author_prefs[$type]['grant_view'],
|
166
|
);
|
167
|
$form['nodeaccess'][$type]['author']['grant_update'] = array(
|
168
|
'#type' => 'checkbox',
|
169
|
'#default_value' => $author_prefs[$type]['grant_update'],
|
170
|
);
|
171
|
$form['nodeaccess'][$type]['author']['grant_delete'] = array(
|
172
|
'#type' => 'checkbox',
|
173
|
'#default_value' => $author_prefs[$type]['grant_delete'],
|
174
|
);
|
175
|
|
176
|
$perms = variable_get('nodeaccess_' . $type, array());
|
177
|
foreach ($perms as $perm) {
|
178
|
$opts[$perm['gid']] = $perm;
|
179
|
}
|
180
|
|
181
|
// Set default role permissions for node type.
|
182
|
foreach (user_roles() as $id => $role) {
|
183
|
$form['nodeaccess'][$type]['roles'][$id]['name'] = array('#markup' => $role);
|
184
|
$form['nodeaccess'][$type]['roles'][$id]['grant_view'] = array(
|
185
|
'#type' => 'checkbox',
|
186
|
'#default_value' => isset($opts[$id]['grant_view']) ? $opts[$id]['grant_view'] : 0,
|
187
|
);
|
188
|
$form['nodeaccess'][$type]['roles'][$id]['grant_update'] = array(
|
189
|
'#type' => 'checkbox',
|
190
|
'#default_value' => isset($opts[$id]['grant_update']) ? $opts[$id]['grant_update'] : 0,
|
191
|
);
|
192
|
$form['nodeaccess'][$type]['roles'][$id]['grant_delete'] = array(
|
193
|
'#type' => 'checkbox',
|
194
|
'#default_value' => isset($opts[$id]['grant_delete']) ? $opts[$id]['grant_delete'] : 0,
|
195
|
);
|
196
|
}
|
197
|
|
198
|
// Set the default permissions if userreference exists and is enabled on
|
199
|
// the content type.
|
200
|
if (module_exists('user_reference')) {
|
201
|
$bundle = field_extract_bundle('node', $bundle);
|
202
|
$fields = field_info_instances('node', $bundle);
|
203
|
$user_reference_perms = variable_get('nodeaccess_' . $type . '_user_reference', array());
|
204
|
|
205
|
$field_types = field_info_field_types();
|
206
|
|
207
|
foreach ($fields as $field) {
|
208
|
$field = field_info_field($field['field_name']);
|
209
|
if ($field['type'] == 'user_reference') {
|
210
|
$enabled = isset($user_reference_perms[$field['field_name']]['enabled']) ?
|
211
|
$user_reference_perms[$field['field_name']]['enabled'] : 0;
|
212
|
$view = isset($user_reference_perms[$field['field_name']]['grant_view']) ?
|
213
|
$user_reference_perms[$field['field_name']]['grant_view'] : 0;
|
214
|
$update = isset($user_reference_perms[$field['field_name']]['grant_update']) ?
|
215
|
$user_reference_perms[$field['field_name']]['grant_update'] : 0;
|
216
|
$delete = isset($user_reference_perms[$field['field_name']]['grant_delete']) ?
|
217
|
$user_reference_perms[$field['field_name']]['grant_delete'] : 0;
|
218
|
|
219
|
$form['nodeaccess'][$type]['user_reference'][$field['field_name']]['name'] = array(
|
220
|
'#value' => t($field_types[$field['type']]['label']),
|
221
|
);
|
222
|
$form['nodeaccess'][$type]['user_reference'][$field['field_name']]['enabled'] = array(
|
223
|
'#type' => 'checkbox',
|
224
|
'#default_value' => $enabled,
|
225
|
);
|
226
|
$form['nodeaccess'][$type]['user_reference'][$field['field_name']]['grant_view'] = array(
|
227
|
'#type' => 'checkbox',
|
228
|
'#default_value' => $view,
|
229
|
);
|
230
|
$form['nodeaccess'][$type]['user_reference'][$field['field_name']]['grant_update'] = array(
|
231
|
'#type' => 'checkbox',
|
232
|
'#default_value' => $update,
|
233
|
);
|
234
|
$form['nodeaccess'][$type]['user_reference'][$field['field_name']]['grant_delete'] = array(
|
235
|
'#type' => 'checkbox',
|
236
|
'#default_value' => $delete,
|
237
|
);
|
238
|
}
|
239
|
}
|
240
|
}
|
241
|
}
|
242
|
$form['submit'] = array(
|
243
|
'#type' => 'submit',
|
244
|
'#value' => t('Save Grants'),
|
245
|
);
|
246
|
return $form;
|
247
|
}
|
248
|
|
249
|
/**
|
250
|
* Submit function for nodeaccess_admin_form.
|
251
|
*
|
252
|
* @param $form
|
253
|
* @param $form_state
|
254
|
*/
|
255
|
function nodeaccess_admin_form_submit($form, $form_state) {
|
256
|
$form_values = $form_state['values'];
|
257
|
$allowed_grants = array();
|
258
|
// Save priority.
|
259
|
variable_set('nodeaccess-priority', $form_values['priority']);
|
260
|
// Save preserve.
|
261
|
variable_set('nodeaccess-preserve', $form_values['preserve']);
|
262
|
// Save allowed grants.
|
263
|
foreach ($form_values['grant'] as $id => $val) {
|
264
|
$allowed_grants[$id] = $val;
|
265
|
}
|
266
|
variable_set('nodeaccess-grants', $allowed_grants);
|
267
|
// Save allowed roles, role aliases and weights.
|
268
|
$alias_prefs = array();
|
269
|
$allowed_roles = array();
|
270
|
foreach ($form_values['role'] as $id => $val) {
|
271
|
$allowed_roles[$id] = $val['allow'];
|
272
|
// Save alias and weight only for allowed roles.
|
273
|
if ($val['allow']) {
|
274
|
// If alias is empty, default to role name.
|
275
|
if ($val['alias']) {
|
276
|
$alias_prefs[$id]['name'] = $val['alias'];
|
277
|
}
|
278
|
else {
|
279
|
$alias_prefs[$id]['name'] = $val['name'];
|
280
|
}
|
281
|
$alias_prefs[$id]['weight'] = $val['weight'];
|
282
|
}
|
283
|
else {
|
284
|
// Otherwise, we only save alias if one was specified.
|
285
|
if ($val['alias']) {
|
286
|
$alias_prefs[$id]['name'] = $val['alias'];
|
287
|
$alias_prefs[$id]['weight'] = $val['weight'];
|
288
|
}
|
289
|
}
|
290
|
}
|
291
|
variable_set('nodeaccess-roles', $allowed_roles);
|
292
|
nodeaccess_save_role_aliases($alias_prefs);
|
293
|
// Save author and role permissions for each node type.
|
294
|
$author_prefs = array();
|
295
|
foreach (node_type_get_types() as $type => $name) {
|
296
|
$grants = array();
|
297
|
foreach ($form_values[$type]['roles'] as $role => $val) {
|
298
|
$grants[] = array(
|
299
|
'gid' => $role,
|
300
|
'realm' => 'nodeaccess_rid',
|
301
|
'grant_view' => $val['grant_view'],
|
302
|
'grant_update' => $val['grant_update'],
|
303
|
'grant_delete' => $val['grant_delete'],
|
304
|
);
|
305
|
}
|
306
|
variable_set('nodeaccess_' . $type, $grants);
|
307
|
$author_prefs[$type] = $form_values[$type]['author'];
|
308
|
// Also save userreference default permissions if enabled.
|
309
|
if (module_exists('user_reference') && isset($form_values[$type]['user_reference'])) {
|
310
|
$user_reference_grants = array();
|
311
|
foreach ($form_values[$type]['user_reference'] as $user_reference_field => $val) {
|
312
|
$user_reference_grants[$user_reference_field] = array(
|
313
|
'gid' => 'nodeaccess_uid',
|
314
|
'enabled' => $val['enabled'],
|
315
|
'grant_view' => $val['grant_view'],
|
316
|
'grant_update' => $val['grant_update'],
|
317
|
'grant_delete' => $val['grant_delete'],
|
318
|
);
|
319
|
}
|
320
|
variable_set('nodeaccess_' . $type . '_user_reference', $user_reference_grants);
|
321
|
}
|
322
|
}
|
323
|
variable_set('nodeaccess_authors', $author_prefs);
|
324
|
|
325
|
// Save allowed node type grant tab.
|
326
|
$allowed_types = array();
|
327
|
foreach ($form_values['tabs']['show'] as $type => $value) {
|
328
|
$allowed_types[$type] = (bool) $value;
|
329
|
}
|
330
|
|
331
|
nodeaccess_set_type_grants($allowed_types);
|
332
|
|
333
|
drupal_set_message(t('Grants saved.'));
|
334
|
}
|
335
|
|
336
|
/**
|
337
|
* Theme function for nodeaccess_admin_form_roles.
|
338
|
*
|
339
|
* @param $variables
|
340
|
* @throws Exception
|
341
|
* @return string
|
342
|
*/
|
343
|
function theme_nodeaccess_admin_form_roles($variables) {
|
344
|
$output = '';
|
345
|
$form = $variables['form'];
|
346
|
$rows = array();
|
347
|
foreach (element_children($form) as $rid) {
|
348
|
// Classify the weight element for TableDrag.
|
349
|
$form[$rid]['weight']['#attributes']['class'] = array('roles-order-weight');
|
350
|
|
351
|
// Mark the table row as draggable for TableDrag.
|
352
|
$row = array(
|
353
|
'data' => array(),
|
354
|
'class' => array('draggable'),
|
355
|
);
|
356
|
// Render the table columns.
|
357
|
$row['data'][] = drupal_render($form[$rid]['allow']);
|
358
|
$row['data'][] = drupal_render($form[$rid]['alias']);
|
359
|
$row['data'][] = drupal_render($form[$rid]['weight']);
|
360
|
$rows[] = $row;
|
361
|
}
|
362
|
|
363
|
$header = array(t('Allow Role'), t('Alias'), t('Weight'));
|
364
|
$output .= theme('table', array(
|
365
|
'header' => $header,
|
366
|
'rows' => $rows,
|
367
|
'attributes' => array('id' => 'roles-order'),
|
368
|
));
|
369
|
$output .= drupal_render_children($form);
|
370
|
|
371
|
// Attach TableDrag to the table ID and contained weight elements.
|
372
|
drupal_add_tabledrag('roles-order', 'order', 'sibling', 'roles-order-weight');
|
373
|
|
374
|
return $output;
|
375
|
}
|
376
|
|
377
|
|
378
|
/**
|
379
|
* Theme function to render admin form.
|
380
|
*
|
381
|
* @param $variables
|
382
|
*
|
383
|
* @return string
|
384
|
*/
|
385
|
function theme_nodeaccess_admin_form_types($variables) {
|
386
|
$form = $variables['form'];
|
387
|
$output = drupal_render($form['show']);
|
388
|
$roles = element_children($form['roles']);
|
389
|
$header = array(t('Role'), t('View'), t('Edit'), t('Delete'));
|
390
|
$rows = array();
|
391
|
foreach ($roles as $role) {
|
392
|
$row = array();
|
393
|
$row[] = drupal_render($form['roles'][$role]['name']);
|
394
|
$row[] = drupal_render($form['roles'][$role]['grant_view']);
|
395
|
$row[] = drupal_render($form['roles'][$role]['grant_update']);
|
396
|
$row[] = drupal_render($form['roles'][$role]['grant_delete']);
|
397
|
$rows[] = $row;
|
398
|
}
|
399
|
$output .= theme('table', array('header' => $header, 'rows' => $rows));
|
400
|
$header = array(t('Author Settings'), t('View'), t('Edit'), t('Delete'));
|
401
|
$row = array();
|
402
|
$row[] = t('Node author');
|
403
|
$row[] = drupal_render($form['author']['grant_view']);
|
404
|
$row[] = drupal_render($form['author']['grant_update']);
|
405
|
$row[] = drupal_render($form['author']['grant_delete']);
|
406
|
|
407
|
$output .= theme('table', array('header' => $header, 'rows' => array($row)));
|
408
|
|
409
|
$output .= '<small>' . t('The settings selected for the node author will
|
410
|
define what permissions the node author has. This cannot be changed on
|
411
|
individual node grants.') . '</small>';
|
412
|
|
413
|
if (module_exists('user_reference') && isset($form['user_reference'])) {
|
414
|
$user_reference_fields = element_children($form['user_reference']);
|
415
|
$header = array(t('User Reference Field'),
|
416
|
t('Enable this field'),
|
417
|
t('View'),
|
418
|
t('Edit'),
|
419
|
t('Delete'),
|
420
|
);
|
421
|
$rows = array();
|
422
|
foreach ($user_reference_fields as $user_reference_field) {
|
423
|
$row = array();
|
424
|
|
425
|
$row[] = $form['user_reference'][$user_reference_field]['name']['#value'];
|
426
|
$row[] = drupal_render($form['user_reference'][$user_reference_field]['enabled']);
|
427
|
$row[] = drupal_render($form['user_reference'][$user_reference_field]['grant_view']);
|
428
|
$row[] = drupal_render($form['user_reference'][$user_reference_field]['grant_update']);
|
429
|
$row[] = drupal_render_children($form['user_reference'][$user_reference_field]['grant_delete']);
|
430
|
$rows[] = $row;
|
431
|
}
|
432
|
$output .= theme('table', array(
|
433
|
'header' => $header,
|
434
|
'rows' => $rows,
|
435
|
));
|
436
|
$output .= '<small>' . t('If enabled, the value of the user reference field
|
437
|
will be granted the associated permissions. If a user changes the value of
|
438
|
the user reference field on a node, the associated user will be modified
|
439
|
in the node-specific access table.') . '</small>';
|
440
|
}
|
441
|
return $output;
|
442
|
}
|