1 |
85ad3d82
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
* forum_access.node.inc
|
6 |
|
|
*
|
7 |
|
|
* Include file for forum_access.module, containing (sub-)page handling
|
8 |
|
|
* (form_alter) code for the node and comment forms as well as code
|
9 |
|
|
* for temporarily assigning the 'forum moderator' role and managing
|
10 |
|
|
* the resulting rights.
|
11 |
|
|
*/
|
12 |
|
|
|
13 |
|
|
/**
|
14 |
|
|
* Really implements hook_node_view_alter().
|
15 |
|
|
*
|
16 |
|
|
* Removes the "Add new comment" link and form from a node page if the user
|
17 |
|
|
* is not allowed to add comments to that node.
|
18 |
|
|
*/
|
19 |
|
|
function _forum_access_node_view_alter(&$build, $tid) {
|
20 |
|
|
global $user;
|
21 |
|
|
|
22 |
|
|
//dpm($build, '_forum_access_node_view_alter() BEFORE:');
|
23 |
|
|
$node = $build['#node'];
|
24 |
|
|
if (forum_access_node_access($node, 'create', $user) == NODE_ACCESS_DENY) {
|
25 |
|
|
unset($build['links']['comment']['#links']['comment-add']);
|
26 |
|
|
unset($build['comments']['comment_form']);
|
27 |
|
|
}
|
28 |
|
|
//dpm($build, '_forum_access_node_view_alter() AFTER:');
|
29 |
|
|
}
|
30 |
|
|
|
31 |
|
|
/**
|
32 |
|
|
* Really implements hook_comment_view_alter().
|
33 |
|
|
*
|
34 |
|
|
* Adds and removes action links from/to one comment.
|
35 |
|
|
*/
|
36 |
|
|
function _forum_access_comment_view_alter(&$build, $tid) {
|
37 |
|
|
global $user;
|
38 |
|
|
|
39 |
|
|
$node = $build['#node'];
|
40 |
|
|
$comment = $build['#comment'];
|
41 |
|
|
//dpm($build, "_forum_access_comment_view_alter() tid=[$tid] cid=[$comment->cid] BEFORE:");
|
42 |
|
|
$links =& $build['links']['comment']['#links'];
|
43 |
|
|
|
44 |
|
|
if ($user->uid != 1 && !user_access('bypass node access') && !forum_access_access('create', $tid)) {
|
45 |
|
|
unset($links['comment-reply']);
|
46 |
|
|
}
|
47 |
|
|
|
48 |
|
|
if (!user_access('administer comments') || !empty($user->_forum_access_moderator)) {
|
49 |
|
|
$default_link_keys = array(
|
50 |
|
|
'create' => array('comment-reply'),
|
51 |
|
|
'update' => array('comment-edit', 'comment-approve'),
|
52 |
|
|
'delete' => array('comment-delete'),
|
53 |
|
|
);
|
54 |
|
|
forum_access_enable_moderator();
|
55 |
|
|
$admin_links = comment_links($comment, $node);
|
56 |
|
|
forum_access_enable_moderator(FALSE);
|
57 |
|
|
//dpm($admin_links, "_forum_access_comment_view_alter() ADMINISTRATOR_LINKS for comment/$comment->cid:");
|
58 |
|
|
foreach (array_keys($default_link_keys) as $op) {
|
59 |
|
|
$access = (bool) forum_access_access($op, $tid);
|
60 |
|
|
if ($op != 'create') {
|
61 |
|
|
$perm = ($op == 'update' ? 'edit' : $op);
|
62 |
|
|
$access |= ($user->uid == $comment->uid && user_access("$perm own forum content"));
|
63 |
|
|
}
|
64 |
|
|
$available_keys = variable_get("forum_access_allowed_comment_links_for_$op", $default_link_keys[$op]);
|
65 |
|
|
$old_links = $links;
|
66 |
|
|
$links = array();
|
67 |
|
|
foreach ($default_link_keys[$op] as $key) {
|
68 |
|
|
if ($access && array_search($key, $available_keys) !== FALSE && isset($admin_links[$key])) {
|
69 |
|
|
//dpm($key, '_forum_access_comment_view_alter() ADDED:');
|
70 |
|
|
$links[$key] = $admin_links[$key];
|
71 |
|
|
}
|
72 |
|
|
if (!$access && !empty($old_links[$key])) {
|
73 |
|
|
//dpm($key, '_forum_access_comment_view_alter() REMOVED:');
|
74 |
|
|
unset($old_links[$key]);
|
75 |
|
|
}
|
76 |
|
|
}
|
77 |
|
|
if (is_array($old_links)) {
|
78 |
e9734207
|
Assos Assos
|
/** @noinspection SlowArrayOperationsInLoopInspection */
|
79 |
85ad3d82
|
Assos Assos
|
$links = array_merge($links, $old_links);
|
80 |
|
|
}
|
81 |
|
|
}
|
82 |
|
|
//dpm($build, "_forum_access_comment_view_alter() tid=[$tid] cid=[$comment->cid] AFTER:");
|
83 |
|
|
}
|
84 |
|
|
}
|
85 |
|
|
|
86 |
|
|
/**
|
87 |
|
|
* Rewrites the taxonomy item on the node form.
|
88 |
|
|
*/
|
89 |
|
|
function _forum_access_node_form(&$form, &$form_state) {
|
90 |
|
|
global $user;
|
91 |
|
|
$vid = _forum_access_get_vid();
|
92 |
|
|
|
93 |
|
|
if (!isset($form['taxonomy_forums'])) {
|
94 |
|
|
return;
|
95 |
|
|
}
|
96 |
|
|
|
97 |
|
|
// True node administrators are all powerful and do NOT get their forms rewritten here.
|
98 |
|
|
if (user_access('bypass node access') && empty($user->_forum_access_moderator)) {
|
99 |
|
|
return;
|
100 |
|
|
}
|
101 |
|
|
|
102 |
|
|
$roles = array_keys($user->roles);
|
103 |
|
|
$tids = array();
|
104 |
|
|
$result = db_query("SELECT tid FROM {forum_access} WHERE rid IN (:roles) AND grant_create = 1", array(
|
105 |
|
|
':roles' => $roles,
|
106 |
|
|
));
|
107 |
|
|
foreach ($result as $obj) {
|
108 |
|
|
$tids[$obj->tid] = $obj->tid;
|
109 |
|
|
}
|
110 |
|
|
|
111 |
|
|
// Also get all forums they happen to be able to moderate.
|
112 |
|
|
$result = db_query("SELECT a.number AS tid FROM {acl} a INNER JOIN {acl_user} u ON a.acl_id = u.acl_id WHERE a.module = 'forum_access' AND u.uid = :uid", array(
|
113 |
|
|
':uid' => $user->uid,
|
114 |
|
|
));
|
115 |
|
|
foreach ($result as $obj) {
|
116 |
|
|
$tids[$obj->tid] = $obj->tid;
|
117 |
|
|
}
|
118 |
|
|
|
119 |
|
|
$nid = $form['nid']['#value'];
|
120 |
|
|
if (!empty($nid)) {
|
121 |
|
|
// Edit an existing node.
|
122 |
|
|
if (!forum_access_access('update', $form['forum_tid']['#value']) && !user_access('edit any forum content') && !(user_access('edit own forum content') && $form['uid']['#value'] == $user->uid)) {
|
123 |
|
|
drupal_access_denied();
|
124 |
|
|
drupal_exit();
|
125 |
|
|
}
|
126 |
|
|
$forum_tid = $form['forum_tid']['#value'];
|
127 |
|
|
$tids[$forum_tid] = $forum_tid;
|
128 |
|
|
}
|
129 |
|
|
else {
|
130 |
|
|
// Create a new node -- ensure the forum they're trying to post to directly
|
131 |
|
|
// is allowed, otherwise there will be much confusion.
|
132 |
|
|
$forum_tid = arg(3);
|
133 |
|
|
if (!empty($forum_tid) && is_numeric($forum_tid) && !isset($tids[$forum_tid])) {
|
134 |
|
|
drupal_access_denied();
|
135 |
|
|
drupal_exit();
|
136 |
|
|
}
|
137 |
|
|
}
|
138 |
|
|
|
139 |
|
|
$form_options = &$form['taxonomy_forums'][$form['taxonomy_forums']['#language']]['#options'];
|
140 |
|
|
$options = array();
|
141 |
|
|
foreach ($form_options as $tid => $name) {
|
142 |
|
|
if (!is_numeric($tid)) {
|
143 |
|
|
$options[$tid] = $name;
|
144 |
|
|
}
|
145 |
|
|
elseif (is_object($name)) {
|
146 |
|
|
foreach ($name->option as $sub_tid => $sub_name) {
|
147 |
|
|
if (!empty($tids[$sub_tid])) {
|
148 |
|
|
$options[$tid]->option[$sub_tid] = $sub_name;
|
149 |
|
|
}
|
150 |
|
|
}
|
151 |
|
|
}
|
152 |
|
|
elseif (isset($tids[$tid])) {
|
153 |
|
|
$options[$tid] = $name;
|
154 |
|
|
}
|
155 |
|
|
}
|
156 |
|
|
$form_options = $options;
|
157 |
|
|
|
158 |
|
|
// Apply modifications for Moderators (by role or uid).
|
159 |
|
|
if (!user_access('administer nodes') && forum_access_is_moderator($user, $forum_tid)) {
|
160 |
|
|
$allowed_options = variable_get('forum_access_allowed_node_edit_options', array('status', 'sticky', 'subscriptions_notify'));
|
161 |
|
|
foreach (element_children($form) as $key) {
|
162 |
|
|
switch ($key) {
|
163 |
|
|
case 'buttons':
|
164 |
|
|
$tid = $form['taxonomy'][$vid]['#default_value'][0];
|
165 |
|
|
if (!forum_access_access('update', $tid)) {
|
166 |
|
|
$form['buttons']['submit']['#access'] = FALSE;
|
167 |
|
|
$form['buttons']['preview']['#access'] = FALSE;
|
168 |
|
|
}
|
169 |
|
|
if (!forum_access_access('delete', $tid)) {
|
170 |
|
|
$form['buttons']['delete']['#access'] = FALSE;
|
171 |
|
|
}
|
172 |
|
|
break;
|
173 |
|
|
case 'author':
|
174 |
|
|
$form['author']['#disabled'] = TRUE;
|
175 |
|
|
break;
|
176 |
|
|
case 'options':
|
177 |
|
|
foreach (element_children($form['options']) as $key2) {
|
178 |
|
|
if (array_search($key2, $allowed_options) === FALSE) {
|
179 |
|
|
$form['options'][$key2]['#access'] = FALSE;
|
180 |
|
|
}
|
181 |
|
|
}
|
182 |
|
|
$form['options']['#access'] = 1;
|
183 |
|
|
break;
|
184 |
|
|
case 'revision_information':
|
185 |
|
|
$form['revision_information']['#access'] = 1;
|
186 |
|
|
break;
|
187 |
|
|
case 'comment_settings':
|
188 |
|
|
$form['comment_settings']['#access'] = 1;
|
189 |
|
|
break;
|
190 |
|
|
case 'shadow':
|
191 |
|
|
$form['shadow']['#description'] .= '<br />' . t('Note: Access to this topic and its shadows is controlled by the forum that contains the topic.');
|
192 |
|
|
break;
|
193 |
|
|
case 'taxonomy_forums':
|
194 |
|
|
$desc =& $form['taxonomy_forums'][$form['taxonomy_forums']['#language']]['#description'];
|
195 |
|
|
if (!empty($desc)) {
|
196 |
|
|
$desc .= '<br />';
|
197 |
|
|
}
|
198 |
|
|
$desc .= t('Note: Moving a topic to a different forum may change its accessibility.');
|
199 |
|
|
}
|
200 |
|
|
}
|
201 |
|
|
}
|
202 |
|
|
}
|
203 |
|
|
|
204 |
|
|
/**
|
205 |
|
|
* Sanitizes the comment Administration options for users with Edit grants.
|
206 |
|
|
*/
|
207 |
|
|
function _forum_access_comment_form(&$form, &$form_state) {
|
208 |
|
|
global $user;
|
209 |
|
|
|
210 |
|
|
$comment = $form_state['comment'];
|
211 |
e9734207
|
Assos Assos
|
if ($form['cid']['#value'] && isset($form['author']) && !empty($user->_forum_access_moderator)) {
|
212 |
85ad3d82
|
Assos Assos
|
$editable_administration_elements = variable_get('forum_access_allowed_comment_edit_administration_elements', array('homepage', 'status', 'subscriptions_notify'));
|
213 |
|
|
foreach (element_children($form['author']) as $key) {
|
214 |
|
|
if (array_search($key, $editable_administration_elements) === FALSE) {
|
215 |
|
|
$form['author'][$key]['#disabled'] = TRUE;
|
216 |
|
|
}
|
217 |
|
|
}
|
218 |
|
|
}
|
219 |
|
|
}
|