diff --git a/README.txt b/README.txt index df8f7f4..ef223df 100644 --- a/README.txt +++ b/README.txt @@ -1,6 +1,7 @@ Module: Path Access Author: Mike Carter D6 port: CSÉCSY László +D7 port: Chris Burgess Description =========== @@ -39,7 +40,7 @@ Settings You can configure what pages are visible/not visible to each of your user roles from the Drupal Users Administration section. -Visit ?q=admin/user/pathaccess to edit the settings for each role group. +Visit ?q=admin/people/pathaccess to edit the settings for each role group. Page visibility configuration is carried out in exactly the same way as block visibility in Drupal core. diff --git a/path_access.info b/path_access.info index ed3d57f..c840b71 100644 --- a/path_access.info +++ b/path_access.info @@ -1,5 +1,7 @@ name = Path Access description = Restrict access to any paths by user role package = Access control -core = 6.x +core = 7.x dependencies[] = path +configure = admin/people/pathaccess +files[] = path_access.module diff --git a/path_access.install b/path_access.install index c9d2c0e..5093d2b 100644 --- a/path_access.install +++ b/path_access.install @@ -1,5 +1,8 @@ array( @@ -30,44 +33,11 @@ function path_access_schema() { return $schema; } -function path_access_install() { - $res = drupal_install_schema('path_access'); - $success = TRUE; - foreach ($res as $v) { - if ($v['success'] !== TRUE) { - $success = FALSE; - break; - } - } - if ($success) { - drupal_set_message(t('Path Access module installed tables successfully.')); - } - else { - drupal_set_message(t('The installation of Path Access module was unsuccessful.'), 'error'); - } -} - -function path_access_uninstall() { - $res = drupal_uninstall_schema('path_access'); - $success = TRUE; - foreach ($res as $v) { - if ($v['success'] !== TRUE) { - $success = FALSE; - break; - } - } - if ($success) { - drupal_set_message(t('Path Access module uninstalled tables successfully.')); - } - else { - drupal_set_message(t('The uninstallation of Path Access module was unsuccessful.'), 'error'); - } -} - +/** + * Update 6100: Set {path_access}.pid SERIAL NOT NULL AUTO_INCREMENT. + */ function path_access_update_6100() { $ret = array(); - $ret[] = update_sql("ALTER TABLE {path_access} CHANGE pid pid SERIAL NOT NULL AUTO_INCREMENT"); - return $ret; } diff --git a/path_access.module b/path_access.module index d2cf755..3222fe3 100644 --- a/path_access.module +++ b/path_access.module @@ -6,27 +6,26 @@ * * @author: Mike Carter * @author: CSÉCSY László - * @usage: ?q=admin/user/pathaccess to configure path restrictions for each role. + * @author: Chris Burgess (@grobot) + * @usage: ?q=admin/people/pathaccess to configure path restrictions for each role. */ /** - * Implementation of hook_help(). + * Implements hook_help(). */ function path_access_help($path, $arg) { switch ($path) { - case 'admin/user/pathaccess': + case 'admin/people/pathaccess': return t('Each user role can be granted or denied access to any url paths. This is a crude but straight forward way to restrict groups of nodes/pages to certain users using only the paths associated with the pages. Page access is not limited to node pages only, anything can be controlled using paths.'); } } /** - * Implementation of hook_init(). + * Implements hook_init(). */ function path_access_init() { global $user; - _drupal_bootstrap(DRUPAL_BOOTSTRAP_PATH); - // User #1 has all privileges: if ($user->uid == 1) { return 1; @@ -38,11 +37,10 @@ function path_access_init() { $role = $k; } - $result = db_query('SELECT pages, visibility FROM {path_access} WHERE rid = %d', $role); - $visibility = 1; $pages = ''; - while ($role = db_fetch_object($result)) { + $result = db_query('SELECT pages, visibility FROM {path_access} WHERE rid = :role', array( ':role' => $role )); + foreach ($result as $role) { $pages .= $role->pages . "\n"; $visibility = $role->visibility && $visibility; } @@ -68,40 +66,40 @@ function path_access_init() { } /** - * Implementation of hook_menu(). + * Implements hook_menu(). */ function path_access_menu() { $items = array(); - $items['admin/user/pathaccess/edit'] = array( + $items['admin/people/pathaccess/edit'] = array( 'title' => t('configure role paths'), 'page callback' => 'path_access_admin_role_configure', 'access arguments' => array('administer url aliases'), 'type' => MENU_CALLBACK, ); - $items['admin/user/pathaccess'] = array( + $items['admin/people/pathaccess'] = array( 'title' => t('Path Access'), 'description' => t('Define what paths a user role can access.'), 'page callback' => 'path_access_admin_roles', 'access arguments' => array('administer url aliases'), - 'type' => MENU_NORMAL_ITEM, + 'type' => MENU_LOCAL_TASK, + 'weight' => 30, ); return $items; } /** - * Menu callback; displays the block configuration form. + * Menu callback; displays the path access configuration form. */ function path_access_admin_roles() { // Render the role overview. $result = db_query('SELECT * FROM {role} ORDER BY name'); - - $header = array(t('User Role'), t('Operations')); - while ($role = db_fetch_object($result)) { - $rows[] = array($role->name, l(t('edit'), 'admin/user/pathaccess/edit/' . $role->rid)); + $table['header'] = array(t('User Role'), t('Operations')); + foreach ($result as $role) { + $table['rows'][] = array($role->name, l(t('edit'), 'admin/people/pathaccess/edit/' . $role->rid)); } - $output = theme('table', $header, $rows); + $output = theme('table', $table); return $output; } @@ -112,18 +110,18 @@ function path_access_admin_roles() { function path_access_admin_role_configure() { $roleid = (integer) arg(4); - $settings = db_fetch_array(db_query('SELECT * FROM {path_access} pa INNER JOIN {role} r ON pa.rid = r.rid WHERE pa.rid = %d', $roleid)); + $settings = db_query('SELECT * FROM {path_access} pa INNER JOIN {role} r ON pa.rid = r.rid WHERE pa.rid = :rid', array(':rid' => $roleid))->fetchObject(); // Obtain role name for the page if there is no existing path settings for this role id. if (!$settings) { - $rolename = db_result(db_query('SELECT name FROM {role} WHERE rid = %d', $roleid)); - db_query("INSERT INTO {path_access} (rid, pages, visibility) VALUES (%d, '', '')", $roleid); + $rolename = db_query('SELECT name FROM {role} WHERE rid = :rid', array(':rid' => $roleid))->fetchField(); + db_query("INSERT INTO {path_access} (rid, pages, visibility) VALUES (:rid, '', 0)", array(':rid' => $roleid)); } else { - $rolename = $settings['name']; + $rolename = $settings->name; } - drupal_set_title(t("Path access for '%role' role", array('%role' => $rolename))); + drupal_set_title(t("Path access for '@role' role", array('@role' => $rolename))); return drupal_get_form('path_access_admin_configure_form', $settings); } @@ -131,7 +129,7 @@ function path_access_admin_role_configure() { /** * Define role access form. */ -function path_access_admin_configure_form(&$form_state, $edit) { +function path_access_admin_configure_form($form, &$form_state) { $form['page_vis_settings'] = array( '#type' => 'fieldset', '#title' => t('Page specific visibility settings'), @@ -141,46 +139,60 @@ function path_access_admin_configure_form(&$form_state, $edit) { '#type' => 'radios', '#title' => t('Allow users to view specific pages'), '#options' => array(t('Access every page except the listed pages.'), t('Access only the listed pages.')), - '#default_value' => $edit['visibility'], + '#default_value' => ( isset($form_state['build_info']['args'][0]->visibility) ? $form_state['build_info']['args'][0]->visibility : '' ), ); $form['page_vis_settings']['pages'] = array( '#type' => 'textarea', '#title' => t('Pages'), - '#default_value' => $edit['pages'], + '#default_value' => ( isset($form_state['build_info']['args'][0]->pages) ? $form_state['build_info']['args'][0]->pages : '' ), '#description' => t("Enter one page per line as a path. The '*' character is a wildcard. Example paths are 'blog' for the blog page and 'blog/*' for every personal blog. '<front>' is the front page."), ); $form['submit'] = array( '#type' => 'submit', '#value' => t('Save path access'), ); - $form['rid'] = array('#type' => 'value', '#value' => $edit['rid']); + $form['rid'] = array( + '#type' => 'value', + '#value' => ( isset($form_state['build_info']['args'][0]->rid) ? $form_state['build_info']['args'][0]->rid : arg(4) ), + ); return $form; } +/** + * Validate role access form submission. + */ function path_access_admin_configure_form_validate($form_id, &$form_state) { - // Prevent the logout page from being listed. - $pages = explode("\n", $form_state['values']['pages']); - - if (in_array('logout', $pages)) { - form_set_error('pages', t('You cannot block access to the %logout page.', array('%logout' => 'logout'))); + if ( $form_state['values']['visibility'] == 0 ) { + // Prevent protected pages from being listed. + $pages = explode("\n", $form_state['values']['pages']); + foreach ( $pages as $page ) { + if ( path_access_protected_pages($page) ) { + form_set_error('pages', t('You cannot block access to the %protected page.', array('%protected' => $page))); + } + } } + // else ... do we *require* that each protected page be visible? } /** * Process role access form submission */ function path_access_admin_configure_form_submit($form_id, &$form_state) { - db_query("UPDATE {path_access} SET visibility = %d, pages = '%s' WHERE rid = %d", $form_state['values']['visibility'], $form_state['values']['pages'], $form_state['values']['rid']); + db_query("UPDATE {path_access} SET visibility = :visibility, pages = :pages WHERE rid = :rid", array(':rid' => $form_state['values']['rid'], ':visibility' => $form_state['values']['visibility'], ':pages' => $form_state['values']['pages'])); drupal_set_message(t('The path access configuration has been saved.')); - $form_state['redirect'] = 'admin/user/pathaccess'; + $form_state['redirect'] = 'admin/people/pathaccess'; } -/* +/** * Protected Pages can never be restricted using path_access. + * + * @TODO This should be a variable_get() so it's customisable per-site. */ function path_access_protected_pages($page) { - $pages = array('logout'); + $pages = array( + 'logout', + ); return in_array($page, $pages); }