? 855608-delete.patch Index: secure_permissions.module =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/secure_permissions/secure_permissions.module,v retrieving revision 1.11 diff -u -p -r1.11 secure_permissions.module --- secure_permissions.module 31 Dec 2010 22:55:14 -0000 1.11 +++ secure_permissions.module 31 Dec 2010 22:56:57 -0000 @@ -143,15 +143,20 @@ function secure_permissions_modules_disa /** * Rebuild permissions, based on presets from the API. + * + * It is important to always call this function, instead of the individual + * build functions, since this rebuild call sanity-checks the module settings. */ function secure_permissions_rebuild() { // Killswitch for the module, to let admins export permissions before continuing. - if (!secure_permissions_variable('secure_permissions_active')) { + // If only one module responds, it is the core module and we cannot rebuild. + $modules = module_implements('secure_permissions'); + if (!secure_permissions_variable('secure_permissions_active') || count($modules) < 2) { return; } - secure_permissions_build_roles(); - secure_permissions_build_permissions(); - if (secure_permissions_variable('secure_permissions_verbose')) { + $rebuild_roles = secure_permissions_build_roles(); + $rebuld_perms = secure_permissions_build_permissions(); + if (secure_permissions_variable('secure_permissions_verbose') && $rebuild_roles && $rebuild_perms) { drupal_set_message(t('Site roles and permissions have been rebuilt successfully.'), 'status', FALSE); } } @@ -175,7 +180,10 @@ function secure_permissions_build_roles( sort($roles); // Get the roles defined by this module's hook. $secure_roles = secure_permissions_get_roles(); - // Comoute the difference for add/delete. + if (empty($secure_roles)) { + return FALSE; + } + // Compute the difference for add/delete. $new_roles = array_diff($secure_roles, $roles); $remove_roles = array_diff($roles, $secure_roles); // Add new roles. @@ -185,9 +193,17 @@ function secure_permissions_build_roles( user_role_save($role); } // Delete old roles. - foreach ($remove_roles as $name) { - user_role_delete($name); + $omit = array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID); + $admin_rid = variable_get('user_admin_role', 0); + if (!empty($admin_rid)) { + $omit[] = $admin_rid; + } + foreach ($remove_roles as $rid => $name) { + if (!in_array($rid, $omit)) { + user_role_delete($name); + } } + return TRUE; } /** @@ -204,6 +220,9 @@ function secure_permissions_build_permis foreach ($roles as $rid => $role) { $perms = array(); $new_permissions = module_invoke_all('secure_permissions', $role); + if (empty($new_permissions)) { + return FALSE; + } foreach ($permissions as $perm) { $perms[$perm] = FALSE; if (in_array($perm, $new_permissions)) { @@ -212,6 +231,7 @@ function secure_permissions_build_permis } user_role_change_permissions($rid, $perms); } + return TRUE; } /** @@ -420,7 +440,9 @@ function secure_permissions_form() { $files = system_rebuild_module_data(); $list = array('type' => 'ul'); foreach ($modules as $module) { - $list['items'][] = check_plain($files[$module]->info['name']); + if ($module != 'secure_permissions') { + $items[] = check_plain($files[$module]->info['name']); + } } $module_list = theme('item_list', $list); $extra = ''; @@ -494,11 +516,15 @@ function secure_permissions_form() { */ function secure_permissions_form_submit($form, &$form_state) { global $conf; + $modules = module_implements('secure_permissions'); $_SESSION['secure_permissions_rebuild'] = TRUE; - if ($form_state['values']['secure_permissions_active']) { + if ($form_state['values']['secure_permissions_active'] && count($modules) > 1) { // We must do this to pass the value to the calling function during submit. $conf['secure_permissions_active'] = TRUE; $conf['secure_permissions_use_default'] = $form_state['values']['secure_permissions_use_default']; secure_permissions_rebuild(); } + else { + drupal_set_message(t('Permissions cannot be rebuilt from code at this time.')); + } }