? 855608-delete.patch
Index: secure_permissions.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/secure_permissions/secure_permissions.module,v
retrieving revision 1.11
diff -u -p -r1.11 secure_permissions.module
--- secure_permissions.module 31 Dec 2010 22:55:14 -0000 1.11
+++ secure_permissions.module 31 Dec 2010 23:29:19 -0000
@@ -52,7 +52,7 @@ function secure_permissions_variable($na
function secure_permissions_menu() {
$items = array();
- $items['admin/people/secure_permissions'] = array(
+ $items['admin/config/people/secure_permissions'] = array(
'title' => 'Secure permissions',
'description' => 'Configuration for the secure permissions module.',
'page callback' => 'drupal_get_form',
@@ -63,7 +63,7 @@ function secure_permissions_menu() {
'title' => 'Secure permissions',
'type' => MENU_DEFAULT_LOCAL_TASK,
);
- $items['admin/people/secure_permissions/export'] = array(
+ $items['admin/config/people/secure_permissions/export'] = array(
'title' => 'Export permissions',
'description' => 'Export site permissions for use by Secure Permissions.',
'page callback' => 'drupal_get_form',
@@ -143,15 +143,20 @@ function secure_permissions_modules_disa
/**
* Rebuild permissions, based on presets from the API.
+ *
+ * It is important to always call this function, instead of the individual
+ * build functions, since this rebuild call sanity-checks the module settings.
*/
function secure_permissions_rebuild() {
// Killswitch for the module, to let admins export permissions before continuing.
- if (!secure_permissions_variable('secure_permissions_active')) {
+ // If only one module responds, it is the core module and we cannot rebuild.
+ $modules = module_implements('secure_permissions');
+ if (!secure_permissions_variable('secure_permissions_active') || count($modules) < 2) {
return;
}
- secure_permissions_build_roles();
- secure_permissions_build_permissions();
- if (secure_permissions_variable('secure_permissions_verbose')) {
+ $rebuild_roles = secure_permissions_build_roles();
+ $rebuild_perms = secure_permissions_build_permissions();
+ if (secure_permissions_variable('secure_permissions_verbose') && $rebuild_roles && $rebuild_perms) {
drupal_set_message(t('Site roles and permissions have been rebuilt successfully.'), 'status', FALSE);
}
}
@@ -175,7 +180,10 @@ function secure_permissions_build_roles(
sort($roles);
// Get the roles defined by this module's hook.
$secure_roles = secure_permissions_get_roles();
- // Comoute the difference for add/delete.
+ if (empty($secure_roles)) {
+ return FALSE;
+ }
+ // Compute the difference for add/delete.
$new_roles = array_diff($secure_roles, $roles);
$remove_roles = array_diff($roles, $secure_roles);
// Add new roles.
@@ -185,25 +193,40 @@ function secure_permissions_build_roles(
user_role_save($role);
}
// Delete old roles.
+ $omit = array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID);
+ $admin_rid = variable_get('user_admin_role', 0);
+ if (!empty($admin_rid)) {
+ $omit[] = $admin_rid;
+ }
foreach ($remove_roles as $name) {
- user_role_delete($name);
+ $role = user_role_load_by_name($name);
+ if (!empty($role) && !in_array($role->rid, $omit)) {
+ user_role_delete($name);
+ }
}
+ return TRUE;
}
/**
* Build function to create the permissions arrays.
*/
function secure_permissions_build_permissions() {
- // Revoke all permissions.
- db_delete('role_permission')->execute();
// Get the active roles on the site.
$roles = user_roles();
+ $admin_rid = variable_get('user_admin_role', 0);
+ // Do not touch the administrative role.
+ if (!empty($admin_rid) && isset($roles[$admin_rid])) {
+ unset($roles[$admin_rid]);
+ }
// List all permissions.
$permissions = array_keys(module_invoke_all('permission'));
// Now set permissions per role, using our hook.
foreach ($roles as $rid => $role) {
$perms = array();
$new_permissions = module_invoke_all('secure_permissions', $role);
+ if (empty($new_permissions)) {
+ return FALSE;
+ }
foreach ($permissions as $perm) {
$perms[$perm] = FALSE;
if (in_array($perm, $new_permissions)) {
@@ -212,6 +235,7 @@ function secure_permissions_build_permis
}
user_role_change_permissions($rid, $perms);
}
+ return TRUE;
}
/**
@@ -309,10 +333,18 @@ function secure_permissions_form_user_ad
function secure_permissions_export($form, $form_state) {
$form = array();
$form['help'] = array(
- '#markup' => t('The Secure permissions module stores the permissions in a module (file) that is inaccessible through the user interface.
You now need to create and enable that module in 4 easy steps.- Create directory. cd to /sites/all/modules and issue the command: mkdir secure_permissions_data
- Create 2 empty files. cd to /sites/all/modules/secure_permissions_data and issue the command: touch secure_permissions_data.info secure_permissions_data.module
- Copy data. Copy the text from the fields below into the respective files you just created using the tools of your choice.
- Enable the module. Navigate to admin/build/modules/list and enable your new module.
To change permissions with the module enabled, you must now edit your /sites/all/modules/secure_permissions_data/secure_permissions_data.module file. After editing the file navigate to /admin/user/secure_permissions/view select \'Load permissions from code\' and click \'Save configuration\' to update the permissions. You may rename the module; remember to rename all the functions.'),
+ '#markup' => t('The Secure permissions module stores the permissions in a module (file) that is inaccessible through
+ the user interface.
You now need to create and enable that module in 4 easy steps.- Create directory.
+ cd to /sites/all/modules and issue the command: mkdir secure_permissions_data
- Create 2 empty files. cd to
+ /sites/all/modules/secure_permissions_data and issue the command: touch secure_permissions_data.info
+ secure_permissions_data.module
- Copy data. Copy the text from the fields below into the respective files you just
+ created using the tools of your choice.
- Enable the module. Navigate to admin/build/modules/list and enable your
+ new module.
To change permissions with the module enabled, you must now edit your
+ /sites/all/modules/secure_permissions_data/secure_permissions_data.module file. After editing the file navigate to
+ /admin/user/secure_permissions/view select \'Load permissions from code\' and click \'Save configuration\' to update
+ the permissions. You may rename the module; remember to rename all the functions.'),
);
$output = '';
- $output .="; \$Id: secure_permissions.module,v 1.11 2010/12/31 22:55:14 agentken Exp $\n";
$output .= "name = Secure Permissions Data\n";
$output .= "description = Role and permission settings for the site.\n";
$output .= "core = 7.x\n";
@@ -356,7 +388,6 @@ EOT;
if (!empty($admin_rid) && isset($roles[$admin_rid])) {
unset($roles[$admin_rid]);
}
- $output .= 'function HOOK_secure_permissions_roles() {';
$output .= "\n return array(\n";
foreach ($roles as $role) {
$output .= " '" . $role ."',\n";
@@ -420,7 +451,9 @@ function secure_permissions_form() {
$files = system_rebuild_module_data();
$list = array('type' => 'ul');
foreach ($modules as $module) {
- $list['items'][] = check_plain($files[$module]->info['name']);
+ if ($module != 'secure_permissions') {
+ $items[] = check_plain($files[$module]->info['name']);
+ }
}
$module_list = theme('item_list', $list);
$extra = '';
@@ -494,11 +527,15 @@ function secure_permissions_form() {
*/
function secure_permissions_form_submit($form, &$form_state) {
global $conf;
+ $modules = module_implements('secure_permissions');
$_SESSION['secure_permissions_rebuild'] = TRUE;
- if ($form_state['values']['secure_permissions_active']) {
+ if ($form_state['values']['secure_permissions_active'] && count($modules) > 1) {
// We must do this to pass the value to the calling function during submit.
$conf['secure_permissions_active'] = TRUE;
$conf['secure_permissions_use_default'] = $form_state['values']['secure_permissions_use_default'];
secure_permissions_rebuild();
}
+ else {
+ drupal_set_message(t('Permissions cannot be rebuilt from code at this time.'));
+ }
}