access/0000777000000000000000000000000010765566126011037 5ustar rootrootaccess/access-rtl.css0000777000000000000000000000030610765455410013604 0ustar rootroot/* $Id$ */ #permissions td.permission { padding-left: 0; padding-right: 1.5em; } #access-rules .access-type, #access-rules .rule-type { margin-right: 0; margin-left: 1em; float: right; } access/access.admin.inc0000777000000000000000000002022410765502117014053 0ustar rootroot 'radios', '#title' => t('Access type'), '#default_value' => isset($edit['status']) ? $edit['status'] : 0, '#options' => array('1' => t('Allow'), '0' => t('Deny')), ); $type_options = array('user' => t('Username'), 'mail' => t('E-mail'), 'host' => t('Host')); $form['type'] = array( '#type' => 'radios', '#title' => t('Rule type'), '#default_value' => (isset($type_options[$edit['type']]) ? $edit['type'] : 'user'), '#options' => $type_options, ); $form['mask'] = array( '#type' => 'textfield', '#title' => t('Mask'), '#size' => 30, '#maxlength' => 64, '#default_value' => $edit['mask'], '#description' => '%: '. t('Matches any number of characters, even zero characters') .'.
_: '. t('Matches exactly one character.'), '#required' => TRUE, ); $form['submit'] = array('#type' => 'submit', '#value' => $submit); return $form; } function access_admin_access_check_validate($form, &$form_state) { if (empty($form_state['values']['test'])) { form_set_error($form_state['values']['type'], t('No value entered. Please enter a test string and try again.')); } } function access_admin_check_user() { $form['user'] = array('#type' => 'fieldset', '#title' => t('Username')); $form['user']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter a username to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => USERNAME_MAX_LENGTH); $form['user']['type'] = array('#type' => 'hidden', '#value' => 'user'); $form['user']['submit'] = array('#type' => 'submit', '#value' => t('Check username')); $form['#submit'][] = 'user_admin_access_check_submit'; $form['#validate'][] = 'user_admin_access_check_validate'; $form['#theme'] = 'user_admin_access_check'; return $form; } function access_admin_check_mail() { $form['mail'] = array('#type' => 'fieldset', '#title' => t('E-mail')); $form['mail']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter an e-mail address to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => EMAIL_MAX_LENGTH); $form['mail']['type'] = array('#type' => 'hidden', '#value' => 'mail'); $form['mail']['submit'] = array('#type' => 'submit', '#value' => t('Check e-mail')); $form['#submit'][] = 'user_admin_access_check_submit'; $form['#validate'][] = 'user_admin_access_check_validate'; $form['#theme'] = 'user_admin_access_check'; return $form; } function access_admin_check_host() { $form['host'] = array('#type' => 'fieldset', '#title' => t('Hostname')); $form['host']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter a hostname or IP address to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => 64); $form['host']['type'] = array('#type' => 'hidden', '#value' => 'host'); $form['host']['submit'] = array('#type' => 'submit', '#value' => t('Check hostname')); $form['#submit'][] = 'user_admin_access_check_submit'; $form['#validate'][] = 'user_admin_access_check_validate'; $form['#theme'] = 'user_admin_access_check'; return $form; } function access_admin_access_check_submit($form, &$form_state) { switch ($form_state['values']['type']) { case 'user': if (drupal_is_denied('user', $form_state['values']['test'])) { drupal_set_message(t('The username %name is not allowed.', array('%name' => $form_state['values']['test']))); } else { drupal_set_message(t('The username %name is allowed.', array('%name' => $form_state['values']['test']))); } break; case 'mail': if (drupal_is_denied('mail', $form_state['values']['test'])) { drupal_set_message(t('The e-mail address %mail is not allowed.', array('%mail' => $form_state['values']['test']))); } else { drupal_set_message(t('The e-mail address %mail is allowed.', array('%mail' => $form_state['values']['test']))); } break; case 'host': if (drupal_is_denied('host', $form_state['values']['test'])) { drupal_set_message(t('The hostname %host is not allowed.', array('%host' => $form_state['values']['test']))); } else { drupal_set_message(t('The hostname %host is allowed.', array('%host' => $form_state['values']['test']))); } break; default: break; } } /** * Menu callback: delete an access rule. * * @ingroup forms * @see access_admin_access_delete_confirm_submit() */ function access_admin_access_delete_confirm($form_state, $aid = 0) { $access_types = array('user' => t('username'), 'mail' => t('e-mail'), 'host' => t('host')); $edit = db_fetch_object(db_query('SELECT aid, type, status, mask FROM {access} WHERE aid = %d', $aid)); $form = array(); $form['aid'] = array('#type' => 'hidden', '#value' => $aid); $output = confirm_form($form, t('Are you sure you want to delete the @type rule for %rule?', array('@type' => $access_types[$edit->type], '%rule' => $edit->mask)), 'admin/user/rules', t('This action cannot be undone.'), t('Delete'), t('Cancel')); return $output; } function access_admin_access_delete_confirm_submit($form, &$form_state) { db_query('DELETE FROM {access} WHERE aid = %d', $form_state['values']['aid']); drupal_set_message(t('The access rule has been deleted.')); $form_state['redirect'] = 'admin/user/rules'; return; } /** * Menu callback: list all access rules. */ function access_admin_access() { $header = array(array('data' => t('Access type'), 'field' => 'status'), array('data' => t('Rule type'), 'field' => 'type'), array('data' => t('Mask'), 'field' => 'mask'), array('data' => t('Operations'), 'colspan' => 2)); $result = db_query("SELECT aid, type, status, mask FROM {access}". tablesort_sql($header)); $access_types = array('user' => t('username'), 'mail' => t('e-mail'), 'host' => t('host')); $rows = array(); while ($rule = db_fetch_object($result)) { $rows[] = array($rule->status ? t('allow') : t('deny'), $access_types[$rule->type], $rule->mask, l(t('edit'), 'admin/user/rules/edit/'. $rule->aid), l(t('delete'), 'admin/user/rules/delete/'. $rule->aid)); } if (empty($rows)) { $rows[] = array(array('data' => ''. t('There are currently no access rules.') .'', 'colspan' => 5)); } return theme('table', $header, $rows); }access/access.css0000777000000000000000000000040310765453545013012 0ustar rootroot/* $Id$ */ #access-rules .access-type, #access-rules .rule-type { margin-right: 1em; /* LTR */ float: left; /* LTR */ } #access-rules .access-type .form-item, #access-rules .rule-type .form-item { margin-top: 0; } #access-rules .mask { clear: both; }access/access.info0000777000000000000000000000025610765566070013161 0ustar rootroot; $Id$ name = Access description = Specify rules for allowable usernames, e-mail addresses, and IP/hostname addresses. package = Core - optional version = VERSION core = 7.x access/access.install0000777000000000000000000000202010765453556013667 0ustar rootroot t('Stores site access rules.'), 'fields' => array( 'aid' => array( 'type' => 'serial', 'not null' => TRUE, 'description' => t('Primary Key: Unique access ID.'), ), 'mask' => array( 'type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => '', 'description' => t('Text mask used for filtering access.'), ), 'type' => array( 'type' => 'varchar', 'length' => 255, 'not null' => TRUE, 'default' => '', 'description' => t('Type of access rule: name, mail or host.'), ), 'status' => array( 'type' => 'int', 'not null' => TRUE, 'default' => 0, 'size' => 'tiny', 'description' => t('Whether rule is to allow(1) or deny(0) access.'), ), ), 'primary key' => array('aid'), ); return $schema; }access/access.module0000777000000000000000000001442210765566101013506 0ustar rootroot 'Access rules', 'description' => 'Specify rules for allowable usernames, e-mail addresses, and IP/hostname addresses.', 'page callback' => 'access_admin_access', 'access arguments' => array('administer permissions'), 'file' => 'access.admin.inc', ); $items['admin/user/rules/list'] = array( 'title' => 'List', 'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10, ); $items['admin/user/rules/add'] = array( 'title' => 'Add rule', 'page callback' => 'access_admin_access_add', 'type' => MENU_LOCAL_TASK, 'file' => 'access.admin.inc', ); $items['admin/user/rules/check'] = array( 'title' => 'Check rules', 'page callback' => 'access_admin_access_check', 'type' => MENU_LOCAL_TASK, 'file' => 'access.admin.inc', ); $items['admin/user/rules/edit'] = array( 'title' => 'Edit rule', 'page callback' => 'access_admin_access_edit', 'type' => MENU_CALLBACK, 'file' => 'access.admin.inc', ); $items['admin/user/rules/delete'] = array( 'title' => 'Delete rule', 'page callback' => 'drupal_get_form', 'page arguments' => array('access_admin_access_delete_confirm'), 'type' => MENU_CALLBACK, 'file' => 'access.admin.inc', ); return $items; } /** * Implementation of hook_user(). */ function access_user($type, &$edit, &$account, $category = NULL) { if ($type == 'validate' && $category == 'account') { return _access_edit_validate(arg(1), $edit); } } function access_init() { drupal_add_css(drupal_get_path('module', 'access') .'/access.css', 'module'); } /** * A FAPI validate handler. Sets an error if supplied username has been * denied access. */ function access_login_name_validate($form, &$form_state) { if (isset($form_state['values']['name'])) { if (drupal_is_denied('user', $form_state['values']['name'])) { // Denied by access rules. form_set_error('name', t('The name %name is a reserved username.', array('%name' => $form_state['values']['name']))); } } } function _access_edit_validate($uid, &$edit) { $user = user_load(array('uid' => $uid)); // Validate the username: if (user_access('change own username') || user_access('administer users') || !$user->uid) { if (drupal_is_denied('user', $edit['name'])) { form_set_error('name', t('The name %name has been denied access.', array('%name' => $edit['name']))); } } // Validate the e-mail address: if (drupal_is_denied('mail', $edit['mail'])) { form_set_error('mail', t('The e-mail address %email has been denied access.', array('%email' => $edit['mail']))); } } /** * Implementation of hook_help(). */ function access_help($path, $arg) { global $user; switch ($path) { case 'admin/help#access': $output = '

'. t('The access module allows you to specify rules for allowable usernames, e-mail addresses, or IP addresses/hostnames. A rule may either explicitly "allow" access or "deny" access based on the rule\'s Access type, Rule type, and Mask. For Username and E-Mail rule types, if the username or e-mail address of an existing account or new registration matches the Mask of a "deny" rule, but not an "allow" rule, then the account will not be created (for new registrations) or able to log in (for existing accounts). For a Host rule type, if the hostname or IP address of a visitor matches the Mask of a "deny" rule, but not an "allow" rule, the visitor may not access the site (Host rules apply to each page view).') .'

'; $output .= '

'. t('For example, you could use the access module to restrict site access to a few specific IP addresses (or a subnet of addresses). The access module could also be used to ban poorly-behaving bots (that always use the same IP address), or prevent new users from registering with usernames like "Admin" or with e-mail addresses from certain domains. Existing logged-in users with e-mail addresses or usernames that match a "deny" rule (but not an "allow" rule) are not immediately logged out (but once they log out, may not log back in), Be careful to not create a "deny" rule that includes your administrative account.') .'

'; $output .= '

'. t('Visitors attempting to view your site from an IP address or hostname that matches a "deny" rule will receive a "banned address" message. Drupal checks incoming addresses for potential bans before any other Drupal modules or themes are loaded.') .'

'; $output .= '

'. t('For more information, see the online handbook entry for Access module.', array('@access' => 'http://drupal.org/handbook/modules/access/')) .'

'; case 'admin/user/rules': return '

'. t('Set up rules for allowable usernames, e-mail addresses, or IP addresses/hostnames. A rule may either explicitly "allow" access or "deny" access based on the rule\'s Access type, Rule type, and Mask. If the username or e-mail address of an existing account or new registration matches a "deny" rule, but not an "allow" rule, then the account will not be created (for new registrations) or able to log in (for existing accounts). An "allow" or "deny" host rule based on a hostname or IP address applies to each page view.') .'

'; } } /** * Implementation of hook_forms(). */ function access_forms() { $forms['access_admin_access_add_form']['callback'] = 'access_admin_access_form'; $forms['access_admin_access_edit_form']['callback'] = 'access_admin_access_form'; return $forms; } /** * Implementation of hook_action_info(). */ function access_action_info() { return array( 'access_block_ip_action' => array( 'description' => t('Ban IP address of current user.'), 'type' => 'user', 'configurable' => FALSE, 'hooks' => array(), ), ); } /** * Implementation of a Drupal action. * Adds an access rule that blocks the user's IP address. */ function access_block_ip_action() { $ip = ip_address(); db_query("INSERT INTO {access} (mask, type, status) VALUES ('%s', '%s', %d)", $ip, 'host', 0); watchdog('action', 'Banned IP address %ip', array('%ip' => $ip)); } ?>