access/ 0000777 0000000 0000000 00000000000 10765566126 011037 5 ustar root root access/access-rtl.css 0000777 0000000 0000000 00000000306 10765455410 013604 0 ustar root root /* $Id$ */
#permissions td.permission {
padding-left: 0;
padding-right: 1.5em;
}
#access-rules .access-type, #access-rules .rule-type {
margin-right: 0;
margin-left: 1em;
float: right;
}
access/access.admin.inc 0000777 0000000 0000000 00000020224 10765502117 014053 0 ustar root root 'radios',
'#title' => t('Access type'),
'#default_value' => isset($edit['status']) ? $edit['status'] : 0,
'#options' => array('1' => t('Allow'), '0' => t('Deny')),
);
$type_options = array('user' => t('Username'), 'mail' => t('E-mail'), 'host' => t('Host'));
$form['type'] = array(
'#type' => 'radios',
'#title' => t('Rule type'),
'#default_value' => (isset($type_options[$edit['type']]) ? $edit['type'] : 'user'),
'#options' => $type_options,
);
$form['mask'] = array(
'#type' => 'textfield',
'#title' => t('Mask'),
'#size' => 30,
'#maxlength' => 64,
'#default_value' => $edit['mask'],
'#description' => '%: '. t('Matches any number of characters, even zero characters') .'.
_: '. t('Matches exactly one character.'),
'#required' => TRUE,
);
$form['submit'] = array('#type' => 'submit', '#value' => $submit);
return $form;
}
function access_admin_access_check_validate($form, &$form_state) {
if (empty($form_state['values']['test'])) {
form_set_error($form_state['values']['type'], t('No value entered. Please enter a test string and try again.'));
}
}
function access_admin_check_user() {
$form['user'] = array('#type' => 'fieldset', '#title' => t('Username'));
$form['user']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter a username to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => USERNAME_MAX_LENGTH);
$form['user']['type'] = array('#type' => 'hidden', '#value' => 'user');
$form['user']['submit'] = array('#type' => 'submit', '#value' => t('Check username'));
$form['#submit'][] = 'user_admin_access_check_submit';
$form['#validate'][] = 'user_admin_access_check_validate';
$form['#theme'] = 'user_admin_access_check';
return $form;
}
function access_admin_check_mail() {
$form['mail'] = array('#type' => 'fieldset', '#title' => t('E-mail'));
$form['mail']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter an e-mail address to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => EMAIL_MAX_LENGTH);
$form['mail']['type'] = array('#type' => 'hidden', '#value' => 'mail');
$form['mail']['submit'] = array('#type' => 'submit', '#value' => t('Check e-mail'));
$form['#submit'][] = 'user_admin_access_check_submit';
$form['#validate'][] = 'user_admin_access_check_validate';
$form['#theme'] = 'user_admin_access_check';
return $form;
}
function access_admin_check_host() {
$form['host'] = array('#type' => 'fieldset', '#title' => t('Hostname'));
$form['host']['test'] = array('#type' => 'textfield', '#title' => '', '#description' => t('Enter a hostname or IP address to check if it will be denied or allowed.'), '#size' => 30, '#maxlength' => 64);
$form['host']['type'] = array('#type' => 'hidden', '#value' => 'host');
$form['host']['submit'] = array('#type' => 'submit', '#value' => t('Check hostname'));
$form['#submit'][] = 'user_admin_access_check_submit';
$form['#validate'][] = 'user_admin_access_check_validate';
$form['#theme'] = 'user_admin_access_check';
return $form;
}
function access_admin_access_check_submit($form, &$form_state) {
switch ($form_state['values']['type']) {
case 'user':
if (drupal_is_denied('user', $form_state['values']['test'])) {
drupal_set_message(t('The username %name is not allowed.', array('%name' => $form_state['values']['test'])));
}
else {
drupal_set_message(t('The username %name is allowed.', array('%name' => $form_state['values']['test'])));
}
break;
case 'mail':
if (drupal_is_denied('mail', $form_state['values']['test'])) {
drupal_set_message(t('The e-mail address %mail is not allowed.', array('%mail' => $form_state['values']['test'])));
}
else {
drupal_set_message(t('The e-mail address %mail is allowed.', array('%mail' => $form_state['values']['test'])));
}
break;
case 'host':
if (drupal_is_denied('host', $form_state['values']['test'])) {
drupal_set_message(t('The hostname %host is not allowed.', array('%host' => $form_state['values']['test'])));
}
else {
drupal_set_message(t('The hostname %host is allowed.', array('%host' => $form_state['values']['test'])));
}
break;
default:
break;
}
}
/**
* Menu callback: delete an access rule.
*
* @ingroup forms
* @see access_admin_access_delete_confirm_submit()
*/
function access_admin_access_delete_confirm($form_state, $aid = 0) {
$access_types = array('user' => t('username'), 'mail' => t('e-mail'), 'host' => t('host'));
$edit = db_fetch_object(db_query('SELECT aid, type, status, mask FROM {access} WHERE aid = %d', $aid));
$form = array();
$form['aid'] = array('#type' => 'hidden', '#value' => $aid);
$output = confirm_form($form,
t('Are you sure you want to delete the @type rule for %rule?', array('@type' => $access_types[$edit->type], '%rule' => $edit->mask)),
'admin/user/rules',
t('This action cannot be undone.'),
t('Delete'),
t('Cancel'));
return $output;
}
function access_admin_access_delete_confirm_submit($form, &$form_state) {
db_query('DELETE FROM {access} WHERE aid = %d', $form_state['values']['aid']);
drupal_set_message(t('The access rule has been deleted.'));
$form_state['redirect'] = 'admin/user/rules';
return;
}
/**
* Menu callback: list all access rules.
*/
function access_admin_access() {
$header = array(array('data' => t('Access type'), 'field' => 'status'), array('data' => t('Rule type'), 'field' => 'type'), array('data' => t('Mask'), 'field' => 'mask'), array('data' => t('Operations'), 'colspan' => 2));
$result = db_query("SELECT aid, type, status, mask FROM {access}". tablesort_sql($header));
$access_types = array('user' => t('username'), 'mail' => t('e-mail'), 'host' => t('host'));
$rows = array();
while ($rule = db_fetch_object($result)) {
$rows[] = array($rule->status ? t('allow') : t('deny'), $access_types[$rule->type], $rule->mask, l(t('edit'), 'admin/user/rules/edit/'. $rule->aid), l(t('delete'), 'admin/user/rules/delete/'. $rule->aid));
}
if (empty($rows)) {
$rows[] = array(array('data' => ''. t('There are currently no access rules.') .'', 'colspan' => 5));
}
return theme('table', $header, $rows);
} access/access.css 0000777 0000000 0000000 00000000403 10765453545 013012 0 ustar root root /* $Id$ */
#access-rules .access-type, #access-rules .rule-type {
margin-right: 1em; /* LTR */
float: left; /* LTR */
}
#access-rules .access-type .form-item, #access-rules .rule-type .form-item {
margin-top: 0;
}
#access-rules .mask {
clear: both;
} access/access.info 0000777 0000000 0000000 00000000256 10765566070 013161 0 ustar root root ; $Id$
name = Access
description = Specify rules for allowable usernames, e-mail addresses, and IP/hostname addresses.
package = Core - optional
version = VERSION
core = 7.x
access/access.install 0000777 0000000 0000000 00000002020 10765453556 013667 0 ustar root root t('Stores site access rules.'),
'fields' => array(
'aid' => array(
'type' => 'serial',
'not null' => TRUE,
'description' => t('Primary Key: Unique access ID.'),
),
'mask' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
'default' => '',
'description' => t('Text mask used for filtering access.'),
),
'type' => array(
'type' => 'varchar',
'length' => 255,
'not null' => TRUE,
'default' => '',
'description' => t('Type of access rule: name, mail or host.'),
),
'status' => array(
'type' => 'int',
'not null' => TRUE,
'default' => 0,
'size' => 'tiny',
'description' => t('Whether rule is to allow(1) or deny(0) access.'),
),
),
'primary key' => array('aid'),
);
return $schema;
} access/access.module 0000777 0000000 0000000 00000014422 10765566101 013506 0 ustar root root 'Access rules',
'description' => 'Specify rules for allowable usernames, e-mail addresses, and IP/hostname addresses.',
'page callback' => 'access_admin_access',
'access arguments' => array('administer permissions'),
'file' => 'access.admin.inc',
);
$items['admin/user/rules/list'] = array(
'title' => 'List',
'type' => MENU_DEFAULT_LOCAL_TASK,
'weight' => -10,
);
$items['admin/user/rules/add'] = array(
'title' => 'Add rule',
'page callback' => 'access_admin_access_add',
'type' => MENU_LOCAL_TASK,
'file' => 'access.admin.inc',
);
$items['admin/user/rules/check'] = array(
'title' => 'Check rules',
'page callback' => 'access_admin_access_check',
'type' => MENU_LOCAL_TASK,
'file' => 'access.admin.inc',
);
$items['admin/user/rules/edit'] = array(
'title' => 'Edit rule',
'page callback' => 'access_admin_access_edit',
'type' => MENU_CALLBACK,
'file' => 'access.admin.inc',
);
$items['admin/user/rules/delete'] = array(
'title' => 'Delete rule',
'page callback' => 'drupal_get_form',
'page arguments' => array('access_admin_access_delete_confirm'),
'type' => MENU_CALLBACK,
'file' => 'access.admin.inc',
);
return $items;
}
/**
* Implementation of hook_user().
*/
function access_user($type, &$edit, &$account, $category = NULL) {
if ($type == 'validate' && $category == 'account') {
return _access_edit_validate(arg(1), $edit);
}
}
function access_init() {
drupal_add_css(drupal_get_path('module', 'access') .'/access.css', 'module');
}
/**
* A FAPI validate handler. Sets an error if supplied username has been
* denied access.
*/
function access_login_name_validate($form, &$form_state) {
if (isset($form_state['values']['name'])) {
if (drupal_is_denied('user', $form_state['values']['name'])) {
// Denied by access rules.
form_set_error('name', t('The name %name is a reserved username.', array('%name' => $form_state['values']['name'])));
}
}
}
function _access_edit_validate($uid, &$edit) {
$user = user_load(array('uid' => $uid));
// Validate the username:
if (user_access('change own username') || user_access('administer users') || !$user->uid) {
if (drupal_is_denied('user', $edit['name'])) {
form_set_error('name', t('The name %name has been denied access.', array('%name' => $edit['name'])));
}
}
// Validate the e-mail address:
if (drupal_is_denied('mail', $edit['mail'])) {
form_set_error('mail', t('The e-mail address %email has been denied access.', array('%email' => $edit['mail'])));
}
}
/**
* Implementation of hook_help().
*/
function access_help($path, $arg) {
global $user;
switch ($path) {
case 'admin/help#access':
$output = '
'. t('The access module allows you to specify rules for allowable usernames, e-mail addresses, or IP addresses/hostnames. A rule may either explicitly "allow" access or "deny" access based on the rule\'s Access type, Rule type, and Mask. For Username and E-Mail rule types, if the username or e-mail address of an existing account or new registration matches the Mask of a "deny" rule, but not an "allow" rule, then the account will not be created (for new registrations) or able to log in (for existing accounts). For a Host rule type, if the hostname or IP address of a visitor matches the Mask of a "deny" rule, but not an "allow" rule, the visitor may not access the site (Host rules apply to each page view).') .'
'; $output .= ''. t('For example, you could use the access module to restrict site access to a few specific IP addresses (or a subnet of addresses). The access module could also be used to ban poorly-behaving bots (that always use the same IP address), or prevent new users from registering with usernames like "Admin" or with e-mail addresses from certain domains. Existing logged-in users with e-mail addresses or usernames that match a "deny" rule (but not an "allow" rule) are not immediately logged out (but once they log out, may not log back in), Be careful to not create a "deny" rule that includes your administrative account.') .'
'; $output .= ''. t('Visitors attempting to view your site from an IP address or hostname that matches a "deny" rule will receive a "banned address" message. Drupal checks incoming addresses for potential bans before any other Drupal modules or themes are loaded.') .'
'; $output .= ''. t('For more information, see the online handbook entry for Access module.', array('@access' => 'http://drupal.org/handbook/modules/access/')) .'
'; case 'admin/user/rules': return ''. t('Set up rules for allowable usernames, e-mail addresses, or IP addresses/hostnames. A rule may either explicitly "allow" access or "deny" access based on the rule\'s Access type, Rule type, and Mask. If the username or e-mail address of an existing account or new registration matches a "deny" rule, but not an "allow" rule, then the account will not be created (for new registrations) or able to log in (for existing accounts). An "allow" or "deny" host rule based on a hostname or IP address applies to each page view.') .'
'; } } /** * Implementation of hook_forms(). */ function access_forms() { $forms['access_admin_access_add_form']['callback'] = 'access_admin_access_form'; $forms['access_admin_access_edit_form']['callback'] = 'access_admin_access_form'; return $forms; } /** * Implementation of hook_action_info(). */ function access_action_info() { return array( 'access_block_ip_action' => array( 'description' => t('Ban IP address of current user.'), 'type' => 'user', 'configurable' => FALSE, 'hooks' => array(), ), ); } /** * Implementation of a Drupal action. * Adds an access rule that blocks the user's IP address. */ function access_block_ip_action() { $ip = ip_address(); db_query("INSERT INTO {access} (mask, type, status) VALUES ('%s', '%s', %d)", $ip, 'host', 0); watchdog('action', 'Banned IP address %ip', array('%ip' => $ip)); } ?>