From 8e253393be3b0e696fd393f5204003fbd087af57 Mon Sep 17 00:00:00 2001 From: Paul Dale Smith Date: Thu, 18 Jan 2018 11:10:17 +0000 Subject: [PATCH] Update accessing checking for forum paths. --- forum_access.module | 92 ++++++++++++++++++++++++++++------------------------- 1 file changed, 49 insertions(+), 43 deletions(-) diff --git a/forum_access.module b/forum_access.module index 47dfa00..baf6a70 100644 --- a/forum_access.module +++ b/forum_access.module @@ -68,6 +68,23 @@ function forum_access_menu_alter(&$items) { chain_menu_access_chain($items, 'comment/%/approve', '_forum_access_comment_access_callback', array(1, 2), TRUE); chain_menu_access_chain($items, 'comment/reply/%node', '_forum_access_comment_access_callback', array(2, 1)); } + $items['forum/%forum_forum']['access callback'] = '_forum_access_access_wrapper'; + $items['forum/%forum_forum']['access arguments'] = array(1); +} + +/** + * Custom access wrapper around forum_access_access. + * + * @param object $forum + * A Forum taxonomy term. + * + * @return bool + * Whether the current user has access to the forum. + * + * @see forum_access_access() + */ +function _forum_access_access_wrapper($forum) { + return forum_access_access('view', $forum->tid); } function _forum_access_node_access_callback($node, $op) { @@ -299,49 +316,6 @@ function forum_access_query_alter($p1, $p2, $p3) { return; } -function forum_access_query_term_access_alter(QueryAlterableInterface $query) { - global $user; - - // Read meta-data from query, if provided. - if (!$account = $query->getMetaData('account')) { - $account = $user; - } - if (!$op = $query->getMetaData('op')) { - $op = 'view'; - } - - // If $account can bypass node access, or there are no node access - // modules, we don't need to alter the query. - if (user_access('bypass node access', $account)) { - return; - } - - // Prevent duplicate records. - $query->distinct(); - - // Find all instances of the {taxonomy_term_data} table being joined -- - // could appear more than once in the query, and could be aliased. - // Join each one to the forum_access table. - - $tables = $query->getTables(); - $rids = array_keys($account->roles); - foreach ($tables as $talias => $tableinfo) { - $table = $tableinfo['table']; - if (!($table instanceof SelectQueryInterface) && $table == 'taxonomy_term_data') { - // The node_access table has the access grants for any given node. - $access_alias = $query->leftJoin('forum_access', 'fa', '%alias.tid = ' . $talias . '.tid'); - $acl_alias = $query->leftJoin('acl', 'acl', "%alias.number = $talias.tid AND %alias.module = 'forum_access'"); - $aclu_alias = $query->leftJoin('acl_user', 'aclu', "%alias.acl_id = $acl_alias.acl_id AND %alias.uid = $account->uid"); - $query->condition(db_or() - ->isNull("$access_alias.rid") - ->condition(db_and() - ->condition("$access_alias.rid", $rids, 'IN') - ->condition("$access_alias.grant_$op", 1, '>=')) - ->condition("$aclu_alias.uid", $account->uid)); - } - } -} - /** * Implements hook_node_presave(). */ @@ -505,6 +479,38 @@ function forum_access_preprocess_forum_list(&$variables) { } } +/** + * Implements hook_preprocess_HOOK(). + */ +function forum_access_preprocess_forums(&$variables) { + foreach ($variables['forums'] as $tid => $forum) { + if (!forum_access_access('view', $tid)) { + unset($variables['forums'][$tid]); + } + + // If we can't access the parent, we can't access the children. + elseif (!empty($forum->parents)) { + $access = TRUE; + foreach ($forum->parents as $key => $parent) { + if (!forum_access_access('view', $parent)) { + $access = FALSE; + } + } + + if ($access == FALSE) { + unset($variables['forums'][$tid]); + } + } + } + + if (empty($variables['forums']) && $variables['tid'] == 0) { + drupal_access_denied(); + drupal_exit(); + } + + return $variables; +} + /** * Implements hook_node_view_alter(). * -- 2.14.3 (Apple Git-98)