From 8e253393be3b0e696fd393f5204003fbd087af57 Mon Sep 17 00:00:00 2001
From: Paul Dale Smith
Date: Thu, 18 Jan 2018 11:10:17 +0000
Subject: [PATCH] Update accessing checking for forum paths.
---
forum_access.module | 92 ++++++++++++++++++++++++++++-------------------------
1 file changed, 49 insertions(+), 43 deletions(-)
diff --git a/forum_access.module b/forum_access.module
index 47dfa00..baf6a70 100644
--- a/forum_access.module
+++ b/forum_access.module
@@ -68,6 +68,23 @@ function forum_access_menu_alter(&$items) {
chain_menu_access_chain($items, 'comment/%/approve', '_forum_access_comment_access_callback', array(1, 2), TRUE);
chain_menu_access_chain($items, 'comment/reply/%node', '_forum_access_comment_access_callback', array(2, 1));
}
+ $items['forum/%forum_forum']['access callback'] = '_forum_access_access_wrapper';
+ $items['forum/%forum_forum']['access arguments'] = [1];
+}
+
+/**
+ * Custom access wrapper around forum_access_access.
+ *
+ * @param object $forum
+ * A Forum taxonomy term.
+ *
+ * @return bool
+ * Whether the current user has access to the forum.
+ *
+ * @see forum_access_access()
+ */
+function _forum_access_access_wrapper($forum) {
+ return forum_access_access('view', $forum->tid);
}
function _forum_access_node_access_callback($node, $op) {
@@ -299,49 +316,6 @@ function forum_access_query_alter($p1, $p2, $p3) {
return;
}
-function forum_access_query_term_access_alter(QueryAlterableInterface $query) {
- global $user;
-
- // Read meta-data from query, if provided.
- if (!$account = $query->getMetaData('account')) {
- $account = $user;
- }
- if (!$op = $query->getMetaData('op')) {
- $op = 'view';
- }
-
- // If $account can bypass node access, or there are no node access
- // modules, we don't need to alter the query.
- if (user_access('bypass node access', $account)) {
- return;
- }
-
- // Prevent duplicate records.
- $query->distinct();
-
- // Find all instances of the {taxonomy_term_data} table being joined --
- // could appear more than once in the query, and could be aliased.
- // Join each one to the forum_access table.
-
- $tables = $query->getTables();
- $rids = array_keys($account->roles);
- foreach ($tables as $talias => $tableinfo) {
- $table = $tableinfo['table'];
- if (!($table instanceof SelectQueryInterface) && $table == 'taxonomy_term_data') {
- // The node_access table has the access grants for any given node.
- $access_alias = $query->leftJoin('forum_access', 'fa', '%alias.tid = ' . $talias . '.tid');
- $acl_alias = $query->leftJoin('acl', 'acl', "%alias.number = $talias.tid AND %alias.module = 'forum_access'");
- $aclu_alias = $query->leftJoin('acl_user', 'aclu', "%alias.acl_id = $acl_alias.acl_id AND %alias.uid = $account->uid");
- $query->condition(db_or()
- ->isNull("$access_alias.rid")
- ->condition(db_and()
- ->condition("$access_alias.rid", $rids, 'IN')
- ->condition("$access_alias.grant_$op", 1, '>='))
- ->condition("$aclu_alias.uid", $account->uid));
- }
- }
-}
-
/**
* Implements hook_node_presave().
*/
@@ -505,6 +479,38 @@ function forum_access_preprocess_forum_list(&$variables) {
}
}
+/**
+ * Implements hook_preprocess_HOOK().
+ */
+function forum_access_preprocess_forums(&$variables) {
+ foreach ($variables['forums'] as $tid => $forum) {
+ if (!forum_access_access('view', $tid)) {
+ unset($variables['forums'][$tid]);
+ }
+
+ // If we can't access the parent, we can't access the children.
+ elseif (!empty($forum->parents)) {
+ $access = TRUE;
+ foreach ($forum->parents as $key => $parent) {
+ if (!forum_access_access('view', $parent)) {
+ $access = FALSE;
+ }
+ }
+
+ if ($access == FALSE) {
+ unset($variables['forums'][$tid]);
+ }
+ }
+ }
+
+ if (empty($variables['forums'])) {
+ drupal_access_denied();
+ drupal_exit();
+ }
+
+ return $variables;
+}
+
/**
* Implements hook_node_view_alter().
*
--
2.14.3 (Apple Git-98)