From 5ca5112b98c2e9eba025ac636e1b8df960edb7ef Mon Sep 17 00:00:00 2001
From: David Hunt <git@dnotes.net>
Date: Tue, 22 Feb 2011 23:14:04 -0500
Subject: [PATCH] Issue #986906 by dnotes: Fixed lockout of sudoers when site is offline

---
 CHANGELOG.txt  |    1 +
 sudo.module    |    5 +++++
 sudo.pages.inc |   25 +++++++++++++++++++++++++
 3 files changed, 31 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 sudo.module
 mode change 100644 => 100755 sudo.pages.inc

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 4fbc1a0..787fc10 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,3 +1,4 @@
+Issue #986906 by dnotes: Fixed lockout of sudoers when site is offline
 by dnotes: Added CHANGELOG.txt
 
 Sudo 6.x-1.0, 26 Feb 2010
diff --git a/sudo.module b/sudo.module
old mode 100644
new mode 100755
index 24dff8e..3751f2c
--- a/sudo.module
+++ b/sudo.module
@@ -21,6 +21,11 @@ function sudo_menu() {
   return $items;
 }
 
+function sudo_form_system_site_maintenance_settings_alter(&$form, $form_state) {
+  module_load_include('inc', 'sudo', 'sudo.pages');
+  $form['#submit'][] = 'sudo_site_offline_submit';
+}
+
 function sudo_preprocess_page(&$vars) {
   global $user;
   if ($user->uid && !variable_get('sudo_hide_button', FALSE) && is_array($sudo_roles = sudo_roles())) { // intentional assignment of $sudo_roles
diff --git a/sudo.pages.inc b/sudo.pages.inc
old mode 100644
new mode 100755
index 6d9cdfe..50574ef
--- a/sudo.pages.inc
+++ b/sudo.pages.inc
@@ -168,6 +168,10 @@ function sudo_switch() {
 }
 
 function sudo_switch_submit($form, &$form_state) {
+  if (variable_get('site_offline', FALSE)) {
+    drupal_set_message(t("You can't un-sudo when the site is in maintenance mode."), 'error');
+    return;
+  }
   global $user;
   if ($sudo_roles = sudo_roles($user)) { // intentional assignment of $sudo_roles
 
@@ -204,3 +208,24 @@ function theme_sudo_button($state, $path) {
   $output .= "</div>";
   return $output;
 }
+
+/**
+ * This function ensures that sudoers who are not sudoing when the site is taken
+ * offline will not be locked out; instead, all their sudo roles will be added
+ * to their account at that time.
+ * @param array $form
+ * @param array $form_state
+ */
+function sudo_site_offline_submit($form, &$form_state) {
+  if ($form_state['values']['site_offline']) {
+    $q = db_query("SELECT * FROM {sudo}");
+    while ($r = db_fetch_object($q)) {
+      $roles = unserialize($r->roles);
+      if (is_array($roles) && count($roles)) {
+        foreach ($roles as $role) {
+          db_query("REPLACE INTO {users_roles} (uid, rid) VALUES (%d, %d)", $r->uid, $role);
+        }
+      }
+    }
+  }
+}
\ No newline at end of file
-- 
1.6.3.3

