? masquerade-d7-1.patch Index: masquerade.info =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/masquerade/masquerade.info,v retrieving revision 1.4 diff -u -p -r1.4 masquerade.info --- masquerade.info 25 Sep 2008 12:11:56 -0000 1.4 +++ masquerade.info 6 May 2010 19:46:15 -0000 @@ -3,4 +3,6 @@ name = Masquerade description = "This module allows permitted users to masquerade as other users." core = 7.x php = 5.1 -files[] = masquerade.module \ No newline at end of file +files[] = masquerade.module +files[] = masquerade.install +files[] = masquerade.test Index: masquerade.install =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/masquerade/masquerade.install,v retrieving revision 1.5 diff -u -p -r1.5 masquerade.install --- masquerade.install 6 Mar 2009 20:34:59 -0000 1.5 +++ masquerade.install 6 May 2010 19:46:15 -0000 @@ -2,13 +2,13 @@ // $Id: masquerade.install,v 1.5 2009/03/06 20:34:59 deekayen Exp $ /** - * @file masquerade.install - * + * @file + * masquerade.install * Install, uninstall and update hooks for the Masquarade module. */ /** - * Implementation of hook_schema(). + * Implements hook_schema(). * * @return array */ @@ -41,24 +41,16 @@ function masquerade_schema() { } /** - * Implementation of hook_install(). - */ -function masquerade_install() { - drupal_install_schema('masquerade'); -} - -/** - * Implementation of hook_uninstall(). + * Implements hook_uninstall(). */ function masquerade_uninstall() { - drupal_uninstall_schema('masquerade'); variable_del('masquerade_test_user'); variable_del('masquerade_admin_roles'); variable_del('masquerade_quick_switches'); } /** - * Implementation of hook_update_N(). + * Implements hook_update_N(). * * Update for http://drupal.org/node/281468 * Adding support for multiple quick links in the Masquerade block. @@ -97,4 +89,4 @@ function masquerade_update_6002() { db_add_index($ret, 'masquerade', 'sid', array('sid', 'uid_from')); db_add_index($ret, 'masquerade', 'sid_2', array('sid', 'uid_as')); return $ret; -} \ No newline at end of file +} Index: masquerade.module =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/masquerade/masquerade.module,v retrieving revision 1.23 diff -u -p -r1.23 masquerade.module --- masquerade.module 6 Mar 2009 20:34:59 -0000 1.23 +++ masquerade.module 6 May 2010 19:46:15 -0000 @@ -2,13 +2,13 @@ // $Id: masquerade.module,v 1.23 2009/03/06 20:34:59 deekayen Exp $ /** - * @file masquerade.module - * + * @file + * masquerade.module * The masquerade module allows administrators to masquerade as other user. */ /** - * Implementation of hook_help(). + * Implements hook_help(). */ function masquerade_help($path, $arg) { switch ($path) { @@ -18,11 +18,11 @@ function masquerade_help($path, $arg) { } /** - * Implementation of hook_perm(). + * Implements hook_permission(). * * @return array */ -function masquerade_perm() { +function masquerade_permission() { return array( 'masquerade as user' => array( 'title' => t("Masquerade as user"), @@ -36,42 +36,18 @@ function masquerade_perm() { } /** - * Implementation of hook_init(). - */ -function masquerade_init() { - global $user; - - // load from table uid + session id - $query = db_select('masquerade', 'm'); - $query->addField('m', 'uid_from'); - $query->condition(db_and()->condition('sid', session_id(), '=')->condition('uid_as', $user->uid, '=')); - $query->range(0, 1); - $result = $query->execute(); - $uid = $result->fetchField(); - // using if so that we get unset rather than false if not masqing - if ($uid) { - $GLOBALS['masquerading'] = $uid; - } - else { - $GLOBALS['masquerading'] = null; - } -} - -/** - * Implementation of hook_cron() + * Implements hook_cron(). * * Cleanup masquerade records where people didn't use the switch back link * that would have cleanly removed the user switch record. */ function masquerade_cron() { // see http://drupal.org/node/268487 before modifying this query - db_delete('masquerade') - ->condition('sid', db_select('sessions', 'sid'), 'NOT IN') - ->execute(); + db_query('DELETE FROM {masquerade} WHERE sid NOT IN (SELECT sid FROM {sessions})')->execute(); } /** - * Implementation of hook_menu(). + * Implements hook_menu(). */ function masquerade_menu() { $items = array(); @@ -80,10 +56,10 @@ function masquerade_menu() { if ($default_test_user->uid) { $items['masquerade/switch/' . $default_test_user->uid] = array( 'title' => 'Masquerade as @testuser', - 'title arguments' => array('@testuser' => $default_test_user->name), + 'title arguments' => array('@testuser' => $default_test_user->name), 'page callback' => 'masquerade_switch_user', 'page arguments' => array(2), - 'access callback' => 'masquerade_access', + 'access callback' => 'masquerade_access', 'access arguments' => array('switch'), 'type' => MENU_NORMAL_ITEM, ); @@ -118,7 +94,7 @@ function masquerade_menu() { 'access arguments' => array('autocomplete'), 'type' => MENU_CALLBACK, ); - $items['admin/settings/masquerade'] = array( + $items['admin/config/development/masquerade'] = array( 'title' => 'Masquerade', 'description' => 'Masquerade module allows administrators to masquerade as other users.', 'page callback' => 'drupal_get_form', @@ -131,10 +107,35 @@ function masquerade_menu() { return $items; } +/** + * Custom access callback. + */ function masquerade_access($type) { + global $user; + if (!isset($GLOBALS['masquerading'])) { + // load from table uid + session id + $query = db_select('masquerade', 'm'); + $query->addField('m', 'uid_from'); + $query->condition(db_and()->condition('sid', session_id(), '=')->condition('uid_as', $user->uid, '=')); + $query->range(0, 1); + $result = $query->execute(); + $uid = $result->fetchField(); + + // using if so that we get unset rather than false if not masqing + if ($uid) { + $GLOBALS['masquerading'] = $uid; + } + else { + $GLOBALS['masquerading'] = NULL; + } + } + switch ($type) { case 'unswitch': - return $GLOBALS['masquerading'] || arg(2) == 'menu-customize' || arg(2) == 'menu'; + if ($GLOBALS['masquerading'] >= 1 || arg(2) == 'menu-customize' || arg(2) == 'menu') { + return TRUE; + } + break; case 'autocomplete': return $GLOBALS['masquerading'] || (user_access('masquerade as user') || user_access('masquerade as admin')); break; @@ -144,6 +145,9 @@ function masquerade_access($type) { } } +/** + * Admin settings form + */ function masquerade_admin_settings() { // create a list of roles; all selected roles are considered administrative. $rids = array(); @@ -186,43 +190,51 @@ function masquerade_admin_settings() { return system_settings_form($form); } +/** + * Validation handler for admin settings form. + */ function masquerade_admin_settings_validate($form, &$form_state) { unset($form); - $test_user = user_load(array('name' => $form_state['values']['masquerade_test_user'])); - if (!$test_user) { + $uid = db_query("SELECT uid FROM {users} WHERE name=':name'", array(':name' => $form_state['values']['masquerade_test_user']))->fetchField(); + if (!$uid) { form_set_error('masquerade_test_user', t('%user does not exist. Please enter a valid username.', array('%user' => $form_state['values']['masquerade_test_user']))); } // A comma-separated list of users. $masquerade_switches = drupal_explode_tags($form_state['values']['masquerade_quick_switches']); foreach ($masquerade_switches as $switch_user) { - $test_user = user_load(array('name' => $switch_user)); - if (!$test_user) { - form_set_error('masquerade_quick_switches', t('%user does not exist. Please enter a valid username.', array('%user' => $switch_user))); - } + $uid = db_query("SELECT uid FROM {users} WHERE name=':name'", array(':name' => $switch_user))->fetchField(); + if (!$uid) { + form_set_error('masquerade_quick_switches', t('%user does not exist. Please enter a valid username.', array('%user' => $switch_user))); + } } } +/** + * Submit handler for admin settings form + */ function masquerade_admin_settings_submit($form, &$form_state) { menu_rebuild(); } +/** + * Load test user as configured in the admin interface. + */ function _masquerade_test_user() { - $test_user->uid = 0; - $test_user->name = ''; + $test_user->uid = db_query("SELECT uid FROM {users} WHERE name=':name'", array(':name' => variable_get('masquerade_test_user')))->fetchField(); - $test_user = user_load(array('name' => variable_get('masquerade_test_user', $test_user->name))); + $test_user = user_load($test_user->uid); return $test_user; } /** - * Implementation of hook_user_logout(). + * Implements hook_user_logout(). */ function masquerade_user_logout(&$edit, &$edit_user, $category = NULL) { if (!empty($edit_user->masquerading)) { global $user; - cache_clear_all($user->uid, 'cache_menu', true); + cache_clear_all($user->uid, 'cache_menu', TRUE); $real_user = user_load(array('uid' => $user->masquerading)); watchdog('masquerade', "User %user no longer masquerading as %masq_as.", array('%user' => $real_user->name, '%masq_as' => $user->name), WATCHDOG_INFO); db_delete('masquerade') @@ -232,39 +244,41 @@ function masquerade_user_logout(&$edit, } /** - * Implementation of hook_user_view(). + * Implements hook_user_view(). */ -function masquerade_user_view(&$edit, &$edit_user, $category = NULL) { +function masquerade_user_view(&$account, $view_mode = NULL) { // check if user qualifies as admin $roles = array_keys(array_filter(variable_get('masquerade_admin_roles', array()))); - $perm = $edit_user->uid == 1 || array_intersect(array_keys((array)$edit_user->roles), $roles) ? + $perm = $account->uid == 1 || array_intersect(array_keys((array)$account->roles), $roles) ? 'masquerade as admin' : 'masquerade as user'; global $user; - if (user_access($perm) && empty($edit_user->masquerading) && $user->uid != $edit_user->uid) { - $edit_user->content['Masquerade'] = array( - '#value' => l(t('Masquerade as !user', array('!user' => $edit_user->name)), 'masquerade/switch/'. $edit_user->uid, array('destination' => $_GET['q'])), + if (user_access($perm) && empty($account->masquerading) && $user->uid != $account->uid) { + $account->content['Masquerade'] = array( + '#value' => l(t('Masquerade as !user', array('!user' => $account->name)), 'masquerade/switch/' . $account->uid, array('destination' => $_GET['q'])), '#weight' => 10 ); } } /** - * Implementation of hook_block_list(). + * Implements hook_block_info(). */ -function masquerade_block_list($delta = 0, $edit = array()) { - $blocks[0]['info'] = t('Masquerade'); +function masquerade_block_info($delta = 0, $edit = array()) { + $blocks['masquerade'] = array( + 'info' => t('Masquerade'), + ); return $blocks; } /** - * Implementation of hook_block_list(). + * Implements hook_block_view(). */ function masquerade_block_view($delta = 0, $edit = array()) { if (masquerade_access('autocomplete')) { switch ($delta) { - case 0: + case 'masquerade': $block['subject'] = t('Masquerade'); $block['content'] = drupal_get_form('masquerade_block_1'); break; @@ -278,24 +292,30 @@ function masquerade_block_view($delta = */ function masquerade_block_1($record) { $markup_value = ''; - if ($GLOBALS['masquerading']) { + if (isset($GLOBALS['masquerading']) && $GLOBALS['masquerading']) { global $user; $quick_switch_link[] = l(t('Switch back'), 'masquerade/unswitch', array()); - $markup_value = t('You are masquerading as:
%masq_as', array('%masq_as' => $user->name)) . theme('item_list', $quick_switch_link); + $vars = array( + 'items' => $quick_switch_link, + 'title' => '', + 'type' => 'ul', + 'attributes' => array(), + ); + $markup_value = t('You are masquerading as:
%masq_as', array('%masq_as' => $user->name)) . theme_item_list($vars); } else { - // A comma-separated list of users. + // A comma-separated list of users. $masquerade_switches = drupal_explode_tags(variable_get('masquerade_quick_switches', '')); foreach ($masquerade_switches as $switch_user) { if ($switch_user != $GLOBALS['user']->name) { $user_name = user_load(array('name' => $switch_user)); if ($user_name->uid) { - $quick_switch_link[] = l($user_name->name, 'masquerade/switch/'. $user_name->uid); + $quick_switch_link[] = l($user_name->name, 'masquerade/switch/' . $user_name->uid); } } } - $markup_value .= t('Enter username to masquerade as.') . '

'; + $markup_value .= t('Enter username to masquerade as.') . '

'; $form['masquerade_user_field'] = array( '#prefix' => '
', '#type' => 'textfield', @@ -310,13 +330,13 @@ function masquerade_block_1($record) { ); if (isset($quick_switch_link) && count($quick_switch_link)) { - $markup_value .= ''; + $markup_value .= ''; } } $form['masquerade_desc'] = array( '#prefix' => '
', '#type' => 'markup', - '#value' => $markup_value, + '#markup' => $markup_value, '#suffix' => '
', ); return $form; @@ -351,8 +371,9 @@ function masquerade_block_1_validate($fo */ function masquerade_block_1_submit($form, &$form_state) { unset($form); - $masq_user = user_load(array('name' => $form_state['values']['masquerade_user_field'])); - masquerade_switch_user($masq_user->uid); + $uid = db_query('SELECT uid FROM {users} WHERE name=:name', array(':name' => $form_state['values']['masquerade_user_field']))->fetchField(); + + masquerade_switch_user($uid); } /** @@ -360,11 +381,11 @@ function masquerade_block_1_submit($form */ function masquerade_autocomplete($string) { $matches = array(); - $result = db_query_range("SELECT u.name FROM {users} u WHERE LOWER(u.name) LIKE LOWER(:name)", array(':name' => $string . "%"), 0, 10); + $result = db_query_range("SELECT u.name FROM {users} u WHERE LOWER(u.name) LIKE LOWER(:name)", 0, 10, array(':name' => $string . "%")); while ($user = $result->fetchObject()) { $matches[$user->name] = check_plain($user->name); } - exit(drupal_to_js($matches)); + exit(drupal_json_encode($matches)); } /** @@ -380,7 +401,7 @@ function masquerade_autocomplete_multipl $matches = array(); $result = db_query_range("SELECT u.name FROM {users} u WHERE LOWER(u.name) LIKE LOWER(':name')", array(':name' => $last_string . '%'), 0, 10); - $prefix = count($array) ? implode(', ', $array) .', ' : ''; + $prefix = count($array) ? implode(', ', $array) . ', ' : ''; while ($user = $result->fetchObject()) { $matches[$prefix . $user->name] = check_plain($user->name); @@ -398,9 +419,7 @@ function masquerade_switch_user($uid) { watchdog('masquerade', 'The user id provided to switch users was not numeric.', NULL, WATCHDOG_ERROR); return drupal_goto($_SERVER['HTTP_REFERER']); } - - $new_user = user_load(array('uid' => $uid)); - + $new_user = user_load($uid); $roles = array_keys(array_filter(variable_get('masquerade_admin_roles', array()))); $perm = $uid == 1 || array_intersect(array_keys($new_user->roles), $roles) ? 'masquerade as admin' : @@ -434,17 +453,18 @@ function masquerade_switch_user($uid) { drupal_set_message(t('Now masquerading as %masq_as.', array('%masq_as' => $new_user->name))); $user->masquerading = $new_user->uid; $user = $new_user; - drupal_goto(referer_uri()); + drupal_save_session(TRUE); + drupal_goto($_SERVER['HTTP_REFERER']); } /** - * Page callback that allows a user who is currently masquerading to become - * a new user. + * Page callback that allows a user who is currently masquerading to revert to their + * original user session. */ function masquerade_switch_back() { // switch user global $user; - cache_clear_all($user->uid, 'cache_menu', true); + cache_clear_all($user->uid, 'cache_menu', TRUE); $query = db_select('masquerade', 'm'); $query->addField('m', 'uid_from'); $query->condition(db_and()->condition('sid', session_id(), '=')->condition('uid_as', $user->uid, '=')); @@ -456,7 +476,8 @@ function masquerade_switch_back() { ->condition(db_and()->condition('sid', session_id())->condition('uid_as', $user->uid)) ->execute(); $oldname = $user->name; - $user = user_load(array('uid' => $uid)); + $user = user_load($uid); + drupal_save_session(TRUE); watchdog('masquerade', 'User %user no longer masquerading as %masq_as.', array('%user' => $user->name, '%masq_as' => $oldname), WATCHDOG_INFO); drupal_set_message(t('No longer masquerading as %masq_as.', array('%masq_as' => $oldname))); drupal_goto($_SERVER['HTTP_REFERER']); Index: masquerade.test =================================================================== RCS file: masquerade.test diff -N masquerade.test --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ masquerade.test 6 May 2010 19:46:15 -0000 @@ -0,0 +1,47 @@ + 'Masquerade tests', + 'description' => 'Tests user switching with the Masquerade module.', + 'group' => 'Masquerade', + ); + } + + public function setUp() { + parent::setUp('masquerade'); + } + + public function testAdminForm() { + $admin_perms = array( + 'administer site configuration', + 'administer permissions', + 'masquerade as user', + ); + $admin = $this->drupalCreateUser($admin_perms); + $user = $this->drupalCreateUser(); + + $this->drupalLogin($admin); + $this->drupalGet('admin/config/development/masquerade'); + + //test switch + + $this->drupalGet('masquerade/switch/' . $user->uid); + $this->assertText('Now masquerading as ' . $user->name); + + //test unswitch + $this->drupalGet('masquerade/unswitch'); + $this->assertText('No longer masquerading as ' . $user->name); + } + +} +