diff --git a/masquerade.install b/masquerade.install index e3ea7336f..08d002cd7 100644 --- a/masquerade.install +++ b/masquerade.install @@ -14,33 +14,6 @@ */ function masquerade_schema() { return array( - 'masquerade' => array( - 'description' => 'Each masquerading user has their session recorded into the masquerade table. Each record represents a masquerading user.', - 'fields' => array( - 'sid' => array( - 'description' => 'The current session for this masquerading user corresponding to their {sessions}.sid.', - 'type' => 'varchar', - 'length' => '64', - 'not null' => TRUE, - 'default' => ''), - 'uid_from' => array( - 'description' => 'The {users}.uid corresponding to a session.', - 'type' => 'int', - 'not null' => TRUE, - 'default' => 0, - 'disp-width' => '10'), - 'uid_as' => array( - 'description' => 'The {users}.uid this session is masquerading as.', - 'type' => 'int', - 'not null' => TRUE, - 'default' => 0, - 'disp-width' => '10'), - ), - 'indexes' => array( - 'sid' => array('sid', 'uid_from'), - 'sid_2' => array('sid', 'uid_as'), - ), - ), 'masquerade_users' => array( 'description' => 'Per-user permission table granting permissions to switch as a specific user.', 'fields' => array( @@ -181,3 +154,12 @@ function masquerade_update_7001() { ->condition('delta', 'masquerade') ->execute(); } + +/** + * Delete masquerade table. + */ +function masquerade_update_7200() { + if (db_table_exists('masquerade')) { + db_drop_table('masquerade'); + } +} diff --git a/masquerade.module b/masquerade.module index 1cfd54704..8cd6fe5b4 100644 --- a/masquerade.module +++ b/masquerade.module @@ -11,7 +11,7 @@ function masquerade_help($path, $arg) { switch ($path) { case 'admin/help#masquerade': - return t('

The masquerade module adds a link on a user\'s profile page that allows permitted users to masquerade as that user. Upon masquerading, a link to "switch back" to the original user will appear in the menu. While masquerading, the option to masquerade as another user will not appear. All masquerading transactions are logged, and $user->masquerading will be set; this could be displayed via theme.

In the masquerade settings a list of roles are presented; any checked role is considered an "administrator" and requires the second level "masquerade as admin" permission to masquerade as. User #1 is automatically considered an administrator, regardless of roles.

'); + return t('

The masquerade module adds a link on a user\'s profile page that allows permitted users to masquerade as that user. Upon masquerading, a link to "switch back" to the original user will appear in the menu. While masquerading, the option to masquerade as another user will not appear. Masquerading status is managed with the PHP session.

In the masquerade settings a list of roles are presented; any checked role is considered an "administrator" and requires the second level "masquerade as admin" permission to masquerade as. User #1 is automatically considered an administrator, regardless of roles.

'); case 'admin/settings/masquerade': return t('Only the users with masquerade as admin permission, will be able to masquerade as the users who belong to the roles selected below. User #1 is automatically considered an administrator, regardless of roles.'); } @@ -47,54 +47,13 @@ function masquerade_permission() { } /** - * Implements hook_init(). - */ -function masquerade_init() { - global $user; - - // Try to load masqing uid from masquerade table. - $uid = db_query("SELECT uid_from FROM {masquerade} WHERE sid = :sid AND uid_as = :uid_as", array( - ':sid' => session_id(), - ':uid_as' => $user->uid, - ))->fetchField(); - - // We are using identical operator (===) instead of equal (==) because if - // $uid === 0 we want to store the session variable. If there's no record in - // masquerade table we clear the session variable. - if ($uid === FALSE) { - if (isset($_SESSION)) { - unset($_SESSION['masquerading']); - } - } - else { - $_SESSION['masquerading'] = $uid; - } -} - -/** - * Implements hook_cron(). - * - * Cleanup masquerade records where people didn't use the switch back link - * that would have cleanly removed the user switch record. - */ -function masquerade_cron() { - // see http://drupal.org/node/268487 before modifying this query - $subquery = db_select('sessions', 's'); - $subquery->addField('s', 'sid'); - - $query = db_delete('masquerade'); - $query->condition('sid', $subquery, 'NOT IN'); - $query->execute(); -} - -/** * Implements hook_menu(). */ function masquerade_menu() { $items = array(); $default_test_user = _masquerade_user_load(variable_get('masquerade_test_user', '')); - if ($default_test_user && ($default_test_user->uid || $default_test_user->name == variable_get('anonymous', t('Anonymous')))) { + if ($default_test_user && $default_test_user->uid) { $items['masquerade/switch/' . $default_test_user->uid] = array( 'title' => 'Masquerade as @testuser', 'title arguments' => array('@testuser' => $default_test_user->name), @@ -224,7 +183,6 @@ function masquerade_user_operations_masquerade(array $accounts) { * @return * TRUE, if the user can perform the requested action, FALSE otherwise. */ - function masquerade_menu_access($type, $uid = NULL) { switch ($type) { case 'unswitch': @@ -261,6 +219,8 @@ function masquerade_menu_access($type, $uid = NULL) { function masquerade_admin_settings() { // create a list of roles; all selected roles are considered administrative. $roles = user_roles(); + // Filter out the anonymous user role. + unset($roles[1]); $form['masquerade_admin_roles'] = array( '#type' => 'checkboxes', '#title' => t('Roles that are considered "administrators" for masquerading'), @@ -282,9 +242,6 @@ function masquerade_admin_settings() { $quick_switch = user_load_multiple(variable_get('masquerade_quick_switches', array())); $quick_switch_users = array(); foreach ($quick_switch as $uid => $account) { - if ($uid == 0) { - $account->name = variable_get('anonymous', t('Anonymous')); - } $quick_switch_users[] = $account->name; } $form['masquerade_quick_switches'] = array( @@ -337,11 +294,10 @@ function masquerade_admin_settings_submit($form, &$form_state) { } /** - * Wrapper around user_load() to allow the loading of anonymous users. + * Wrapper around user_load(). * * @param $username - * The username of the user you wish to load (i.e. $user->name). To load the - * anonymous user, pass the value of the 'anonymous' variable. + * The username of the user you wish to load (i.e. $user->name). * * @return * A fully-loaded $user object upon successful user load or FALSE if user @@ -350,34 +306,12 @@ function masquerade_admin_settings_submit($form, &$form_state) { function _masquerade_user_load($username) { $account = FALSE; if (!empty($username)) { - $anon = variable_get('anonymous', t('Anonymous')); - $account = user_load_by_name(($username == $anon ? '' : $username)); - if (isset($account->uid) && empty($account->uid)) { - // Anonymous user should have a name. - $account->name = $anon; - } + $account = user_load_by_name($username); } return $account; } /** - * Implements hook_user_logout(). - */ -function masquerade_user_logout($account) { - if (!empty($account->masquerading)) { - global $user; - cache_clear_all($user->uid, 'cache_menu', TRUE); - $real_user = user_load($user->masquerading); - watchdog('masquerade', "User %user no longer masquerading as %masq_as.", array('%user' => $real_user->name, '%masq_as' => $user->name), WATCHDOG_INFO); - - $query = db_delete('masquerade'); - $query->condition('sid', session_id()); - $query->condition('uid_as', $account->uid); - $query->execute(); - } -} - -/** * Implements hook_field_extra_fields(). */ function masquerade_field_extra_fields() { @@ -452,12 +386,7 @@ function masquerade_form_user_profile_form_alter(&$form, &$form_state, $form_id) $users = user_load_multiple($uids); $masquerade_users = array(); foreach ($users as $uid => $account) { - if ($uid == 0) { - $masquerade_users[] = variable_get('anonymous', t('Anonymous')); - } - else { - $masquerade_users[] = $account->name; - } + $masquerade_users[] = $account->name; } $form['masquerade']['masquerade_users'] = array( '#type' => 'textfield', @@ -468,7 +397,6 @@ function masquerade_form_user_profile_form_alter(&$form, &$form_state, $form_id) '#maxlength' => NULL, ); $form['#validate'][] = 'masquerade_user_validate'; - $form['#submit'][] = 'masquerade_user_submit'; } /** @@ -486,18 +414,9 @@ function masquerade_user_validate(&$form, $form_state) { } /** - * Submit handler for masquerade users form element. - */ -function masquerade_user_submit(&$form, $form_state) { - global $_masquerade_old_session_id; - $_masquerade_old_session_id = session_id(); -} - -/** * Implements hook_user_update(). */ function masquerade_user_update(&$edit, $account, $category) { - global $_masquerade_old_session_id; if ($category == 'account' && isset($edit['masquerade_users'])) { $query = db_delete('masquerade_users'); $query->condition('uid_from', $account->uid); @@ -515,17 +434,6 @@ function masquerade_user_update(&$edit, $account, $category) { } $query->execute(); $edit['masquerade_users'] = NULL; - - // Update user session... - // @TODO check other way of session API. - if (!empty($_masquerade_old_session_id)) { - $query = db_update('masquerade'); - $query->fields(array( - 'sid' => session_id(), - )); - $query->condition('sid', $_masquerade_old_session_id); - $query->execute(); - } } } @@ -587,12 +495,7 @@ function masquerade_block_1() { $markup_value = ''; if (isset($_SESSION['masquerading'])) { $quick_switch_links[] = l(t('Switch back'), 'masquerade/unswitch', array('query' => array('token' => drupal_get_token('masquerade/unswitch')))); - if ($user->uid > 0) { - $markup_value = t('You are masquerading as %masq_as.', array('@user-url' => url('user/' . $user->uid), '%masq_as' => $user->name)); - } - else { - $markup_value = t('You are masquerading as %anonymous.', array('%anonymous' => variable_get('anonymous', t('Anonymous')))); - } + $markup_value = t('You are masquerading as %masq_as.', array('@user-url' => url('user/' . $user->uid), '%masq_as' => $user->name)); } else { $quick_switches = variable_get('masquerade_quick_switches', array()); @@ -609,10 +512,6 @@ function masquerade_block_1() { if ($account->uid) { $quick_switch_links[] = l($account->name, $switch_link, array('query' => array('token' => drupal_get_token($switch_link)))); } - if ($switch_user == 0) { - $account->name = variable_get('anonymous', t('Anonymous')); - $quick_switch_links[] = l($account->name, $switch_link, array('query' => array('token' => drupal_get_token($switch_link)))); - } } } } @@ -675,7 +574,7 @@ function masquerade_block_1_validate($form, &$form_state) { form_set_error('masquerade_user_field', t('You are not allowed to masquerade as the selected user.')); } - if ($name != variable_get('anonymous', t('Anonymous')) && module_exists('alt_login')) { + if (module_exists('alt_login')) { $alt_login = db_query("SELECT u.name FROM {users} u INNER JOIN {alt_login} al ON u.uid = al.uid WHERE al.alt_login = :alt_login", array( ':alt_login' => $name ))->fetchObject(); @@ -717,11 +616,6 @@ function masquerade_block_1_submit($form, &$form_state) { */ function masquerade_autocomplete($string) { $matches = array(); - // Anonymous user goes first to be visible for user. - $anonymous = variable_get('anonymous', t('Anonymous')); - if (stripos($anonymous, $string) === 0) { - $matches[$anonymous] = $anonymous; - } // Other suggestions. $result = db_query_range("SELECT name FROM {users} WHERE LOWER(name) LIKE LOWER(:string)", 0, 10, array( ':string' => $string . '%', @@ -742,10 +636,8 @@ function masquerade_autocomplete($string) { * * @param $string * The string of autocmplete value submitted by the user. - * @param $add_anonymous - * Flag to include Anonymous user into result. */ -function masquerade_autocomplete_multiple($string, $add_anonymous = TRUE) { +function masquerade_autocomplete_multiple($string) { $matches = array(); // The user enters a comma-separated list of users. We only autocomplete the last user. $users_typed = drupal_explode_tags($string); @@ -753,14 +645,6 @@ function masquerade_autocomplete_multiple($string, $add_anonymous = TRUE) { $last_string = drupal_strtolower(array_pop($users_typed)); if ($last_string) { $prefix = count($users_typed) ? implode(', ', $users_typed) . ', ' : ''; - if ($add_anonymous) { - // Anonymous user goes first to be visible for user. - $anonymous = variable_get('anonymous', t('Anonymous')); - if (stripos($anonymous, $last_string) === 0) { - $matches[$prefix . $anonymous] = $anonymous; - } - } - // Other suggestions. $result = db_query_range("SELECT name FROM {users} WHERE LOWER(name) LIKE :string", 0, 10, array( ':string' => $last_string . '%', )); @@ -843,22 +727,11 @@ function masquerade_switch_user($uid) { return FALSE; } - // Call logout hooks when switching from original user. - masquerade_user_logout($user); drupal_session_regenerate(); - $query = db_insert('masquerade'); - $query->fields(array( - 'uid_from' => $user->uid, - 'uid_as' => $new_user->uid, - 'sid' => session_id(), - )); - $query->execute(); - // switch user - - watchdog('masquerade', 'User %user now masquerading as %masq_as.', array('%user' => $user->name, '%masq_as' => $new_user->name ? $new_user->name : variable_get('anonymous', t('Anonymous'))), WATCHDOG_INFO); + watchdog('masquerade', 'User %user now masquerading as %masq_as.', array('%user' => $user->name, '%masq_as' => $new_user->name), WATCHDOG_INFO); drupal_set_message(t('You are now masquerading as !masq_as.', array('!masq_as' => theme('username', array('account' => $new_user))))); - $user->masquerading = $new_user->uid; + $_SESSION['masquerading'] = $user->uid; $user = $new_user; // Call all login hooks when switching to masquerading user. @@ -890,21 +763,12 @@ function masquerade_switch_back_page() { function masquerade_switch_back() { // switch user global $user; - cache_clear_all($user->uid, 'cache_menu', TRUE); - $uid = db_query("SELECT m.uid_from FROM {masquerade} m WHERE m.sid = :sid AND m.uid_as = :uid_as ", array( - ':sid' => session_id(), - ':uid_as' => $user->uid, - ))->fetchField(); - // erase record - db_delete('masquerade') - ->condition('sid', session_id()) - ->condition('uid_as', $user->uid) - ->execute(); - - $oldname = ($user->uid == 0 ? variable_get('anonymous', t('Anonymous')) : $user->name); - - // Call logout hooks when switching from masquerading user. - masquerade_user_logout($user); + + $oldname = $user->name; + + // Clear the session. + $uid = $_SESSION['masquerading']; + unset($_SESSION['masquerading']); drupal_session_regenerate(); $user = user_load($uid);