? access_4.patch.txt ? files ? formpull_11.patch ? mw.patch ? patch ? tmp.patch ? sites/all/modules ? sites/all/themes ? sites/default/mw.patch ? sites/default/tmp.patch Index: modules/blog/blog.module =================================================================== RCS file: /cvs/drupal/drupal/modules/blog/blog.module,v retrieving revision 1.281 diff -u -F^f -r1.281 blog.module --- modules/blog/blog.module 21 Jun 2007 04:38:41 -0000 1.281 +++ modules/blog/blog.module 27 Jun 2007 23:44:36 -0000 @@ -29,15 +29,13 @@ function blog_perm() { /** * Implementation of hook_access(). */ -function blog_access($op, $node) { - global $user; - +function blog_access($op, $node, $account) { if ($op == 'create') { - return user_access('edit own blog') && $user->uid; + return user_access('edit own blog', $account) && $account->uid; } if ($op == 'update' || $op == 'delete') { - if (user_access('edit own blog') && ($user->uid == $node->uid)) { + if (user_access('edit own blog', $account) && ($node->uid == $account->uid)) { return TRUE; } } Index: modules/book/book.module =================================================================== RCS file: /cvs/drupal/drupal/modules/book/book.module,v retrieving revision 1.424 diff -u -F^f -r1.424 book.module --- modules/book/book.module 22 Jun 2007 05:44:20 -0000 1.424 +++ modules/book/book.module 27 Jun 2007 23:44:51 -0000 @@ -46,13 +46,11 @@ function book_perm() { /** * Implementation of hook_access(). */ -function book_access($op, $node) { - global $user; - +function book_access($op, $node, $account) { if ($op == 'create') { // Only registered users can create book pages. Given the nature // of the book module this is considered to be a good/safe idea. - return user_access('create book pages'); + return user_access('create book pages', $account); } if ($op == 'update') { @@ -62,12 +60,10 @@ function book_access($op, $node) { // of that page waiting for approval. That is, only updates that // don't overwrite the current or pending information are allowed. - if (user_access('edit book pages') || ($node->uid == $user->uid && user_access('edit own book pages'))) { + if (user_access('edit book pages') || ($node->uid == $account->uid && user_access('edit own book pages', $account))) { return TRUE; } - else { - // do nothing. node-access() will determine further access - } + // else do nothing. node-access() will determine further access } } Index: modules/forum/forum.module =================================================================== RCS file: /cvs/drupal/drupal/modules/forum/forum.module,v retrieving revision 1.404 diff -u -F^f -r1.404 forum.module --- modules/forum/forum.module 22 Jun 2007 08:32:27 -0000 1.404 +++ modules/forum/forum.module 27 Jun 2007 23:45:16 -0000 @@ -142,15 +142,13 @@ function forum_node_info() { /** * Implementation of hook_access(). */ -function forum_access($op, $node) { - global $user; - +function forum_access($op, $node, $account) { if ($op == 'create') { - return user_access('create forum topics'); + return user_access('create forum topics', $account); } if ($op == 'update' || $op == 'delete') { - if (user_access('edit own forum topics') && ($user->uid == $node->uid)) { + if (user_access('edit own forum topics', $account) && ($account->uid == $node->uid)) { return TRUE; } } Index: modules/node/node.module =================================================================== RCS file: /cvs/drupal/drupal/modules/node/node.module,v retrieving revision 1.840 diff -u -F^f -r1.840 node.module --- modules/node/node.module 26 Jun 2007 22:27:25 -0000 1.840 +++ modules/node/node.module 27 Jun 2007 23:45:52 -0000 @@ -2796,16 +2796,17 @@ function node_access($op, $node) { if ($op != 'create') { $node = (object)$node; } + $account = isset($uid) ? user_load(array('uid' => $uid)) : $GLOBALS['user']; // If the node is in a restricted format, disallow editing. if ($op == 'update' && !filter_access($node->format)) { return FALSE; } - if (user_access('administer nodes')) { + if (user_access('administer nodes', $account)) { return TRUE; } - if (!user_access('access content')) { + if (!user_access('access content', $account)) { return FALSE; } @@ -2815,7 +2816,7 @@ function node_access($op, $node) { if ($module == 'node') { $module = 'node_content'; // Avoid function name collisions. } - $access = module_invoke($module, 'access', $op, $node); + $access = module_invoke($module, 'access', $op, $node, $account); if (!is_null($access)) { return $access; } @@ -3076,18 +3077,19 @@ function node_access_rebuild() { */ /** - * Implementation of hook_access(). + * Implementation of hook_access(). This has a nonstandard name in order + * not to conflict with unrelated node_access() */ -function node_content_access($op, $node) { +function node_content_access($op, $node, $account) { global $user; $type = is_string($node) ? $node : (is_array($node) ? $node['type'] : $node->type); if ($op == 'create') { - return user_access('create '. $type .' content'); + return user_access('create '. $type .' content', $account); } if ($op == 'update') { - if (user_access('edit '. $type .' content') || (user_access('edit own '. $type .' content') && ($user->uid == $node->uid))) { + if (user_access('edit '. $type .' content', $account) || (user_access('edit own '. $type .' content', $account) && ($user->uid == $node->uid))) { return TRUE; } } Index: modules/poll/poll.module =================================================================== RCS file: /cvs/drupal/drupal/modules/poll/poll.module,v retrieving revision 1.232 diff -u -F^f -r1.232 poll.module --- modules/poll/poll.module 22 Jun 2007 05:44:21 -0000 1.232 +++ modules/poll/poll.module 27 Jun 2007 23:45:57 -0000 @@ -40,9 +40,9 @@ function poll_theme() { /** * Implementation of hook_access(). */ -function poll_access($op, $node) { +function poll_access($op, $node, $account) { if ($op == 'create') { - return user_access('create polls'); + return user_access('create polls', $account); } }