*************** *** 958,1487 **** while ($row = db_fetch_object($result)) { $groups[$row->group_nid] = $row->title; } return $groups; } } - // just the query for the get_node_groups function. function og_user_roles_get_groups_result() { $sql = "SELECT oga.group_nid, n.title FROM {og_ancestry} oga INNER JOIN {node} n ON oga.group_nid = n.nid"; - // we use rewrite_sql() in order to avoid disclosing completely private groups (once we support those properly) - // return db_query(db_rewrite_sql($sql, 'oga', 'group_nid'), $nid); - return db_query(db_rewrite_sql($sql, 'oga', 'group_nid'), ''); - } - - // - // My OG Roles Modifications - // - // - // Modification - Added this function - // - // This function returns an array of role keys and names, like $user->roles - // However, it returns site roles as well as group roles - // - function og_user_roles_all_roles_array($user) { - - $roles = og_user_roles_all_roles($user); - - return $roles; - } - - // This function takes the global $user (or $account) value and returns a list - // of group and non-group roles for this user - - function og_user_roles_all_roles($user) { - - // This will be the process to get BOTH the group and non-group roles for a user - - $uid = $user->uid; - $gid = 0; - $gids = array(); - $nodeID = 0; - $location = 0; - - $uri_request_id = $_SERVER['REQUEST_URI']; - $arg = explode("/", $uri_request_id); - - $ogroles = array(); - $x1 = 0; - // - // This will by default add the anonymous user role (no need since we merge user->roles) - // - // We get the groupID - // - $group_node = og_get_group_context(); - $gid02 = $group_node->nid; - $gid = $gid02; - if ($gid02 === null) $gid = 0; - // - // If the above doesn't get the groupID, then we start trying stuff - // - if ($gid == 0) { - - // http://doadance.scbbs.com/drupal03/node/79 - - if (arg(0) == 'node' && is_numeric(arg(1)) && is_null(arg(2))) { - $location = 1; - $nodeID = (int)arg(1); - $gid = getgid($nodeID, $uid); - } - - // http://doadance.scbbs.com/node/79/edit - // http://doadance.scbbs.com/node/79/outline - // http://doadance.scbbs.com/node/79/track - - if (arg(0) == 'node' && is_numeric(arg(1)) && (arg(2) == 'edit' || arg(2) == 'outline' || arg(2) == 'track' ) ) { - $location = 2; - $nodeID = (int)arg(1); - $gid = getgid($nodeID, $uid); - } - // 0 1 2 - // http://www.mysite.com/comment/edit/14 - // - if (arg(0) == 'comment' && is_numeric(arg(2)) && arg(1) == 'edit' ) { - $location = 3; - $comment = _comment_load(arg(2)); - $nodeID = $comment->nid; - $gid = getgid($nodeID, $uid); - } - // 0 1 2 - // http://www.mysite.com/comment/reply/128#comment_form - // - if (arg(0) == 'comment' && arg(1) == 'reply' ) { - $location = 4; - $subsections = explode("#", arg(2)); - $nodeID = (int)$subsections[0]; - $gid = getgid($nodeID, $uid); - } - - // og_term access - // 0 1 2 3 - // http://www.mysite.com/node/add/forum/121 - // - if (arg(0) == 'node' && is_numeric(arg(3)) && arg(1) == 'add' ) { - $location = 5; - $nodeID = (int)arg(3); - $gid = getgid($nodeID, $uid); - } - - // Here we get the gid directly - // - // http://doadance.scbbs.com/node/79/view/tree - // http://doadance.scbbs.com/node/79/view/members - // http://doadance.scbbs.com/node/79/view - - if (arg(0) == 'node' && is_numeric(arg(1)) && arg(2) == 'view' ) { - $location = 2; - $gid = (int)arg(1); - } - - // Here we get the gid directly - // - // http://doadance.scbbs.com/og/users/72 - // http://doadance.scbbs.com/og/manage/72 - - if (arg(0) == 'og' && is_numeric(arg(2)) && is_null(arg(3))) { - $location = 6; - $gid = (int)arg(2); - } - - // og_user_roles - // - // http://doadance.scbbs.com/og/users/72/roles - // http://doadance.scbbs.com/og/users/72/add - - if (arg(0) == 'og' && arg(1) == 'users' && is_numeric(arg(2)) && is_null(arg(4))) { - $location = 6; - $gid = (int)arg(2); - } - - // og unsubscribe - // og_user_roles - // - // This is sort of a catch all for "og" and gid in this order - // og// - // - // http://doadance.scbbs.com/og/unsubscribe/72 - // http://doadance.scbbs.com/og/users/72/add - - if (arg(0) == 'og' && is_numeric(arg(2))) { - $location = 6; - $gid = (int)arg(2); - } - - // og_forum - // - // http://doadance.scbbs.com/og_forum/manage/72 - - if (arg(0) == 'og_forum' && arg(1) == 'manage' && is_numeric(arg(2)) && is_null(arg(3))) { - $location = 6; - $gid = (int)arg(2); - } - - // http://doadance.scbbs.com/og_forum/manage/edit/72 - // http://doadance.scbbs.com/og_forum/manage/add/72 - - if (arg(0) == 'og_forum' && arg(1) == 'manage' && is_numeric(arg(3))) { - $location = 6; - $gid = (int)arg(3); - } - - // og_calendar - // - // http://doadance.scbbs.com/og_calendar/72 - - // Modification - og_calendar was modified and now may look like this: - // http://www.centralavedance.com/og_calendar/2973/2007/07/01 - - // if (arg(0) == 'og_calendar' && is_numeric(arg(1)) && is_null(arg(2))) { - if (arg(0) == 'og_calendar' && is_numeric(arg(1)) ) { - $location = 7; - $gid = (int)arg(1); - } - - // og_forum - // 0 1 2 3 - // http://www.mysite.com/og_forum/39/72?edit[og_groups][]=72 - // http://www.mysite.com/og_forum/37/71?sort=asc&order=Replies&edit[og_groups][0]=71 - - // if ($arg[1] == 'og_forum' && strpos($arg[3], 'og_groups') !== false && (!is_null($arg[3])) ) { - // $location = 8; - // $subsections = explode("=", $arg[3]); - // foreach ($subsections as $subsection) { - // if (is_numeric($subsection)) { - // $gid = (int)$subsection; - // } - // } - // } - - // Modification as per: http://drupal.org/node/155882 - replaced $uri_request_id - // with arg() values. - - if (arg(0) == 'og_forum' && is_numeric(arg(2)) && isset($_REQUEST['edit']) ) { - $location = 8; - $edit = $_GET['edit']; - if ($edit[og_groups][0] > 0) { - // $gid = $edit[og_groups][0]; - $gid = arg(2); - } - } - - // og_forum - // http://www.mysite.com/forum/39 - // - // Modification - 2007-07-04. In the case where this is a forum - - if (arg(0) == 'forum' && is_numeric(arg(1)) && is_null(arg(2)) ) { - $location = 8; - $tid = (int)arg(1); - $gid = og_user_roles_gid_from_tid($tid); - - // If no gid returned, then set $gid = 0 - - if (empty($gid)) { - $gid = 0; - } - } - - // og create nodes (version 5.1) - // 0 1 2 3 - // http://sbn.scbbs.com/node/add/forum?gids[]=72 - // http://sbn.scbbs.com/node/add/simplenews?gids[]=72 - // http://sbn.scbbs.com/node/add/webform?gids[]=72 - // http://sbn.scbbs.com/node/add/video?gids[]=72 - // http://sbn.scbbs.com/node/add/page?gids[]=72 - // http://sbn.scbbs.com/node/add/blog?gids[]=72 - // http://sbn.scbbs.com/node/add/event?gids[]=72 - // http://sbn.scbbs.com/node/add/poll?gids[]=72 - // http://sbn.scbbs.com/node/add/flexinode-3?gids[]=72 - - // if ($arg[1] == 'node' && strpos($arg[3], 'gids') !== false && (!is_null($arg[3])) ) { - // $location = 10 . "(" . arg(0) . "|" . arg(1) . "|" . arg(2) . ")"; - // $subsections = explode("=", $arg[3]); - // $gid = (int)$subsections[1]; - // } - - // Modification as per: http://drupal.org/node/155882 - replaced $uri_request_id - // with arg() values. - - if (arg(0) == 'node' && arg(1) == 'add' && isset($_REQUEST['gids']) ) { - $location = 10 . "(" . arg(0) . "|" . arg(1) . "|" . arg(2) . ")"; - $gids = $_GET['gids']; - $gid = intval(current($_REQUEST['gids'])); - } - - // og create nodes (custom node/20 aliased to node/ognodeadd) - // 0 1 2 3 - // http://clients.brixrealtyinc.com/node/ognodeadd?type=document&gids[]=12 - // - // if ($arg[1] == 'node') { - // if (strpos($arg[2], 'ognodeadd') !== false ) { - // if (strpos($arg[2], 'gids') !== false ) { - // $location = 13; - // $subsections = explode("=", $arg[2]); - // $gid = (int)$subsections[2]; - // } - // - // Modification as per: http://drupal.org/node/155882 - // We use arg() instead of $arg[] ($uri_request_id) - // - if (arg(0) == 'node') { - if (arg(1) == 'ognodeadd') { - // - // Modification -- Get the gid from the variable instead of trying to calculate it. - // -- In case we need to add "tid=" to url as per: - // -- http://drupal.org/node/156568 - // - if (isset($_REQUEST['gids'])) { - $location = 13; - $gids = $_GET['gids']; - $gid = intval(current($_REQUEST['gids'])); - } - } - } - - } // end $gid if - // - // Now, using $uid and $gid we find out what roles this user has in this group; - // - if (empty($gid)) $gid = 0; // This prevents us from getting error on non-group node/add - // $query = 'SELECT role.rid, role.name FROM role INNER JOIN og_users_roles ON role.rid = og_users_roles.rid WHERE og_users_roles.uid = ' . $uid . ' AND og_users_roles.gid = ' . $gid; - // $results = db_query($query); - $query = 'SELECT {role}.rid, {role}.name FROM {role} INNER JOIN {og_users_roles} ON {role}.rid = {og_users_roles}.rid WHERE {og_users_roles}.uid = %d AND {og_users_roles}.gid = %d'; // FIXED TABLE PREFIX - $results = db_query($query, $uid, $gid); - // - // Create an array of these roles; - // - while ( $row = db_fetch_array($results) ) { - $x1 = $row["rid"]; - $ogroles[$x1] = $row["name"]; - } - // - // First, we need to create an array of $user->roles - // - $c = $user->roles; - // - // Next, we add the $user->roles array to the $ogroles array, if there is an ogroles array; - // - if ($x1 > 0) { - $d = array(); - $d = $c + $ogroles; - $d = array_unique($d); - } else { - $d = $c; - } - - // Write the test data - - og_user_roles_write_test($user, $location, $gid02, $gid, $uri_request_id, $d, $query); - // - // $d is either the merged results, or just $user->roles; - // - return $d; - - } // end og_user_roles_all_roles() - - function getgid($nodeID, $uid) { - - // This will return a $gid based upon the $nodeID and $uid supplied - - $gid = 0; - - // $result = db_query("select node_access.gid from node_access INNER JOIN og_uid ON node_access.gid = og_uid.nid WHERE node_access.realm = 'og_subscriber' AND og_uid.uid = $uid AND (node_access.nid = $nodeID OR node_access.gid = $nodeID)"); // modified to check for either the node or group ID in node_access - $result = db_query("select {node_access}.gid from {node_access} INNER JOIN {og_uid} ON {node_access}.gid = {og_uid}.nid WHERE {node_access}.realm = 'og_subscriber' AND {og_uid}.uid = %d AND ({node_access}.nid = %d OR {node_access}.gid = %d)", $uid, $nodeID, $nodeID); // FIXED TABLE PREFIX - modified to check for either the node or group ID in node_access - while($t = db_fetch_object($result)) { - $gid = $t->gid; - } - - // If $gid still equals 0 then try searching og_term table (if it exists) - // og forums will typically be listed here - - if ($gid == 0) { - if (user_table_exists('{og_term}')) { - // $result = db_query("select og_term.nid from og_term INNER JOIN og_uid ON og_term.nid = og_uid.nid WHERE og_term.tid = $nodeID AND og_uid.uid = $uid"); - $result = db_query("select {og_term}.nid from {og_term} INNER JOIN {og_uid} ON {og_term}.nid = {og_uid}.nid WHERE {og_term}.tid = %d AND {og_uid}.uid = %d", $nodeID, $uid); // FIXED TABLE PREFIX - while($t = db_fetch_object($result)) { - $gid = $t->nid; - } - } - } - - return $gid; - - } // end getgid() - // - // Modification - Added this function - // - function user_table_exists($table) { - return db_num_rows(db_query("SHOW TABLES LIKE '{" . db_escape_table($table) . "}'")); - } - - function og_user_roles_write_test($user, $location, $gid02, $gid, $uri_request_id, $d, $query) { - // - // See what is found in user_all_roles - // - $testStatus = ""; - $testDate = format_date(time(), 'custom', 'Y-m-d h:i:s a'); - $testUser = $user->uid; - $testFunction = "og_user_roles_all_roles"; - $testSubFunction = $location; - $testString = "group context: " . $gid02; - $testUserName = $user->name; - $testGroup = $gid; - $testURI = $uri_request_id; - $testAArg0 = arg(0); - $testAArg1 = arg(1); - $testAArg2 = arg(2); - $testAArg3 = arg(3); - $testPerm = "Roles Returned: (" . implode(",", $d) . ")
dbQuery = " . $query; - if (user_table_exists('{user_test}')) { - $testQuery = "insert into user_test (testStatus, testDate, testUser, testUserName, testGroup, testFunction, testSubFunction, testString, testURI, testAArg0, testAArg1, testAArg2, testAArg3, testPerm) values ('" . $testStatus . "','" . $testDate . "','" . $testUser . "','" . $testUserName . "','" . $testGroup . "','" . $testFunction . "','" . $testSubFunction . "','" . $testString . "','" . $testURI . "','" . $testAArg0 . "','" . $testAArg1 . "','" . $testAArg2 . "','" . $testAArg3 . "','" . $testPerm . "')"; - db_query($testQuery); - } - } - /** * Called by og_user_roles_nodeapi('access') * To check og access permissions - * - */ function og_user_roles_og_access_check($op, $node = NULL) { global $user; - $uid = $user->uid; - - if ($op != 'create' && $node->nid && $node->status) { - - if (isset($user) && is_array($user->og_groups)) { - $gids = array_keys($user->og_groups); - } - else { - $gids[] = 0; - } - - - if (isset($user) && is_array($user->roles)) { - $rids = array_keys($user->roles); - } - else { - $rids[] = 1; - } - - // - // if this node has groups or is a group, then use group sql, else use non-group sql - // - - $groups = $node->og_groups; - - if ($groups || $node->type == 'group') { - - $sql = " - SELECT COUNT(*) FROM {node_access} na - LEFT OUTER JOIN {og_uid} ogu on ogu.nid = na.nid - LEFT OUTER JOIN {og} ogm on ogm.nid = na.nid - WHERE (na.nid = 0 OR na.nid = %d) - AND ((na.realm = 'og_public' and na.gid = 0) - OR (na.realm = 'og_subscriber' AND na.gid in ('".implode("','",$gids)."')) - OR (ogm.nid > 0 and (na.nid in ('".implode("','",$gids)."')) or ogm.directory = 1 ) - OR (na.realm = 'term_access' AND na.nid in ('".implode("','",$gids)."')) ) - AND (na.grant_$op >= 1 OR (ogu.is_admin = 1 AND ogu.uid = ".$uid.") ) - "; - } else { - $sql = " - SELECT COUNT(*) FROM {node_access} na - WHERE (na.nid = 0 OR na.nid = %d) - AND (na.realm = 'term_access' AND na.gid in ('".implode("','",$rids)."')) - AND na.grant_$op >= 1 - "; - } - - $result = db_query($sql, $node->nid); - $output = (db_result($result)); - if ($output == 0) return FALSE; - if ($output > 0) return TRUE; - } - } - /** - * Called by og_user_roles_nodeapi('access') - * To check taxonomy_access access permissions - * - */ - function og_user_roles_taxonomy_access_check($op, $node = NULL) { - global $user; - $uid = $user->uid; - - if ($op != 'create' && $node->nid && $node->status) { - // Discovered that I needed to continue using user->roles to get non-group roles. - // will get group roles using og_users_roles and og_ancestry - // if (isset($user) && is_array($user->roles)) { $rids = array_keys($user->roles); - } else { $rids[] = 1; } - - $sql = "SELECT COUNT(*) FROM {node_access} na"; - $sql .= " LEFT OUTER JOIN {og_users_roles} ogr ON ogr.rid = na.gid"; - $sql .= " LEFT OUTER JOIN {og_ancestry} oga ON oga.nid = na.nid"; - $sql .= " LEFT OUTER JOIN {og_uid} ogu on ogu.nid = na.nid"; - $sql .= " WHERE (na.nid = 0 OR na.nid = %d) AND ((na.realm = 'term_access' AND na.gid in ('".implode("','",$rids)."')) OR (ogr.uid = " . $uid . " AND na.realm = 'term_access' AND oga.group_nid = ogr.gid) )"; - $sql .= " AND (na.grant_$op >= 1 OR (ogu.is_admin = 1 AND ogu.uid = ".$uid.") )"; - $result = db_query($sql, $node->nid); - $output = (db_result($result)); - if ($output == 0) return FALSE; - if ($output > 0) return TRUE; - } - } - /** - * Create content - * - * Format: http://www.scbbs.com/node/ognodeadd?type=link&gids[]=29 - * - */ - function og_user_roles_ognodeadd() { - global $user; - $roles = og_user_roles_all_roles($user); // This returns normal $user->roles and includes OG roles if any - $user->roles = $roles; - - $gids = $_GET['gids']; - - $typeFound = 'no'; - - if ($gids) { - $group_node = node_load($gids[0]); - og_set_group_context($group_node); - } - - $type = $_GET['type']; - - if ($type) { - // - // Got this from node.module (node_access) - // No matter the type, this should return us the create permission. - // - $module = node_get_types('module', $type); - if ($module == 'node') { - $module = 'node_content'; // Avoid function name collisions. - } - $access = module_invoke($module, 'access', 'create', $type); - if ($access === TRUE) { - $output = node_add($type); - } else { - $output = "Access denied."; - watchdog("access denied", "node/ognodeadd?type=" . $type . "&gids[]=" . $gids[0], WATCHDOG_WARNING); - } - } - return $output; - } - /** - * using the tid, get the group id - * stolen from og_forum (had to in the case where og_user_roles user doesn't have latest - * version of og_forum module which includes this) - */ - function og_user_roles_gid_from_tid($tid=0) { - $sql = "SELECT nid FROM {og_term} WHERE tid = %d"; - $gid = db_result(db_query($sql, $tid)); - return $gid; - } --- 821,1292 ---- while ($row = db_fetch_object($result)) { $groups[$row->group_nid] = $row->title; } + return $groups; } } + /** + * Just the query for the get_node_groups function. + */ function og_user_roles_get_groups_result() { $sql = "SELECT oga.group_nid, n.title FROM {og_ancestry} oga INNER JOIN {node} n ON oga.group_nid = n.nid"; + $result = db_query(db_rewrite_sql($sql, 'oga', 'group_nid'), ''); + + return $result; + } + + /** + * This function takes the global $user (or $account) value and returns a list + * of group and non-group roles for this user. + */ + function og_user_roles_all_roles($user) { + // This will be the process to get BOTH the group and non-group roles for a user + $uid = $user->uid; + $gid = 0; + $gids = array(); + $nid = 0; + $location = 0; + $uri_request_id = request_uri(); + $arg = explode('/', $uri_request_id); + $ogroles = array(); + $x1 = 0; + + // + // This will by default add the anonymous user role (no need since we merge user->roles) + // + // We get the groupID + // + + $group_node = og_get_group_context(); + $gid02 = $group_node->nid; + $gid = $gid02; + if ($gid02 === NULL) { + $gid = 0; + } + + // + // If the above doesn't get the groupID, then we start trying stuff + // + if ($gid == 0) { + // http://doadance.scbbs.com/drupal03/node/79 + if (arg(0) == 'node' && is_numeric(arg(1)) && is_null(arg(2))) { + $location = 1; + $nid = (int)arg(1); + $gid = og_user_roles_getgid($nid, $uid); + } + + // http://doadance.scbbs.com/node/79/edit + // http://doadance.scbbs.com/node/79/outline + // http://doadance.scbbs.com/node/79/track + if (arg(0) == 'node' && is_numeric(arg(1)) && (arg(2) == 'edit' || arg(2) == 'outline' || arg(2) == 'track')) { + $location = 2; + $nid = (int)arg(1); + $gid = og_user_roles_getgid($nid, $uid); + } + + // 0 1 2 + // http://www.mysite.com/comment/edit/14 + if (arg(0) == 'comment' && is_numeric(arg(2)) && arg(1) == 'edit') { + $location = 3; + $comment = _comment_load(arg(2)); + $nid = $comment->nid; + $gid = og_user_roles_getgid($nid, $uid); + } + + // 0 1 2 + // http://www.mysite.com/comment/reply/128#comment_form + if (arg(0) == 'comment' && arg(1) == 'reply') { + $location = 4; + $subsections = explode('#', arg(2)); + $nid = (int)$subsections[0]; + $gid = og_user_roles_getgid($nid, $uid); + } + + // og_term access + // 0 1 2 3 + // http://www.mysite.com/node/add/forum/121 + if (arg(0) == 'node' && is_numeric(arg(3)) && arg(1) == 'add') { + $location = 5; + $nid = (int)arg(3); + $gid = og_user_roles_getgid($nid, $uid); + } + + // Here we get the gid directly + // + // http://doadance.scbbs.com/node/79/view/tree + // http://doadance.scbbs.com/node/79/view/members + // http://doadance.scbbs.com/node/79/view + if (arg(0) == 'node' && is_numeric(arg(1)) && arg(2) == 'view') { + $location = 2; + $gid = (int)arg(1); + } + + // Here we get the gid directly + // + // http://doadance.scbbs.com/og/users/72 + // http://doadance.scbbs.com/og/manage/72 + if (arg(0) == 'og' && is_numeric(arg(2)) && is_null(arg(3))) { + $location = 6; + $gid = (int)arg(2); + } + + // og_user_roles + // + // http://doadance.scbbs.com/og/users/72/roles + // http://doadance.scbbs.com/og/users/72/add + if (arg(0) == 'og' && arg(1) == 'users' && is_numeric(arg(2)) && is_null(arg(4))) { + $location = 6; + $gid = (int)arg(2); + } + + // og unsubscribe + // og_user_roles + // + // This is sort of a catch all for "og" and gid in this order + // og// + // + // http://doadance.scbbs.com/og/unsubscribe/72 + // http://doadance.scbbs.com/og/users/72/add + if (arg(0) == 'og' && is_numeric(arg(2))) { + $location = 6; + $gid = (int)arg(2); + } + + // og_forum + // + // http://doadance.scbbs.com/og_forum/manage/72 + if (arg(0) == 'og_forum' && arg(1) == 'manage' && is_numeric(arg(2)) && is_null(arg(3))) { + $location = 6; + $gid = (int)arg(2); + } + + // http://doadance.scbbs.com/og_forum/manage/edit/72 + // http://doadance.scbbs.com/og_forum/manage/add/72 + if (arg(0) == 'og_forum' && arg(1) == 'manage' && is_numeric(arg(3))) { + $location = 6; + $gid = (int)arg(3); + } + + // og_calendar + // + // http://www.centralavedance.com/og_calendar/2973/2007/07/01 + if (arg(0) == 'og_calendar' && is_numeric(arg(1))) { + $location = 7; + $gid = (int)arg(1); + } + + // og_forum + // 0 1 2 3 + // http://www.mysite.com/og_forum/39/72?edit[og_groups][]=72 + // http://www.mysite.com/og_forum/37/71?sort=asc&order=Replies&edit[og_groups][0]=71 + // Modification as per: http://drupal.org/node/155882 - replaced $uri_request_id + // with arg() values. + + if (arg(0) == 'og_forum' && is_numeric(arg(2)) && isset($_REQUEST['edit'])) { + $location = 8; + $edit = $_GET['edit']; + if ($edit[og_groups][0] > 0) { + $gid = arg(2); + } + } + + // http://www.mysite.com/forum/39 + // Modification - 2007-07-04. In the case where this is a forum + if (arg(0) == 'forum' && is_numeric(arg(1)) && is_null(arg(2))) { + $location = 8; + $tid = (int)arg(1); + $gid = og_user_roles_gid_from_tid($tid); + // If no gid returned, then set $gid = 0 + if (empty($gid)) { + $gid = 0; + } + } + + // og create nodes (version 5.1) + // 0 1 2 3 + // http://sbn.scbbs.com/node/add/forum?gids[]=72 + // http://sbn.scbbs.com/node/add/simplenews?gids[]=72 + // http://sbn.scbbs.com/node/add/webform?gids[]=72 + // http://sbn.scbbs.com/node/add/video?gids[]=72 + // http://sbn.scbbs.com/node/add/page?gids[]=72 + // http://sbn.scbbs.com/node/add/blog?gids[]=72 + // http://sbn.scbbs.com/node/add/event?gids[]=72 + // http://sbn.scbbs.com/node/add/poll?gids[]=72 + // http://sbn.scbbs.com/node/add/flexinode-3?gids[]=72 + // Modification as per: http://drupal.org/node/155882 - replaced $uri_request_id + // with arg() values. + if (arg(0) == 'node' && arg(1) == 'add' && isset($_REQUEST['gids'])) { + $location = 10 .'('. arg(0) .'|'. arg(1) .'|'. arg(2) .')'; + $gids = $_GET['gids']; + $gid = intval(current($_REQUEST['gids'])); + } + + // og create nodes (custom node/20 aliased to node/ognodeadd) + // 0 1 2 3 + // http://clients.brixrealtyinc.com/node/ognodeadd?type=document&gids[]=12 + // + // Modification as per: http://drupal.org/node/155882 + // We use arg() instead of $arg[] ($uri_request_id) + // + if (arg(0) == 'node' && arg(1) == 'ognodeadd') { + // Modification -- Get the gid from the variable instead of trying to calculate it. + // -- In case we need to add "tid=" to url as per: + // -- http://drupal.org/node/156568 + if (isset($_REQUEST['gids'])) { + $location = 13; + $gids = $_GET['gids']; + $gid = intval(current($_REQUEST['gids'])); + } + } + } // end $gid if + + // + // Now, using $uid and $gid we find out what roles this user has in this group; + // + if (empty($gid)) { + $gid = 0; // This prevents us from getting error on non-group node/add + } + + $query = 'SELECT r.rid, r.name FROM {role} r INNER JOIN {og_users_roles} ogr ON r.rid = ogr.rid WHERE ogr.uid = %d AND ogr.gid = %d'; + $results = db_query($query, $uid, $gid); + + // + // Create an array of these roles; + // + + while ($row = db_fetch_array($results)) { + $x1 = $row['rid']; + $ogroles[$x1] = $row['name']; + } + + // + // First, we need to create an array of $user->roles + // + $c = $user->roles; + + // + // Next, we add the $user->roles array to the $ogroles array, if there is an ogroles array; + // + if ($x1 > 0) { + $d = array(); + $d = $c + $ogroles; + $d = array_unique($d); + } + else { + $d = $c; + } + + // Write the test data + //og_user_roles_write_test($user, $location, $gid02, $gid, $uri_request_id, $d, $query); + + // $d is either the merged results, or just $user->roles; + + return $d; + } // end og_user_roles_all_roles() + + /** + * This will return a $gid based upon the $nid and $uid supplied + */ + function og_user_roles_getgid($nid, $uid) { + $gid = 0; + $result = db_query("SELECT na.gid from {node_access} na INNER JOIN {og_uid} ogu ON na.gid = ogu.nid WHERE na.realm = 'og_subscriber' AND ogu.uid = %d AND (na.nid = %d OR na.gid = %d)", $uid, $nid, $nid); // modified to check for either the node or group ID in node_access + while ($t = db_fetch_object($result)) { + $gid = $t->gid; + } + + // If $gid still equals 0 then try searching og_term table (if it exists) + // og forums will typically be listed here + if ($gid == 0 && module_exists('og_forum')) { + $result = db_query("SELECT ogt.nid from {og_term} ogt INNER JOIN {og_uid} ogu ON ogt.nid = ogu.nid WHERE ogt.tid = %d AND ogu.uid = %d", $nid, $uid); + while ($t = db_fetch_object($result)) { + $gid = $t->nid; + } + } + + return $gid; + } // end getgid() + + /** + * Check if table exist. + */ + function og_user_roles_user_table_exists($table) { + return db_num_rows(db_query("SHOW TABLES LIKE '{". db_escape_table($table) ."}'")); + } + + /** + * See what is found in user_all_roles. + */ + function og_user_roles_write_test($user, $location, $gid02, $gid, $uri_request_id, $d, $query) { + $test_status = ''; + $test_date = format_date(time(), 'custom', 'Y-m-d h:i:s a'); + $test_user = $user->uid; + $test_function = 'og_user_roles_all_roles'; + $test_subfunction = $location; + $test_string = 'group context: '. $gid02; + $test_username = $user->name; + $test_group = $gid; + $test_uri = $uri_request_id; + $test_aarg0 = arg(0); + $test_aarg1 = arg(1); + $test_aarg2 = arg(2); + $test_aarg3 = arg(3); + $test_perm = 'Roles Returned: ('. implode(',', $d) .')
db_query = '. $query; + + if (og_user_roles_user_table_exists('{user_test}')) { + $test_query = "INSERT INTO user_test (test_status, test_date, test_user, test_username, test_group, test_function, test_subfunction, test_string, test_uri, test_aarg0, test_aarg1, test_aarg2, test_aarg3, test_perm) values ('". $test_status ."','". $test_date ."','". $test_user ."','". $test_username ."','". $test_group ."','". $test_function ."','". $test_subfunction ."','". $test_string ."','". $test_uri ."','". $test_aarg0 ."','". $test_aarg1 ."','". $test_aarg2 ."','". $test_aarg3 ."','". $test_perm ."')"; + db_query($test_query); + } + } + /** * Called by og_user_roles_nodeapi('access') * To check og access permissions + */ function og_user_roles_og_access_check($op, $node = NULL) { global $user; + $uid = $user->uid; + if ($op != 'create' && $node->nid && $node->status) { + if (isset($user) && is_array($user->og_groups)) { + $gids = array_keys($user->og_groups); + } + else { + $gids[] = 0; + } + + if (isset($user) && is_array($user->roles)) { + $rids = array_keys($user->roles); + } + else { + $rids[] = 1; + } + + // if this node has groups or is a group, then use group sql, else use non-group sql + $groups = $node->og_groups; + if ($groups || $node->type == 'group') { + $sql = " + SELECT COUNT(*) FROM {node_access} na + LEFT OUTER JOIN {og_uid} ogu on ogu.nid = na.nid + LEFT OUTER JOIN {og} ogm on ogm.nid = na.nid + WHERE (na.nid = 0 OR na.nid = %d) + AND ((na.realm = 'og_public' and na.gid = 0) + OR (na.realm = 'og_subscriber' AND na.gid in (%s)) + OR (ogm.nid > 0 and (na.nid in (%s)) or ogm.directory = 1) + OR (na.realm = 'term_access' AND na.nid in (%s))) + AND (na.grant_$op >= 1 OR (ogu.is_admin = 1 AND ogu.uid = %d)) + "; + $group_ids = implode(',', $gids); + $result = db_query($sql, $node->nid, $group_ids, $group_ids, $group_ids, $uid); + } + else { + $sql = " + SELECT COUNT(*) FROM {node_access} na + WHERE (na.nid = 0 OR na.nid = %d) + AND (na.realm = 'term_access' AND na.gid in (%s)) + AND na.grant_$op >= 1 + "; + $result = db_query($sql, $node->nid, implode(',', $rids)); + } + + $output = (db_result($result)); + + if ($output == 0) { + return FALSE; + } + if ($output > 0) { + return TRUE; + } + } + } + /** + * Called by og_user_roles_nodeapi('access') + * To check taxonomy_access access permissions. + */ + function og_user_roles_taxonomy_access_check($op, $node = NULL) { + global $user; + + $uid = $user->uid; + + if ($op != 'create' && $node->nid && $node->status) { + // Discovered that I needed to continue using user->roles to get non-group roles. + // will get group roles using og_users_roles and og_ancestry + if (isset($user) && is_array($user->roles)) { $rids = array_keys($user->roles); + } else { $rids[] = 1; } + + $sql = "SELECT COUNT(*) FROM {node_access} na"; + $sql .= " LEFT OUTER JOIN {og_users_roles} ogr ON ogr.rid = na.gid"; + $sql .= " LEFT OUTER JOIN {og_ancestry} oga ON oga.nid = na.nid"; + $sql .= " LEFT OUTER JOIN {og_uid} ogu on ogu.nid = na.nid"; + $sql .= " WHERE (na.nid = 0 OR na.nid = %d) AND ((na.realm = 'term_access' AND na.gid in (%s)) OR (ogr.uid = %d AND na.realm = 'term_access' AND oga.group_nid = ogr.gid))"; + $sql .= " AND (na.grant_$op >= 1 OR (ogu.is_admin = 1 AND ogu.uid = %d))"; + + $result = db_query($sql, $node->nid, implode(',', $rids), $uid, $uid); + $output = (db_result($result)); + + if ($output == 0) { + return FALSE; + } + if ($output > 0) { + return TRUE; + } + } + } + /** + * Create content + * Format: http://www.scbbs.com/node/ognodeadd?type=link&gids[]=29 + */ + function og_user_roles_ognodeadd() { + global $user; + + $roles = og_user_roles_all_roles($user); // This returns normal $user->roles and includes OG roles if any + + $user->roles = $roles; + $gids = $_GET['gids']; + if ($gids) { + $group_node = node_load($gids[0]); + og_set_group_context($group_node); + } + + $type = $_GET['type']; + + if ($type) { + // Got this from node.module (node_access) + // No matter the type, this should return us the create permission. + $module = node_get_types('module', $type); + + if ($module == 'node') { + $module = 'node_content'; // Avoid function name collisions. + } + + $access = module_invoke($module, 'access', 'create', $type); + + if ($access === TRUE) { + $output = node_add($type); + } + else { + $output = 'Access denied.'; + watchdog('access denied', 'node/ognodeadd?type='. $type .'&gids[]='. $gids[0], WATCHDOG_WARNING); + } + } + + return $output; + } + + /** + * using the tid, get the group id + * stolen from og_forum (had to in the case where og_user_roles user doesn't have latest + * version of og_forum module which includes this) + */ + function og_user_roles_gid_from_tid($tid = 0) { + $sql = "SELECT nid FROM {og_term} WHERE tid = %d"; + $gid = db_result(db_query($sql, $tid)); + + return $gid; + }