? .svn
? p_219181_editown.patch
? p_239343_access.patch
? p_239751_throttle.patch
? components/.svn
? po/.svn
Index: webform.install
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/webform/webform.install,v
retrieving revision 1.14.2.16.2.15
diff -u -p -r1.14.2.16.2.15 webform.install
--- webform.install	28 Feb 2008 03:21:40 -0000	1.14.2.16.2.15
+++ webform.install	31 Mar 2008 14:50:11 -0000
@@ -42,6 +42,13 @@ function webform_install() {
         ) TYPE=MyISAM /*!40100 DEFAULT CHARACTER SET utf8 */"
       );
 
+      $success = $success && db_query("CREATE TABLE if not exists {webform_roles} (
+        nid int(10) unsigned NOT NULL default '0',
+        rid int(10) unsigned NOT NULL default '0',
+        PRIMARY KEY (nid, rid)
+        ) TYPE=MyISAM /*!40100 DEFAULT CHARACTER SET utf8 */"
+      );
+
       $success = $success && db_query("CREATE TABLE if not exists {webform_submissions} (
         sid int(10) unsigned NOT NULL default '0',
         nid int(10) unsigned NOT NULL default '0',
@@ -99,6 +106,13 @@ function webform_install() {
         )"
       );
 
+      $success = $success && db_query("CREATE TABLE {webform_roles} (
+        nid integer NOT NULL default '0',
+        rid integer NOT NULL default '0',
+        PRIMARY KEY (nid, rid)
+        )"
+      );
+
       $success = $success && db_query("CREATE TABLE {webform_submissions} (
         sid serial UNIQUE,
         nid integer NOT NULL default '0',
@@ -161,6 +175,7 @@ function webform_uninstall() {
   // Drop tables.
   db_query("DROP TABLE IF EXISTS {webform}");
   db_query("DROP TABLE IF EXISTS {webform_component}");
+  db_query("DROP TABLE IF EXISTS {webform_roles}");
   db_query("DROP TABLE IF EXISTS {webform_submissions}");
   db_query("DROP TABLE IF EXISTS {webform_submitted_data}");
 }
@@ -655,6 +670,48 @@ function webform_update_20() {
 }
 
 /**
+ * Per-webform submission access control based on roles.
+ */
+function webform_update_21() {
+  $ret = array();
+  switch ($GLOBALS['db_type']) {
+    case 'mysqli':
+    case 'mysql':
+      $ret[] = update_sql("CREATE TABLE {webform_roles} ( ".
+                          "nid int(10) unsigned NOT NULL default '0', ".
+                          "rid int(10) unsigned NOT NULL default '0', ".
+                          "PRIMARY KEY (nid, rid) ".
+                          ") TYPE=MyISAM /*!40100 DEFAULT CHARACTER SET utf8 */" );
+      _webform_add_role_permissions();
+      break;
+
+    case 'pgsql':
+      $ret[] = update_sql("CREATE TABLE {webform_roles} ( ".
+                          "nid integer NOT NULL default '0', ".
+                          "rid integer NOT NULL default '0', ".
+                          "PRIMARY KEY (nid, rid) ".
+                          ")" );
+      _webform_add_role_permissions();
+      break;
+  }
+  return $ret;
+}
+
+/**
+ * webform_update_21() helper: give all user roles access to submit all webforms.
+ */
+function _webform_add_role_permissions() {
+  $roles = user_roles();
+  $results = db_query("SELECT nid FROM {node} WHERE type = 'webform'");
+  while ($result = db_fetch_object($results)) {
+    foreach ($roles as $rid => $name) {
+      db_query("INSERT INTO {webform_roles} (nid, rid) VALUES (%d, %d)", $result->nid, $rid);
+    }
+  }
+
+}
+
+/**
  * Recursively delete all files and folders in the specified filepath, then
  * delete the containing folder.
  *
Index: webform.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/webform/webform.module,v
retrieving revision 1.113.2.70.2.33
diff -u -p -r1.113.2.70.2.33 webform.module
--- webform.module	30 Mar 2008 00:32:14 -0000	1.113.2.70.2.33
+++ webform.module	31 Mar 2008 14:50:11 -0000
@@ -315,6 +315,11 @@ function webform_insert($node) {
       );
     }
   }
+
+  // set the per-role submission access control.
+  foreach (array_filter($node->webform['roles']) as $rid) {
+    db_query("INSERT INTO {webform_roles} (nid, rid) VALUES (%d, %d)", $node->nid, $rid);
+  }
 }
 
 /**
@@ -324,6 +329,7 @@ function webform_update($node) {
   // Update the webform by deleting existing data and replacing with the new.
   db_query("DELETE FROM {webform} WHERE nid = %d", $node->nid);
   db_query("DELETE FROM {webform_component} WHERE nid = %d", $node->nid);
+  db_query('DELETE FROM {webform_roles} WHERE nid = %d', $node->nid);
   webform_insert($node);
 }
 
@@ -333,6 +339,7 @@ function webform_update($node) {
 function webform_delete(&$node) {
   db_query("DELETE FROM {webform} WHERE nid = %d", $node->nid);
   db_query("DELETE FROM {webform_component} WHERE nid = %d", $node->nid);
+  db_query('DELETE FROM {webform_roles} WHERE nid = %d', $node->nid);
   watchdog('webform', 'webform "'. $node->title .'" deleted', WATCHDOG_NOTICE);
 }
 
@@ -474,6 +481,31 @@ function webform_form(&$node, &$param) {
   $form['webform']['settings']['format'] = filter_form($node->format);
   /* End Edit Form */
 
+  /* Start per-role submission control */
+  $form['webform']['role_control'] = array(
+    '#type' => 'fieldset',
+    '#title' => t('Webform access control'),
+    '#collapsible' => TRUE,
+    '#collapsed' => FALSE,
+    '#weight' => -3,
+    '#parents' => array('webform'),
+  );
+  $default_role_options = array();
+  if ($node->nid) {
+    $result = db_query("SELECT rid FROM {webform_roles} WHERE nid = %d", $node->nid);
+    while ($role = db_fetch_object($result)) {
+      $default_role_options[] = $role->rid;
+    }
+  }
+  $form['webform']['role_control']['roles'] = array(
+    '#default_value' => $default_role_options,
+    '#options' => user_roles(),
+    '#type' => 'checkboxes',
+    '#title' => t('Roles that can submit this webform'),
+  );
+  /* End per-role submission control */
+
+
   /* Start E-mail Settings Form */
   $form['webform']['mail_settings'] = array(
     '#type' => 'fieldset',
@@ -783,7 +815,7 @@ function webform_form_alter($form_id, &$
 }
 
 /**
- * Submit handler for the webform node form. 
+ * Submit handler for the webform node form.
  * 
  * Redirect the user to the components form on new node inserts. Note that this
  * fires after the hook_submit() function above.
@@ -792,7 +824,7 @@ function webform_form_submit($form_id, $
   // There should be a more effective way to find the new node ID.
   $nid = db_result(db_query_range("SELECT nid FROM {node} WHERE type = 'webform' ORDER BY nid DESC", 0, 1));
 
-  // Remove the the submitted message added by node module.
+  // Remove the submitted message added by node module.
   unset($_SESSION['messages']['status']);
 
   drupal_set_message(t('The new webform %title has been created. Add new fields to your webform with the form below.', array('%title' => $form_values['title'])));
@@ -839,7 +871,23 @@ function webform_view(&$node, $teaser = 
     }
   }
 
-  $output = drupal_get_form('webform_client_form_'. $node->nid, $node, $submission, $enabled, $preview);
+  // can the user's role submit this webform?
+  $capable_role = $user->uid == 1 ? TRUE : FALSE;
+  $result = db_query("SELECT rid FROM {webform_roles} WHERE nid = %d", $node->nid);
+  while ($role = db_fetch_object($result)) {
+    if ($user->roles[$role->rid]) {
+      $capable_role = TRUE;
+      break;
+    }
+  }
+
+  if ($capable_role) { 
+    $output = drupal_get_form('webform_client_form_'. $node->nid, $node, $submission, $enabled, $preview);
+  }
+  else {
+    drupal_set_message(t("You do not have permission to submit this webform."), 'error');
+  }
+
 
   // Remove the surrounding <form> tag if this is a preview.
   if ($preview) {