Index: modules/aggregator/aggregator.module =================================================================== RCS file: /cvs/drupal/drupal/modules/aggregator/aggregator.module,v retrieving revision 1.371 diff -u -p -r1.371 aggregator.module --- modules/aggregator/aggregator.module 28 Dec 2007 12:02:50 -0000 1.371 +++ modules/aggregator/aggregator.module 8 Jan 2008 22:29:03 -0000 @@ -887,7 +887,7 @@ function theme_aggregator_block_item($it global $user; $output = ''; - if ($user->uid && module_exists('blog') && user_access('edit own blog')) { + if ($user->uid && module_exists('blog') && user_access('create blog entries')) { if ($image = theme('image', 'misc/blog.png', t('blog it'), t('blog it'))) { $output .= '
'. l($image, 'node/add/blog', array('attributes' => array('title' => t('Comment on this news item in your personal blog.'), 'class' => 'blog-it'), 'query' => "iid=$item->iid", 'html' => TRUE)) .'
'; } Index: modules/blog/blog.module =================================================================== RCS file: /cvs/drupal/drupal/modules/blog/blog.module,v retrieving revision 1.296 diff -u -p -r1.296 blog.module --- modules/blog/blog.module 28 Dec 2007 12:02:51 -0000 1.296 +++ modules/blog/blog.module 8 Jan 2008 22:29:03 -0000 @@ -23,21 +23,21 @@ function blog_node_info() { * Implementation of hook_perm(). */ function blog_perm() { - return array('edit own blog'); + return array('create blog entries', 'delete own blog entries', 'delete any blog entry', 'edit own blog entries', 'edit any blog entry'); } /** * Implementation of hook_access(). */ function blog_access($op, $node, $account) { - if ($op == 'create') { - return user_access('edit own blog', $account) && $account->uid; - } - - if ($op == 'update' || $op == 'delete') { - if (user_access('edit own blog', $account) && ($node->uid == $account->uid)) { - return TRUE; - } + switch ($op) { + case 'create': + // Anonymous users cannot post even if they have the permission. + return user_access('create blog entries', $account) && $account->uid; + case 'update': + return user_access('edit any blog entry', $account) || (user_access('edit own blog entries', $account) && ($node->uid == $account->uid)); + case 'delete': + return user_access('delete any blog entry', $account) || (user_access('delete own blog entries', $account) && ($node->uid == $account->uid)); } } @@ -45,7 +45,7 @@ function blog_access($op, $node, $accoun * Implementation of hook_user(). */ function blog_user($type, &$edit, &$user) { - if ($type == 'view' && user_access('edit own blog', $user)) { + if ($type == 'view' && user_access('create blog entries', $user)) { $user->content['summary']['blog'] = array( '#type' => 'user_profile_item', '#title' => t('Blog'), @@ -145,7 +145,7 @@ function blog_menu() { 'page callback' => 'blog_page_user', 'page arguments' => array(1), 'access callback' => 'user_access', - 'access arguments' => array('edit own blog', 1), + 'access arguments' => array('create blog entries', 1), 'file' => 'blog.pages.inc', ); $items['blog/%user/feed'] = array( Index: modules/blog/blog.pages.inc =================================================================== RCS file: /cvs/drupal/drupal/modules/blog/blog.pages.inc,v retrieving revision 1.4 diff -u -p -r1.4 blog.pages.inc --- modules/blog/blog.pages.inc 14 Dec 2007 10:40:51 -0000 1.4 +++ modules/blog/blog.pages.inc 8 Jan 2008 22:29:03 -0000 @@ -16,7 +16,7 @@ function blog_page_user($account) { $items = array(); - if (($account->uid == $user->uid) && user_access('edit own blog')) { + if (($account->uid == $user->uid) && user_access('create blog entries')) { $items[] = l(t('Post new blog entry.'), "node/add/blog"); } else if ($account->uid == $user->uid) { Index: modules/blogapi/blogapi.install =================================================================== RCS file: modules/blogapi/blogapi.install diff -N modules/blogapi/blogapi.install --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ modules/blogapi/blogapi.install 8 Jan 2008 22:29:03 -0000 @@ -0,0 +1,20 @@ + $username, 'pass' => $password)); if ($user->uid) { - if (user_access('edit own blog', $user)) { + if (user_access('administer content with blog api', $user)) { return $user; } else { Index: modules/forum/forum.module =================================================================== RCS file: /cvs/drupal/drupal/modules/forum/forum.module,v retrieving revision 1.443 diff -u -p -r1.443 forum.module --- modules/forum/forum.module 8 Jan 2008 10:35:41 -0000 1.443 +++ modules/forum/forum.module 8 Jan 2008 22:29:05 -0000 @@ -305,14 +305,13 @@ function forum_node_info() { * Implementation of hook_access(). */ function forum_access($op, $node, $account) { - if ($op == 'create') { - return user_access('create forum topics', $account); - } - - if ($op == 'update' || $op == 'delete') { - if (user_access('edit any forum topic', $account) || (user_access('edit own forum topics', $account) && ($account->uid == $node->uid))) { - return TRUE; - } + switch ($op) { + case 'create': + return user_access('create forum topics', $account); + case 'update': + return user_access('edit any forum topic', $account) || (user_access('edit own forum topics', $account) && ($account->uid == $node->uid)); + case 'delete': + return user_access('delete any forum topic', $account) || (user_access('delete own forum topics', $account) && ($account->uid == $node->uid)); } } @@ -320,7 +319,7 @@ function forum_access($op, $node, $accou * Implementation of hook_perm(). */ function forum_perm() { - return array('create forum topics', 'edit own forum topics', 'edit any forum topic', 'administer forums'); + return array('create forum topics', 'delete own forum topics', 'delete any forum topic', 'edit own forum topics', 'edit any forum topic', 'administer forums'); } /** Index: modules/poll/poll.module =================================================================== RCS file: /cvs/drupal/drupal/modules/poll/poll.module,v retrieving revision 1.261 diff -u -p -r1.261 poll.module --- modules/poll/poll.module 4 Jan 2008 08:04:45 -0000 1.261 +++ modules/poll/poll.module 8 Jan 2008 22:29:05 -0000 @@ -54,7 +54,7 @@ function poll_theme() { * Implementation of hook_perm(). */ function poll_perm() { - return array('create poll content', 'edit any poll content', 'edit own poll content', 'vote on polls', 'cancel own vote', 'inspect all votes'); + return array('create poll content', 'delete own poll content', 'delete any poll content', 'edit any poll content', 'edit own poll content', 'vote on polls', 'cancel own vote', 'inspect all votes'); } /** @@ -66,6 +66,8 @@ function poll_access($op, $node, $accoun return user_access('create poll content', $account); case 'update': return user_access('edit any poll content', $account) || (user_access('edit own poll content', $account) && ($node->uid == $account->uid)); + case 'delete': + return user_access('delete any poll content', $account) || (user_access('delete own poll content', $account) && ($node->uid == $account->uid)); } } Index: modules/system/system.install =================================================================== RCS file: /cvs/drupal/drupal/modules/system/system.install,v retrieving revision 1.226 diff -u -p -r1.226 system.install --- modules/system/system.install 8 Jan 2008 21:22:28 -0000 1.226 +++ modules/system/system.install 8 Jan 2008 22:29:07 -0000 @@ -2415,6 +2415,36 @@ function system_update_6044() { } /** + * Update blog, book and locale module permissions. + * + * Blog module got "edit own blog" replaced with the more granular "create + * blog entries", "edit own blog entries" and "delete own blog entries" + * permissions. We grant create and edit to previously privileged users, but + * delete is not granted to be in line with other pemission changes in Drupal 6. + * + * Book module's "edit book pages" was upgraded to the bogus "edit book content" + * in Drupal 6 RC1 instead of "edit any book content", which would be correct. + * + * Locale module introduced "administer languages" and "translate interface" + * in place of "administer locales". + * + * Modeled after system_update_6039(). + */ +function system_update_6045() { + $ret = array(); + $result = db_query("SELECT rid, perm FROM {permission} ORDER BY rid"); + while ($role = db_fetch_object($result)) { + $renamed_permission = preg_replace('/(?<=^|,\ )edit\ own\ blog(?=,|$)/', 'create blog entries, edit own blog entries', $role->perm); + $renamed_permission = preg_replace('/(?<=^|,\ )edit\ book\ content(?=,|$)/', 'edit any book content', $renamed_permission); + $renamed_permission = preg_replace('/(?<=^|,\ )administer\ locales(?=,|$)/', 'administer languages, translate interface', $renamed_permission); + if ($renamed_permission != $role->perm) { + $ret[] = update_sql("UPDATE {permission} SET perm = '$renamed_permission' WHERE rid = $role->rid"); + } + } + return $ret; +} + +/** * @} End of "defgroup updates-5.x-to-6.x" * The next series of updates should start at 7000. */