diff --git a/protected_node.module b/protected_node.module index 5f4c7c5..5db5863 100644 --- a/protected_node.module +++ b/protected_node.module @@ -578,21 +578,21 @@ global $user; if (!empty($node->protected_node_is_protected)) { // Accessed for search indexing? (usually by cron.php) if ($view_mode == 'search_index') { // "user" could see the node, but at this time, not its contents // (the current user is Anonymous, so that statement is not exactly true, // but at the time of the search index building we cannot know who will // be searching so we let go without the access denied error.) protected_node_invoke('protected_node_hide', $node); } - elseif (!user_access('bypass password protection') && !user_access('view protected content')) { + elseif (!user_access('bypass password protection') && !user_access('view protected content') && _protected_node_check_view_mode($view_mode)) { if (!$user->uid && variable_get('cache', 1)) { // Prevent caching (do NOT use variable_set() since this is temporary // for this session). $GLOBALS['conf']['cache'] = 0; } if ($node->uid !== $user->uid) { // Is there a global password? if (isset($_SESSION['_protected_node']['passwords']['global'])) { // Is password out of date? @@ -1235,10 +1235,43 @@ $_SESSION['_protected_node']['passwords']['global'] = REQUEST_TIME; } else { $_SESSION['_protected_node']['passwords'][$nid] = REQUEST_TIME; } return TRUE; } } return FALSE; } + +/** + * Internal function to evaluate whether the current + * view mode is one to check the password for. + * + * @param $view_mode, eg: full, teaser, or custom (eg: ds view modes) + * @return boolean, TRUE if we are checking passwords, FALSE if not. + */ +function _protected_node_check_view_mode($view_mode) { + $permitted_view_modes = variable_get('protected_node_checked_view_modes', _protected_node_get_default_checked_view_modes()); + + return in_array($view_mode, $permitted_view_modes); +} + +/** + * Helper function. + * + * Used to get the default checked view modes. + */ +function _protected_node_get_default_checked_view_modes() { + $default_view_modes = &drupal_static(__FUNCTION__); + + if (!isset($default_view_modes)) { + $node_info = entity_get_info('node'); + + $default_view_modes = array(); + foreach ($node_info['view modes'] as $id => $item) { + $default_view_modes[] = $id; + } + } + + return $default_view_modes; +} diff --git a/protected_node.settings.inc b/protected_node.settings.inc index 8f8687a..c4ca975 100644 --- a/protected_node.settings.inc +++ b/protected_node.settings.inc @@ -535,20 +535,42 @@ if (module_exists('token')) { $vars = array( 'token_types' => array('global', 'node', 'user'), ); $form['protected_node_form']['protected_node_tokens'] = array( '#value' => theme('token_tree', $vars), '#description' => t("WARNING: the user tokens should only be used if anonymous users cannot access protected nodes; otherwise the result may not be what you'd expect."), ); } + // View modes. + $node_info = entity_get_info('node'); + $view_modes = array(); + foreach ($node_info['view modes'] as $id => $item) { + $view_modes[$id] = $item['label']; + } + asort($view_modes); + + $form['protected_node_view_modes'] = array( + '#type' => 'fieldset', + '#collapsible' => TRUE, + '#title' => t('Display Suite view modes'), + ); + $form['protected_node_view_modes']['protected_node_checked_view_modes'] = array( + '#type' => 'select', + '#multiple' => TRUE, + '#title' => t('Enabled view modes'), + '#description' => t('Only check passwords for nodes that are rendered with the selected view modes.'), + '#options' => $view_modes, + '#default_value' => variable_get('protected_node_checked_view_modes', _protected_node_get_default_checked_view_modes()), + ); + // A few actions to do some "mass work". $form['protected_node_actions'] = array( '#type' => 'fieldset', '#title' => t('Protected node actions'), '#collapsible' => TRUE, '#collapsed' => TRUE, ); // Clear Sessions button. $form['protected_node_actions']['protected_node_clear_sessions'] = array(