'admin/user/simple_access',
'title' => t('Simple Access'),
'access' => $access,
'callback' => 'simple_access_page_overview',
'type' => MENU_NORMAL_ITEM,
'description' => t('Update description'),
);
$items[] = array(
'path' => 'admin/user/simple_access/list',
'title' => t('List'),
'access' => $access,
'type' => MENU_DEFAULT_LOCAL_TASK,
'weight' => -8
);
$items[] = array(
'path' => 'admin/user/simple_access/add',
'title' => t('Add Group'),
'callback' => 'drupal_get_form',
'callback arguments' => array('simple_access_group_form'),
'access' => $access,
'type' => MENU_LOCAL_TASK,
'weight' => -6
);
$items[] = array(
'path' => 'admin/user/simple_access/edit',
'title' => t('Edit Group'),
'callback' => 'drupal_get_form',
'callback arguments' => array('simple_access_group_form'),
'access' => $access,
'type' => MENU_CALLBACK,
'weight' => -6
);
$items[] = array(
'path' => 'admin/settings/simple_access',
'title' => t('Simple Access'),
'callback' => 'drupal_get_form',
'callback arguments' => array('simple_access_settings_page'),
'access' => $access,
'type' => MENU_NORMAL_ITEM,
'description' => t('Configure user access to parameters.'),
);
$items[] = array(
'path' => 'admin/content/simple_access',
'title' => t('Simple Access'),
'access' => user_access('administer nodes'),
'callback' => 'simple_access_nodes',
'type' => MENU_NORMAL_ITEM,
'description' => t('View node access which has been set up via Simple Access'),
);
$items[] = array(
'path' => 'admin/content/simple_access/view',
'title' => t('View'),
'callback' => 'simple_access_nodes',
'access' => user_access('administer nodes'),
'type' => MENU_DEFAULT_LOCAL_TASK, 'weight'=>-5
);
$items[] = array(
'path' => 'admin/content/simple_access/edit',
'title' => t('Edit Access'),
'callback' => 'simple_access_nodes',
'access' => user_access('administer nodes'),
'type' => MENU_CALLBACK,
'weight' => -4
);
$items[] = array(
'path' => 'admin/content/simple_access/delete',
'title' => t('Delete Access'),
'callback' => 'simple_access_nodes',
'access' => user_access('administer nodes'),
'type' => MENU_CALLBACK,
'weight' => -3
);
}
return $items;
}
/**
* Implementation of hook_perm().
*
*/
function simple_access_perm() {
return array('manage simple access', 'assign access to nodes');
}
/**
* Implementation of hook_node_access_records
*/
function simple_access_node_access_records($node)
{
$records = array();
if ($node->simple_access)
{
// loop through simple_access arrays from page submission
// $type is either 'view', 'update', or 'delete'
foreach((array)$node->simple_access as $type => $array) {
// loop through each checkbox of the group
foreach((array)$array['checks'] as $gid => $checked) {
// make an array of all grants for node
if($checked){
$sa_grants[$gid][$type] = true;
if ($type == 'view') {
// if we've gotten here, then one of
// the view boxes is checked so...
$views = TRUE;
}
}
}
}
// Because the UI is organized by access rather than GID, we need to
// reorganize the array by realm/GID
if ($sa_grants)
{
foreach($sa_grants as $gid => $access)
{
$records[] = array(
'realm' => 'simple_access',
'gid' => $gid,
'grant_view' => $access['view'],
'grant_update' => $access['update'],
'grant_delete' => $access['delete'],
'priority' => 1,
);
}
}
}
// if there are new view recrods set
if (!$views)
{
$records[] = array(
'realm' => 'simple_access',
'gid' => 0,
'grant_view' => 1,
'grant_update' => 0,
'grant_update' => 0,
'priority' => 1,
);
}
$records[] = array(
'realm' => 'simple_access_author',
'gid' => $node->uid,
'grant_view' => user_access('access content'),
'grant_update' => user_access('access content'),
'grant_delete' => user_access('access content'),
'priority' => 0,
);
return $records;
}
/**
* Implementation of hook_node_grants().
*
* @TODO implement to correcly return groups in all cases.
*/
function simple_access_node_grants($account, $op) {
$gids = simple_access_groups_from_roles( array_keys($account->roles));
$grants['simple_access'] = $gids;
$grants['simple_access_author'] = array($account->uid);
return $grants;
}
function simple_access_form_alter($form_id, &$form){
// if this is a node form...
if (isset($form['type']) && $form['type']['#value'] .'_node_form' == $form_id) {
if ($simple_access_form = simple_access_form($form['#node'])) {
$form = array_merge($form, $simple_access_form);
}
}
}
function simple_access_form($node){
if (user_access('assign access to nodes') || user_access('administer nodes')){
//include the css
drupal_add_css(drupal_get_path('module', 'simple_access') .'/simple_access.css');
// set up the outer fieldset
$form['simple_access'] = array(
'#title' => t('Access'),
'#type' => 'fieldset',
'#collapsible' => true,
'#collapsed' => true,
'#tree' => true,
'#weight' => 5
);
//if (variable_get('simple_access_active', FALSE)) {
if (!isset($node->simple_access)) {
// Load the grants from the database.
$result = db_query('SELECT na.gid, na.grant_view, na.grant_update, na.grant_delete FROM {node_access} na WHERE na.nid = %d AND na.realm = \'simple_access\'', $node->nid);
while($grant = db_fetch_object($result)) {
if ($grant->gid > 0) {
if ($grant->grant_view) {
$views[$grant->gid] = $grant->gid;
}
if ($grant->grant_update) {
$updates[$grant->gid] = $grant->gid;
}
if ($grant->grant_delete) {
$deletes[$grant->gid] = $grant->gid;
}
}
}
$node->simple_access = array(
'views' => $views,
'updates' => $updates,
'deletes' => $deletes
);
}
$variable = variable_get('sa_display', array('view'));
$count = count($variable) ? count($variable) : 1;
$percent = 90/$count;
$options = simple_access_group_select(user_access('administer nodes')|| variable_get('sa_showgroups',0));
// this is the only stuff that changes for each
// so we put it all in one place for easy editing
$loop = array(
'view' => array(
'title' => t('Only viewable by'),
'description' => ''.t('All unchecked = viewable by all.').'',
'default' => $views,
),
'update' => array(
'title' => t('Additionally editable by'),
'description' => ''.t('All unchecked = normal behavior
(author and admins can edit).').'',
'default' => $updates
),
'delete' => array(
'title' => t('Additionally deletable by'),
'description' => ''.t('All unchecked = normal behavior
(author and admins can delete).').'',
'default' => $deletes
)
);
foreach($loop as $key => $vals) {
//changed this from in_array cause array was containing view->view and update=>0 even when key wasn't checked.- metzlerd
if ($variable[$key]) {
$form['simple_access'][$key] = array(
'#type' => 'fieldset',
'#title' => $vals['title'],
'#description' => $vals['description'],
'#attributes' => array('class' => 'sa-inline', 'style' => "width:$percent%"),
);
if ($options) {
$form['simple_access'][$key]['checks'] = array(
'#type' => 'checkboxes',
'#title' => '',
'#default_value' => $vals['default'],
'#options' => $options
//'#tree' => false
);
}
else {
$form['simple_access'][$key][] = array(
'#type' => 'markup',
'#value' => t('No access groups have been defined', array('!url' => url('admin/user/simple_access')))
);
}
}
}
// stick in a div to keep the floats working right
$form['simple_access'][] = array(
'#type' => 'markup',
'#value' => '
'
);
return $form;
}
}
function simple_access_page($op = NULL, $gid = NULL) {
if ($_POST['op'] == t('Submit')) {
}
elseif ($_POST['edit']['confirm']) {
simple_access_delete_group($_POST['edit']['gid']);
drupal_goto('admin/user/simple_access');
return;
}
switch ($op) {
case 'delete':
//$hidden = form_hidden('gid', $gid);
$form['gid'] = array(
'#type' => 'hidden',
'#value' => $gid
);
//$output = theme('confirm', t('Are you sure you want to delete this group?'), 'admin/access/simple_access', NULL, NULL, NULL, $hidden);
$output = confirm_form('simple_access_delete_group', $form, t('Are you sure you want to delete this group?'), 'admin/user/simple_access');
break;
case 'edit':
return simple_access_group_form($gid);
break;
default:
}
//print theme('page', $output);
return $output;
}
function simple_access_page_overview() {
/* if (!variable_get('simple_access_active', FALSE)) {
drupal_set_message(t('Fire it up first.'));
drupal_goto('admin/access/simple_access/setup');
} */
if (count($rg = simple_access_get_groups())) {
drupal_set_title(t('Access Groups'));
$header = array(t('Group'), t('Roles'), t('Operations'));
$roles = user_roles();
foreach ($rg as $g) {
$gid = $g['gid'];
$rows[$gid]['group'] = $g['name'];
$r = array();
foreach($g['roles'] as $rid) {
$r[] = $roles[$rid];
}
$rows[$gid]['roles'] = "".implode(', ', $r)."";
$rows[$gid]['ops'] = l('edit', 'admin/user/simple_access/edit/'.$gid). ' '. l('delete', 'admin/user/simple_access/delete/'.$gid);
}
$output .= theme('table', $header, $rows, array('style'=>'width:100%'));
$output .= '
'.l(t('add another access group'), 'admin/user/simple_access/add');
return $output;
}
else {
drupal_set_message(t('You have not yet defined any access groups.'));
drupal_goto('admin/user/simple_access/add');
}
}
function simple_access_settings_page() {
drupal_set_title(t('Simple Access Settings'));
$options = array(
'view' => t('View: Displays viewability selections at top of node form. Selected access groups will be the only users who can view the node. All unselected = normal node behavior (viewable by all).
'),
'update' => t('Edit: Displays editability selections at top of node form. Users who are part of selected access groups will be able to edit this node. All unselected = "normal" node behavior (only author and admins may edit).
'),
'delete' => t('Delete: Displays deleteability selections at top of node form. Users who are part of selected access groups will be able to delete this node. All unselected = "normal" node behavior (only author and admins may delete).
')
);
$form['sa_display'] = array(
'#type' => 'checkboxes',
'#title' => t('Display'),
'#default_value' => variable_get('sa_display', array('view')),
'#options' => $options,
'#description' => t('Which options should appear on node add/edit pages for administrators? Select at least one.'),
'#required' => TRUE
);
$form['sa_showgroups'] = array(
'#type' => 'checkbox',
'#title' => 'Show groups even when user is not a member.',
'#default_value' => variable_get('sa_showgroups',0),
'#description' => 'This is useful when you want to have a user be able to make content viewable by themselves and a higher privileged group (e.g. students sharing work with faculty)',
);
return system_settings_form($form);
}
function simple_access_deactivate_confirm_submit($form_id, $form_values) {
simple_access_initialize(FALSE);
return 'admin/access/simple_access/setup';
}
function simple_access_group_form($gid = NULL) {
if ($gid) {
drupal_set_title(t('Edit Access Group'));
$group = db_fetch_object(db_query('SELECT name, weight FROM {simple_access_groups} WHERE gid = %d', $gid));
$name = $group->name;
$weight = $group->weight;
$roles = simple_access_get_roles($gid);
$form['gid'] = array(
'#type' => 'hidden',
'#value' => $gid
);
}
else {
drupal_set_title(t('Create Access Group'));
$weight = 0;
}
$form['name'] = array(
'#type' => 'textfield',
'#title' => t('Name'),
'#default_value' => $name,
'#size' => 40,
'#maxlength' => 80,
'#description' => t('The name for the access group as it will appear on the content editing form.'),
'#attributes' => $attributes = NULL,
'#required' => TRUE
);
$form['roles'] = array(
'#type' => 'checkboxes',
'#title' => t('Roles'),
'#default_value' => $roles,
'#options' => user_roles(),
'#description' => t('Roles that can view')
);
$form['weight'] = array(
'#type' => 'weight',
'#title' => 'Weight',
'#default_value' => $weight,
'#delta' => 10,
'#description' => t('When setting permissions, heavier names will sink and lighter names will be positioned nearer the top.')
);
$form[] = array(
'#type' => 'submit',
'#value' => t('Submit')
);
return $form;
}
function simple_access_group_form_submit($form_id, $form_values) {
simple_access_save_group($form_values);
return 'admin/user/simple_access';
}
function simple_access_get_roles($gid) {
$roles = array();
$sql = db_query('SELECT rid FROM {simple_access_roles} WHERE gid = %d', $gid);
while ($row = db_fetch_object($sql)) {
$roles[] = $row->rid;
}
return $roles;
}
function simple_access_get_groups() {
$groups = array();
$sql = db_query('SELECT gid, name FROM {simple_access_groups} ORDER BY weight, name');
while ($g = db_fetch_object($sql)) {
$groups[$g->gid]['name'] = $g->name;
$groups[$g->gid]['gid'] = $g->gid;
$groups[$g->gid]['roles'] = simple_access_get_roles($g->gid);
}
return $groups;
}
function simple_access_group_select($all = FALSE) {
$groups = array();
if ($all){
// return all of the groups (for node administrators)
$result = db_query('SELECT gid, name FROM {simple_access_groups} ORDER BY weight, name');
}
else {
// return just groups for which user is a member
global $user;
$roles = array_keys($user->roles);
$result = db_query('SELECT DISTINCT g.gid, g.name FROM {simple_access_groups} g INNER JOIN {simple_access_roles} r ON g.gid = r.gid WHERE r.rid IN (%s) ORDER BY weight, name', implode(',', $roles));
}
while ($g = db_fetch_object($result)) {
$groups[$g->gid] = $g->name;
}
return $groups;
}
/**
* Get a list of group/grant ids based on a list of user roles
* $roles should be a linear list a role ids
*
*/
function simple_access_groups_from_roles($roles) {
// there probably should be some 'static' stuff going on here
// always return gid 0 just to be safe.
$gids = array(0);
$result = db_query("SELECT gid FROM {simple_access_roles} WHERE rid IN (%s)", implode(",", $roles));
while ($g = db_fetch_object($result)) {
$gids[] = $g->gid;
}
return $gids;
}
/**
* Save group of roles into the database
* $roles is an associative array of roles where the keys are role ids
* $name is the name of the group
* $gid is the group id
*
*/
function simple_access_save_group($edit) {
if (!$edit['gid']) {
$edit['gid'] = db_next_id('{simple_access_groups}_gid');
}
db_query('DELETE FROM {simple_access_roles} WHERE gid = %d', $edit['gid']);
db_query('DELETE FROM {simple_access_groups} WHERE gid = %d', $edit['gid']);
$success = TRUE;
$success = $success && db_query("INSERT INTO {simple_access_groups} (gid, name, weight) VALUES (%d, '%s', %d)", $edit['gid'], $edit['name'], $edit['weight']);
if (is_array($edit['roles'])) {
foreach($edit['roles'] as $key => $value) {
if ($value) {
$success = $success && db_query('INSERT INTO {simple_access_roles} (rid, gid) VALUES (%d, %d)', $key, $edit['gid']);
}
}
}
if (!$success) {
drupal_set_message(t("There was a problem saving to the database"));
}
return $success;
}
function simple_access_delete_group($gid) {
db_query('DELETE FROM {simple_access_roles} WHERE gid = %d', $gid);
db_query('DELETE FROM {simple_access_groups} WHERE gid = %d', $gid);
}
function simple_access_initialize($initialize = TRUE) {
if ($initialize) {
// delete universal view grant
db_query("DELETE FROM {node_access} WHERE nid = 0 AND realm = 'all'");
// set all nodes to viewable
db_query("INSERT INTO {node_access} (nid, gid, realm, grant_view, grant_update, grant_delete) SELECT nid, 0, 'simple_access', 1, 0, 0 FROM {node}");
variable_set('simple_access_active', TRUE);
drupal_set_message(t('The database has been configured and simple_access module is ready for use.'));
}
else {
// delete all simple_access stuff
db_query("DELETE FROM {node_access} WHERE realm = 'simple_access'");
// re-enable universal view grant
db_query("INSERT INTO {node_access} (nid, gid, realm, grant_view, grant_update, grant_delete) VALUES (0, 0, 'all', 1, 0, 0)");
variable_set('simple_access_active', FALSE);
drupal_set_message(t('The database has been re-configured. You should now visit %modules to disable the simple_access module itself.', array('%modules' => l('the modules page', 'admin/modules'))));
}
}
/**
* List hidden, editable, and deletable nodes
*
*/
function simple_access_nodes() {
switch(arg(3)) {
case 'edit' :
drupal_set_title(t('Items With Edit Access Set'));
$output = ''.t('These nodes have been set as "additionally editable by" certain Simple Access
groups. ', array('!url' => url('admin/user/simple_access'))).'
';
$sql = "SELECT DISTINCT n.title, na.nid FROM {node} n INNER JOIN {node_access} na ON n.nid = na.nid WHERE na.realm='simple_access' AND na.gid > 0 AND na.grant_update = 1";
break;
case 'delete' :
drupal_set_title(t('Items With Delete Access Set'));
$output = ''.t('These nodes have been set as "additionally deletable by" certain Simple Access
groups. ', array('!url' => url('admin/user/simple_access'))).'
';
$sql = "SELECT DISTINCT n.title, na.nid FROM {node} n INNER JOIN {node_access} na ON n.nid = na.nid WHERE na.realm='simple_access' AND na.gid > 0 AND na.grant_delete = 1";
break;
case 'view' :
default :
drupal_set_title(t('Items With View Access Set'));
$output = ''.t('These nodes have been set as "only viewable by" certain Simple Access
groups.', array('!url' => url('admin/user/simple_access'))).'
';
$sql = "SELECT DISTINCT n.title, na.nid FROM {node} n INNER JOIN {node_access} na ON n.nid = na.nid WHERE na.realm='simple_access' AND na.gid > 0 AND na.grant_view = 1";
break;
}
$header = array(
array('data' => t('ID'), 'field' => 'n.nid', 'sort' => 'desc'),
array('data' => t('Title'), 'field' => 'n.title'),
array('data' => ' ')
);
$sql .= tablesort_sql($header);
$result = pager_query($sql, 50);
$groups_info = simple_access_get_groups();
while ($r = db_fetch_object($result)) {
$groups = array();
$rs2 = db_query('SELECT na.gid, na.grant_view, na.grant_update, na.grant_delete FROM {node_access} na WHERE na.nid = %d AND na.realm = \'simple_access\'', $r->nid);
while ($r2 = db_fetch_object($rs2)) {
$groups[] = $groups_info[$r2->gid]['name'];
}
$rows[$r->nid]['nid'] = array('data' => $r->nid, 'style' => 'vertical-align:top');
$info = ''.$r->title.'
'.implode(', ', $groups).'
';
$rows[$r->nid]['title'] = array('data' => $info, 'style' => 'vertical-align:top');
$rows[$r->nid]['ops'] = array('data' => l(t('view'), 'node/'.$r->nid).' '.l(t('edit'), 'node/'.$r->nid.'/edit', array(), drupal_get_destination()), 'style' => 'vertical-align:top');
}
if ($rows) {
$output .= theme('table', $header, $rows, array('style' => 'width:100%'));
$output .= theme('pager', array(), 50);
}
else {
$output .= ''.t('No nodes match this criteria.').'
';
}
//print theme('page', $output);
return $output;
}
/**
* Implementation of hook_enable
*/
function simple_access_enable()
{
drupal_set_message('To fully activate simple_access you also need to'.l('rebuild permissions ','admin/content/node-settings'));
}
function simple_access_disable()
{
drupal_set_message('To fully disable simple_access you also need to'.l('rebuild permissions ','admin/content/node-settings'));
}