'admin/user/simple_access', 'title' => t('Simple Access'), 'access' => $access, 'callback' => 'simple_access_page_overview', 'type' => MENU_NORMAL_ITEM, 'description' => t('Update description'), ); $items[] = array( 'path' => 'admin/user/simple_access/list', 'title' => t('List'), 'access' => $access, 'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -8 ); $items[] = array( 'path' => 'admin/user/simple_access/add', 'title' => t('Add Group'), 'callback' => 'drupal_get_form', 'callback arguments' => array('simple_access_group_form'), 'access' => $access, 'type' => MENU_LOCAL_TASK, 'weight' => -6 ); $items[] = array( 'path' => 'admin/user/simple_access/edit', 'title' => t('Edit Group'), 'callback' => 'drupal_get_form', 'callback arguments' => array('simple_access_group_form'), 'access' => $access, 'type' => MENU_CALLBACK, 'weight' => -6 ); $items[] = array( 'path' => 'admin/settings/simple_access', 'title' => t('Simple Access'), 'callback' => 'drupal_get_form', 'callback arguments' => array('simple_access_settings_page'), 'access' => $access, 'type' => MENU_NORMAL_ITEM, 'description' => t('Configure user access to parameters.'), ); $items[] = array( 'path' => 'admin/content/simple_access', 'title' => t('Simple Access'), 'access' => user_access('administer nodes'), 'callback' => 'simple_access_nodes', 'type' => MENU_NORMAL_ITEM, 'description' => t('View node access which has been set up via Simple Access'), ); $items[] = array( 'path' => 'admin/content/simple_access/view', 'title' => t('View'), 'callback' => 'simple_access_nodes', 'access' => user_access('administer nodes'), 'type' => MENU_DEFAULT_LOCAL_TASK, 'weight'=>-5 ); $items[] = array( 'path' => 'admin/content/simple_access/edit', 'title' => t('Edit Access'), 'callback' => 'simple_access_nodes', 'access' => user_access('administer nodes'), 'type' => MENU_CALLBACK, 'weight' => -4 ); $items[] = array( 'path' => 'admin/content/simple_access/delete', 'title' => t('Delete Access'), 'callback' => 'simple_access_nodes', 'access' => user_access('administer nodes'), 'type' => MENU_CALLBACK, 'weight' => -3 ); } return $items; } /** * Implementation of hook_perm(). * */ function simple_access_perm() { return array('manage simple access', 'assign access to nodes'); } /** * Implementation of hook_node_access_records */ function simple_access_node_access_records($node) { $records = array(); if ($node->simple_access) { // loop through simple_access arrays from page submission // $type is either 'view', 'update', or 'delete' foreach((array)$node->simple_access as $type => $array) { // loop through each checkbox of the group foreach((array)$array['checks'] as $gid => $checked) { // make an array of all grants for node if($checked){ $sa_grants[$gid][$type] = true; if ($type == 'view') { // if we've gotten here, then one of // the view boxes is checked so... $views = TRUE; } } } } // Because the UI is organized by access rather than GID, we need to // reorganize the array by realm/GID if ($sa_grants) { foreach($sa_grants as $gid => $access) { $records[] = array( 'realm' => 'simple_access', 'gid' => $gid, 'grant_view' => $access['view'], 'grant_update' => $access['update'], 'grant_delete' => $access['delete'], 'priority' => 1, ); } } } // if there are new view recrods set if (!$views) { $records[] = array( 'realm' => 'simple_access', 'gid' => 0, 'grant_view' => 1, 'grant_update' => 0, 'grant_update' => 0, 'priority' => 1, ); } $records[] = array( 'realm' => 'simple_access_author', 'gid' => $node->uid, 'grant_view' => user_access('access content'), 'grant_update' => user_access('access content'), 'grant_delete' => user_access('access content'), 'priority' => 0, ); return $records; } /** * Implementation of hook_node_grants(). * * @TODO implement to correcly return groups in all cases. */ function simple_access_node_grants($account, $op) { $gids = simple_access_groups_from_roles( array_keys($account->roles)); $grants['simple_access'] = $gids; $grants['simple_access_author'] = array($account->uid); return $grants; } function simple_access_form_alter($form_id, &$form){ // if this is a node form... if (isset($form['type']) && $form['type']['#value'] .'_node_form' == $form_id) { if ($simple_access_form = simple_access_form($form['#node'])) { $form = array_merge($form, $simple_access_form); } } } function simple_access_form($node){ if (user_access('assign access to nodes') || user_access('administer nodes')){ //include the css drupal_add_css(drupal_get_path('module', 'simple_access') .'/simple_access.css'); // set up the outer fieldset $form['simple_access'] = array( '#title' => t('Access'), '#type' => 'fieldset', '#collapsible' => true, '#collapsed' => true, '#tree' => true, '#weight' => 5 ); //if (variable_get('simple_access_active', FALSE)) { if (!isset($node->simple_access)) { // Load the grants from the database. $result = db_query('SELECT na.gid, na.grant_view, na.grant_update, na.grant_delete FROM {node_access} na WHERE na.nid = %d AND na.realm = \'simple_access\'', $node->nid); while($grant = db_fetch_object($result)) { if ($grant->gid > 0) { if ($grant->grant_view) { $views[$grant->gid] = $grant->gid; } if ($grant->grant_update) { $updates[$grant->gid] = $grant->gid; } if ($grant->grant_delete) { $deletes[$grant->gid] = $grant->gid; } } } $node->simple_access = array( 'views' => $views, 'updates' => $updates, 'deletes' => $deletes ); } $variable = variable_get('sa_display', array('view')); $count = count($variable) ? count($variable) : 1; $percent = 90/$count; $options = simple_access_group_select(user_access('administer nodes')|| variable_get('sa_showgroups',0)); // this is the only stuff that changes for each // so we put it all in one place for easy editing $loop = array( 'view' => array( 'title' => t('Only viewable by'), 'description' => ''.t('All unchecked = viewable by all.').'', 'default' => $views, ), 'update' => array( 'title' => t('Additionally editable by'), 'description' => ''.t('All unchecked = normal behavior
(author and admins can edit).').'
', 'default' => $updates ), 'delete' => array( 'title' => t('Additionally deletable by'), 'description' => ''.t('All unchecked = normal behavior
(author and admins can delete).').'
', 'default' => $deletes ) ); foreach($loop as $key => $vals) { //changed this from in_array cause array was containing view->view and update=>0 even when key wasn't checked.- metzlerd if ($variable[$key]) { $form['simple_access'][$key] = array( '#type' => 'fieldset', '#title' => $vals['title'], '#description' => $vals['description'], '#attributes' => array('class' => 'sa-inline', 'style' => "width:$percent%"), ); if ($options) { $form['simple_access'][$key]['checks'] = array( '#type' => 'checkboxes', '#title' => '', '#default_value' => $vals['default'], '#options' => $options //'#tree' => false ); } else { $form['simple_access'][$key][] = array( '#type' => 'markup', '#value' => t('No access groups have been defined', array('!url' => url('admin/user/simple_access'))) ); } } } // stick in a div to keep the floats working right $form['simple_access'][] = array( '#type' => 'markup', '#value' => '
' ); return $form; } } function simple_access_page($op = NULL, $gid = NULL) { if ($_POST['op'] == t('Submit')) { } elseif ($_POST['edit']['confirm']) { simple_access_delete_group($_POST['edit']['gid']); drupal_goto('admin/user/simple_access'); return; } switch ($op) { case 'delete': //$hidden = form_hidden('gid', $gid); $form['gid'] = array( '#type' => 'hidden', '#value' => $gid ); //$output = theme('confirm', t('Are you sure you want to delete this group?'), 'admin/access/simple_access', NULL, NULL, NULL, $hidden); $output = confirm_form('simple_access_delete_group', $form, t('Are you sure you want to delete this group?'), 'admin/user/simple_access'); break; case 'edit': return simple_access_group_form($gid); break; default: } //print theme('page', $output); return $output; } function simple_access_page_overview() { /* if (!variable_get('simple_access_active', FALSE)) { drupal_set_message(t('Fire it up first.')); drupal_goto('admin/access/simple_access/setup'); } */ if (count($rg = simple_access_get_groups())) { drupal_set_title(t('Access Groups')); $header = array(t('Group'), t('Roles'), t('Operations')); $roles = user_roles(); foreach ($rg as $g) { $gid = $g['gid']; $rows[$gid]['group'] = $g['name']; $r = array(); foreach($g['roles'] as $rid) { $r[] = $roles[$rid]; } $rows[$gid]['roles'] = "".implode(', ', $r).""; $rows[$gid]['ops'] = l('edit', 'admin/user/simple_access/edit/'.$gid). ' '. l('delete', 'admin/user/simple_access/delete/'.$gid); } $output .= theme('table', $header, $rows, array('style'=>'width:100%')); $output .= '
'.l(t('add another access group'), 'admin/user/simple_access/add'); return $output; } else { drupal_set_message(t('You have not yet defined any access groups.')); drupal_goto('admin/user/simple_access/add'); } } function simple_access_settings_page() { drupal_set_title(t('Simple Access Settings')); $options = array( 'view' => t('View: Displays viewability selections at top of node form. Selected access groups will be the only users who can view the node. All unselected = normal node behavior (viewable by all).
'), 'update' => t('Edit: Displays editability selections at top of node form. Users who are part of selected access groups will be able to edit this node. All unselected = "normal" node behavior (only author and admins may edit).
'), 'delete' => t('Delete: Displays deleteability selections at top of node form. Users who are part of selected access groups will be able to delete this node. All unselected = "normal" node behavior (only author and admins may delete).
') ); $form['sa_display'] = array( '#type' => 'checkboxes', '#title' => t('Display'), '#default_value' => variable_get('sa_display', array('view')), '#options' => $options, '#description' => t('Which options should appear on node add/edit pages for administrators? Select at least one.'), '#required' => TRUE ); $form['sa_showgroups'] = array( '#type' => 'checkbox', '#title' => 'Show groups even when user is not a member.', '#default_value' => variable_get('sa_showgroups',0), '#description' => 'This is useful when you want to have a user be able to make content viewable by themselves and a higher privileged group (e.g. students sharing work with faculty)', ); return system_settings_form($form); } function simple_access_deactivate_confirm_submit($form_id, $form_values) { simple_access_initialize(FALSE); return 'admin/access/simple_access/setup'; } function simple_access_group_form($gid = NULL) { if ($gid) { drupal_set_title(t('Edit Access Group')); $group = db_fetch_object(db_query('SELECT name, weight FROM {simple_access_groups} WHERE gid = %d', $gid)); $name = $group->name; $weight = $group->weight; $roles = simple_access_get_roles($gid); $form['gid'] = array( '#type' => 'hidden', '#value' => $gid ); } else { drupal_set_title(t('Create Access Group')); $weight = 0; } $form['name'] = array( '#type' => 'textfield', '#title' => t('Name'), '#default_value' => $name, '#size' => 40, '#maxlength' => 80, '#description' => t('The name for the access group as it will appear on the content editing form.'), '#attributes' => $attributes = NULL, '#required' => TRUE ); $form['roles'] = array( '#type' => 'checkboxes', '#title' => t('Roles'), '#default_value' => $roles, '#options' => user_roles(), '#description' => t('Roles that can view') ); $form['weight'] = array( '#type' => 'weight', '#title' => 'Weight', '#default_value' => $weight, '#delta' => 10, '#description' => t('When setting permissions, heavier names will sink and lighter names will be positioned nearer the top.') ); $form[] = array( '#type' => 'submit', '#value' => t('Submit') ); return $form; } function simple_access_group_form_submit($form_id, $form_values) { simple_access_save_group($form_values); return 'admin/user/simple_access'; } function simple_access_get_roles($gid) { $roles = array(); $sql = db_query('SELECT rid FROM {simple_access_roles} WHERE gid = %d', $gid); while ($row = db_fetch_object($sql)) { $roles[] = $row->rid; } return $roles; } function simple_access_get_groups() { $groups = array(); $sql = db_query('SELECT gid, name FROM {simple_access_groups} ORDER BY weight, name'); while ($g = db_fetch_object($sql)) { $groups[$g->gid]['name'] = $g->name; $groups[$g->gid]['gid'] = $g->gid; $groups[$g->gid]['roles'] = simple_access_get_roles($g->gid); } return $groups; } function simple_access_group_select($all = FALSE) { $groups = array(); if ($all){ // return all of the groups (for node administrators) $result = db_query('SELECT gid, name FROM {simple_access_groups} ORDER BY weight, name'); } else { // return just groups for which user is a member global $user; $roles = array_keys($user->roles); $result = db_query('SELECT DISTINCT g.gid, g.name FROM {simple_access_groups} g INNER JOIN {simple_access_roles} r ON g.gid = r.gid WHERE r.rid IN (%s) ORDER BY weight, name', implode(',', $roles)); } while ($g = db_fetch_object($result)) { $groups[$g->gid] = $g->name; } return $groups; } /** * Get a list of group/grant ids based on a list of user roles * $roles should be a linear list a role ids * */ function simple_access_groups_from_roles($roles) { // there probably should be some 'static' stuff going on here // always return gid 0 just to be safe. $gids = array(0); $result = db_query("SELECT gid FROM {simple_access_roles} WHERE rid IN (%s)", implode(",", $roles)); while ($g = db_fetch_object($result)) { $gids[] = $g->gid; } return $gids; } /** * Save group of roles into the database * $roles is an associative array of roles where the keys are role ids * $name is the name of the group * $gid is the group id * */ function simple_access_save_group($edit) { if (!$edit['gid']) { $edit['gid'] = db_next_id('{simple_access_groups}_gid'); } db_query('DELETE FROM {simple_access_roles} WHERE gid = %d', $edit['gid']); db_query('DELETE FROM {simple_access_groups} WHERE gid = %d', $edit['gid']); $success = TRUE; $success = $success && db_query("INSERT INTO {simple_access_groups} (gid, name, weight) VALUES (%d, '%s', %d)", $edit['gid'], $edit['name'], $edit['weight']); if (is_array($edit['roles'])) { foreach($edit['roles'] as $key => $value) { if ($value) { $success = $success && db_query('INSERT INTO {simple_access_roles} (rid, gid) VALUES (%d, %d)', $key, $edit['gid']); } } } if (!$success) { drupal_set_message(t("There was a problem saving to the database")); } return $success; } function simple_access_delete_group($gid) { db_query('DELETE FROM {simple_access_roles} WHERE gid = %d', $gid); db_query('DELETE FROM {simple_access_groups} WHERE gid = %d', $gid); } function simple_access_initialize($initialize = TRUE) { if ($initialize) { // delete universal view grant db_query("DELETE FROM {node_access} WHERE nid = 0 AND realm = 'all'"); // set all nodes to viewable db_query("INSERT INTO {node_access} (nid, gid, realm, grant_view, grant_update, grant_delete) SELECT nid, 0, 'simple_access', 1, 0, 0 FROM {node}"); variable_set('simple_access_active', TRUE); drupal_set_message(t('The database has been configured and simple_access module is ready for use.')); } else { // delete all simple_access stuff db_query("DELETE FROM {node_access} WHERE realm = 'simple_access'"); // re-enable universal view grant db_query("INSERT INTO {node_access} (nid, gid, realm, grant_view, grant_update, grant_delete) VALUES (0, 0, 'all', 1, 0, 0)"); variable_set('simple_access_active', FALSE); drupal_set_message(t('The database has been re-configured. You should now visit %modules to disable the simple_access module itself.', array('%modules' => l('the modules page', 'admin/modules')))); } } /** * List hidden, editable, and deletable nodes * */ function simple_access_nodes() { switch(arg(3)) { case 'edit' : drupal_set_title(t('Items With Edit Access Set')); $output = '
'.t('These nodes have been set as "additionally editable by" certain Simple Access groups. ', array('!url' => url('admin/user/simple_access'))).'

'; $sql = "SELECT DISTINCT n.title, na.nid FROM {node} n INNER JOIN {node_access} na ON n.nid = na.nid WHERE na.realm='simple_access' AND na.gid > 0 AND na.grant_update = 1"; break; case 'delete' : drupal_set_title(t('Items With Delete Access Set')); $output = '
'.t('These nodes have been set as "additionally deletable by" certain Simple Access groups. ', array('!url' => url('admin/user/simple_access'))).'

'; $sql = "SELECT DISTINCT n.title, na.nid FROM {node} n INNER JOIN {node_access} na ON n.nid = na.nid WHERE na.realm='simple_access' AND na.gid > 0 AND na.grant_delete = 1"; break; case 'view' : default : drupal_set_title(t('Items With View Access Set')); $output = '
'.t('These nodes have been set as "only viewable by" certain Simple Access groups.', array('!url' => url('admin/user/simple_access'))).'

'; $sql = "SELECT DISTINCT n.title, na.nid FROM {node} n INNER JOIN {node_access} na ON n.nid = na.nid WHERE na.realm='simple_access' AND na.gid > 0 AND na.grant_view = 1"; break; } $header = array( array('data' => t('ID'), 'field' => 'n.nid', 'sort' => 'desc'), array('data' => t('Title'), 'field' => 'n.title'), array('data' => ' ') ); $sql .= tablesort_sql($header); $result = pager_query($sql, 50); $groups_info = simple_access_get_groups(); while ($r = db_fetch_object($result)) { $groups = array(); $rs2 = db_query('SELECT na.gid, na.grant_view, na.grant_update, na.grant_delete FROM {node_access} na WHERE na.nid = %d AND na.realm = \'simple_access\'', $r->nid); while ($r2 = db_fetch_object($rs2)) { $groups[] = $groups_info[$r2->gid]['name']; } $rows[$r->nid]['nid'] = array('data' => $r->nid, 'style' => 'vertical-align:top'); $info = '
'.$r->title.'
'.implode(', ', $groups).'
'; $rows[$r->nid]['title'] = array('data' => $info, 'style' => 'vertical-align:top'); $rows[$r->nid]['ops'] = array('data' => l(t('view'), 'node/'.$r->nid).' '.l(t('edit'), 'node/'.$r->nid.'/edit', array(), drupal_get_destination()), 'style' => 'vertical-align:top'); } if ($rows) { $output .= theme('table', $header, $rows, array('style' => 'width:100%')); $output .= theme('pager', array(), 50); } else { $output .= '
'.t('No nodes match this criteria.').'
'; } //print theme('page', $output); return $output; } /** * Implementation of hook_enable */ function simple_access_enable() { drupal_set_message('To fully activate simple_access you also need to'.l('rebuild permissions ','admin/content/node-settings')); } function simple_access_disable() { drupal_set_message('To fully disable simple_access you also need to'.l('rebuild permissions ','admin/content/node-settings')); }