? admin_sit_1.patch
? admin_sit_2.patch
? cache_clear_menuinc_1.patch
? db_backtrace_26.patch
? files
? login_link_fix_1.patch
? login_link_fix_2.patch
? login_link_fix_3.patch
? menu_split_1.patch
? menu_update_20.patch
? menu_update_21.patch
? menu_update_22.patch
? menu_update_27.patch
? node_load_14.patch
? patch_166.txt
? prim_sec_blocks_1.patch
? sites
? uid_node_access_55.patch
? uid_node_access_56.patch
? uid_node_access_57.patch
? uninstall_remove.patch
Index: modules/blog/blog.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/blog/blog.module,v
retrieving revision 1.285
diff -u -p -r1.285 blog.module
--- modules/blog/blog.module	12 Aug 2007 15:55:35 -0000	1.285
+++ modules/blog/blog.module	29 Aug 2007 03:18:03 -0000
@@ -29,15 +29,13 @@ function blog_perm() {
 /**
  * Implementation of hook_access().
  */
-function blog_access($op, $node) {
-  global $user;
-
+function blog_access($op, $node, $account) {
   if ($op == 'create') {
-    return user_access('edit own blog') && $user->uid;
+    return user_access('edit own blog', $account) && $account->uid;
   }
 
   if ($op == 'update' || $op == 'delete') {
-    if (user_access('edit own blog') && ($user->uid == $node->uid)) {
+    if (user_access('edit own blog', $account) && ($node->uid == $account->uid)) {
       return TRUE;
     }
   }
Index: modules/forum/forum.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/forum/forum.module,v
retrieving revision 1.414
diff -u -p -r1.414 forum.module
--- modules/forum/forum.module	26 Aug 2007 07:46:11 -0000	1.414
+++ modules/forum/forum.module	29 Aug 2007 03:18:03 -0000
@@ -268,15 +268,13 @@ function forum_node_info() {
 /**
  * Implementation of hook_access().
  */
-function forum_access($op, $node) {
-  global $user;
-
+function forum_access($op, $node, $account) {
   if ($op == 'create') {
-    return user_access('create forum topics');
+    return user_access('create forum topics', $account);
   }
 
   if ($op == 'update' || $op == 'delete') {
-    if (user_access('edit own forum topics') && ($user->uid == $node->uid)) {
+    if (user_access('edit own forum topics', $account) && ($account->uid == $node->uid)) {
       return TRUE;
     }
   }
Index: modules/node/node.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/node/node.module,v
retrieving revision 1.875
diff -u -p -r1.875 node.module
--- modules/node/node.module	26 Aug 2007 14:15:51 -0000	1.875
+++ modules/node/node.module	29 Aug 2007 03:18:04 -0000
@@ -1827,10 +1827,13 @@ function node_search_validate($form, &$f
  * @param $node
  *   The node object (or node array) on which the operation is to be performed,
  *   or node type (e.g. 'forum') for "create" operation.
+ * @param $account
+ *   Optional, a user object representing the user for whom the operation is to
+ *    be performed. Determines access for a user other than the current user.
  * @return
  *   TRUE if the operation may be performed.
  */
-function node_access($op, $node) {
+function node_access($op, $node, $account = NULL) {
   global $user;
 
   if (!$node) {
@@ -1840,16 +1843,20 @@ function node_access($op, $node) {
   if ($op != 'create') {
     $node = (object)$node;
   }
+  // If no user object is supplied, the access check is for the current user.
+  if (empty($account)) {
+    $account = $GLOBALS['user'];
+  }
   // If the node is in a restricted format, disallow editing.
   if ($op == 'update' && !filter_access($node->format)) {
     return FALSE;
   }
 
-  if (user_access('administer nodes')) {
+  if (user_access('administer nodes', $account)) {
     return TRUE;
   }
 
-  if (!user_access('access content')) {
+  if (!user_access('access content', $account)) {
     return FALSE;
   }
 
@@ -1859,7 +1866,7 @@ function node_access($op, $node) {
   if ($module == 'node') {
     $module = 'node_content'; // Avoid function name collisions.
   }
-  $access = module_invoke($module, 'access', $op, $node);
+  $access = module_invoke($module, 'access', $op, $node, $account);
   if (!is_null($access)) {
     return $access;
   }
@@ -1868,7 +1875,7 @@ function node_access($op, $node) {
   // node_access table.
   if ($op != 'create' && $node->nid && $node->status) {
     $grants = array();
-    foreach (node_access_grants($op) as $realm => $gids) {
+    foreach (node_access_grants($op, $account) as $realm => $gids) {
       foreach ($gids as $gid) {
         $grants[] = "(gid = $gid AND realm = '$realm')";
       }
@@ -1920,16 +1927,19 @@ function _node_access_join_sql($node_ali
  * @param $node_access_alias
  *   If the node_access table has been given an SQL alias other than the default
  *   "na", that must be passed here.
+ * @param $account
+ *   The user object for the user performing the operation. If omitted, the 
+ *   current user is used.
  * @return
  *   An SQL where clause.
  */
-function _node_access_where_sql($op = 'view', $node_access_alias = 'na', $uid = NULL) {
+function _node_access_where_sql($op = 'view', $node_access_alias = 'na', $account = NULL) {
   if (user_access('administer nodes')) {
     return;
   }
 
   $grants = array();
-  foreach (node_access_grants($op, $uid) as $realm => $gids) {
+  foreach (node_access_grants($op, $account) as $realm => $gids) {
     foreach ($gids as $gid) {
       $grants[] = "($node_access_alias.gid = $gid AND $node_access_alias.realm = '$realm')";
     }
@@ -1953,23 +1963,20 @@ function _node_access_where_sql($op = 'v
  *
  * @param $op
  *   The operation that the user is trying to perform.
- * @param $uid
- *   The user ID performing the operation. If omitted, the current user is used.
+ * @param $account
+ *   The user object for the user performing the operation. If omitted, the 
+ *   current user is used.
  * @return
  *   An associative array in which the keys are realms, and the values are
  *   arrays of grants for those realms.
  */
-function node_access_grants($op, $uid = NULL) {
-  global $user;
+function node_access_grants($op, $account = NULL) {
 
-  if (isset($uid)) {
-    $user_object = user_load(array('uid' => $uid));
-  }
-  else {
-    $user_object = $user;
+  if (!isset($account)) {
+    $account = $GLOBALS['user'];
   }
 
-  return array_merge(array('all' => array(0)), module_invoke_all('node_grants', $user_object, $op));
+  return array_merge(array('all' => array(0)), module_invoke_all('node_grants', $account, $op));
 }
 
 /**
@@ -2126,17 +2133,19 @@ function node_access_rebuild() {
 
 /**
  * Implementation of hook_access().
+ *
+ * Named so as not to conflict with node_access()
  */
-function node_content_access($op, $node) {
+function node_content_access($op, $node, $account) {
   global $user;
   $type = is_string($node) ? $node : (is_array($node) ? $node['type'] : $node->type);
 
   if ($op == 'create') {
-    return user_access('create '. $type .' content');
+    return user_access('create '. $type .' content', $account);
   }
 
   if ($op == 'update') {
-    if (user_access('edit '. $type .' content') || (user_access('edit own '. $type .' content') && ($user->uid == $node->uid))) {
+    if (user_access('edit '. $type .' content', $account) || (user_access('edit own '. $type .' content', $account) && ($user->uid == $node->uid))) {
       return TRUE;
     }
   }
Index: modules/poll/poll.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/poll/poll.module,v
retrieving revision 1.239
diff -u -p -r1.239 poll.module
--- modules/poll/poll.module	26 Aug 2007 07:46:11 -0000	1.239
+++ modules/poll/poll.module	29 Aug 2007 03:18:04 -0000
@@ -57,9 +57,9 @@ function poll_perm() {
 /**
  * Implementation of hook_access().
  */
-function poll_access($op, $node) {
+function poll_access($op, $node, $account) {
   if ($op == 'create') {
-    return user_access('create polls');
+    return user_access('create polls', $account);
   }
 }
 
