How can I remove the tab "Subusers" in the profile ?

Use the tabtamer module http://drupal.org/project/tabtamer

No need for another module. You just change the view the comes with subuser. Change the "Tab" menue item into a "Normal" one.

I take it changing the view refers to version 6.x because it relied on views. Version 7 doesn't and the subusers tab is not a "view". I would have thought that the default behavior would be to not display the tab if the user's role does not permit them to have subusers. This doesn't seem to be the case.

Not sure if this is the best way to do it but this works.

    function MYMODULE_menu_local_tasks_alter(&$data){
    // Check if user has access to view subusers
            if(!user_access('view subusers')) {
    // Remove "subuser" tab  
        foreach ($data['tabs'][0]['output'] as $key => $value) {
            if ($value['#link']['path'] == "user/%/subuser"){
                unset($data['tabs'][0]['output'][$key]);
            }
        }
        }
    }

Thx bleg, it does work great !

@bleg I think we should check if(module_exists('subuser') &&...

In the code I gave in #5 it was checking for permission against the global user but it's better to check against the account. That way a user modifying a subuser can not add a subuser to that subuser.

function MYMODULE_menu_local_tasks_alter(&$data){
// Check if account has access to view subusers
        $uid = arg(1);
        $account = user_load($uid, $reset = FALSE);
        if(!user_access('view subusers', $account)) {
    // Remove "subuser" tab  
            foreach ($data['tabs'][0]['output'] as $key => $value) {
                if ($value['#link']['path'] == "user/%/subuser"){
                    unset($data['tabs'][0]['output'][$key]);
                }
            }
        }

I just noticed that the code was there and needs to be reviewed, so updating the status to needs review.

There is a security problem here. The "view subuser" permission allows a user to view subusers for ALL users, not just the logged in user and their subusers. This should not be on for anyone but administrators. (I think I'll create a patch to change the wording on those).

Perhaps a new permission "view own subusers"?

Jason

I thunk on this one a bit. What we need is to see if the user has permission to create a subuser. If they do not, then they should not be seeing the list. The problem is that there can be any number of roles, which means any number of permissions to check for. So, I created a function,

function _subuser_ui_create_subuser_permissions() {
  foreach (user_roles(TRUE) as $rid => $role) {
    $role_name = 'create subuser ' . $rid;
    if(user_access($role_name)) {
      return TRUE;
    }
  }
  return FALSE;
}

that like the subuser_permissions function loops through and checks each role. This time instead of creating the permissions it checks to see if that permission is on for this user. Once the loop finds one that is on, it returns true (the user only needs one permission to be able to view the tab). If it never finds one, it returns false. If this logic is bad, let me know.

I then went into subuser_ui_access_list_page_callback,

if (($user->uid == $acct_uid && _subuser_ui_create_subuser_permissions($acct_uid)) || user_access('administer users') || (user_access('view subusers', $user))) {

which checks to see if the tab should be displayed. I then added a call to this permission function (bolded above).

Patch is attached

Jason

I will take a look on this ASAP! Thanks for working on this!

Duplicate issue found and marked as duplicate at https://www.drupal.org/node/2444929

Came to check if this had been reviewed yet, and realized that the version was set wrong. My patch is based on the dev version.

With the latest version of the Subuser module the patch in #5 now generates errors in the foreach statement.
Which is the best way to go now?

Thanks,
Leo

I entered patch #11 by hand in version 7.x-2.0-alpha4 and it seems to work. We'll do some extra testing and post the result.

thx !

#11 works for me. Will this be committed soon?

I don't think the patch is 100% correct. Even though the user wouldn't be able to add subusers some other user could add the subusers. I think we need to add new permission that is "View own subusers" which will show that tab for users.

Hi Lauri,

Please find the attached patch "how_can_i_remove_the-1483590-19.patch"

Hope this works for you flawlessly!

Thanks,
Snehal Brahmbhatt | AddWeb Solution
https://www.drupal.org/user/3147795/track

Looks good. We should still add test coverage for this so we don't break it in future.