By jasonzh on

code below:
access arguments have value access administration pages and access current_posts content
question is :
how to define or input the value? it is any words?

----------------------
function current_posts_menu() {
$items = array();

$items['admin/config/content/current_posts'] = array(
'title' => 'Current posts',
'description' => 'Configuration for Current posts module',
'page callback' => 'drupal_get_form',
'page arguments' => array('current_posts_form'),
'access arguments' => array('access administration pages'),
'type' => MENU_NORMAL_ITEM,
);

$items['current_posts'] = array(
'title' => 'Current posts',
'page callback' => '_current_posts_page',
'access arguments' => array('access current_posts content'),
'type' => MENU_NORMAL_ITEM, //Will appear in Navigation menu.
);

return $items;

}

Categories: Drupal 7.x

Comments

psilv’s picture

psilv commented

Access arguments are an array of permissions to define who can access this page of your site (based upon user role). These permissions should be defined within a hook_perm function within your module, and these will then appear in the user management permissions admin page. Here the site owner/admin can then set which roles should be allocated these permissions.

YousefAB’s picture

YousefAB commented

Just a followup question,
Do you know if ALL of the permissions in the array have to be true for the page to be accessible or is just one of them good enough?

Like if I had:

'access arguments' => array('a', 'b'),

Does that mean, both a and b must be true for that use to access the page, or either one would allow the access?
Thanks in advance.

jaypan’s picture

jaypan
Location Victoria, BC
commented

You would think that's how you would do it, but unfortunately it's not. The answer to your question is 'neither'.

There are actually some defaults for the menu items, and if you don't explicitly set a value for a given key, the default is use. The defaults for access items are:

'access callback' => 'user_access',
'access arguments' => array(),

The access callback is the function user_access(). A look at the API page shows that the parameters for this function are $string and $account. $string is the name of a given permission, and $account is a loaded user account. So if you passed the access arguments that you showed, you would get errors and 'access denied', as you would be passing a string for the second argument, and it would be expecting a $user object.

This means that you can only pass a single permission as 'access arguments' - that is, unless you override the access callback. So let's say I have 'permission a' and 'permission b' and if the user needs to have both of these (or neither, or one and not the other), I set my own custom callback, and check these permissions there:

function my_module_menu()
{
  $menu['example/%user'] = array
  (
    'title' => 'Example',
    'page callback' => 'my_callback',
    'access callback' => 'my_access_callback',
  );
  return $menu;
  );
}

function my_access_callback()
{
  global $user;

  if(user_access('permission a', $user) || user_access('permission b', $user))
  {
    return TRUE;
  }
}

When the user tries to access the page, my_access_callback() is called, and if the current user has either of the permissions shown, they are given a pass to see the page.

Contact me to contract me for D7 -> D10/11 migrations.

YousefAB’s picture

YousefAB commented

wow, that I did not expect lol
But I guess in some remote scenario it fits :P

Thank you for the detailed clarifying, very clear,
Cheers :)

jasonzh’s picture

jasonzh commented

it's great! thanks!

drupal ,the sharp skill to eastablish website.