Custom User Profile Tabs - Only show on logged in user's own profile page

By TWD on 4 Feb 2015 at 04:43 UTC

I have a module which creates custom tabs on the User Profile page.
Problem is that these tabs will show up on every profile page.
I ONLY want them to appear on the currently logged in user's own profile page.
Any suggestions how to do that?

/**
* Implements hook_menu().
*/
function customusertabs_menu() {

$items['user/%user/add-customevent'] = array(
      'title' => 'Add Custom Event',
      'page callback' => 'drupal_goto',
      'page arguments' => array('node/add/event-calendar'),
      'access callback' => 'user_access',
	  'access arguments' => array('create event_calendar content'),
      'type' => MENU_LOCAL_TASK,
    );
	
$items['user/%user/helpdesk_support'] = array(
      'title' => 'Support Tickets',
      'page callback' => 'drupal_goto',
      'page arguments' => array('support/helpdesk_support'),
      'access callback' => 'user_access',
	  'access arguments' => array('create support_ticket content'),
      'type' => MENU_LOCAL_TASK,
    );	

return $items;

}

Comments

Hi TWD,

taslett commented 4 February 2015 at 05:08

Hi TWD,
You would probably want a custom access function that checks the current user is the user id in the url.

This is untested but may give you a direction to head:

...
$items['user/%user/helpdesk_support'] = array(
      'title' => 'Support Tickets',
      'page callback' => 'drupal_goto',
      'page arguments' => array('support/helpdesk_support'),
 'access callback' => customusertabs_access',  // cusom access function
  'access arguments' => array(1), // uid ?
...

/**
 * Custom access function.
**/
function customusertabs_access($uid) {
   $account = $GLOBALS['user'];
   if ($account->uid == $uid || user_access('access all customusertabs' ) ){
     return TRUE;
   }
   else{
      return FALSE; // no access.
   }
}

/**
 * Implements hook_permission().
**/
function customusertabs_permission() {
  return array(
    'access all customusertabs' => array(
      'title' => t('Access all customusertabs'),
      'description' => t('Access all customusertabs'),
    ),
  );
}

As an example, change

nevets commented 4 February 2015 at 05:12

As an example, change

      'access callback' => 'user_access',
  'access arguments' => array('create support_ticket content')

      'access callback' => 'customusertabs_access',
  'access arguments' => array(1, 'create support_ticket content')

and add

function customusertabs_access($account, $permission) {
  global $user;

  return $user->uid == $account->uid && user_access($permission);
}

which only allows access if the user is the owner of the account and they have the appropriate permission.

Thanks for the feedback from

TWD commented 5 February 2015 at 04:03

Thanks for the feedback from both of you.
Still having trouble with this though.

This is a simplified version that I expect to work but doesn't.
It doesn't show the custom user tab for ANY profile although I expected it to appear for the logged in user's OWN profile.
I am leaving hook_permissions out of this for the moment to keep it simple.

Any thoughts? Is it a problem of data type mismatch here: if ($account->uid == $userID)

/**
* Implements hook_menu().
*/
function customusertabs_menu() {
	
$items['user/%user/helpdesk_support'] = array(
      'title' => 'Support Tickets',
      'page callback' => 'drupal_goto',
      'page arguments' => array('support/helpdesk_support'),
      'access callback' => 'customusertabs_access',
	  'access arguments' => array(1), //get the user ID from profile URL
      'type' => MENU_LOCAL_TASK,
    );	
return $items;
}

/**
* Custom access function.
**/
function customusertabs_access($userID) {
   $account = $GLOBALS['user'];
   if ($account->uid == $userID){ 
     return TRUE; // logged in user is same as URL parameter
   }
   else{
      return FALSE; // no access.
   }
}

percent arguments like %user

nevets commented 5 February 2015 at 04:07

percent arguments like %user are special, in this case the uid in the path is converted to a user object, so that is what is passed to the function, not a uid. It is why I called the argument $account and used the global $user in my example.

Bingo !!

TWD commented 5 February 2015 at 05:21

Bingo !!

This works now.
Thanks a bunch.
I'll need to add some Admin level permission but that looks straight forward.
cheers.

function customusertabs_menu() {
	
$items['user/%user/helpdesk_support'] = array(
      'title' => 'Support Tickets',
      'page callback' => 'drupal_goto',
      'page arguments' => array('support/helpdesk_support'),
      'access callback' => 'customusertabs_access',
	  'access arguments' => array(1), //get the user ID from URL
      'type' => MENU_LOCAL_TASK,
    );	
return $items;
}

/**
* Custom access function.
**/
function customusertabs_access($account) {
   global $user;
   if ($account->uid == $user->uid){ 
     return TRUE; // logged in user is same as URL parameter
   }
   else{
      return FALSE; // no access.
   }
}