Clean up access checks for external modules (domain views, ctools) [#562056]

Hi,
I wrote a plugin that grants access by users domain id. It only has the option to Negate the rule. It's very usefull in panels as selection rule. Does this module the same? According to the snapshot you have a select list of domains. If any interest, I will send it to you, but I will never touch cvs, sorry.

Comment	File	Size	Author
#7	domain_access_cleanup.patch	11.55 KB	hefox
#7	domain_ctools_access_cleanup.patch	2.68 KB	hefox
#3	domain_ctools_domain_edtior_p1.patch	2.22 KB	Ghostthinker

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

Ghostthinker CreditAttribution: Ghostthinker commented 28 August 2009 at 10:39

mymodule/plugins/access/domain.inc

// $Id$


/**
 * @file
 * Plugin to provide access control based upon domain membership.
 */

/**
 * Implementation of specially named hook_ctools_access().
 */
function mymodule_domain_ctools_access() {
  $args ['domain'] = array(
      'title' => t("User: domain editor"), 
      'description' => t('Control access by user domain.'), 
      'callback' => 'mymodule_domain_ctools_access_check', 
      'default' => array(
          'negate' => false 
      ), 
      'settings form' => 'mymodule_domain_ctools_access_settings', 
      'settings form submit' => 'mymodule_domain_ctools_access_settings_submit', 
      'summary' => 'mymodule_domain_ctools_acesss_summary', 
      'required context' => new ctools_context_required(t('User'), 'user') 
  );
  
  return $args;
}

/**
 * Settings form for the 'domain editor' access plugin
 */
function mymodule_domain_ctools_access_settings(&$form, &$form_state, $conf) {
  $form ['settings'] ['negate'] = array(
      '#type' => 'checkbox', 
      '#title' => t('Negate'), 
      '#default_value' => $conf ['negate'], 
      
      '#description' => t('User is domain editor of current domain') 
  );
}

/**
 * Compress the roles allowed to the minimum.
 */
function mymodule_domain_ctools_access_settings_submit(&$form, &$form_state) {
  $form_state ['values'] ['settings'] ['negate'] = $form_state ['values'] ['settings'] ['negate'];
}

/**
 * Check for access.
 */
function mymodule_domain_ctools_access_check($conf, $context) {
  // As far as I know there should always be a context at this point, but this
  // is safe.
  if (empty($context) || empty($context->data) || ! isset($context->data->roles)) {
    return FALSE;
  }
  $user = $context->data;
  
  //always access for uid 1
  if ($user->uid == 1) return TRUE;
  
  global $_domain;
  
  // user is assigned to current domain
  if (in_array($_domain ['domain_id'], $user->domain_user)) {
    return ! $conf ['negate'];
  }
  return $conf ['negate'];

}

/**
 * Provide a summary description
 */
function mymodule_domain_ctools_acesss_summary($conf, $context) {
 
  return t("Only users who are %not domain editors.", array('%not' => $conf['negate']?"not":""));
}

Comment #2

agentrickard

he/him

English

Georgia (US)

CreditAttribution: agentrickard commented 30 August 2009 at 17:29

Category:

task

» feature

The current access filter is universal, not per-user.

http://drupal.org/patch/create

Please patch against HEAD.

Comment #3

Ghostthinker CreditAttribution: Ghostthinker commented 27 November 2009 at 11:27

Issue tags:

+domain access

File	Size
domain_ctools_domain_edtior_p1.patch	2.22 KB

I made a patch. It (should) simply add a new file plugins/access/domain_editor.inc

At the moment I am using my own module (that does the same than domain_ctools plus the ability to control access per user) but I would drop it if this goes into yours.

Comment #4

agentrickard

he/him

English

Georgia (US)

CreditAttribution: agentrickard commented 30 November 2009 at 15:19

Status:

Active

» Needs review

Nice. Hopefully I can review and add this in.

Comment #5

hefox CreditAttribution: hefox commented 5 April 2010 at 19:57

Testing patch at the moment.

Initial thoughts: small detail, but in general patches are done via the root of the module, not the directory the file is in.

The views access plugin has these joined together, what are the reasons for having them separate in ctools, other than the added complexity? Perhaps domain_ctools and.. domain_views? could share some functions on checking access so to avoid duplication.

To the patch itself, eyeballing the patch looks good other than some random spacing, brief testing looks good :)

Comment #6

hefox CreditAttribution: hefox commented 20 April 2010 at 03:17

Status:

Needs review

» Needs work

Hm looking at the domain_views and domain_ctools, and looking at my own use case my preference would be

Create/move two functions into the main domain module for easy reusability:

An access check function (rename of domain_views_access)
A form generation form. Currently the forms contain slightly different settings for the two, but the keys for the shared setting (domain) are the same. domain_site is in the ctools, while the editor and strict settings are in views, so I guess merge the four fields togeaher into a form builder function.

(My use case is a custom field permission module that checks if the user and node is part of the current domain before letting em view certain fields, so I could use the first function using node's domains and member = true.)

Comment #7

hefox CreditAttribution: hefox commented 20 April 2010 at 04:59

Title:	Access Plugin: "User: Domain editor"	» Clean up access checks for external modules (domain views, ctools)
Project:	Domain CTools	» Domain
Status:	Needs work	» Needs review