I've been tasked to write a module to allow external systems to check if a given user can submit a particular webform. I'm basically checking node_access and whether the specified user has passed their submission limit.

To do so I've had to modify the function signature for _webform_submission_limit_check($node); to _webform_submission_limit_check($node, $account = NULL);. I was thinking, why not just change it to a regular function other modules can use?

Make it into

webform_submission_limit_check($node, $account = NULL);

The extra variable would allow you to check any user's submission limit. Of course the proper access controls would need to be added in as well ( tie in access all webform results and access own webform results).

Thoughts?

P.S. I can submit the patch if you'd like to see (once I'm done, have to run through the permission checks to ensure I haven't exposed any data unknowingly)

Comments

quicksketch’s picture

Thanks, sounds like a reasonable suggestion to me. If you roll a patch I'd be happy to look at it.

quicksketch’s picture

Any updates on this? I'm still fine with the change, but there's not much point in updating it if we don't need it.

quicksketch’s picture

Status:Active» Closed (won't fix)

Please reopen if still interested in this functionality.

minorOffense’s picture

Status:Closed (won't fix)» Needs review

Very sorry for the delay. I have the patch here.

I do still require the patch. I have a pair of modules related to webform that I'd like to submit but are dependent on these changes.

Thanks a lot, sorry for the delay again.

minorOffense’s picture

StatusFileSize
new5.08 KB
quicksketch’s picture

Patch has some issues:
- Use 2 spaces instead of tabs.
- Don't include your .profile file ;-)

I'm not sure what value "access all webform submission limits" provides. I'd prefer to make the API function always work (what if you're running this function from cron for example?) If you were doing this permission check, you'd do it outside of the function, rather than inside of it. Think of how node_access() is called before node_view() is, rather than inside of it, otherwise indexing of search results would need to be done by administrative users rather than anonymous ones during cron runs.

minorOffense’s picture

Good point. I'll make modifications and send it again.

I thought I had told Aptana to use spaces instead. Must have missed another checkbox somewhere... Sorry about that.

minorOffense’s picture

So you prefer something like this?

<?php
function webform_submission_limit_check($node, $account = NULL) {
  global
$user;
 
 
// If the $account variable is populated, begin permission/validation checks
 
if (isset($account) && !empty($account)) {
    if (!(
$account->uid > 0)) {
       
       
// Can't check the anonymous user limit. This limit is controlled by cookies in the browser.
       
drupal_set_message(t('Unable to check anonymous user submission limit.'), 'warning');
        return
FALSE;
    }
  }
  else {
     
// We're checking the current user
     
$account = $user;
  }
?>
quicksketch’s picture

Maybe something like this would be more direct checking. I'd prefer not to show a (mostly development) message when it's likely that end-users may receive the warning when they can do nothing about it. So a watchdog would probably be more appropriate here.

<?php
function webform_submission_limit_check($node, $account = NULL) {
  global
$user;
  if (!isset(
$account)) {
   
$account = $user;
  }

 
// We can only check access for anonymous users through their cookies.
 
if ($user->uid != 0 && $account->uid == 0) {
   
watchdog('webform', 'Unable to check anonymous user submission limit when logged in as user @uid.', array('@uid' => $user->uid), WATCHDOG_WARNING);
    return
FALSE;
  }
}
?>
minorOffense’s picture

I agree.

I'll re-roll a patch with that in there.

minorOffense’s picture

StatusFileSize
new2.23 KB
quicksketch’s picture

Looks great. We can still get rid of "access all webform submission limits", since it's not used. Please reroll as a unified (-u) patch and we'll get this in!

minorOffense’s picture

StatusFileSize
new3.56 KB

Right... sorry I missed that.

Here's the new patch with -u and hopefully no profile data :-S

I checked the "Unified" patch in Aptana and manually pulled out the profile stuff at the bottom of the patch file. That should do it.

Thanks for your help/patience in all this. My first time submitting a patch to a module. Next time I'll make fewer mistakes.

quicksketch’s picture

Version:6.x-3.0-beta6» 6.x-3.8
Status:Needs review» Needs work

This still looks good but now needs a reroll. Sorry I didn't get back to this one in any kind of reasonable amount of time. I'll try to review/reroll next time I'm adding features.

minorOffense’s picture

Perfect! Thank you.

quicksketch’s picture

Title:Change _webform_submission_limit_check function signature» Change _webform_submission_user_limit_check function signature to public function
Version:6.x-3.8» 7.x-4.0-alpha3
Status:Needs work» Fixed
StatusFileSize
new4.92 KB

Well here we are 1.5 years later and I still haven't committed this. The changing of the existing code base on 3.x was too much stress for me to handle. I've ported this patch to 7.x-4.x and committed it as attached (essentially making the functions public). Sorry this never made it into 3.x (and therefor Drupal 6) :(

At least it will be waiting for you in the future now.

Status:Fixed» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.