Controlling the comment permissions by user referrence

from our software engineering prof me and a fellow student (we are currently doing our masters studies in computer science) got the task to identify and work on an oss project's bug or feature request of our choice. we decided to choose drupal, because i have already worked a lot with it and have also developed some modules or at least extended some modules to fulfill my special requirements. so we are no rookies, at all.

that was just to introduce us and our intention. we chose this exact feature request to implement and for this reason wanted to ask you, if it's neccessary/reasonable at all..?

our idea is not just to implement that proposed functionality, but to allow users to restrict others by role as well.

this question first goes to the main developers of this module.. is it reasonable to get this module doing that stuff? and is it ok to temporarily join this project in order to satisfy etcetera9 and our prof? :)

This is just a summary of the problem and our intended solution suggestion. Any feedback would be nice.

The CommentAccess module provides users with the possibility to decide whether others are allowed to comment on their generated content. In order to do this, he uses the content’s edit-menu and sets the values “closed”, “open” and “hidden” which are stored in the column “comment” of the assigned node in the “nodes-table”. This functionality is provided by the function “commentaccess_form_alter()”. We are going to edit it in order to provide users with the possibility to allow specific users or users with specific roles to comment on their content. Furthermore, we will add (a) new permission(s) to the module, using the function commentaccess_permission(), so that administrators can allow users to change their content permissions this way. We are going to use a new table to store information concerning which users are allowed to comment on which content. If a user is not assigned to a specific content in this table, he is not allowed to comment on it. He should not be able to e.g. see the “Add-Comment-Form” which means we have to delete (unset) the appropriate element of the $link variable, which is set by the comment module. As the important routines to be extended we identified those which build the comment area, perform the comment submits, build the node edit form and extend the role system.

Hi guys,
we have finished. As we said, we edited the function “commentaccess_form_alter” in order to provide users with the possibility to allow specific users to comment on their content. Unfortunately, we didn’t have enough time to implement the roles stuff as well. Anyway, users are able to select other users from a list and thus to grant them rights to comment on their content. We used the “node_submit”- and “node_insert”-hooks and wrote a function called “commentaccess_writeUsersNodereferencesToDB” to store user- and nodeIDs in a new database-reference-table called “commentaccess_user_reference”. Only users whose IDs are stored assigned to a specific nodeID are able to comment on this node. Users’ authorization is validated in the hooks “node_view” and “form_submit” using the new function “commentaccess_hasUserNodeRef”. You can find our functions at the bottom of the functions.module and our tests in the file “commentaccess.test”. We wrote tests for all our functions and two “drupal function tests”. They are all sufficiently commented, ioho.
We are looking for your feedback.
Thx a lot. ;)

attention: unfortunately, we could not yet implement the module update function. so, when applying the patch, you should either create the tables on your own or wait for us to hand it in later.

hey, there we are.

now, the update function works as well, so you can use the module and give some feedback.

this especially concerns the module maintainer and those responsible: we ask you to review that patch and to possibly include it to the master branch as a new version.

we await your feedback!

bye

Hi sinanerdem and ycle!

Thanks for suggestion, and especially to ycle for contributing the code! I really appreciate that. I'm sorry I wasn't around to respond while you were working on this for class.

I think this is a good idea, but perhaps beyond the scope of the original module. I think this would be a great addition as a submodule attached to it though. Ycle if you're still around and able to adapt this that would be fantastic and I'd love to include it. Otherwise I'll circle back to this once I've got the rest of the issue queue a little better under control.

Thanks again!