Provide ability to restrict the 'View changes' button

Thanks. Too funny, only 5 years for someone to pick that up :)

Slightly lazy cp n paste, no other changes: ...(.., $op = 'view')

Potential risk of a PHP notice if there is code that depends on this old invalid logic, I nearly used an #access flag instead. i.e.

  $form['actions']['preview_changes'] = array(
    '#type' => 'submit',
    '#value' => t('View changes'),
    '#weight' => 12,
    '#submit' => array('diff_node_form_build_preview_changes'),
    '#access' => !empty($node->nid) && diff_node_revision_access($node, 'view'),
  );  

Mmm. Sorry, I was blindly rolling out patches...

Does this make sense? View changes on the node form compares the existing page and what they are about to save. So this has nothing to do with revision access so to speak.

Or am I missing something here?

Without adding more complexity, maybe a hook_permission() with a 'diff view current changes' and using this as a check.

So existing commit with new hook and slight mod.

if (!empty($node->nid) && (user_access('diff view current changes) || diff_node_revision_access($node, 'view')) {

Thoughts?

Thoughts?

I skipped without trying as I thought it would be a bit messy, but it wasn't too bad in hindsight ;)

-      '#description' => t('You can refine access using the "Access <em>View changes</em> button" permission.'),
+      '#description' => t('You can refine access using the "!perm" permission.', array(
+        '!perm' => t('Access %view button', array('%view' => t('View changes'))),
+      )),

Thanks!

Hello...I know this issue has been closed for years. But I still believe user_access('diff view changes') should not only control the display of one button but also the access to node/%node/revisions/%/%. There should be a role-based switch for the whole diff/compare function.