nicholas.alipaz's sandbox: Permissions Lock in Settings

Allows locking permissions and entire roles using $conf in the settings.php file of a site. Testing of this project is requested, specifically the role locking since we did not test that fully.

Based on the work for Permissions Lock this module differs in that all locks can be done within the settings.php file for your site. This allows you to better maintain alternate settings for the permission locks between environments as well as removing the need for a new module to hook into the permissions lock module.

Usage

In the settings.php file you can declare your locks as follows, these are example locks from a staging server:

$conf['locked_permissions']['permission']['access administration menu'][3] = 1; // Administrator
$conf['locked_permissions']['permission']['access administration menu'][4] = 1; // Editor

$conf['locked_permissions']['permission']['access environment indicator']['all'] = 1; // Everyone
$conf['locked_permissions']['permission']['access environment indicator default_environment']['all'] = 1; // Everyone
$conf['locked_permissions']['permission']['access environment indicator overwritten_environment']['all'] = 1; // Everyone

$conf['locked_permissions']['role'][] = 3; // Lock Administrator role permissions

Where a value of 1 indicates that the value should be locked to a checked state in the permissions form, and a value of 0 would be unchecked.

One gotcha currently is that if the value you are locking in your settings.php is not the same as the current value in the permission settings you need to save the permissions form one time to see the lock take effect.