source: sipes/modules_contrib/workflow/workflow_access.module @ 8a8efa8

stableversion-3.0
Last change on this file since 8a8efa8 was 177a560, checked in by José Gregorio Puentes <jpuentes@…>, 8 años ago

se agrego el directorio de modulos contribuidos de drupal
  • Propiedad mode establecida a 100644
File size: 6.4 KB
Línea 
1<?php
2// $Id: workflow_access.module,v 1.6.2.2 2010/10/27 20:35:31 jvandyk Exp $
3
4/**
5 * @file
6 *   Provides node access permissions based on workflow states.
7 */
8
9/**
10 * Implementation of hook_node_grants().
11 *
12 * Supply the workflow access grants. We are simply using
13 * roles as access lists, so rids translate directly to gids.
14 */
15function workflow_access_node_grants($account, $op) {
16  return array(
17    'workflow_access'       => array_keys($account->roles),
18    'workflow_access_owner' => array($account->uid),
19  );
20}
21
22/**
23 * Implementation of hook_node_access_records().
24 *
25 * Returns a list of grant records for the passed in node object.
26 */
27function workflow_access_node_access_records($node) {
28  $grants = array();
29  $sid = db_result(db_query("SELECT sid FROM {workflow_node} WHERE nid = %d", $node->nid));
30
31  // We have state information about this node, so get permissions for this state.
32  if (is_numeric($sid)) {
33    $result = db_query('SELECT * FROM {workflow_access} WHERE sid = %d', $sid);
34    while ($grant = db_fetch_object($result)) {
35      $grants[] = array(
36        'realm'        => ($grant->rid == -1) ? 'workflow_access_owner' : 'workflow_access',
37        'gid'          => ($grant->rid == -1) ? $node->uid : $grant->rid,
38        'grant_view'   => $grant->grant_view,
39        'grant_update' => $grant->grant_update,
40        'grant_delete' => $grant->grant_delete,
41        'priority'     => 0,
42      );
43    }
44  }
45
46  return $grants;
47}
48
49/**
50 * Implementation of hook_node_access_explain().
51 */
52function workflow_access_node_access_explain($row) {
53  static $interpretations = array();
54  switch ($row->realm) {
55    case 'workflow_access_owner':
56      $interpretations[$row->gid] = t('Workflow access: author of the content may access');
57      break;
58    case 'workflow_access':
59      $roles = user_roles();
60      $interpretations[$row->gid] = t('Workflow access: %role may access', array('%role' => $roles[$row->gid]));
61      break;
62  }
63  return (!empty($interpretations[$row->gid]) ? $interpretations[$row->gid] : NULL);
64}
65
66/**
67 * Implementation of hook_form_alter().
68 *
69 * Add a "three dimensional" (state, role, permission type) configuration
70 * interface to the workflow edit form.
71 */
72function workflow_access_form_workflow_edit_form_alter(&$form, $form_state) {
73  // A list of roles available on the site and our
74  // special -1 role used to represent the node author.
75  $rids = user_roles();
76  $rids['-1'] = t('author');
77 
78  $form['workflow_access'] = array(
79    '#type' => 'fieldset',
80    '#title' => t('Access control'),
81    '#collapsible' => TRUE,
82    '#tree' => TRUE,
83  );
84
85  // Add a table for every workflow state.
86  $states = workflow_get_states($form['wid']['#value']);
87  foreach ($states as $sid => $state) {
88   
89    if (workflow_is_system_state($state)) {
90      // No need to set perms on creation.
91      continue;
92    }
93       
94    $view = $update = $delete = array();
95
96    $result = db_query("SELECT * from {workflow_access} where sid = %d", $sid);
97    $count = 0;
98    while ($access = db_fetch_object($result)) {
99      $count++;
100      if ($access->grant_view) {
101        $view[] = $access->rid;
102      }
103      if ($access->grant_update) {
104        $update[] = $access->rid;
105      }
106      if ($access->grant_delete) {
107        $delete[] = $access->rid;
108      }
109    }
110   
111    // Allow view grants by default for anonymous and authenticated users,
112    // if no grants were set up earlier.
113    if (!$count) {
114      $view = array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID);     
115    }
116   
117    // TODO better tables using a #theme function instead of direct #prefixing
118    $form['workflow_access'][$sid] = array(
119      '#type' => 'fieldset',
120      '#title' => $state,
121      '#collapsible' => TRUE,
122      '#tree' => TRUE,
123    );
124    $form['workflow_access'][$sid]['view'] = array(
125      '#type' => 'checkboxes',
126      '#options' => $rids,
127      '#default_value' => $view,
128      '#title' => t('Roles who can view posts in this state'),
129      '#prefix' => '<table width="100%" style="border: 0;"><tbody style="border: 0;"><tr><td>',
130    );
131    $form['workflow_access'][$sid]['update'] = array(
132      '#type' => 'checkboxes',
133      '#options' => $rids,
134      '#default_value' => $update,
135      '#title' => t('Roles who can edit posts in this state'),
136      '#prefix' => "</td><td>",
137    );
138    $form['workflow_access'][$sid]['delete'] = array(
139      '#type' => 'checkboxes',
140      '#options' => $rids,
141      '#default_value' => $delete,
142      '#title' => t('Roles who can delete posts in this state'),
143      '#prefix' => "</td><td>",
144      '#suffix' => "</td></tr></tbody></table>",
145    );
146  }
147  // Place our block comfortably down the page.
148  $form['submit']['#weight'] = 10;
149  $form['#submit'][] = 'workflow_access_form_submit';
150}
151
152/**
153 * Store permission settings for workflow states.
154 */
155function workflow_access_form_submit($form, $form_state) {
156  foreach ($form_state['values']['workflow_access'] as $sid => $access) {
157    // Ignore irrelevant keys.
158    if (!is_numeric($sid)) {
159      continue;
160    }
161
162    $grants = array();
163    db_query("DELETE FROM {workflow_access} WHERE sid = %d", $sid);
164    foreach ($access['view'] as $rid => $checked) {
165      $grants[] = array(
166        'realm'        => ($rid == -1) ? 'workflow_access_owner' : 'workflow_access',
167        'gid'          => ($rid == -1) ? $node->uid : $rid,
168        'grant_view'   => (bool)$checked,
169        'grant_update' => (bool)$access['update'][$rid],
170        'grant_delete' => (bool)$access['delete'][$rid],
171      );
172
173      db_query("INSERT INTO {workflow_access} (sid, rid, grant_view, grant_update, grant_delete) VALUES (%d, %d, %d, %d, %d)", $sid, $rid, (bool)$checked, (bool)$access['update'][$rid], (bool)$access['delete'][$rid]);
174    }
175
176    // Update all nodes having same workflow state to reflect new settings.
177    $result = db_query("SELECT n.nid FROM {node} n LEFT JOIN {workflow_node} wn ON wn.nid = n.nid WHERE wn.sid = %d", $sid);
178    while ($node = db_fetch_object($result)) {
179      // TODO: this only works with workflow_access realm, not the workflow_access_owner realm?!
180      node_access_write_grants($node, $grants, 'workflow_access');
181    }
182  }
183  drupal_set_message(t('Workflow access permissions updated.'));
184}
185
186/**
187 * Implementation of hook_workflow().
188 *
189 * Update grants when a node changes workflow state.
190 */
191function workflow_access_workflow($op, $old_sid, $sid, $node) {
192  if ($op == 'transition post' && $old_sid != $sid) {
193    node_access_acquire_grants($node);
194  }
195}
Nota: Vea TracBrowser para ayuda de uso del navegador del repositorio.