access.install in Access Control Kit 7

<?php

/**
 * @file
 * Install, update and uninstall functions for the access control kit module.
 */

/**
 * Implements hook_schema().
 */
function access_schema() {

  // The access grant (entity) table.
  $schema['access_grant'] = array(
    'description' => 'The base table for access grants. Each combination of uid, rid and scheme must be unique.',
    'fields' => array(
      'gid' => array(
        'description' => 'The primary identifier for an access grant.',
        'type' => 'serial',
        'unsigned' => TRUE,
        'not null' => TRUE,
      ),
      'uid' => array(
        'description' => 'The {users}.uid of the user granted access.',
        'type' => 'int',
        'unsigned' => TRUE,
        'not null' => TRUE,
      ),
      'rid' => array(
        'description' => 'The {role}.rid of the role assigned by this grant.',
        'type' => 'int',
        'unsigned' => TRUE,
        'not null' => TRUE,
      ),
      'scheme' => array(
        'description' => 'The {access_scheme}.machine_name of this grant.',
        'type' => 'varchar',
        'length' => 28,
        'not null' => TRUE,
        'default' => '',
      ),
    ),
    'primary key' => array(
      'gid',
    ),
    'unique keys' => array(
      'uid_rid_scheme' => array(
        'uid',
        'rid',
        'scheme',
      ),
    ),
    'indexes' => array(
      'uid' => array(
        'uid',
      ),
      'scheme' => array(
        array(
          'scheme',
          4,
        ),
      ),
    ),
    'foreign keys' => array(
      'grant_user' => array(
        'table' => 'users',
        'columns' => array(
          'uid' => 'uid',
        ),
      ),
      'grant_role' => array(
        'table' => 'role',
        'columns' => array(
          'rid' => 'rid',
        ),
      ),
      'grant_scheme' => array(
        'table' => 'access_scheme',
        'columns' => array(
          'scheme' => 'machine_name',
        ),
      ),
    ),
  );

  // The access scheme (bundle/entity) table.
  $schema['access_scheme'] = array(
    'description' => 'Stores information about all defined {access_grant} schemes.',
    'fields' => array(
      'sid' => array(
        'description' => 'The scheme ID.',
        'type' => 'serial',
        'not null' => TRUE,
      ),
      'machine_name' => array(
        'description' => 'The machine-readable name of this scheme.',
        'type' => 'varchar',
        'length' => 28,
        'not null' => TRUE,
      ),
      'name' => array(
        'description' => 'The human-readable name of this scheme.',
        'type' => 'varchar',
        'length' => 255,
        'not null' => TRUE,
        'default' => '',
      ),
      'type' => array(
        'description' => 'The scheme type.',
        'type' => 'varchar',
        'length' => 255,
        'not null' => TRUE,
        'default' => '',
      ),
      'realm_field_name' => array(
        'description' => 'The name of the field attached to grants in this scheme that determines the realm values.',
        'type' => 'varchar',
        'length' => 32,
        'not null' => TRUE,
        'default' => '',
      ),
      'description' => array(
        'description' => 'A brief description of this access scheme.',
        'type' => 'text',
        'not null' => FALSE,
      ),
      'settings' => array(
        'description' => 'Serialized data containing settings specific to the scheme type.',
        'type' => 'blob',
        'size' => 'big',
        'serialize' => TRUE,
      ),
    ),
    'primary key' => array(
      'sid',
    ),
    'unique keys' => array(
      'machine_name' => array(
        'machine_name',
      ),
    ),
  );

  // The access handler table.
  $schema['access_handler'] = array(
    'description' => 'Attaches object access handlers to {access_scheme} schemes.',
    'fields' => array(
      'scheme' => array(
        'description' => 'The {access_scheme}.machine_name to which this handler is attached.',
        'type' => 'varchar',
        'length' => 28,
        'not null' => TRUE,
        'default' => '',
      ),
      'object_type' => array(
        'description' => 'The type of Drupal object (for example, node, taxonomy_term, etc.) that this handler manages. Only one handler is permitted per object type per scheme.',
        'type' => 'varchar',
        'length' => 128,
        'not null' => TRUE,
        'default' => '',
      ),
      'handler' => array(
        'description' => 'The name of the access handler class.',
        'type' => 'varchar',
        'length' => 128,
        'not null' => TRUE,
        'default' => '',
      ),
      'module' => array(
        'description' => 'The module that implements the handler.',
        'type' => 'varchar',
        'length' => 128,
        'not null' => TRUE,
        'default' => '',
      ),
      'settings' => array(
        'description' => 'Serialized data containing the handler settings, as defined by the implementing module.',
        'type' => 'blob',
        'size' => 'big',
        'not null' => TRUE,
        'serialize' => TRUE,
      ),
    ),
    'primary key' => array(
      'scheme',
      'object_type',
    ),
    'foreign keys' => array(
      'handler_scheme' => array(
        'table' => 'access_scheme',
        'columns' => array(
          'scheme' => 'machine_name',
        ),
      ),
    ),
    'indexes' => array(
      'scheme' => array(
        array(
          'scheme',
          4,
        ),
      ),
    ),
  );
  return $schema;
}

/**
 * Implements hook_uninstall().
 */
function access_uninstall() {
  $schemes = db_query('SELECT machine_name FROM {access_scheme}')
    ->fetchCol();
  foreach ($schemes as $scheme) {
    variable_del('access_scheme_roles_' . $scheme);
  }
}

/**
 * Make the list of available roles a scheme-level setting.
 */
function access_update_7100() {

  // The old realm roles setting used to just store rid => rid or rid => 0.
  // Convert this to rid => role_name, filtering out any rid => 0 values.
  $realm_roles = variable_get('access_realm_roles', array());
  if (!empty($realm_roles)) {
    $realm_roles = array_filter($realm_roles);
    $user_roles = user_roles();
    foreach (array_keys($realm_roles) as $rid) {
      if (empty($user_roles[$rid])) {
        unset($realm_roles[$rid]);
      }
      else {
        $realm_roles[$rid] = $user_roles[$rid];
      }
    }
  }

  // Store the set of enabled roles for each defined scheme for backward
  // compatibility, then purge the old variable.
  $schemes = access_scheme_names();
  foreach (array_keys($schemes) as $scheme) {
    variable_set('access_scheme_roles_' . $scheme, $realm_roles);
  }
  variable_del('access_realm_roles');
}

/**
 * Switch access fields to buttons widget.
 */
function access_update_7101() {
  foreach (access_scheme_load_multiple() as $scheme) {
    $field_name = $scheme->realm_field['field_name'];
    $instance = field_info_instance('access_grant', $field_name, $scheme->machine_name);
    if (!empty($instance) && $instance['widget']['type'] == 'options_select') {
      $instance['widget']['type'] = 'options_buttons';
      field_update_instance($instance);
    }
  }
}

/**
 * Convert schemes to entities.
 */
function access_update_7102() {

  // Entities are required to have an integer ID.
  db_drop_primary_key('access_scheme');
  db_add_field('access_scheme', 'sid', array(
    'description' => 'The scheme ID.',
    'type' => 'serial',
  ), array(
    'primary key' => array(
      'sid',
    ),
  ));

  // Rename and index the machine name field.
  db_change_field('access_scheme', 'scheme', 'machine_name', array(
    'description' => 'The machine-readable name of this scheme.',
    'type' => 'varchar',
    'length' => 28,
    'not null' => TRUE,
  ), array(
    'unique keys' => array(
      'machine_name' => array(
        'machine_name',
      ),
    ),
  ));
}

/**
 * Convert list-based schemes to new realm settings and handlers.
 */
function access_update_7103() {

  // Get a list of all access realm fields.
  $field_names = db_query('SELECT field_name FROM {field_config} WHERE type IN (:types)', array(
    ':types' => array(
      'access_boolean',
      'access_integer',
      'access_float',
      'access_text',
    ),
  ))
    ->fetchCol();

  // Convert the 'field' setting on the realm fields to 'field_name'.
  foreach ($field_names as $field_name) {
    $field = field_info_field($field_name);
    if (isset($field['settings']['arguments']['field'])) {
      $field['settings']['arguments']['field_name'] = $field['settings']['arguments']['field'];
      unset($field['settings']['arguments']['field']);
      field_update_field($field);
    }
  }

  // Convert ACKEntityList handlers to ACKEntityField.
  db_update('access_handler')
    ->fields(array(
    'handler' => 'ACKEntityField',
  ))
    ->condition('handler', 'ACKEntityList')
    ->execute();
}

/**
 * Move access scheme settings from field definition to {access_scheme} table.
 */
function access_update_7104() {

  // Create the scheme settings field.
  db_add_field('access_scheme', 'settings', array(
    'description' => 'Serialized data containing settings specific to the scheme type.',
    'type' => 'blob',
    'size' => 'big',
    'serialize' => TRUE,
  ));

  // Update the scheme and field configs.
  foreach (access_scheme_load_multiple() as $scheme) {
    if (!empty($scheme->realm_field['settings']['arguments'])) {
      $settings = $scheme->realm_field['settings']['arguments'];
      db_update('access_scheme')
        ->fields(array(
        'settings' => serialize($settings),
      ))
        ->condition('sid', $scheme->sid)
        ->execute();
      $scheme->realm_field['settings']['arguments'] = array();
      field_update_field($scheme->realm_field);
    }
  }
}

/**
 * Convert access control kit fields to standard list fields.
 */
function access_update_7105() {
  if (!module_exists('list')) {
    module_enable(array(
      'list',
    ));
  }
  $map = array(
    'access_integer' => 'list_integer',
    'access_float' => 'list_float',
    'access_text' => 'list_text',
    'access_boolean' => 'list_boolean',
  );
  $query = db_select('field_config', 'f');
  $query
    ->fields('f')
    ->condition('f.type', array_keys($map), 'IN');
  $result = $query
    ->execute();
  foreach ($result as $field) {
    $update = array();
    $update['type'] = $map[$field->type];
    $update['module'] = 'list';
    $data = unserialize($field->data);
    $data['settings'] = array(
      'allowed_values' => array(),
      'allowed_values_function' => '_access_field_allowed_values',
    );
    $update['data'] = serialize($data);
    db_update('field_config')
      ->fields($update)
      ->condition('id', $field->id)
      ->execute();
  }
  field_cache_clear(TRUE);
  drupal_static_reset('access_scheme_info');
}

/**
 * Rename {access_scheme}.realm_type to {access_scheme}.type.
 */
function access_update_7106() {
  db_change_field('access_scheme', 'realm_type', 'type', array(
    'description' => 'The scheme type.',
    'type' => 'varchar',
    'length' => 255,
    'not null' => TRUE,
    'default' => '',
  ));
}

/**
 * Add the {access_scheme}.realm_field_name field.
 */
function access_update_7107() {
  db_add_field('access_scheme', 'realm_field_name', array(
    'description' => 'The name of the field attached to grants in this scheme that determines the realm values.',
    'type' => 'varchar',
    'length' => 32,
    'not null' => TRUE,
    'default' => '',
  ));
  $result = db_query('SELECT sid, machine_name FROM {access_scheme}');
  foreach ($result as $row) {
    db_update('access_scheme')
      ->fields(array(
      'realm_field_name' => 'ack_' . $row->machine_name,
    ))
      ->condition('sid', $row->sid)
      ->execute();
  }
}