administerusersbyrole.module in Administer Users by Role 6
Same filename and directory in other branches
Non-displayable characters.
File
administerusersbyrole.moduleView source
<?php
/**
* Implements hook_perm().
*/
function administerusersbyrole_perm() {
$roles = db_query('SELECT name FROM {role} WHERE rid > 2 ORDER BY name');
$perms = array();
$perms[] = 'create users';
$perms[] = 'edit users with no custom roles';
$perms[] = 'delete users with no custom roles';
while ($role = db_fetch_array($roles)) {
$perms[] = _administerusersbyrole_build_perm_string($role['name'], 'edit', FALSE);
$perms[] = _administerusersbyrole_build_perm_string($role['name'], 'edit', TRUE);
$perms[] = _administerusersbyrole_build_perm_string($role['name'], 'delete', FALSE);
$perms[] = _administerusersbyrole_build_perm_string($role['name'], 'delete', TRUE);
}
return $perms;
}
/**
* Implements hook_init().
*/
function administerusersbyrole_init() {
$items = array();
if (arg(0) === 'admin' && arg(1) === 'user' && arg(2) === 'user' && arg(3) === 'create') {
if (!user_access('create users')) {
drupal_set_message(t('You do not have permission to create users.'), 'error');
drupal_goto("");
}
}
elseif (arg(0) === 'user') {
$uid = arg(1);
if (module_exists('me')) {
$uid = _me_check_arg($uid);
}
$account = user_load(array(
'uid' => $uid,
));
switch (arg(2)) {
case 'edit':
if (!_administerusersbyrole_can_edit_user($account)) {
drupal_set_message(t('You do not have permission to edit %user.', array(
'%user' => $account->name,
)), 'error');
drupal_goto('user/' . $account->uid);
}
break;
case 'delete':
if (!_administerusersbyrole_can_delete_user($account)) {
drupal_set_message(t('You do not have permission to delete %user.', array(
'%user' => $account->name,
)), 'error');
drupal_goto('user/' . $account->uid);
}
break;
}
}
return $items;
}
function _administerusersbyrole_can_edit_user($account) {
global $user;
if ($account->uid == $user->uid) {
return TRUE;
}
// allow only uid1 to edit uid1
if ($account->uid == 1) {
return FALSE;
}
if ($account->roles === array(
DRUPAL_AUTHENTICATED_RID => 'authenticated user',
)) {
if (!user_access('edit users with no custom roles')) {
return FALSE;
}
}
$allow = TRUE;
foreach ($account->roles as $rid => $role) {
if ($rid === DRUPAL_AUTHENTICATED_RID) {
continue;
}
if (user_access(_administerusersbyrole_build_perm_string($role, 'edit', TRUE))) {
return TRUE;
}
if (!user_access(_administerusersbyrole_build_perm_string($role, 'edit', FALSE))) {
$allow = FALSE;
}
}
return $allow;
}
function _administerusersbyrole_can_delete_user($account) {
if ($account->uid == 1) {
return FALSE;
}
if ($account->roles === array(
DRUPAL_AUTHENTICATED_RID => 'authenticated user',
)) {
if (!user_access('delete users with no custom roles')) {
return FALSE;
}
}
$allow = TRUE;
foreach ($account->roles as $rid => $role) {
if ($rid === DRUPAL_AUTHENTICATED_RID) {
continue;
}
if (user_access(_administerusersbyrole_build_perm_string($role, 'delete', TRUE))) {
return TRUE;
}
if (!user_access(_administerusersbyrole_build_perm_string($role, 'delete', FALSE))) {
$allow = FALSE;
}
}
return $allow;
}
/**
* Implements hook_form_FORM_ID_alter().
*/
function administerusersbyrole_form_user_multiple_delete_confirm_alter(&$form, &$form_state) {
$anyallowed = FALSE;
foreach (array_filter($form_state['post']['accounts']) as $uid => $value) {
$account = user_load($uid);
if (_administerusersbyrole_can_delete_user($account)) {
$anyallowed = TRUE;
}
else {
drupal_set_message(t('You do not have permission to delete %user.', array(
'%user' => $account->name,
)), 'error');
unset($form_state['post']['accounts'][$uid]);
unset($form['accounts'][$uid]);
}
}
if (!$anyallowed) {
drupal_goto(drupal_substr($form['#action'], 1));
}
}
/**
* Implements hook_user().
*/
function administerusersbyrole_user($op, &$edit, &$account, $category = NULL) {
if (defined('MAINTENANCE_MODE') && MAINTENANCE_MODE == 'install') {
return;
}
if ($op === 'update' && $category === 'account') {
if (!_administerusersbyrole_can_edit_user($account)) {
if (isset($edit['status'])) {
$action = $edit['status'] ? t('unblock') : t('block');
drupal_set_message(t('You do not have permission to @action %user.', array(
'@action' => $action,
'%user' => $account->name,
)), 'error');
unset($edit['status']);
}
}
}
}
/**
* Generates a permission string for a given a role name.
*/
function _administerusersbyrole_build_perm_string($role_name, $op = 'edit', $other = FALSE) {
$perm = "{$op} users with role ";
$perm .= preg_replace('/[^a-zA-Z0-9]/', '', $role_name);
if ($other) {
$perm .= ' and other roles';
}
return $perm;
}
Functions
Name | Description |
---|---|
administerusersbyrole_form_user_multiple_delete_confirm_alter | Implements hook_form_FORM_ID_alter(). |
administerusersbyrole_init | Implements hook_init(). |
administerusersbyrole_perm | Implements hook_perm(). |
administerusersbyrole_user | Implements hook_user(). |
_administerusersbyrole_build_perm_string | Generates a permission string for a given a role name. |
_administerusersbyrole_can_delete_user | |
_administerusersbyrole_can_edit_user |