You are here

comment_perm.module in Comment Permissions 7.2

Control commenting permissions by role and by node type.

File

comment_perm.module
View source
<?php

/**
 * @file
 * Control commenting permissions by role and by node type.
 */

/**
 * Implements hook_help().
 */
function comment_perm_help($path, $arg) {
  $output = '';
  switch ($path) {
    case 'admin/help#comment_perm':
      $output = '<h3>' . t('About') . '</h3>';
      $output .= '<p>' . t('The Comment Permissions module enables control of commenting by user role and by node type.
        Additional user permissions for selected node types are added to the user access system so you can configure commenting with more control
        than Drupal core provides.') . '</p>';
      $output .= '<p>' . t('This module is not entirely rewriting access system for comment module.
        Instead, it\'s overriding it, by providing an additional access level.
        To make it working you need first to give access permission for comment
        module, after, you can customize permission access level per content type
        or user, in comment_perm module.') . '</p>';
      $output .= '<h3>' . t('How it works') . '</h3>';
      $output .= '<dl>';
      $output .= '<dt><strong>' . t('Administration » Configuration » System » Comment permissions') . '</strong></dt>';
      $output .= '<dd>' . t('Select and enable the extended comment permissions for certain content types.') . '</dd>';
      $output .= '</dl>';
      $output .= '<dl>';
      $output .= '<dt><strong>' . t('Administration » People » Permissions') . '</strong></dt>';
      $output .= '<dd>' . t('Configure which roles can access/post comments for enabled content types.') . '</dd>';
      $output .= '<dd>' . t('1. Give needed permissions access for comment module') . '</dd>';
      $output .= '<dd>' . t('2. Give needed permissions access per content type for comment_perm module') . '</dd>';
      $output .= '</dl>';
      break;
  }
  return $output;
}

/**
 * Implements hook_menu().
 */
function comment_perm_menu() {
  $items = array();
  $items['admin/config/system/comment_perm'] = array(
    'title' => 'Comment permissions',
    'description' => 'Setup comment permissions by user role and by node type.',
    'page callback' => 'drupal_get_form',
    'page arguments' => array(
      'comment_perm_admin_settings',
    ),
    'access arguments' => array(
      'administer site configuration',
    ),
    'type' => MENU_NORMAL_ITEM,
    'file' => 'comment_perm.admin.inc',
  );
  return $items;
}

/**
 * Implements hook_permission().
 */
function comment_perm_permission() {
  $types = variable_get('comment_perm_node_types', array());
  $perms = array();
  if (empty($types)) {
    return $perms;
  }
  foreach ($types as $type) {
    $label = ucfirst($type);
    if ($type) {
      $perms["administer comments {$type}"] = array(
        'title' => t('%type: Administer any comments and comment settings', array(
          '%type' => $label,
        )),
      );
      $perms["administer comments own {$type}"] = array(
        'title' => t('%type: Administer comments and comment settings for own content', array(
          '%type' => $label,
        )),
      );
      $perms["access comments {$type}"] = array(
        'title' => t('%type: View comments', array(
          '%type' => $label,
        )),
      );
      $perms["post comments {$type}"] = array(
        'title' => t('%type: Post comment', array(
          '%type' => $label,
        )),
      );
      $perms["skip comment approval {$type}"] = array(
        'title' => t('%type: Skip comment approval', array(
          '%type' => $label,
        )),
      );
      $perms["skip comment approval own {$type}"] = array(
        'title' => t('%type: Skip comment approval for own content', array(
          '%type' => $label,
        )),
      );
      $perms["edit own comments {$type}"] = array(
        'title' => t('%type: Edit own comments', array(
          '%type' => $label,
        )),
      );
    }
  }
  return $perms;
}

/**
 * Implements hook_comment_view_alter().
 */
function comment_perm_comment_view_alter(&$build) {
  $node = $build['#node'];
  if (!comment_perm_active_type($node->type)) {
    return;
  }
  if (!comment_perm_edit_access($node) && !comment_perm_administer_access($node)) {
    if (isset($build['links']['comment']['#links']['comment-edit'])) {
      unset($build['links']['comment']['#links']['comment-edit']);
    }
  }
  if (!comment_perm_post_access($node) && !comment_perm_administer_access($node)) {
    if (isset($build['links']['comment']['#links']['comment-reply'])) {
      unset($build['links']['comment']['#links']['comment-reply']);
    }
  }
  if (!comment_perm_administer_access($node)) {
    if (isset($build['links']['comment']['#links']['comment-approve'])) {
      unset($build['links']['comment']['#links']['comment-approve']);
    }
    if (isset($build['links']['comment']['#links']['comment-delete'])) {
      unset($build['links']['comment']['#links']['comment-delete']);
    }
  }
}

/**
 * Implements hook_node_view_alter().
 */
function comment_perm_node_view_alter(&$build) {
  $node = $build['#node'];
  if (!comment_perm_active_type($node->type)) {
    return;
  }
  if (!comment_perm_access($node) && !comment_perm_administer_access($node)) {
    unset($build['comments']);
    return;
  }
  if (!comment_perm_post_access($node) && !comment_perm_administer_access($node)) {
    unset($build['comments']['comment_form'], $build['links']['comment']['#links']['comment-add']);
    if (variable_get('comment_perm_hide_comments', 0)) {
      unset($build['comments'], $build['links']['comment']);
      return;
    }
  }

  // Remove not approved comments from display.
  if (isset($build['comments']['comments']) && !comment_perm_administer_access($node)) {
    foreach ($build['comments']['comments'] as $key => $comment) {
      if (isset($comment['#comment']) && is_object($comment['#comment']) && $comment['#comment']->status == COMMENT_NOT_PUBLISHED) {
        unset($build['comments']['comments'][$key]);
      }
    }
  }
}

/**
 * Implements hook_form_alter().
 */
function comment_perm_form_alter(&$form, &$form_state, $form_id) {

  // Allow users to administer comment settings per node type.
  if (!empty($form['#node_edit_form']) && isset($form['comment_settings'])) {

    // Determine if user has access to administer comments.
    if (comment_perm_active_type($form['#node']->type) && comment_perm_administer_access($form['#node'])) {
      $form['comment_settings']['#access'] = TRUE;
    }
  }
  if (!isset($form['#id']) || $form['#id'] != 'comment-form') {
    return;
  }
  $node = $form['#node'];
  if (!comment_perm_active_type($node->type)) {
    return;
  }

  // Restrict access to comment reply form.
  if (!comment_perm_post_access($node) && !comment_perm_administer_access($node)) {
    if (arg(0) == 'comment' && (arg(1) == 'reply' || arg(2) == 'edit')) {
      drupal_access_denied();
    }
  }

  // Restrict access to comment edit form.
  if (!comment_perm_edit_access($node) && !comment_perm_administer_access($node)) {
    if (arg(0) == 'comment' && arg(2) == 'edit') {
      drupal_access_denied();
    }
  }
}

/**
 * Implements hook_form_FORM_ID_alter().
 */
function comment_perm_form_comment_confirm_delete_alter(&$form, &$form_state, $form_id) {
  $node = node_load($form['#comment']->nid);
  if (!comment_perm_active_type($node->type)) {
    return;
  }
  if (!comment_perm_administer_access($node)) {
    if (arg(0) == 'comment' && arg(2) == 'delete') {
      drupal_access_denied();
    }
  }
}

/**
 * Implements hook_comment_presave().
 */
function comment_perm_comment_presave($comment) {
  $node = node_load($comment->nid);

  // Re-write comment status based on user permission for current node type.
  if (comment_perm_active_type($node->type)) {
    $comment_status = COMMENT_NOT_PUBLISHED;
    if (comment_perm_skip_approval_access($node) || comment_perm_administer_access($node)) {
      $comment_status = COMMENT_PUBLISHED;
    }
    $comment->status = $comment_status;
  }
}

/**
 * Determine if a node type has enabled Comment permissions.
 *
 * @param string $type
 *   Node type.
 *
 * @return bool
 *   TRUE - Comment permissions per node type enabled, FALSE otherwise.
 */
function comment_perm_active_type($type) {
  $types = variable_get('comment_perm_node_types', array());
  if (in_array($type, $types, TRUE)) {
    return TRUE;
  }
  return FALSE;
}

/**
 * Determine access to view comments for current node type.
 *
 * @param object $node
 *   Node object.
 *
 * @return bool
 *   TRUE - Current node type has permission access, FALSE otherwise.
 */
function comment_perm_access($node) {
  return user_access("access comments {$node->type}");
}

/**
 * Determine access to post comments for current node type.
 *
 * @param object $node
 *   Node object.
 *
 * @return bool
 *   TRUE - Current node type has permission access, FALSE otherwise.
 */
function comment_perm_post_access($node) {
  return user_access("post comments {$node->type}");
}

/**
 * Determine access to edit comments for current node type.
 *
 * @param object $node
 *   Node object.
 *
 * @return bool
 *   TRUE - Current node type has permission access, FALSE otherwise.
 */
function comment_perm_edit_access($node) {
  return user_access("edit own comments {$node->type}");
}

/**
 * Determine access to post comments without approval for current node type.
 *
 * @param object $node
 *   Node object.
 *
 * @return bool
 *   TRUE - Current node type has permission access, FALSE otherwise.
 */
function comment_perm_skip_approval_access($node) {
  global $user;
  $skip_app_access = user_access("skip comment approval {$node->type}");
  if ($user->uid == $node->uid && $skip_app_access == FALSE) {
    $skip_app_access = user_access("skip comment approval own {$node->type}");
  }
  return $skip_app_access;
}

/**
 * Determine access to administer comments for current node type.
 *
 * @param object $node
 *   Node object.
 *
 * @return bool
 *   TRUE - Current node type has permission access, FALSE otherwise.
 */
function comment_perm_administer_access($node) {
  global $user;
  $admin_access = user_access("administer comments {$node->type}");
  if ($user->uid == $node->uid && $admin_access == FALSE) {
    $admin_access = user_access("administer comments own {$node->type}");
  }
  return $admin_access;
}

Functions

Namesort descending Description
comment_perm_access Determine access to view comments for current node type.
comment_perm_active_type Determine if a node type has enabled Comment permissions.
comment_perm_administer_access Determine access to administer comments for current node type.
comment_perm_comment_presave Implements hook_comment_presave().
comment_perm_comment_view_alter Implements hook_comment_view_alter().
comment_perm_edit_access Determine access to edit comments for current node type.
comment_perm_form_alter Implements hook_form_alter().
comment_perm_form_comment_confirm_delete_alter Implements hook_form_FORM_ID_alter().
comment_perm_help Implements hook_help().
comment_perm_menu Implements hook_menu().
comment_perm_node_view_alter Implements hook_node_view_alter().
comment_perm_permission Implements hook_permission().
comment_perm_post_access Determine access to post comments for current node type.
comment_perm_skip_approval_access Determine access to post comments without approval for current node type.