private function ForumAccessTestCase::testForumAccessAllowed in Forum Access 6
This function calculates if a user is allowed to perform a certain action
10 calls to ForumAccessTestCase::testForumAccessAllowed()
- ForumAccessTestCase::testForumAccessCreateComment in ./
forum_access.test - This function test if the user can create a comment Three steps: is there a create link, does the create comment page opens and can the new comment be saved
- ForumAccessTestCase::testForumAccessCreateReply in ./
forum_access.test - This function test if the user can create a reply on a comment Three steps: is there a create link, does the create reply page opens and can the new reply on a comment be saved
- ForumAccessTestCase::testForumAccessCreateTopic in ./
forum_access.test - This function test if the user can create a topic Three steps: is there a create link, does the create topic page opens and can the new topic be saved
- ForumAccessTestCase::testForumAccessDeleteComment in ./
forum_access.test - This function test if the user can delete a comment Three steps: is there a delete link, does the delete page opens and can the comment be deleted
- ForumAccessTestCase::testForumAccessDeleteTopic in ./
forum_access.test - This function test if the user can delete a topic Four steps: is there a edit link, does the edit page opens, is there a delete link on the edit page and can the topic be deleted
File
- ./
forum_access.test, line 231 - Test file for forum_access.module.
Class
- ForumAccessTestCase
- This is the base class for forum access testing.
Code
private function testForumAccessAllowed($type = '', $content_id = 0) {
/**
* The rules according to forum_access
*
* the 'access content' and 'access comments' permissions AND View to be able to see this forum and its content at all,
* the 'create forum topics' (and similar) permissions AND Post to be able to create forum content, and
* the 'post comments' and (probably) 'post comments without approval' permission AND Post to be able to post comments/replies;
*
* the 'edit own forum topics' or 'edit any forum topic' (and similar) permissions (OR Edit) can be added if desired, plus
* the 'delete own forum topics' or 'delete any forum topic' (and similar) permissions (OR Delete) if desired;
*
* the 'administer comments' (global!) permission OR Edit/Delete to be able to edit/delete comments;
* the 'administer forums' permission AND View to be able to administer forums (and change access!).
*
* content permissions: 'access content'
* comment permissions: 'access comments', 'administer comments', 'post comments', 'post comments without approval'
* forum permissions: 'create forum topics', 'delete any forum topic', 'delete own forum topics', 'edit any forum topic', 'edit own forum topics'
*/
global $user;
$current_user_is_content_owner = FALSE;
if (!$this->loggedInUser) {
if ($type == 'topic_update' || $type == 'topic_delete') {
$topic = node_load($content_id);
if ($topic && empty($topic->uid)) {
$current_user_is_content_owner = TRUE;
$this
->pass(t('Anonymous is the topic owner'), 'Debug');
}
else {
$this
->pass(t('Anonymous is NOT the topic owner'), 'Debug');
}
}
if ($type == 'comment_update' || $type == 'comment_delete') {
$comment = _comment_load($content_id);
if ($comment && empty($comment->uid)) {
$current_user_is_content_owner = TRUE;
$this
->pass(t('Anonymous is the comment owner'), 'Debug');
}
else {
$this
->pass(t('Anonymous is NOT the comment owner'), 'Debug');
}
}
$anonymous_permissions = $this->testForumAccessPermissionsAnonymous;
}
else {
if ($this->testForumAccessCurrentUsername != 'admin_user' && in_array($this->testForumAccessUsers[$this->testForumAccessCurrentUsername]->uid, $this->testForumAccessModerators)) {
$current_user_is_moderator = TRUE;
}
else {
$current_user_is_moderator = FALSE;
}
if ($type == 'topic_update' || $type == 'topic_delete') {
$topic = node_load($content_id);
if ($topic && $this->testForumAccessUidToName[$topic->uid] == $this->testForumAccessCurrentUsername) {
$current_user_is_content_owner = TRUE;
$this
->pass(t('The current user is the topic owner'), 'Debug');
}
else {
$this
->pass(t('The current user is NOT the topic owner'), 'Debug');
}
}
if ($type == 'comment_update' || $type == 'comment_delete') {
$comment = _comment_load($content_id);
if ($comment && $this->testForumAccessUidToName[$comment->uid] == $this->testForumAccessCurrentUsername) {
$current_user_is_content_owner = TRUE;
$this
->pass(t('The current user is the comment owner'), 'Debug');
}
else {
$this
->pass(t('The current user is NOT the comment owner'), 'Debug');
}
}
$user_permissions = $this->testForumAccessPermissions[$this->testForumAccessCurrentUsername];
}
switch ($type) {
case 'forum_view':
case 'topic_view':
if (!$this->loggedInUser) {
if (in_array('access content', $anonymous_permissions) && $this->testForumAccessGrants['anonymous_view']) {
return TRUE;
}
else {
return FALSE;
}
}
else {
if (in_array('access content', $user_permissions) && ($this->testForumAccessGrants['authenticated_view'] || $current_user_is_moderator)) {
return TRUE;
}
else {
return FALSE;
}
}
break;
case 'comment_view':
if (!$this->loggedInUser) {
if (in_array('access content', $anonymous_permissions) && in_array('access comments', $anonymous_permissions) && $this->testForumAccessGrants['anonymous_view']) {
return TRUE;
}
else {
return FALSE;
}
}
else {
if (in_array('access content', $user_permissions) && in_array('access comments', $user_permissions) && ($this->testForumAccessGrants['authenticated_view'] || $current_user_is_moderator)) {
return TRUE;
}
else {
return FALSE;
}
}
break;
case 'topic_create':
if (!$this->loggedInUser) {
if (in_array('create forum topics', $anonymous_permissions) && $this->testForumAccessGrants['anonymous_create']) {
return TRUE;
}
else {
return FALSE;
}
}
else {
if (in_array('create forum topics', $user_permissions) && ($this->testForumAccessGrants['authenticated_create'] || $current_user_is_moderator)) {
return TRUE;
}
else {
return FALSE;
}
}
break;
case 'comment_create':
if (!$this->loggedInUser) {
if (in_array('post comments', $anonymous_permissions) && $this->testForumAccessGrants['anonymous_create']) {
return TRUE;
}
else {
return FALSE;
}
}
else {
if (in_array('post comments', $user_permissions) && ($this->testForumAccessGrants['authenticated_create'] || $current_user_is_moderator)) {
return TRUE;
}
else {
return FALSE;
}
}
break;
case 'topic_update':
if (!$this
->testForumAccessAllowed('topic_view', $content_id)) {
return FALSE;
}
// check ownership
if (!$this->loggedInUser) {
if (in_array('edit any forum topic', $anonymous_permissions) || in_array('administer nodes', $anonymous_permissions) || $this->testForumAccessGrants['anonymous_update'] || in_array('edit own forum topics', $anonymous_permissions) && $current_user_is_content_owner) {
if (in_array('access content', $anonymous_permissions)) {
return TRUE;
}
}
return FALSE;
}
else {
if (in_array('edit any forum topic', $user_permissions) || in_array('administer nodes', $user_permissions) || $this->testForumAccessGrants['authenticated_update'] || in_array('edit own forum topics', $user_permissions) && $current_user_is_content_owner || $current_user_is_moderator) {
if (in_array('access content', $user_permissions)) {
return TRUE;
}
}
return FALSE;
}
break;
case 'comment_update':
if (!$this
->testForumAccessAllowed('comment_view', $content_id)) {
return FALSE;
}
// check ownership
if (!$this->loggedInUser) {
if (in_array('administer comments', $anonymous_permissions) || $this->testForumAccessGrants['anonymous_update']) {
if (in_array('access content', $anonymous_permissions) && in_array('access comments', $anonymous_permissions)) {
return TRUE;
}
}
return FALSE;
}
else {
if (in_array('administer comments', $user_permissions) || $this->testForumAccessGrants['authenticated_update'] || $current_user_is_moderator) {
if (in_array('access content', $user_permissions) && in_array('access comments', $user_permissions)) {
return TRUE;
}
}
elseif ($current_user_is_content_owner) {
session_save_session(FALSE);
$user_saved = $user;
$user = user_load($comment->uid);
$allow_editing_own_comment = comment_access('edit', $comment);
$user = $user_saved;
session_save_session(TRUE);
if ($allow_editing_own_comment) {
return TRUE;
}
}
return FALSE;
}
break;
case 'topic_delete':
if (!$this
->testForumAccessAllowed('topic_view', $content_id)) {
return FALSE;
}
// check ownership
if (!$this->loggedInUser) {
if (in_array('delete any forum topic', $anonymous_permissions) || in_array('administer nodes', $anonymous_permissions) || $this->testForumAccessGrants['anonymous_delete'] || in_array('delete own forum topics', $anonymous_permissions) && $current_user_is_content_owner) {
if (in_array('access content', $anonymous_permissions)) {
return TRUE;
}
}
return FALSE;
}
else {
if (in_array('delete any forum topic', $user_permissions) || in_array('administer nodes', $user_permissions) || $this->testForumAccessGrants['authenticated_delete'] || in_array('delete own forum topics', $user_permissions) && $current_user_is_content_owner || $current_user_is_moderator) {
if (in_array('access content', $user_permissions)) {
return TRUE;
}
}
return FALSE;
}
break;
case 'comment_delete':
if (!$this
->testForumAccessAllowed('comment_view', $content_id)) {
return FALSE;
}
// check ownership
if (!$this->loggedInUser) {
if (in_array('administer comments', $anonymous_permissions) || $this->testForumAccessGrants['anonymous_delete']) {
if (in_array('access content', $anonymous_permissions) && in_array('access comments', $anonymous_permissions)) {
return TRUE;
}
}
return FALSE;
}
else {
if (in_array('administer comments', $user_permissions) || $this->testForumAccessGrants['authenticated_delete'] || $current_user_is_moderator) {
if (in_array('access content', $user_permissions) && in_array('access comments', $user_permissions)) {
return TRUE;
}
}
return FALSE;
}
break;
}
return FALSE;
}