function masquerade_user in Masquerade 6
Same name and namespace in other branches
- 5 masquerade.module \masquerade_user()
Implementation of hook_user().
File
- ./
masquerade.module, line 318 - masquerade.module
Code
function masquerade_user($op, &$edit, &$edit_user, $category = NULL) {
static $old_session_id;
switch ($op) {
case 'logout':
if (!empty($edit_user->masquerading)) {
global $user;
cache_clear_all($user->uid, 'cache_menu', true);
$real_user = user_load(array(
'uid' => $user->masquerading,
));
watchdog('masquerade', "User %user no longer masquerading as %masq_as.", array(
'%user' => $real_user->name,
'%masq_as' => $user->name,
), WATCHDOG_INFO);
db_query("DELETE FROM {masquerade} WHERE sid = '%s' AND uid_as = %d", session_id(), $edit_user->uid);
}
break;
case 'view':
// check if user qualifies as admin
$roles = array_keys(array_filter(variable_get('masquerade_admin_roles', array())));
$perm = $edit_user->uid == 1 || array_intersect(array_keys((array) $edit_user->roles), $roles) ? 'masquerade as admin' : 'masquerade as user';
global $user;
// Query allowed uids so the "masquerade as <user>" link can be shown or
// hidden.
$allowed_uids = array();
$result = db_query("SELECT uid_to FROM {masquerade_users} WHERE uid_from = %d", $user->uid);
while ($uid_to = db_result($result)) {
$allowed_uids[] = $uid_to;
}
$can_masquerade_as_user = in_array($edit_user->uid, $allowed_uids) || user_access('masquerade as any user');
if (user_access($perm) && empty($edit_user->masquerading) && $user->uid != $edit_user->uid && $can_masquerade_as_user) {
$edit_user->content['Masquerade'] = array(
'#value' => l(t('Masquerade as !user', array(
'!user' => $edit_user->name,
)), 'masquerade/switch/' . $edit_user->uid, array(
'query' => array(
'token' => drupal_get_token('masquerade/switch/' . $edit_user->uid),
),
'destination' => $_GET['q'],
'attributes' => array(
'class' => 'masquerade-switch',
),
)),
'#weight' => 10,
);
}
break;
case 'form':
$form = array();
if ($category == 'account') {
$form['masquerade'] = array(
'#type' => 'fieldset',
'#title' => t('Masquerade settings'),
'#access' => user_access('administer masquerade'),
);
$result = db_query("SELECT uid_to FROM {masquerade_users} WHERE uid_from = %d", $edit_user->uid);
$masquerade_users = array();
while ($uid_to = db_result($result)) {
$u = user_load($uid_to);
$masquerade_users[] = $u->name;
}
$form['masquerade']['masquerade_users'] = array(
'#type' => 'textfield',
'#title' => t('Enter the users this user is able to masquerade as'),
'#description' => t('Enter a comma separated list of user names that this user can masquerade as.'),
'#autocomplete_path' => 'masquerade/autocomplete-user',
'#default_value' => implode(", ", $masquerade_users),
'#maxlength' => NULL,
);
}
return $form;
break;
case 'validate':
if ($category == 'account' && isset($edit['masquerade_users'])) {
$users = drupal_explode_tags($edit['masquerade_users']);
foreach ($users as $user) {
if (!user_load(array(
'name' => $user,
))) {
form_set_error('masquerade_users', t('%user is not a valid user name.', array(
'%user' => $user,
)));
}
}
}
break;
case 'submit':
$old_session_id = session_id();
break;
case 'update':
if ($category == 'account' && isset($edit['masquerade_users'])) {
$users = drupal_explode_tags($edit['masquerade_users']);
db_query("DELETE FROM {masquerade_users} WHERE uid_from = %d", $edit_user->uid);
foreach ($users as $user) {
$u = user_load(array(
'name' => $user,
));
db_query("INSERT INTO {masquerade_users} VALUES (%d, %d)", $edit_user->uid, $u->uid);
}
$edit['masquerade_users'] = NULL;
}
break;
case 'delete':
db_query("DELETE FROM {masquerade_users} WHERE uid_from = %d OR uid_to = %d", $edit_user->uid, $edit_user->uid);
break;
case 'after_update':
if (isset($old_session_id) && session_id() != $old_session_id) {
db_query("UPDATE {masquerade} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
}
break;
}
}