You are here

function nodeaccess_grants_form in Nodeaccess 5

Same name and namespace in other branches
  1. 6.2 nodeaccess.module \nodeaccess_grants_form()
  2. 6 nodeaccess.module \nodeaccess_grants_form()
  3. 7 nodeaccess.module \nodeaccess_grants_form()

Menu callback. Draws the grant tab.

1 string reference to 'nodeaccess_grants_form'
nodeaccess_grants in ./nodeaccess.module
Menu callback. Draws the grant tab.

File

./nodeaccess.module, line 270

Code

function nodeaccess_grants_form($nid, $form_values = NULL) {
  $node = node_load($nid);
  $form_values = $_POST;
  if (!$form_values) {
    $form_values = array();

    // Load all roles.
    $result = db_query("SELECT r.rid, nra.name, na.grant_view, na.grant_update, na.grant_delete FROM {role} r LEFT JOIN {nodeaccess_role_alias} nra ON r.rid = nra.rid LEFT JOIN {node_access} na ON r.rid = na.gid AND na.realm = '%s' AND na.nid = %d ORDER BY nra.weight, nra.name", 'nodeaccess_rid', $node->nid);
    while ($grant = db_fetch_object($result)) {
      $form_values['rid'][$grant->rid] = array(
        'name' => $grant->name,
        'grant_view' => (bool) $grant->grant_view,
        'grant_update' => (bool) $grant->grant_update,
        'grant_delete' => (bool) $grant->grant_delete,
      );
    }

    // Load users from node_access.
    $result = db_query("SELECT uid, name, grant_view, grant_update, grant_delete FROM {node_access} LEFT JOIN {users} ON uid = gid WHERE nid = %d AND realm = '%s' ORDER BY name", $node->nid, 'nodeaccess_uid');
    while ($account = db_fetch_object($result)) {
      $form_values['uid'][$account->uid] = array(
        'name' => $account->name,
        'keep' => 1,
        'grant_view' => $account->grant_view,
        'grant_update' => $account->grant_update,
        'grant_delete' => $account->grant_delete,
      );
    }
  }
  else {

    // Delete unkept users.
    if (is_array($form_values['uid'])) {
      foreach ($form_values['uid'] as $uid => $row) {
        if (!$row['keep']) {
          unset($form_values['uid'][$uid]);
        }
      }
    }
    if (!$form_values['uid']) {
      unset($form_values['uid']);
    }

    // Perform search.
    if ($form_values['keys']) {
      $sql = "SELECT uid, name FROM {users} WHERE name LIKE '%%%s%%'";
      $params = array(
        preg_replace('!\\*+!', '%', $form_values['keys']),
      );
      if (is_array($form_values['uid'])) {
        $sql .= ' AND uid NOT IN (%s)';
        $params[] = implode(',', array_keys($form_values['uid']));
      }
      $result = db_query($sql, $params);
      while ($account = db_fetch_object($result)) {
        $form_values['uid'][$account->uid] = array(
          'name' => $account->name,
          'keep' => 0,
        );
      }
    }

    // Calculate default grants for found users.
    if (is_array($form_values['uid'])) {
      foreach (array_keys($form_values['uid']) as $uid) {
        if (!$form_values['uid'][$uid]['keep']) {
          foreach (array(
            'grant_view',
            'grant_update',
            'grant_delete',
          ) as $grant_type) {
            $form_values['uid'][$uid][$grant_type] = db_result(db_query("SELECT count(*) FROM {node_access} na LEFT JOIN {users_roles} r ON na.gid = r.rid WHERE nid = %d AND realm = '%s' AND uid = %d AND %s = 1 LIMIT 1 OFFSET 0", $node->nid, 'nodeaccess_rid', $uid, $grant_type)) || db_result(db_query("SELECT count(*) FROM {node_access} na WHERE nid = %d AND realm = '%s' AND gid = %d AND %s = 1 LIMIT 1 OFFSET 0", $node->nid, 'nodeaccess_uid', $uid, $grant_type));
          }
        }
      }
    }
  }
  $roles = $form_values['rid'];
  $users = $form_values['uid'];
  $form['nid'] = array(
    '#type' => 'value',
    '#value' => $node->nid,
  );
  $allowed_roles = variable_get('nodeaccess-roles', array());
  $allowed_grants = variable_get('nodeaccess-grants', array());

  // If $preserve is true, the fields the user is not allowed to view or
  // edit are included in the form as hidden fields to preserve them.
  $preserve = variable_get('nodeaccess-preserve', 1);

  // Roles table.
  if (is_array($roles)) {
    $form['rid'] = array(
      '#tree' => TRUE,
    );
    foreach ($roles as $key => $field) {
      if ($allowed_roles[$key]) {
        $form['rid'][$key]['name'] = array(
          '#type' => 'hidden',
          '#value' => $field['name'],
        );
        if ($allowed_grants['view']) {
          $form['rid'][$key]['grant_view'] = array(
            '#type' => 'checkbox',
            '#default_value' => $field['grant_view'],
          );
        }
        else {
          if ($preserve) {
            $form['rid'][$key]['grant_view'] = array(
              '#type' => 'hidden',
              '#value' => $field['grant_view'],
            );
          }
        }
        if ($allowed_grants['edit']) {
          $form['rid'][$key]['grant_update'] = array(
            '#type' => 'checkbox',
            '#default_value' => $field['grant_update'],
          );
        }
        else {
          if ($preserve) {
            $form['rid'][$key]['grant_update'] = array(
              '#type' => 'hidden',
              '#value' => $field['grant_update'],
            );
          }
        }
        if ($allowed_grants['delete']) {
          $form['rid'][$key]['grant_delete'] = array(
            '#type' => 'checkbox',
            '#default_value' => $field['grant_delete'],
          );
        }
        else {
          if ($preserve) {
            $form['rid'][$key]['grant_delete'] = array(
              '#type' => 'hidden',
              '#value' => $field['grant_delete'],
            );
          }
        }
      }
      else {
        if ($preserve) {
          $form['rid'][$key]['name'] = array(
            '#type' => 'hidden',
            '#value' => $field['name'],
          );
          $form['rid'][$key]['grant_view'] = array(
            '#type' => 'hidden',
            '#value' => $field['grant_view'],
          );
          $form['rid'][$key]['grant_update'] = array(
            '#type' => 'hidden',
            '#value' => $field['grant_update'],
          );
          $form['rid'][$key]['grant_delete'] = array(
            '#type' => 'hidden',
            '#value' => $field['grant_delete'],
          );
        }
      }
    }
  }

  // Users table.
  if (is_array($users)) {
    $form['uid'] = array(
      '#tree' => TRUE,
    );
    foreach ($users as $key => $field) {
      $form['uid'][$key]['name'] = array(
        '#type' => 'hidden',
        '#value' => $field['name'],
      );
      $form['uid'][$key]['keep'] = array(
        '#type' => 'checkbox',
        '#default_value' => $field['keep'],
      );
      if ($allowed_grants['view']) {
        $form['uid'][$key]['grant_view'] = array(
          '#type' => 'checkbox',
          '#default_value' => $field['grant_view'],
        );

        // Because of a bug in the form API, dynamic checkboxes
        // must be checked explicitly.
        if ($field['grant_view']) {
          $form['uid'][$key]['grant_view']['#attributes'] = array(
            'checked' => 'checked',
          );
        }
      }
      else {
        if ($preserve) {

          // Dynamic hidden fields work fine.
          $form['uid'][$key]['grant_view'] = array(
            '#type' => 'hidden',
            '#value' => $field['grant_view'],
          );
        }
      }
      if ($allowed_grants['edit']) {
        $form['uid'][$key]['grant_update'] = array(
          '#type' => 'checkbox',
          '#default_value' => $field['grant_update'],
        );
        if ($field['grant_update']) {
          $form['uid'][$key]['grant_update']['#attributes'] = array(
            'checked' => 'checked',
          );
        }
      }
      else {
        if ($preserve) {
          $form['uid'][$key]['grant_update'] = array(
            '#type' => 'hidden',
            '#value' => $field['grant_update'],
          );
        }
      }
      if ($allowed_grants['delete']) {
        $form['uid'][$key]['grant_delete'] = array(
          '#type' => 'checkbox',
          '#default_value' => $field['grant_delete'],
        );
        if ($field['grant_delete']) {
          $form['uid'][$key]['grant_delete']['#attributes'] = array(
            'checked' => 'checked',
          );
        }
      }
      else {
        if ($preserve) {
          $form['uid'][$key]['grant_delete'] = array(
            '#type' => 'hidden',
            '#value' => $field['grant_delete'],
          );
        }
      }
    }
  }

  // Autocomplete returns errors if users don't have access to profiles.
  if (user_access('access user profiles')) {
    $form['keys'] = array(
      '#type' => 'textfield',
      '#default_value' => $form_values['keys'],
      '#size' => 40,
      '#autocomplete_path' => 'user/autocomplete',
    );
  }
  else {
    $form['keys'] = array(
      '#type' => 'textfield',
      '#default_value' => $form_values['keys'],
      '#size' => 40,
    );
  }
  $form['search'] = array(
    '#type' => 'button',
    '#value' => t('Search'),
  );
  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Save Grants'),
  );
  return $form;
}