function og_ui_admin_permissions in Organic groups 7.2
Menu callback: administer permissions.
Parameters
$group_type: Group entity type. E.g. 'node'.
$gid: Group item ID.
$bundle: Group bundle.
$rid.: Role ID. When specified, edit only this role's permissions.
See also
og_ui_admin_permissions_submit()
theme_og_ui_admin_permissions()
2 string references to 'og_ui_admin_permissions'
- og_ui_forms in og_ui/
og_ui.module - Implement hook_forms().
- og_ui_menu in og_ui/
og_ui.module - Implements hook_menu().
File
- og_ui/
og_ui.admin.inc, line 713 - Admin settings for Organic groups module.
Code
function og_ui_admin_permissions($form, $form_state, $group_type = '', $gid = 0, $bundle = '', $rid = 0) {
if ($rid) {
// Get group type and bundle from role.
$role = og_role_load($rid);
$bundle = $role->group_bundle;
$group_type = $role->group_type;
}
if ($gid) {
og_set_breadcrumb($group_type, $gid, array(
l(t('Group'), "{$group_type}/{$gid}/group"),
));
list(, , $bundle) = entity_extract_ids($group_type, entity_load_single($group_type, $gid));
}
$form['group_type'] = array(
'#type' => 'value',
'#value' => $group_type,
);
$form['bundle'] = array(
'#type' => 'value',
'#value' => $bundle,
);
$form['gid'] = array(
'#type' => 'value',
'#value' => $gid,
);
$role_names = _og_ui_get_role_names($group_type, $bundle, $gid, $rid);
// Fetch permissions for all roles or the one selected role.
$role_permissions = og_role_permissions($role_names);
// Store $role_names for use when saving the data.
$form['role_names'] = array(
'#type' => 'value',
'#value' => $role_names,
);
// Render role/permission overview:
$options = array();
// Get the list of modules and sort it by name.
$module_info = system_get_info('module');
// Prepare the array of OG permissions so the modules are ordered by name.
$modules = array();
foreach (module_implements('og_permission') as $module) {
$modules[$module] = $module_info[$module]['name'];
}
asort($modules);
$permissions_by_module = array_fill_keys(array_keys($modules), array());
// Get a list of all the modules implementing a hook_permission() and sort by
// display name.
foreach (og_get_permissions() as $perm => $value) {
$module = $value['module'];
$permissions_by_module[$module][$perm] = $value;
}
foreach ($permissions_by_module as $module => $permissions) {
$form['permission'][] = array(
'#markup' => $module_info[$module]['name'],
'#id' => $module,
);
foreach ($permissions as $perm => $perm_item) {
// Fill in default values for the permission.
$perm_item += array(
'description' => '',
'restrict access' => FALSE,
'warning' => !empty($perm_item['restrict access']) ? t('Warning: Give to trusted roles only; this permission has security implications in the group context.') : '',
);
// If the user can manage permissions, but does not have administer
// group permission, hide restricted permissions from them. This
// prevents users from escalating their privileges.
if ($gid && ($perm_item['restrict access'] && !og_user_access($group_type, $gid, 'administer group'))) {
continue;
}
$options[$perm] = '';
$form['permission'][$perm] = array(
'#type' => 'item',
'#markup' => $perm_item['title'],
'#description' => theme('user_permission_description', array(
'permission_item' => $perm_item,
)),
);
foreach ($role_names as $rid => $name) {
// Builds arrays for checked boxes for each role
if (isset($role_permissions[$rid][$perm])) {
$status[$rid][] = $perm;
}
}
}
}
// Have to build checkboxes here after checkbox arrays are built
foreach ($role_names as $rid => $name) {
$form['checkboxes'][$rid] = array(
'#type' => 'checkboxes',
'#options' => $options,
'#default_value' => isset($status[$rid]) ? $status[$rid] : array(),
'#attributes' => array(
'class' => array(
'rid-' . $rid,
),
),
);
$form['role_names'][$rid] = array(
'#markup' => check_plain($name),
'#tree' => TRUE,
);
}
if (!$gid || !og_is_group_default_access($group_type, $gid)) {
$form['actions'] = array(
'#type' => 'actions',
);
$form['actions']['submit'] = array(
'#type' => 'submit',
'#value' => t('Save permissions'),
'#submit' => array(
'og_ui_admin_permissions_submit',
),
);
}
$form['#after_build'][] = 'og_ui_admin_permissions_after_build';
return $form;
}