function path_access_init in Path Access 6
Implementation of hook_init().
File
- ./
path_access.module, line 35 - Restricts access to any Drupal path on a per-role basis.
Code
function path_access_init() {
global $user;
// User #1 has all privileges:
if ($user->uid == 1) {
return 1;
}
// If the module weights module is installed, use it's API to get the highest
// weighted role. Otherwise, just loop through the user's roles and use the
// last one.
if (module_exists('role_weights')) {
$role = module_invoke('role_weights', 'get_highest', $user->roles);
}
else {
foreach ($user->roles as $k => $v) {
$role = $k;
}
}
$visibility = PATH_ACCESS_VISIBILITY_LISTED;
$pages = '';
$result = db_query('SELECT pages, visibility FROM {path_access} WHERE rid = %d', $role);
while ($role = db_fetch_object($result)) {
$pages .= $role->pages . "\n";
$visibility = $role->visibility && $visibility;
}
$visibility = $visibility > 0 ? PATH_ACCESS_VISIBILITY_LISTED : PATH_ACCESS_VISIBILITY_NOTLISTED;
// Match path if necessary.
if ($pages) {
// Convert path to lowercase. This allows comparison of the same path
// with different case. Ex: /Page, /page, /PAGE.
$pages = drupal_strtolower($pages);
// Convert the Drupal path to lowercase
$path = drupal_strtolower(drupal_get_path_alias($_GET['q']));
// Compare the lowercase internal and lowercase path alias (if any).
$page_match = drupal_match_path($path, $pages);
if ($path != $_GET['q']) {
$page_match = $page_match || drupal_match_path($_GET['q'], $pages);
}
// When $visibility has a value of 0 (PATH_ACCESS_VISIBILITY_NOTLISTED),
// the block is displayed on all pages except those listed in $pages.
// When set to 1 (PATH_ACCESS_VISIBILITY_LISTED), it is displayed only on
// those pages listed in $pages.
$page_match = !($visibility xor $page_match);
}
else {
$page_match = TRUE;
}
// Check that the current page is not a protected page before blocking user.
if (!$page_match && !path_access_protected_pages($path)) {
drupal_access_denied();
exit;
}
}