function user_patterns_validate in Patterns 7
Same name and namespace in other branches
- 7.2 patterns_components/components/user.inc \user_patterns_validate()
File
- patterns_components/components/user.inc, line 198
Code
function user_patterns_validate($action, $tag, &$data) {
$status = PATTERNS_SUCCESS;
$msg = '';
if ($tag == 'user') {
$count = db_select('users', 'u')
->condition('u.uid', $data['uid'])
->countQuery()
->execute()
->fetchField();
if (!empty($data['uid']) && !$count) {
$status = PATTERNS_ERR;
$msg = t('Invalid user ID supplied: %uid', array(
'%uid' => $data['uid'],
));
}
global $user;
if ($data['uid'] === 0) {
$status = PATTERNS_ERR;
$msg = t('Cannot modify anonymous user account.');
}
elseif ($data['uid'] == 1 && $action === PATTERNS_DELETE) {
$status = PATTERNS_ERR;
$msg = t('Cannot delete super-user account.');
}
elseif ($data['uid'] == $user->uid && $action === PATTERNS_DELETE) {
$status = PATTERNS_ERR;
$msg = t('You cannot delete the current users account. Please log in with a different account and try again.');
}
elseif ($data['uid'] && $action === PATTERNS_CREATE) {
$status = PATTERNS_ERR;
$msg = t('The user %name already exist.', array(
'%name' => $data['name'],
));
}
elseif (empty($data['uid']) && (empty($data['name']) || empty($data['mail']))) {
$status = PATTERNS_ERR;
$msg = t("<br/>1. you didn't supply enough data for creation of the new account (both name and mail are required)<br/>or<br/>2. account you are trying to update doesn't exist (invalid uid or name).");
}
if (!empty($data['timezone'])) {
$zones = system_time_zones();
if (!array_key_exists($data['timezone'], $zones)) {
$status = PATTERNS_ERR;
$msg = t('Invalid timezone: %zone. Use the following format: America/New_York or Europe/Berlin', array(
'%zone' => $data['timezone'],
));
}
}
}
elseif ($tag == 'role') {
$isset_rid = FALSE;
$isset_rname = FALSE;
$rid_exist = FALSE;
$rname_exist = FALSE;
$rname_id = FALSE;
if (isset($data['rid'])) {
$isset_rid = TRUE;
}
if (isset($data['name'])) {
$isset_rname = TRUE;
}
if ($isset_rid) {
if (is_string($data['rid'])) {
$rid = db_select('role', 'r')
->fields('r', array(
'rid',
))
->condition('r.name', $data['rid'])
->execute()
->fetchField();
if ($rid) {
$data['rid'] = $rid;
$rid_exist = TRUE;
}
}
elseif (is_numeric($data['rid'])) {
$cnt = db_query("SELECT COUNT(*) FROM {role} WHERE rid = :id", array(
'id' => $data['rid'],
))
->fetchField();
if ($cnt) {
$rid_exist = TRUE;
}
}
}
if ($isset_rname) {
$rid = db_select('role', 'r')
->fields('r', array(
'rid',
))
->condition('r.name', $data['name'])
->execute()
->fetchField();
if ($rid) {
$rname_exist = TRUE;
$rname_id = $rid;
}
}
if ($rid_exist && ($data['rid'] == DRUPAL_ANONYMOUS_RID || $data['rid'] == DRUPAL_AUTHENTICATED_RID) || $rname_exist && ($data['name'] == DRUPAL_ANONYMOUS_RID || $data['name'] == DRUPAL_AUTHENTICATED_RID)) {
$status = PATTERNS_ERR;
$msg = t('You cannot manipulate authenticated or anonymous roles.', array(
'%role' => $data['name'],
));
}
elseif ($action === PATTERNS_CREATE) {
if (!$isset_rname) {
$status = PATTERNS_ERR;
$msg = t('You must specify a name to create role.');
}
elseif ($rname_exist) {
$status = PATTERNS_ERR;
$msg = t('The specified role name %name already exists.', array(
'%name' => $data['name'],
));
}
elseif ($isset_rid) {
$status = PATTERNS_ERR;
$msg = t('You cannot create a role with fixed rid.', array(
'%role' => $data['name'],
));
}
}
elseif ($action === PATTERNS_MODIFY) {
if (!$isset_rid || !$isset_rname) {
$status = PATTERNS_ERR;
$msg = t('You must specify a name and rid to modify a role.', array(
'%role' => $data['name'],
));
}
elseif (!$rid_exist) {
$status = PATTERNS_ERR;
$msg = t('The given role id %rid does not exist.', array(
'%rid' => $data['rid'],
));
}
elseif ($rname_exist) {
if ($data['rid'] == $rname_id) {
$status = PATTERNS_ERR;
$msg = t('It is unnecesarry to rename a role to itself.');
}
else {
$status = PATTERNS_ERR;
$msg = t('The given role name %rname already exists.', array(
'%rname' => $data['name'],
));
}
}
}
elseif ($action === PATTERNS_DELETE) {
if (!$isset_rid && !$isset_rname) {
$status = PATTERNS_ERR;
$msg = t('You must specify a rid or name to delete.');
}
elseif ($isset_rid && !$rid_exist) {
$status = PATTERNS_ERR;
$msg = t('The given role id %rid does not exist.', array(
'%rid' => $data['rid'],
));
}
elseif ($isset_rname) {
if (!$rname_exist) {
$status = PATTERNS_ERR;
$msg = t('The given role name %rname does not exist.', array(
'%rname' => $data['name'],
));
}
else {
$data['rid'] = $rname_id;
}
}
}
}
elseif ($tag == 'permission') {
$role_name = FALSE;
if (isset($data['rid'])) {
if (is_string($data['rid'])) {
$rid = db_select('role', 'r')
->fields('r', array(
'rid',
))
->condition('name', $data['rid'])
->execute()
->fetchField();
if (!$rid) {
$status = PATTERNS_ERR;
$msg = t('Role name %name does not exist.', array(
'%name' => $data['rid'],
));
}
else {
$role_name = $data['rid'];
$data['rid'] = $rid;
}
}
elseif (is_numeric($data['rid'])) {
$exist = db_query("SELECT COUNT(*) FROM {role} WHERE rid = :rid", array(
'rid' => $data['rid'],
))
->fetchField();
if (!$exist) {
$status = PATTERNS_ERR;
$msg = t('Role id %id does not exist.', array(
'%id' => $data['rid'],
));
}
else {
$role_name = db_query('SELECT name FROM {role} WHERE rid = :rid', array(
'rid' => $data['rid'],
))
->fetchField();
}
}
else {
$status = PATTERNS_ERR;
$msg = t('Role id %id must be a number or a string.', array(
'%id' => $data['rid'],
));
}
if ($role_name !== FALSE) {
$permissions = FALSE;
$valid_format = TRUE;
if (!empty($data['value'])) {
$permissions = $data['value'];
}
if ($permissions !== FALSE) {
if (gettype($permissions) == 'string') {
$p = preg_split('/,/', $permissions, PREG_SPLIT_NO_EMPTY);
$permissions = array();
foreach ($p as $perm) {
$permissions[] = trim($perm);
}
}
if (gettype($permissions) != 'array') {
$valid_format = FALSE;
}
else {
foreach ($permissions as $perm) {
if (gettype($perm) != 'string') {
$valid_format = FALSE;
break;
}
}
}
}
if (!$valid_format) {
$status = PATTERNS_ERR;
$msg = t('The value format is invalid, it must be a list if it is set.');
}
else {
$all_permission = user_permission_get_modules();
$role_permissions = user_role_permissions(array(
$data['rid'] => $role_name,
));
$role_permissions = $role_permissions[$data['rid']];
if (($action == PATTERNS_CREATE || $action == PATTERNS_DELETE) && $permissions == FALSE) {
$status = PATTERNS_ERR;
$msg = t('Permission list cannot be empty.');
}
elseif ($permissions !== FALSE) {
$bad_permissions = array();
$good_permissions = array();
foreach ($permissions as $perm) {
if (!array_key_exists($perm, $all_permission)) {
$bad_permissions[] = $perm;
}
else {
$good_permissions[] = $perm;
}
}
if (count($bad_permissions) > 0) {
$list = '';
$i = 0;
foreach ($bad_permissions as $p) {
if ($i > 0) {
$list .= ', ';
}
$list .= $p;
$i++;
}
$status = PATTERNS_WARN;
$msg = t('The permissions listed here do not exist: %perms', array(
'%perms' => $list,
));
}
$good_perms_string = '';
$i = 0;
foreach ($good_permissions as $gp) {
if ($i > 0) {
$good_perms_string .= ', ';
}
$good_perms_string .= $gp;
$i++;
}
}
if ($action == PATTERNS_CREATE) {
$data['value'] = $good_perms_string;
foreach ($role_permissions as $rp => $in) {
$data['value'] .= ', ' . $rp;
}
}
elseif ($action == PATTERNS_MODIFY) {
$data['value'] = $good_perms_string;
}
elseif ($action == PATTERNS_DELETE) {
foreach ($good_permissions as $gp) {
if (array_key_exists($gp, $role_permissions)) {
unset($role_permissions[$gp]);
}
}
$data['value'] = '';
$i = 0;
foreach ($role_permissions as $rp => $in) {
if ($i > 0) {
$data['value'] .= ', ';
}
$data['value'] .= $rp;
$i++;
}
}
}
}
}
else {
$status = PATTERNS_ERR;
$msg = t('You must specify a role id or role name to apply permissions to.');
}
}
return patterns_results($status, $msg);
}
