You are here

Home » API reference » Role Delegation 6 » role_delegation.module

function role_delegation_user_operations in Role Delegation 6

Same name and namespace in other branches
  1. 7 role_delegation.module \role_delegation_user_operations()

Implementation of hook_user_operations().

File

./role_delegation.module, line 289
This module allows site administrators to grant some roles the authority to assign selected roles to users, without them needing the 'administer access control' permission.

Code

function role_delegation_user_operations($form_state = array()) {

  // Only provide role add/remove operations when user can't assign permissions
  // without Role Delegation.
  if (user_access('administer permissions')) {
    return;
  }

  // Provide add/remove operations for delegated roles.
  $roles = _role_delegation_roles();
  $add_roles = array();
  $remove_roles = array();
  foreach ($roles as $rid => $role) {
    if (user_access('assign all roles') || user_access(_role_delegation_make_perm($role))) {

      // Use different operation names than those from user_user_operations(),
      // to keep user_user_operations() from emitting a warning about the
      // permissions.
      $add_roles['role_delegation_add_role-' . $rid] = $role;
      $remove_roles['role_delegation_remove_role-' . $rid] = $role;
    }
  }
  if (!count($add_roles)) {
    return;
  }
  $operations = array(
    t('Add a role to the selected users') => array(
      'label' => $add_roles,
    ),
    t('Remove a role from the selected users') => array(
      'label' => $remove_roles,
    ),
  );

  // If the form has been posted, insert the proper data for role editing if necessary.
  if (!empty($form_state['submitted'])) {
    $operation_rid = explode('-', $form_state['values']['operation']);
    $operation = $operation_rid[0];
    if ($operation == 'role_delegation_add_role' || $operation == 'role_delegation_remove_role') {
      $rid = $operation_rid[1];
      if ($add_roles['role_delegation_add_role-' . $rid]) {
        $operations[$form_state['values']['operation']] = array(
          'callback' => 'user_multiple_role_edit',
          'callback arguments' => array(
            str_replace('role_delegation_', '', $operation),
            $rid,
          ),
        );
      }
      else {
        watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
        return;
      }
    }
  }
  return $operations;
}