You are here

Home » API reference » RoleAssign 7.2 » roleassign.admin.inc

function _roleassign_user_operations in RoleAssign 7.2

Same name and namespace in other branches
  1. 7 roleassign.admin.inc \_roleassign_user_operations()

Really implements hook_user_operations().

Add or remove roles to selected users. Thanks to hunmonk for the original code.

Return value

array|null

1 call to _roleassign_user_operations()
roleassign_user_operations in ./roleassign.module
Implements hook_user_operations().

File

./roleassign.admin.inc, line 154
Allows site administrators to further delegate the task of managing user's roles.

Code

function _roleassign_user_operations() {

  // Get roles that are available for assignment.
  $assignable_roles = _roleassign_assignable_roles(user_roles(TRUE));

  // Build an array of available operations.
  if (count($assignable_roles)) {
    $add_roles = $remove_roles = array();
    foreach ($assignable_roles as $key => $value) {
      $add_roles['roleassign_add_role-' . $key] = $value;
      $remove_roles['roleassign_remove_role-' . $key] = $value;
    }
    $operations = array(
      t('Add a role to the selected users') => array(
        'label' => $add_roles,
      ),
      t('Remove a role from the selected users') => array(
        'label' => $remove_roles,
      ),
    );
  }
  else {
    $operations = array();
  }

  // The global variable $form_values is not available anymore;
  // the $_POST values are "sanitized" below.
  // The required 'callback' key and optional 'callback arguments' key are
  // actually only needed when someone has posted. We therefore postpone
  // the attachement of these until $form_values is set.
  if (isset($_POST['operation']) && ($operation = $_POST['operation'])) {

    // Get operation and role id.
    $op = explode('-', $operation);
    $rid = isset($op[1]) ? intval($op[1]) : NULL;
    $op = $op[0];

    // If not a RoleAssign operation, there is not much to do.
    if ($op != 'roleassign_add_role' && $op != 'roleassign_remove_role') {
      return NULL;
    }

    // If someone is trying to update user's roles, it's a malicious
    // attempt to alter user's roles.
    if (!user_access('assign roles')) {
      watchdog('security', 'Detected malicious attempt to alter user\'s roles.', array(), WATCHDOG_WARNING);
      form_set_error('category', t('Detected malicious attempt to alter user\'s roles.'));
    }

    // Form the name of the core callback functions for adding and
    // removing roles by choping off the 'roleassign_' part of the
    // operation string.
    $operations[$operation] = array(
      'callback' => 'user_multiple_role_edit',
      'callback arguments' => array(
        substr($op, 11),
        $rid,
      ),
      'label' => '(DUMMY)',
    );
  }
  return $operations;
}