You are here

function roleassign_user in RoleAssign 5

Same name and namespace in other branches
  1. 6 roleassign.module \roleassign_user()

Implementation of hook_user().

Replace the validation of the user form field 'roles' by using another user form field 'roleassign_roles'. Copies the form field roleassign_roles into form field roles on insert or submit.

File

./roleassign.module, line 211

Code

function roleassign_user($type, &$edit, &$user, $category = NULL) {

  // If this isn't the account category, or there is no roleassign_roles
  // field, there isn't much to do.
  if ($category != 'account' || !isset($edit['roleassign_roles'])) {
    return;
  }

  // If someone is trying to update user's roles, it's a malicious
  // attempt to alter user's roles.
  if ($type == 'validate' && !user_access('assign roles')) {
    $message = t('Detected malicious attempt to alter user\'s roles.');
    watchdog('security', $message, WATCHDOG_WARNING);
    form_set_error('category', $message);
  }
  if ($type == 'insert' || $type == 'submit') {

    // On insert or submit, copy sticky and assigned roles
    // from 'roleassign_roles' to 'roles'.
    $edit['roles'] = array_filter(_roleassign_sticky_roles() + $edit['roleassign_roles']);

    // Unset the form value to prevent it from unneccessarily become seralized
    // and stored in the data column of the user table.
    // Thank you hunmonk for pointing this out.
    unset($edit['roleassign_roles']);
  }
}