You are here

Home » API reference » RoleAssign 5 » roleassign.module

function roleassign_user_operations in RoleAssign 5

Same name and namespace in other branches
  1. 6 roleassign.module \roleassign_user_operations()
  2. 7.2 roleassign.module \roleassign_user_operations()
  3. 7 roleassign.module \roleassign_user_operations()

Implementation of hook_user_operations().

Add or remove roles to selected users. Thanks hunmonk for the original code.

File

./roleassign.module, line 247

Code

function roleassign_user_operations() {
  global $form_values;

  // Do nothing if add and remove roles operations already is shown or
  // the user hasn't right to assign roles.
  if (user_access('administer access control') || !user_access('assign roles')) {
    return;
  }

  // Get roles that are available for assignment.
  $assignable_roles = _roleassign_assignable_roles(user_roles(true));

  // Build an array of available operations.
  if (count($assignable_roles)) {
    foreach ($assignable_roles as $key => $value) {
      $add_roles['roleassign_add_role-' . $key] = $value;
      $remove_roles['roleassign_remove_role-' . $key] = $value;
    }
    $operations = array(
      t('Add a role to the selected users') => array(
        'label' => $add_roles,
      ),
      t('Remove a role from the selected users') => array(
        'label' => $remove_roles,
      ),
    );
  }
  else {
    $operations = array();
  }

  // The required 'callback' key and optional 'callback arguments' key are
  // actually only needed when someone has posted. We therefore postpone
  // the attachement of these until $form_values is set.
  if ($form_values) {

    // Get operation and role id.
    $op = explode('-', $form_values['operation']);
    $rid = $op[1];
    $op = $op[0];

    // If not a RoleAssign operation, there is not much to do.
    if ($op != 'roleassign_add_role' && $op != 'roleassign_remove_role') {
      return;
    }

    // If someone is trying to update user's roles, it's a malicious
    // attempt to alter user's roles.
    if (!user_access('assign roles')) {
      $message = t('Detected malicious attempt to alter user\'s roles.');
      watchdog('security', $message, WATCHDOG_WARNING);
      form_set_error('category', $message);
    }

    // Form the name of the core callback functions for adding and
    // removing roles by choping off the 'roleassign_' part of the
    // operation string.
    $operations[$form_values['operation']] = array(
      'callback' => 'user_multiple_role_edit',
      'callback arguments' => array(
        substr($op, 11),
        $rid,
      ),
    );
  }
  return $operations;
}