You are here

Home » API reference » Taxonomy Access Control 7 » taxonomy_access.module

function taxonomy_access_delete_role_grants in Taxonomy Access Control 7

Deletes module configurations for the given role IDs.

Parameters

int $rid: A single role ID.

bool $update_nodes: (optional) A flag to determine whether nodes should be queued for update. Defaults to TRUE.

Return value

bool TRUE on success, or FALSE on failure.

Related topics

Taxonomy Access Control: Grant record API
Store, retrieve, and delete module access rules for terms and vocabularies.
3 calls to taxonomy_access_delete_role_grants()
taxonomy_access_enable in ./taxonomy_access.install
Implements hook_enable().
taxonomy_access_role_delete_confirm_submit in ./taxonomy_access.admin.inc
Form submission handler for taxonomy_role_delete_confirm().
taxonomy_access_user_role_delete in ./taxonomy_access.module
Implements hook_user_role_delete().

File

./taxonomy_access.module, line 944
Allows administrators to specify access control for taxonomy categories.

Code

function taxonomy_access_delete_role_grants($rid, $update_nodes = TRUE) {
  if (empty($rid)) {
    return FALSE;
  }
  if ($rid == DRUPAL_ANONYMOUS_RID || $rid == DRUPAL_AUTHENTICATED_RID) {
    return FALSE;
  }
  if ($update_nodes) {

    // Cache the list of nodes that will be affected by this change.
    // Affected nodes will be those tied to configurations that are more
    // permissive than those from the authenticated user role.
    // If any global defaults are more permissive, we need to update all nodes.
    // Fetch global defaults.
    $global_defaults = taxonomy_access_global_defaults();
    $gd_records = array();
    foreach ($global_defaults as $row) {
      $gd_records[] = _taxonomy_access_format_node_access_record($row);
    }

    // Find the ones we need.
    foreach ($gd_records as $gd) {
      if ($gd['gid'] == DRUPAL_AUTHENTICATED_RID) {
        $auth_gd = $gd;
      }
      elseif ($gd['gid'] == $rid) {
        $role_gd = $gd;
      }
    }

    // Check node grants for the global default.
    // If any is more permissive, flag that we need to update all nodes.
    $all_nodes = FALSE;
    foreach (array(
      'grant_view',
      'grant_update',
      'grant_delete',
    ) as $op) {
      switch ($auth_gd[$op]) {

        // If the authenticated user has a Deny grant, then either Allow or
        // Ignore for the role is more permissive.
        case TAXONOMY_ACCESS_NODE_DENY:
          if ($role_gd[$op] == TAXONOMY_ACCESS_NODE_IGNORE || $role_gd[$op] == TAXONOMY_ACCESS_NODE_ALLOW) {
            $all_nodes = TRUE;
          }
          break 2;

        // If the authenticated user has Ignore, Allow is more permissive.
        case TAXONOMY_ACCESS_NODE_IGNORE:
          if ($role_gd[$op] == TAXONOMY_ACCESS_NODE_ALLOW) {
            $all_nodes = TRUE;
          }
          break 2;
      }
    }

    // If flagged, add all nodes to the affected nodes cache.
    if ($all_nodes) {
      $affected_nodes = db_query('SELECT nid FROM {node}')
        ->fetchCol();
    }
    else {
      $affected_nodes = _taxonomy_access_get_controlled_nodes_for_role($rid);
    }
    taxonomy_access_affected_nodes($affected_nodes);
    unset($affected_nodes);
  }
  db_delete('taxonomy_access_term')
    ->condition('rid', $rid)
    ->execute();
  db_delete('taxonomy_access_default')
    ->condition('rid', $rid)
    ->execute();
  return TRUE;
}