You are here

Home » API reference » Taxonomy Permissions 7

taxonomy_permissions.module in Taxonomy Permissions 7

Same filename and directory in other branches
  1. 8 taxonomy_permissions.module

taxonomy_permissions.module

This module adds 'view' permissions to the Taxonomy core module.

File

taxonomy_permissions.module
View source 
<?php

/**
 * @file
 * taxonomy_permissions.module
 *
 * This module adds 'view' permissions to the Taxonomy core module.
 *
 */

/**
 * Implements hook_module_implements_alter().
 */
function taxonomy_permissions_module_implements_alter(&$implementations, $hook) {

  // Remove taxonomy.module's permissions because we supply them.
  if ($hook == 'permission') {
    if (taxonomy_permissions_disabling()) {
      unset($implementations['taxonomy_permissions']);
    }
    else {
      unset($implementations['taxonomy']);
    }
  }
}

/**
 * Make up our permission machine name for a vocabulary.
 *
 * @param object $vocabulary
 * @return string
 */
function taxonomy_permissions_permission_name($vocabulary) {
  return 'view terms in ' . $vocabulary->machine_name;
}

/**
 * Implements hook_permission().
 */
function taxonomy_permissions_permission() {

  // Insert a 'View terms in X' permission ahead of every 'Edit terms in X'
  // permission from taxonomy.module.
  // Unlike core, we use the vocabulary machine_names in the permission
  // machine_names, rather than the vids.
  $perms = taxonomy_permission();
  $vocabularies = taxonomy_get_vocabularies();
  $new_perms = array();
  $matches = array();
  foreach ($perms as $key => $perm) {
    if (preg_match('#edit terms in ([0-9]*)#', $key, $matches)) {
      $vid = $matches[1];
      $vocabulary = $vocabularies[$vid];
      $new_perms[taxonomy_permissions_permission_name($vocabulary)] = array(
        'title' => t('View terms in %vocabulary', array(
          '%vocabulary' => $vocabulary->name,
        )),
      );
    }
    $new_perms[$key] = $perm;
  }
  return $new_perms;
}

/**
 * Implements hook_query_term_access_alter().
 */
function taxonomy_permissions_query_term_access_alter(QueryAlterableInterface $query) {
  global $user;
  $uid = $user->uid;
  $vids_by_user =& drupal_static(__FUNCTION__, array());
  if (!isset($vids_by_user[$uid])) {

    // Save the vids that $user is allowed to access.
    $vids = array();
    $vocabularies = taxonomy_get_vocabularies();
    foreach ($vocabularies as $vid => $vocabulary) {
      if (user_access(taxonomy_permissions_permission_name($vocabulary))) {
        $vids[] = $vid;
      }
    }
    $vids_by_user[$uid] = $vids;
  }

  // Restrict {taxonomy_term_data} to the allowed vocabularies only.
  $tables = $query
    ->getTables();
  foreach ($tables as $table) {
    if ($table['table'] == 'taxonomy_term_data') {
      $or = db_or();
      if (!empty($vids_by_user[$uid])) {
        $or
          ->condition($table['alias'] . '.vid', $vids_by_user[$uid], 'IN');
      }
      $or
        ->isNull($table['alias'] . '.vid');
      $query
        ->condition($or);
    }
  }
}

/**
 * Implements hook_field_access().
 */
function taxonomy_permissions_field_access($op, $field, $entity_type, $entity, $account) {

  // Remove taxonomy_term_reference fields for disallowed vocabularies.
  if ($field['type'] == 'taxonomy_term_reference') {
    foreach ($field['settings']['allowed_values'] as $tree) {
      if ($vocabulary = taxonomy_vocabulary_machine_name_load($tree['vocabulary'])) {
        if (!user_access(taxonomy_permissions_permission_name($vocabulary), $account)) {
          return FALSE;
        }
      }
    }
  }
}

/**
 * Implements hook_taxonomy_vocabulary_insert().
 */
function taxonomy_permissions_taxonomy_vocabulary_insert($vocabulary) {
  $perms[] = taxonomy_permissions_permission_name($vocabulary);
  user_role_grant_permissions(DRUPAL_ANONYMOUS_RID, $perms);
  user_role_grant_permissions(DRUPAL_AUTHENTICATED_RID, $perms);
}

/**
 * Implements hook_taxonomy_vocabulary_delete().
 */
function taxonomy_permissions_taxonomy_vocabulary_delete($vocabulary) {
  $perms[] = taxonomy_permissions_permission_name($vocabulary);
  user_role_revoke_permissions(DRUPAL_ANONYMOUS_RID, $perms);
  user_role_revoke_permissions(DRUPAL_AUTHENTICATED_RID, $perms);
}

/**
 * Remembers if we have disabled access.
 */
function taxonomy_permissions_disabling($set = NULL) {
  static $disabling = FALSE;
  if (isset($set)) {
    $disabling = $set;
  }
  return $disabling;
}

Functions

Namesort descending Description
taxonomy_permissions_disabling Remembers if we have disabled access.
taxonomy_permissions_field_access Implements hook_field_access().
taxonomy_permissions_module_implements_alter Implements hook_module_implements_alter().
taxonomy_permissions_permission Implements hook_permission().
taxonomy_permissions_permission_name Make up our permission machine name for a vocabulary.
taxonomy_permissions_query_term_access_alter Implements hook_query_term_access_alter().
taxonomy_permissions_taxonomy_vocabulary_delete Implements hook_taxonomy_vocabulary_delete().
taxonomy_permissions_taxonomy_vocabulary_insert Implements hook_taxonomy_vocabulary_insert().