You are here

Home » API reference » Taxonomy Term Permissions 6 » term_permissions.module

function term_permissions_form_alter in Taxonomy Term Permissions 6

Same name and namespace in other branches
  1. 7 term_permissions.module \term_permissions_form_alter()

Implementation of hook_form_alter()

Parameters

$form: The form to alter.

$form_state: The form state of the current form.

$form_id: The form id of the current form.

File

./term_permissions.module, line 44
Allows access to terms in a vocabulary to be limited by user or role.

Code

function term_permissions_form_alter(&$form, $form_state, $form_id) {

  // This is the add / edit term form from the taxonomy page.
  if ($form_id == 'taxonomy_form_term') {

    // Ensure that the Identification fieldset is at the top, as by default it
    // has no weight specified.
    $form['identification']['#weight'] = -15;
    $form['advanced']['#weight'] = -10;
    $form['access'] = array(
      '#type' => 'fieldset',
      '#title' => t('Permissions'),
      '#description' => t('To limit selection of this term by user or roles, add users or roles to the following lists. Leave empty to allow selection by all users.'),
      '#collapsible' => TRUE,
      '#collapsed' => TRUE,
      '#attributes' => array(
        'id' => 'fieldset_term_access',
      ),
      '#weight' => -5,
      '#tree' => TRUE,
    );

    // Pull in any stored users in the database.
    $allowed_users = array();
    if (!empty($form['tid']['#value'])) {
      $result = db_query("SELECT uid FROM {term_permissions_user} WHERE tid = %d", $form['#term']['tid']);
      while ($uid = db_result($result)) {
        $u = user_load($uid);
        $allowed_users[] = $u->name;
      }
    }
    $allowed_users = drupal_implode_tags($allowed_users);

    // Note that the autocomplete widget will only enable for users with the
    // 'access profiles' permission. Other users will have to specify the name
    // manually.
    $form['access']['user'] = array(
      '#type' => 'textfield',
      '#title' => t('Allowed users'),
      '#description' => t('Enter a comma-seperated list of user names to give them permission to use this term.'),
      '#default_value' => $allowed_users,
      '#size' => 40,
      '#autocomplete_path' => 'term-permissions/autocomplete',
      '#weight' => -10,
    );
    $allowed_roles = array();
    if (!empty($form['tid']['#value'])) {
      $result = db_query("SELECT rid FROM {term_permissions_role} WHERE tid = %d", array(
        $form['tid']['#value'],
      ));
      while ($rid = db_result($result)) {
        $allowed_roles[] = $rid;
      }
    }

    // Now, lets do the Roles table.
    $form['access']['role'] = array(
      '#type' => 'checkboxes',
      '#title' => t('Allowed roles'),
      '#description' => t('Select a role to allow all members of that role access to this term.'),
      '#default_value' => $allowed_roles,
      '#options' => user_roles(),
      '#multiple' => FALSE,
      '#weight' => 5,
    );
    $form['#validate'][] = 'term_permissions_validate';
    $form['#submit'][] = 'term_permissions_submit';
  }

  // This is the node add / edit form. If a different selector is used from
  // another contributed module, we do nothing so as to not break the form.
  if (isset($form['type']) && isset($form['#node']) && isset($form['taxonomy']) && !variable_get('taxonomy_override_selector', FALSE) && $form['type']['#value'] . '_node_form' == $form_id) {
    foreach ($form['taxonomy'] as $vid => $vocabulary) {
      if (!is_array($vocabulary) || !isset($vocabulary['#options'])) {
        continue;
      }
      $total_terms = count($vocabulary['#options']);
      foreach ($vocabulary['#options'] as $terms) {
        if (!isset($terms->option)) {
          continue;
        }
        foreach ($terms->option as $tid => $term) {

          // Now we have the term ID, check to see if the current user has
          // access to the term.
          global $user;
          if (!term_permissions_allowed($tid, $user)) {
            $total_terms--;
            unset($terms->option[$tid]);
          }

          // If the user doesn't have access to any of the terms in the
          // vocabulary, remove the form item entirely.
          if ($total_terms <= 0) {
            if ($vocabulary['#required']) {
              drupal_set_message(t("Your account doesn't have permission to use any of the terms in the %vocabulary vocabulary. Your account must be given permission to use at least one term in the %vocabulary vocabulary to be able to add or edit the %content-type content type.", array(
                '%vocabulary' => $vocabulary['#title'],
                '%content-type' => node_get_types('name', $form['type']['#value']),
              )), 'warning');
              watchdog('term_permissions', '%user was blocked from accessing the %content-type form as they do not have permission to use any terms in the <a href="@vocabulary-url">%vocabulary</a> vocabulary.', array(
                '%user' => isset($user->name) ? $user->name : variable_get('anonymous', 'Anonymous'),
                '%content-type' => node_get_types('name', $form['type']['#value']),
                '@vocabulary-url' => url('admin/content/taxonomy/' . $vid),
                '%vocabulary' => $vocabulary['#title'],
              ), WATCHDOG_WARNING, l(t('edit vocabulary'), 'admin/content/taxonomy/' . $vid));
              drupal_access_denied();
              exit;
            }
            unset($form['taxonomy'][$vid]);
          }
        }
      }
    }
  }
}