function userprotect_form_user_profile_form_alter in User protect 7
Implements hook_form_user_profile_form_alter().
File
- ./
userprotect.module, line 194 - Main module file for the userprotect module.
Code
function userprotect_form_user_profile_form_alter(&$form, &$form_state) {
// For each of the fields, first check if any of the user's roles are
// protecting it, then check if the user themselves is protected from it.
// If either is TRUE, then disable the field, and mark a fixed form value
// so it will be properly submitted.
$account = $form['#user'];
$protected = array();
if (isset($form['account']['name']) && !userprotect_check_bypass('up_name') && userprotect_get_user_protection($account, 'up_name')) {
// If for some reason this field has no initial value, then don't protect
// it.
if ($account->name) {
$form['account']['name']['#disabled'] = TRUE;
$form['account']['name']['#value'] = $account->name;
$protected['up_name'] = TRUE;
}
}
if (isset($form['account']['mail']) && !userprotect_check_bypass('up_mail') && userprotect_get_user_protection($account, 'up_mail')) {
// If for some reason this field has no initial value, then don't protect
// it.
if ($account->mail) {
$form['account']['mail']['#disabled'] = TRUE;
$form['account']['mail']['#value'] = $account->mail;
$protected['up_mail'] = TRUE;
}
}
// Password is an exception, as it needs no value, Just unset it, as
// there's no need to display two empty boxes that are disabled.
if (isset($form['account']['pass']) && !userprotect_check_bypass('up_pass') && userprotect_get_user_protection($account, 'up_pass')) {
// Core stores pass as a required value in 'current_pass_required_values',
// and we're removing the form element, so remove the pass value from there
// too to prevent warnings.
unset($form['account']['pass'], $form['account']['current_pass']);
$form['account']['current_pass_required_values']['#value'] = array();
$protected['up_pass'] = TRUE;
}
if (isset($form['account']['status']) && !userprotect_check_bypass('up_status') && userprotect_get_user_protection($account, 'up_status')) {
$form['account']['status']['#disabled'] = TRUE;
$form['account']['status']['#value'] = $account->status;
$protected['up_status'] = TRUE;
}
// Special hack for RoleAssign module compatibility.
if (isset($form['account']['roleassign_roles'])) {
$roles = 'roleassign_roles';
}
else {
$roles = 'roles';
}
// Roles is a special case, since it's a tree'd item that needs values.
// We'll handle that in a custom validation function. Also here we slip
// the user's account info into the form so it's available to gleen the role
// info from.
if (isset($form['account'][$roles]) && !userprotect_check_bypass('up_roles') && userprotect_get_user_protection($account, 'up_roles')) {
$form['account'][$roles]['#disabled'] = TRUE;
// Ensure an array.
$form['account'][$roles]['#element_validate'] = isset($form['account'][$roles]['#element_validate']) ? $form['account'][$roles]['#element_validate'] : array();
array_unshift($form['account'][$roles]['#element_validate'], 'userprotect_user_edit_fields_validate');
$form_state['userprotect']['account'] = $account;
$form_state['userprotect']['field'] = 'roles';
$protected['up_roles'] = TRUE;
}
// At this point, we only need the userprotect-specific validation if the
// current user and the edited user are not the same.
if (isset($form['actions']['cancel']) && $GLOBALS['user']->uid != $account->uid) {
// Nothing special for cancel--just disable.
if (!userprotect_check_bypass('up_cancel') && userprotect_get_user_protection($account, 'up_cancel')) {
$form['actions']['cancel']['#disabled'] = TRUE;
$protected['up_cancel'] = TRUE;
}
}
userprotect_form_display_protections($account, $protected);
}