You are here

function userprotect_user_admin_account_validate in User protect 5

Same name and namespace in other branches
  1. 6 userprotect.module \userprotect_user_admin_account_validate()
  2. 7 userprotect.module \userprotect_user_admin_account_validate()

Custom validation function for protecting users from the user administration operations.

Parameters

$form_id The form ID.:

$form_vals The submitted form values.:

$form The form array.:

File

./userprotect.module, line 838

Code

function userprotect_user_admin_account_validate($form_id, $form_vals, $form) {
  global $form_values;

  // Get the checked users, and the operation name.
  $uids = array_filter($form_vals['accounts']);
  $operation_rid = explode('-', $form_values['operation']);
  $operation = $operation_rid[0];

  // Perform the check for each submitted user.
  foreach ($uids as $uid) {
    $account = user_load(array(
      'uid' => $uid,
    ));
    switch ($operation) {
      case 'block':
      case 'unblock':

        // Check to see if any of the user's roles are protected from status changes,
        // then check to see if the user is protected.
        if (!userprotect_check_bypass('up_status') && userprotect_get_user_protection($account, 'up_status')) {

          // If so, then unset the checked user so they will not be processed, and display a warning.
          form_set_value($form['accounts'][$uid], 0);
          drupal_set_message(t('%user is protected from status changes, and was not updated.', array(
            '%user' => $account->name,
          )), 'error');
          unset($uids[$uid]);
        }
        break;
      case 'delete':

        // Check to see if any of the user's roles are protected from deletion,
        // then check to see if the user is protected.
        if (!userprotect_check_bypass('up_delete') && userprotect_get_user_protection($account, 'up_delete')) {

          // If so, then unset the checked user so they will not be processed, and display a warning.
          // Note that the array element has to be completely removed here in order to prevent the
          // user from being deleted, due to the nature of the mass deletion callback.
          unset($form_values['accounts'][$uid]);
          drupal_set_message(t('%user is protected from deletion, and was not deleted.', array(
            '%user' => $account->name,
          )), 'error');
          unset($uids[$uid]);
        }
        break;
      case 'add_role':
      case 'remove_role':

      // RoleAssign module compatibility hack.
      case 'roleassign_add_role':
      case 'roleassign_remove_role':

        // Check to see if any of the user's roles are protected from status changes,
        // then check to see if the user is protected.
        if (!userprotect_check_bypass('up_roles') && userprotect_get_user_protection($account, 'up_roles')) {

          // If so, then unset the checked user so they will not be processed, and display a warning.
          form_set_value($form['accounts'][$uid], 0);
          drupal_set_message(t('%user is protected from role changes, and was not updated.', array(
            '%user' => $account->name,
          )), 'error');
          unset($uids[$uid]);
        }
        break;
    }
  }

  // If we've unset all of the users that were checked, then don't continue with the form processing.
  if (!count($uids)) {
    drupal_set_message('No users selected.', 'error');
    drupal_goto('admin/user/user');
  }
}