$module, 'name' => $name); drupal_write_record('acl', $acl); ///$acl_id = db_next_id('{acl}_acl_id'); ///db_query("INSERT INTO {acl} (acl_id, module, name) VALUES (%d, '%s', '%s')", $acl_id, $module, $name); return $acl['acl_id']; } /** * Delete an existing ACL. */ function acl_delete_acl($acl_id) { db_query("DELETE FROM {acl} WHERE acl_id = %d", $acl_id); db_query("DELETE FROM {acl_user} WHERE acl_id = %d", $acl_id); db_query("DELETE FROM {acl_node} WHERE acl_id = %d", $acl_id); } /** * Add the specified UID to an ACL. */ function acl_add_user($acl_id, $uid) { $test_uid = db_result(db_query("SELECT uid FROM {acl_user} WHERE acl_id = %d AND uid = %d ", $acl_id, $uid)); if (!$test_uid) { db_query("INSERT INTO {acl_user} (acl_id, uid) VALUES (%d, %d)", $acl_id, $uid); } } /** * Remove the specified UID from an ACL. */ function acl_remove_user($acl_id, $uid) { db_query("DELETE FROM {acl_user} WHERE acl_id = %d AND uid = %d ", $acl_id, $uid); } /** * Provide a form to edit the ACL that can be embedded in other forms. * Pass $new_acl=TRUE if you have no ACL yet, but do supply a string * like 'my_module_new_acl' as $acl_id anyway. */ function acl_edit_form($acl_id, $label = NULL, $new_acl = FALSE) { $users = array(); if (!$new_acl) { // Ensure the ACL in question even exists. if (!$acl_name = db_result(db_query("SELECT name FROM {acl} WHERE acl_id = %d", $acl_id))) { return array(); } $result = db_query("SELECT u.uid, u.name FROM {users} u LEFT JOIN {acl_user} aclu ON aclu.uid = u.uid WHERE acl_id = %d", $acl_id); while ($user = db_fetch_object($result)) { $users[$user->uid] = $user->name; } } if (!isset($label)) { $label = (empty($acl_name) ? $acl_id : $acl_name); } $form = array( '#type' => 'fieldset', '#collapsible' => true, '#title' => $label, '#tree' => true); $form['acl_id'] = array('#type' => 'value', '#value' => $acl_id); $form['deletions'] = array('#type' => 'checkboxes', '#options' => array()); // placeholder $form['delete_button'] = array( '#type' => 'button', '#value' => t('Remove Checked'), '#submit' => FALSE, ); $form['add'] = array( '#type' => 'textfield', '#title' => t('Add user'), '#maxlength' => 60, '#size' => 40, '#autocomplete_path' => 'user/autocomplete', ); $form['add_button'] = array( '#type' => 'button', '#value' => t('Add User'), '#submit' => FALSE, ); $form['user_list'] = array( '#type' => 'hidden', '#default_value' => serialize($users), ); $form['#after_build'] = array('acl_edit_form_after_build'); return $form; } /** * Write the results of a form. */ function acl_save_form($form) { $users = unserialize($form['user_list']); db_query('DELETE FROM {acl_user} WHERE acl_id = %d', $form['acl_id']); foreach ($users as $uid => $name) { db_query('INSERT INTO {acl_user} (acl_id, uid) VALUES (%d, %d)', $form['acl_id'], $uid); } } /** * Process a form that had our buttons on it. */ function acl_edit_form_after_build($form, $form_values) { // We can't use form_values because it's the entire structure // and we have no clue where our values actually are. That's // ok tho cause #value still works for us. $user_list = unserialize($form['user_list']['#value']); if (isset($form['delete_button']['#post']['op']) && $form['delete_button']['#post']['op'] == $form['delete_button']['#value']) { $deletions = $form['deletions']['#value']; foreach ($deletions as $uid) { unset($user_list[$uid]); unset($form['deletions']['#value'][$uid]); } } else if (isset($form['add_button']['#post']['op']) && $form['add_button']['#post']['op'] == $form['add_button']['#value']) { $name = $form['add']['#value']; $u = db_fetch_object(db_query("SELECT uid, name FROM {users} WHERE name = '%s'", $name)); if (!$u->uid) { form_error($form['add'], "Invalid user."); } else { $user_list[$u->uid] = $u->name; $form['add']['#value'] = NULL; } } if (count($user_list) != 0) { $form['deletions']['#type'] = 'checkboxes'; $form['deletions']['#title'] = t("Current users"); $form['deletions']['#options'] = $user_list; $form['deletions']['#value'] = array(); // don't carry value through. // need $form_id and have no way to get it but from $_POST that // I can find; and if we got here that variable's already been // checked. $form['deletions'] = form_builder($form_values['values']['form_id'], $form['deletions'], $form_values); } else { $form['delete_button']['#type'] = 'value'; } $form['user_list']['#value'] = serialize($user_list); return $form; } /** * Provide access control to a node based upon an ACL id. */ function acl_node_add_acl($nid, $acl_id, $view, $update, $delete, $priority = 0) { db_query("DELETE FROM {acl_node} WHERE acl_id = %d AND nid = %d", $acl_id, $nid); db_query("INSERT INTO {acl_node} (acl_id, nid, grant_view, grant_update, grant_delete, priority) VALUES (%d, %d, %d, %d, %d, %d)", $acl_id, $nid, $view, $update, $delete, $priority); } /** * Remove an ACL completely from a node. */ function acl_node_remove_acl($nid, $acl_id) { db_query("DELETE FROM {acl_node} WHERE acl_id = %d AND nid = %d", $acl_id, $nid); } /** * Clear all of a module's ACL's from a node. */ function acl_node_clear_acls($nid, $module) { $result = db_query("SELECT acl_id FROM {acl} WHERE module = '%s'", $module); while ($o = db_fetch_object($result)) { $acls[] = $o->acl_id; } if ($acls) { db_query("DELETE FROM {acl_node} WHERE nid = %d AND acl_id in (%s)", $nid, implode(',', $acls)); } } /** * Gets the id of an acl */ function acl_get_id_by_name($module, $name) { return db_result(db_query("SELECT acl_id FROM {acl} WHERE module = '%s' AND name = '%s'", $module, $name)); } /** * Determines if an acl has some assigned users */ function acl_has_users($acl_id) { return db_result(db_query("SELECT COUNT(aclu.uid) FROM {acl_user} aclu WHERE acl_id = %d", $acl_id)); } /** * Implementation of hook_node_access_grants (from node_access) */ function acl_node_access_records($node) { if (!$node->nid) { return; } $result = db_query("SELECT n.*, 'acl' AS realm, n.acl_id AS gid, a.module FROM {acl_node} n INNER JOIN {acl} a ON n.acl_id = a.acl_id WHERE nid = %d", $node->nid); $grants = array(); while ($grant = db_fetch_array($result)) { if (module_exists($grant['module']) && module_invoke($grant['module'], 'enabled')) { if (acl_has_users($grant['gid'])) { $grant['priority'] = 0; $grants[] = $grant; } else { //just deny access $grants[] = array( 'realm' => 'acl', 'gid' => 0, 'grant_view' => 0, 'grant_update' => 0, 'grant_delete' => 0, 'priority' => 0, ); } } } return $grants; } /** * Implementation of hook_node_grants */ function acl_node_grants($account, $op) { $array = array('acl' => array()); $result = db_query("SELECT acl_id FROM {acl_user} WHERE uid = %d", $account->uid); while ($row = db_fetch_object($result)) { $array['acl'][] = $row->acl_id; } return !empty($array['acl']) ? $array : NULL; } /** * Implementation of hook_nodeapi */ function acl_nodeapi(&$node, $op, $teaser = NULL, $page = NULL) { switch ($op) { case 'delete': db_query("DELETE FROM {acl_node} WHERE nid = %d", $node->nid); break; } } /** * Implementation of hook_user */ function acl_user($op, &$edit, &$account, $category = NULL) { switch ($op) { case 'delete': db_query("DELETE FROM {acl_user} WHERE uid = %d", $account->uid); break; } } /** * Implementation of hook_node_access_explain */ function acl_node_access_explain($row) { static $interpretations = array(); if ($row->realm == 'acl') { if (!isset($interpretations[$row->gid])) { $acl = db_fetch_object(db_query("SELECT * FROM {acl} WHERE acl_id = %d", $row->gid)); $result = db_query("SELECT u.name FROM {acl_user} au, {users} u WHERE au.acl_id = %d AND au.uid = u.uid", $row->gid); while ($user = db_fetch_object($result)) { $users[] = $user->name; } if (isset($users)) { $interpretations[$row->gid] = $acl->module .'/'. $acl->name .': '. implode(', ', $users); } elseif ($row->gid == 0) { $result = db_query("SELECT an.acl_id, a.module, a.name FROM {acl_node} an JOIN {acl} a ON an.acl_id = a.acl_id LEFT JOIN {acl_user} au ON a.acl_id = au.acl_id WHERE an.nid = %d AND au.uid IS NULL", $row->nid); while ($acl = db_fetch_object($result)) { $rows[] = $acl->acl_id .': '. $acl->module .'/'. $acl->name; } if (!empty($rows)) { return implode('
', $rows); } return 'No access via ACL.'; } else { $interpretations[$row->gid] .= ': no users!'; } } return $interpretations[$row->gid]; } }