<?php
// $Id: og_access.module,v 1.1 2010-01-03 15:24:12 amitaibu Exp $

/**
 * @file
 * Enable access control for private and public groups and group content.
 */

/**
 * The access realm of group non-members.
 */
define('OG_ACCESS_ANONYMOUS_REALM', 'og_access_anonymous');

/**
 * The access realm of group member.
 */
define('OG_ACCESS_AUTHENTICATED_REALM', 'og_access_authenticated');

/**
 * Group public access field.
 */
define('OG_ACCESS_FIELD', 'og_access');


/**
* Implement hook_node_type_insert().
*/
function og_access_node_type_insert($info) {
  if (og_is_group_type('node', $info->type) || og_is_group_content_type('node', $info->type)) {
    og_access_create_fields($info->type);
  }
}

/**
* Implement hook_node_type_update().
*/
function og_access_node_type_update($info) {
  if (og_is_group_type('node', $info->type) || og_is_group_content_type('node', $info->type)) {
    og_access_create_fields($info->type);
  }
}

/**
 * Implementation of hook_node_grants().
 */
function og_access_node_grants($account, $op) {
  $grants = array();
  if ($op == 'view') {
    foreach (og_get_object_groups('user', $account) as $gid => $value) {
      $grants[OG_ACCESS_AUTHENTICATED_REALM][] = $gid;
    }
  }

  return $grants;
}


/**
 * Implementation of hook_node_access_records.
 */
function og_access_node_access_records($node) {
  $grants = array();
  if (!og_access_object_is_public('node', $node)) {
    if (og_is_group_content_type('node', $node->type) || og_is_group_type('node', $node->type)) {
      $grants[] = array (
        'realm' => OG_ACCESS_AUTHENTICATED_REALM,
        'gid' => $node->nid,
        'grant_view' => 1,
        'grant_update' => 0,
        'grant_delete' => 0,
        'priority' => 0,
      );
    }
  }
  return $grants;
}

/**
 * Implement og_get_fields().
 */
function og_access_og_get_fields() {
  $items['og_access'] = array(
    'type' => array('group', 'group content'),
    'description' => t('Add organic groups access field to group content types.'),
    'field' => array(
      'field_name' => 'og_access',
      'type' => 'list_boolean',
      'cardinality' => 1,
      'settings' => array('allowed_values' => implode("\r\n", array('0|Do not show to non group member', '1|Show to all site users')), 'allowed_values_function' => ''),
    ),
    'instance' => array(
      'label' => t('group content visibility'),
      // FIXME: Widget type doesn't work
      'widget_type' => 'options_onoff',
      'display' => array(
        'full' => array(
          'label' => 'above',
          'type' => 'options_onoff',
        ),
        'teaser' => array(
          'label' => 'above',
          'type' => 'options_onoff',
        ),
      ),
    ),
  );

  return $items;
}


/**
 * Check if an object is set as public.
 *
 * @param $obj_type
 *   The object type (e.g. "node" or "user").
 * @param $object
 *   The object can be a user, node or any fieldable entity.
 * @return
 *  TRUE if the object is private and should appear only to group members.
 */
function og_access_object_is_public($obj_type, $object) {
  og_load_object($obj_type, $object);
  return !empty($object->{OG_ACCESS_FIELD}[LANGUAGE_NONE][0]['gid']);
}