og_access.module

  1. cis7 sites/all/modules/ulmus/og/og_access/og_access.module
  2. cle7 sites/all/modules/ulmus/og/og_access/og_access.module
  3. ecd7 sites/all/modules/ulmus/og/og_access/og_access.module
  4. elmsmedia7 sites/all/modules/ulmus/og/og_access/og_access.module
  5. harmony7 sites/all/modules/ulmus/og/og_access/og_access.module
  6. icor7 sites/all/modules/ulmus/og/og_access/og_access.module
  7. meedjum_blog7 sites/all/modules/ulmus/og/og_access/og_access.module
  8. mooc7 sites/all/modules/ulmus/og/og_access/og_access.module

Enable access control for private and public groups and group content.

Functions

Namesort descending Description
og_access_node_access_records Implements hook_node_access_records().
og_access_node_grants Implements hook_node_grants().
og_access_og_fields_info Implement hook_og_fields_info().
_og_access_verify_access_field_existence Verify that the OG field access is attached to the group.

Constants

Namesort descending Description
OG_ACCESS_FIELD Group public access field.
OG_ACCESS_REALM The access realm of group member.
OG_CONTENT_ACCESS_DEFAULT Define group content access by it's group defaults.
OG_CONTENT_ACCESS_FIELD Group public access field.
OG_CONTENT_ACCESS_PRIVATE Define group content access private regardless of its group definition.
OG_CONTENT_ACCESS_PUBLIC Define group content access public regardless of its group definition.

File

sites/all/modules/ulmus/og/og_access/og_access.module
View source
  1. <?php
  2. /**
  3. * @file
  4. * Enable access control for private and public groups and group content.
  5. */
  6. /**
  7. * The access realm of group member.
  8. */
  9. define('OG_ACCESS_REALM', 'og_access');
  10. /**
  11. * Group public access field.
  12. */
  13. define('OG_ACCESS_FIELD', 'group_access');
  14. /**
  15. * Group public access field.
  16. */
  17. define('OG_CONTENT_ACCESS_FIELD', 'group_content_access');
  18. /**
  19. * Define group content access by it's group defaults.
  20. */
  21. define('OG_CONTENT_ACCESS_DEFAULT', 0);
  22. /**
  23. * Define group content access public regardless of its group definition.
  24. */
  25. define('OG_CONTENT_ACCESS_PUBLIC', 1);
  26. /**
  27. * Define group content access private regardless of its group definition.
  28. */
  29. define('OG_CONTENT_ACCESS_PRIVATE', 2);
  30. /**
  31. * Implements hook_node_grants().
  32. */
  33. function og_access_node_grants($account, $op) {
  34. if ($op != 'view') {
  35. return;
  36. }
  37. if ($groups = og_get_entity_groups('user', $account)) {
  38. foreach ($groups as $group_type => $gids) {
  39. foreach ($gids as $gid) {
  40. $realm = OG_ACCESS_REALM . ':' . $group_type;
  41. $grants[$realm][] = $gid;
  42. }
  43. }
  44. }
  45. return !empty($grants) ? $grants : array();
  46. }
  47. /**
  48. * Implements hook_node_access_records().
  49. */
  50. function og_access_node_access_records($node) {
  51. if (empty($node->status)) {
  52. // Node is unpublished, so we don't allow every group member to see
  53. // it.
  54. return array();
  55. }
  56. // The group IDs, that in case access is granted, will be recorded.
  57. $gids = array();
  58. $wrapper = entity_metadata_wrapper('node', $node);
  59. // Verify that a group content with visibility field can't create when there
  60. // isn't an OG access field attached to the group entity.
  61. if (!empty($wrapper->{OG_CONTENT_ACCESS_FIELD}) && $wrapper->{OG_CONTENT_ACCESS_FIELD}->value() == OG_CONTENT_ACCESS_DEFAULT) {
  62. _og_access_verify_access_field_existence($node);
  63. }
  64. if (!empty($wrapper->{OG_ACCESS_FIELD}) && $wrapper->{OG_ACCESS_FIELD}->value() && og_is_group('node', $node)) {
  65. // Private group.
  66. $gids['node'][] = $node->nid;
  67. }
  68. // If there is no content access field on the group content, we assume
  69. // that the group defaults are needed.
  70. // This allows us not to have the content access field on the group
  71. // content but still have access control.
  72. $content_access = !empty($wrapper->{OG_CONTENT_ACCESS_FIELD}) ? $wrapper->{OG_CONTENT_ACCESS_FIELD}->value() : OG_CONTENT_ACCESS_DEFAULT;
  73. switch ($content_access) {
  74. case OG_CONTENT_ACCESS_DEFAULT:
  75. if (!$entity_groups = og_get_entity_groups('node', $node)) {
  76. break;
  77. }
  78. $has_private = FALSE;
  79. foreach ($entity_groups as $group_type => $values) {
  80. entity_load($group_type, $values);
  81. foreach ($values as $gid) {
  82. $list_gids[$group_type][] = $gid;
  83. if ($has_private) {
  84. // We already know we have a private group, so we can avoid
  85. // re-checking it.
  86. continue;
  87. }
  88. $group_wrapper = entity_metadata_wrapper($group_type, $gid);
  89. if (!empty($group_wrapper->{OG_ACCESS_FIELD}) && $group_wrapper->{OG_ACCESS_FIELD}->value()) {
  90. $has_private = TRUE;
  91. }
  92. }
  93. }
  94. if ($has_private) {
  95. $gids = array_merge_recursive($gids, $list_gids);
  96. }
  97. break;
  98. case OG_CONTENT_ACCESS_PUBLIC:
  99. // Do nothing.
  100. break;
  101. case OG_CONTENT_ACCESS_PRIVATE:
  102. $gids = array_merge_recursive($gids, og_get_entity_groups('node', $node));
  103. break;
  104. }
  105. foreach ($gids as $group_type => $values) {
  106. foreach ($values as $gid) {
  107. $grants[] = array (
  108. 'realm' => OG_ACCESS_REALM . ':' . $group_type,
  109. 'gid' => $gid,
  110. 'grant_view' => 1,
  111. 'grant_update' => 0,
  112. 'grant_delete' => 0,
  113. 'priority' => 0,
  114. );
  115. }
  116. }
  117. return !empty($grants) ? $grants : array();
  118. }
  119. /**
  120. * Implement hook_og_fields_info().
  121. */
  122. function og_access_og_fields_info() {
  123. $allowed_values = array(
  124. 0 => 'Public - accessible to all site users',
  125. 1 => 'Private - accessible only to group members',
  126. );
  127. $items[OG_ACCESS_FIELD] = array(
  128. 'type' => array('group'),
  129. 'description' => t('Determine access to the group.'),
  130. // Private access can be done only on node entity.
  131. 'entity' => array('node'),
  132. 'field' => array(
  133. 'field_name' => OG_ACCESS_FIELD,
  134. 'no_ui' => TRUE,
  135. 'type' => 'list_boolean',
  136. 'cardinality' => 1,
  137. 'settings' => array('allowed_values' => $allowed_values, 'allowed_values_function' => ''),
  138. ),
  139. 'instance' => array(
  140. 'label' => t('Group visibility'),
  141. 'required' => TRUE,
  142. // Default to public.
  143. 'default_value' => array(0 => array('value' => 0)),
  144. 'widget_type' => 'options_select',
  145. 'view modes' => array(
  146. 'full' => array(
  147. 'label' => 'above',
  148. 'type' => 'options_onoff',
  149. ),
  150. 'teaser' => array(
  151. 'label' => 'above',
  152. 'type' => 'options_onoff',
  153. ),
  154. ),
  155. ),
  156. );
  157. $allowed_values = array(
  158. 0 => 'Use group defaults',
  159. 1 => 'Public - accessible to all site users',
  160. 2 => 'Private - accessible only to group members',
  161. );
  162. $items[OG_CONTENT_ACCESS_FIELD] = array(
  163. 'type' => array('group content'),
  164. 'description' => t('Determine access to the group content, which may override the group settings.'),
  165. // Private access can be done only on node entity.
  166. 'entity' => array('node'),
  167. 'field' => array(
  168. 'field_name' => OG_CONTENT_ACCESS_FIELD,
  169. 'no_ui' => TRUE,
  170. 'type' => 'list_integer',
  171. 'cardinality' => 1,
  172. 'settings' => array('allowed_values' => $allowed_values, 'allowed_values_function' => ''),
  173. ),
  174. 'instance' => array(
  175. 'label' => t('Group content visibility'),
  176. 'required' => TRUE,
  177. // Make the group type default.
  178. 'default_value' => array(0 => array('value' => 0)),
  179. 'widget_type' => 'options_select',
  180. 'view modes' => array(
  181. 'full' => array(
  182. 'label' => 'above',
  183. 'type' => 'list_default',
  184. ),
  185. 'teaser' => array(
  186. 'label' => 'above',
  187. 'type' => 'list_default',
  188. ),
  189. ),
  190. ),
  191. );
  192. return $items;
  193. }
  194. /**
  195. * Verify that the OG field access is attached to the group.
  196. *
  197. * @param $node
  198. * The node object.
  199. *
  200. * @throws OgException
  201. * When the OG access field isn't attached to the group's node but the
  202. * visibility field attached to the node.
  203. */
  204. function _og_access_verify_access_field_existence($node) {
  205. // Verify that the OG access field is attached to the group(s) content.
  206. $fields_names = og_get_group_audience_fields('node', $node->type);
  207. $groups_bundles = og_get_all_group_bundle();
  208. // Check each group audience field on this node type.
  209. foreach (array_keys($fields_names) as $field_name) {
  210. // Get the group entity type that this field points to.
  211. $field_info = field_info_field($field_name);
  212. $target_type = $field_info['settings']['target_type'];
  213. foreach (array_keys($groups_bundles[$target_type]) as $bundle) {
  214. $instances = field_info_instances($target_type, $bundle);
  215. // Verify that the OG access field is attached to the group bundles.
  216. if (empty($instances[OG_ACCESS_FIELD])) {
  217. $params = array(
  218. '!nid' => $node->nid,
  219. '%entity_type' => $target_type,
  220. '%bundle' => $bundle,
  221. );
  222. throw new OgException(format_string('Cannot set visibility of node ID !nid as the %entity_type group of type %bundle does not have the "Group visibility" field attached to it.', $params));
  223. }
  224. }
  225. }
  226. }
Error | ELMSLN API

Error

×

Error message

  • Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/elmsln_community/api.elmsln.org/includes/common.inc:2791) in drupal_send_headers() (line 1499 of /var/www/html/elmsln_community/api.elmsln.org/includes/bootstrap.inc).
  • Error: Call to undefined function apc_delete() in DrupalAPCCache->clear() (line 289 of /var/www/html/elmsln_community/api.elmsln.org/sites/all/modules/apc/drupal_apc_cache.inc).
The website encountered an unexpected error. Please try again later.