diff --git a/workflow.module b/workflow.module index de9becd..8a9313d 100644 --- a/workflow.module +++ b/workflow.module @@ -117,10 +117,10 @@ function workflow_node_tab_access($node = NULL) { return FALSE; } $roles = array_keys($user->roles); - if ($node->uid == $user->uid) { + if (in_array($user->uid, workflow_get_authors($node))) { $roles = array_merge(array('author'), $roles); } - $workflow = db_fetch_object(db_query("SELECT * FROM {workflows} WHERE wid = %d", $wid)); + $workflow = db_fetch_object(db_query("SELECT tab_roles FROM {workflows} WHERE wid = %d", $wid)); $allowed_roles = $workflow->tab_roles ? explode(',', $workflow->tab_roles) : array(); if (user_access('administer nodes') || array_intersect($roles, $allowed_roles)) { @@ -706,7 +706,7 @@ function workflow_field_choices($node) { $current_sid = workflow_node_current_state($node); // If user is node author or this is a new page, give the authorship role. - if (($user->uid == $node->uid && $node->uid > 0) || (arg(0) == 'node' && arg(1) == 'add')) { + if ((in_array($user->uid, workflow_get_authors($node))) || (arg(0) == 'node' && arg(1) == 'add')) { $roles += array('author' => 'author'); } if ($user->uid == 1) { @@ -1643,4 +1643,20 @@ function workflow_user($op, &$edit, &$account, $category = NULL) { db_query("UPDATE {workflow_node_history} SET uid = 0 WHERE uid = %d", $account->uid); break; } -} \ No newline at end of file +} + +/* + * Returns the authors of the a node to be used for author condition. + * + * @param $node + * A node object as returned from node_load. + * + * @return + * An array of user UIDs. + */ +function workflow_get_authors($node) { + $authors = !empty($node->uid) ? array($node->uid => $node->uid) : array(); + drupal_alter('workflow_authors', $authors, $node); + + return $authors; +} diff --git a/workflow_access.install b/workflow_access.install index be4d526..a8cc6dd 100644 --- a/workflow_access.install +++ b/workflow_access.install @@ -31,4 +31,13 @@ function workflow_access_schema() { 'sid' => array('sid')), ); return $schema; -} \ No newline at end of file +} + +/** + * Tell people they need to rebuild node access. + */ +function workflow_access_update_6101() { + $res = array(); + $rest[] = update_sql('DELETE from node_access where realm = "workflow_access_owner" and gid = 0'); + return $res; +} diff --git a/workflow_access.module b/workflow_access.module index 6da77a8..8dacf30 100644 --- a/workflow_access.module +++ b/workflow_access.module @@ -25,20 +25,33 @@ function workflow_access_node_grants($account, $op) { */ function workflow_access_node_access_records($node) { $grants = array(); - $sid = db_result(db_query("SELECT sid FROM {workflow_node} WHERE nid = %d", $node->nid)); + $sid = workflow_node_current_state($node); // We have state information about this node, so get permissions for this state. if (is_numeric($sid)) { - $result = db_query('SELECT * FROM {workflow_access} WHERE sid = %d', $sid); + $authors = workflow_get_authors($node); + $result = db_query('SELECT rid, grant_view, grant_update, grant_delete FROM {workflow_access} WHERE sid = %d', $sid); while ($grant = db_fetch_object($result)) { - $grants[] = array( - 'realm' => ($grant->rid == -1) ? 'workflow_access_owner' : 'workflow_access', - 'gid' => ($grant->rid == -1) ? $node->uid : $grant->rid, - 'grant_view' => $grant->grant_view, - 'grant_update' => $grant->grant_update, - 'grant_delete' => $grant->grant_delete, - 'priority' => 0, - ); + if ($grant->rid == -1) { + foreach($authors as $uid) { + $grants[] = array( + 'realm' => 'workflow_access_owner', + 'gid' => $uid, + 'grant_view' => $grant->grant_view, + 'grant_update' => $grant->grant_update, + 'grant_delete' => $grant->grant_delete + ); + } + } + else { + $grants[] = array( + 'realm' => 'workflow_access', + 'gid' => $grant->rid, + 'grant_view' => $grant->grant_view, + 'grant_update' => $grant->grant_update, + 'grant_delete' => $grant->grant_delete + ); + } } }