diff -u project.install project.install --- project.install 13 Aug 2010 21:06:16 -0000 +++ project.install 14 Aug 2010 01:57:12 -0000 @@ -121,8 +121,8 @@ 'not null' => TRUE, 'default' => 0, ), - 'administer_project' => array( - 'description' => t('Can this user edit the given project.'), + 'administer_project_settings' => array( + 'description' => t('Can this user edit the given project and modify its settings.'), 'type' => 'int', 'unsigned' => TRUE, 'not null' => TRUE, @@ -194,8 +194,8 @@ 'not null' => TRUE, 'default' => 0, ), - 'administer_project' => array( - 'description' => t('Can this user edit the given project.'), + 'administer_project_settings' => array( + 'description' => t('Can this user edit the given project and modify its settings.'), 'type' => 'int', 'unsigned' => TRUE, 'not null' => TRUE, @@ -215,14 +215,14 @@ // Initially populate the table so that every project owner has full // powers on their own projects. - $ret[] = update_sql("INSERT INTO {project_maintainer} (nid, uid, administer_project, administer_project_maintainers) SELECT nid, uid, 1, 1 FROM {node} WHERE type = 'project_project'"); + $ret[] = update_sql("INSERT INTO {project_maintainer} (nid, uid, administer_project_settings, administer_project_maintainers) SELECT nid, uid, 1, 1 FROM {node} WHERE type = 'project_project'"); // If CVS module is enabled, also populate the table from the // {cvs_project_maintainers} table so that anyone with CVS access // who is not the project owner can administer the project but not // manipulate the per-project permissions. if (module_exists('cvs')) { - $ret[] = update_sql("INSERT INTO {project_maintainer} (nid, uid, administer_project, administer_project_maintainers) SELECT cpm.nid, cpm.uid, 1, 0 FROM {cvs_project_maintainers} cpm INNER JOIN {node} n ON cpm.nid = n.nid WHERE cpm.uid != n.uid"); + $ret[] = update_sql("INSERT INTO {project_maintainer} (nid, uid, administer_project_settings, administer_project_maintainers) SELECT cpm.nid, cpm.uid, 1, 0 FROM {cvs_project_maintainers} cpm INNER JOIN {node} n ON cpm.nid = n.nid WHERE cpm.uid != n.uid"); } return $ret; diff -u project.module project.module --- project.module 13 Aug 2010 21:06:16 -0000 +++ project.module 14 Aug 2010 01:59:22 -0000 @@ -522,15 +522,16 @@ 'title' => 'Maintainers', 'page callback' => 'drupal_get_form', 'page arguments' => array('project_maintainers_form', 1), - 'access callback' => 'project_check_admin_access', + 'access callback' => 'project_check_access', 'access arguments' => array(1, 'administer project maintainers'), 'file' => 'includes/project_maintainers.inc', 'type' => MENU_LOCAL_TASK, + 'weight' => 4, ); $items['node/%project_node/maintainers/delete/%user'] = array( 'page callback' => 'drupal_get_form', 'page arguments' => array('project_maintainer_delete_confirm', 1, 4), - 'access callback' => 'project_check_admin_access', + 'access callback' => 'project_check_access', 'access arguments' => array(1, 'administer project maintainers'), 'file' => 'includes/project_maintainers.inc', 'type' => MENU_CALLBACK, @@ -586,9 +587,15 @@ } /** - * See if the current user has permission to administer the given project. + * See if the current user has the given permission on a given project. + * + * @param $project + * The project to check access against. Can be either a numeric node ID + * (nid) or a fully-loaded $node object. + * @param $permission + * The string representing the permission to check access for. */ -function project_check_admin_access($project, $permission = 'administer projects') { +function project_check_access($project, $permission) { global $user; if (empty($user->uid)) { return FALSE; @@ -599,8 +606,8 @@ return FALSE; } - // If the current user has the site-wide permission, always grant access. - if (user_access($permission)) { + // If the user has the site-wide admin permission, always grant access. + if (user_access('administer projects')) { return TRUE; } @@ -611,11 +618,6 @@ } // Otherwise, see if the user has the right permission for this project. - // Special-case: the per-project permission for 'administer projects' is - // singular, 'administer project', so handle that here. - if ($permission == 'administer projects') { - $permission = 'administer project'; - } return !empty($project_obj->project['maintainers'][$user->uid]['permissions'][$permission]); } @@ -710,11 +712,11 @@ switch ($op) { case 'view': // Since this function is shared for project_release nodes, we have to - // be careful what node we pass to project_check_admin_access(). + // be careful what node we pass to project_check_access(). if ($node->type == 'project_release') { $node = node_load($node->project_release['pid']); } - if (project_check_admin_access($node)) { + if (project_check_access($node, 'administer project settings')) { return TRUE; } if (!user_access('access projects')) { @@ -734,7 +736,7 @@ } break; case 'update': - if (project_check_admin_access($node)) { + if (project_check_access($node, 'administer project settings')) { return TRUE; } break; @@ -770,9 +772,9 @@ */ function project_project_permission_info() { return array( - 'administer project' => array( - 'title' => t('Administer project'), - 'description' => t('Allows a user to edit a project, and other related operations.'), + 'administer project settings' => array( + 'title' => t('Administer project settings'), + 'description' => t('Allows a user to edit a project and modify its settings.'), ), 'administer project maintainers' => array( 'title' => t('Administer project maintainers'), @@ -802,10 +804,10 @@ */ function project_maintainer_save($nid, $uid, $permissions = array()) { // Try to update an existing record, if any. - db_query("UPDATE {project_maintainer} SET administer_project = %d, administer_project_maintainers = %d WHERE nid = %d AND uid = %d", !empty($permissions['administer project']), !empty($permissions['administer project maintainers']), $nid, $uid); + db_query("UPDATE {project_maintainer} SET administer_project_settings = %d, administer_project_maintainers = %d WHERE nid = %d AND uid = %d", !empty($permissions['administer project settings']), !empty($permissions['administer project maintainers']), $nid, $uid); if (!db_affected_rows()) { // Didn't update anything, add this as a new maintainer, instead. - db_query("INSERT INTO {project_maintainer} (nid, uid, administer_project, administer_project_maintainers) VALUES (%d, %d, %d, %d)", $nid, $uid, !empty($permissions['administer project']), !empty($permissions['administer project maintainers'])); + db_query("INSERT INTO {project_maintainer} (nid, uid, administer_project_settings, administer_project_maintainers) VALUES (%d, %d, %d, %d)", $nid, $uid, !empty($permissions['administer project settings']), !empty($permissions['administer project maintainers'])); } // Invoke hook_project_maintainer_save() to let other modules know this diff -u project.test project.test --- project.test 13 Aug 2010 21:53:13 -0000 +++ project.test 14 Aug 2010 02:01:34 -0000 @@ -392,9 +392,9 @@ $this->assertLink(t('Maintainers'), 0, ('Maintainers tab is shown.')); $this->drupalGet("node/$project->nid/maintainers"); $this->assertLink($this->owner->name, 0, ('Project owner is displayed on form.')); - $this->assertFieldDisabled("maintainers[{$this->owner->uid}][permissions][administer project]", 'Checkbox is disabled for project owner'); + $this->assertFieldDisabled("maintainers[{$this->owner->uid}][permissions][administer project settings]", 'Checkbox is disabled for project owner'); $this->assertFieldDisabled("maintainers[{$this->owner->uid}][permissions][administer project maintainers]", 'Checkbox is disabled for project owner'); - $this->assertFieldCheckedByName("maintainers[{$this->owner->uid}][permissions][administer project]", 'Owners permissions are automatically granted'); + $this->assertFieldCheckedByName("maintainers[{$this->owner->uid}][permissions][administer project settings]", 'Owners permissions are automatically granted'); $this->assertFieldCheckedByName("maintainers[{$this->owner->uid}][permissions][administer project maintainers]", 'Owners permissions are automatically granted'); $this->assertNoRaw("node/$project->nid/maintainers/delete/{$this->owner->uid}", 'No delete link is displayed for the project owner.'); @@ -419,7 +419,7 @@ $edit['new_maintainer[user]'] = $this->maintainer->name; $this->drupalPost("node/$project->nid/maintainers", $edit, t('Update')); $this->assertLink($this->maintainer->name, 0, 'New user is displayed on form correctly.'); - $this->assertNoFieldCheckedByName("maintainers[{$this->maintainer->uid}][permissions][administer project]", 'Permissions not explicitly granted.'); + $this->assertNoFieldCheckedByName("maintainers[{$this->maintainer->uid}][permissions][administer project settings]", 'Permissions not explicitly granted.'); $this->assertNoFieldCheckedByName("maintainers[{$this->maintainer->uid}][permissions][administer project maintainers]", 'Permissions not explicitly granted.'); // Test validation for adding a duplicate maintainer @@ -430,9 +430,9 @@ // Add permissions to user $edit = array(); - $edit["maintainers[{$this->maintainer->uid}][permissions][administer project]"] = TRUE; + $edit["maintainers[{$this->maintainer->uid}][permissions][administer project settings]"] = TRUE; $this->drupalPost("node/$project->nid/maintainers", $edit, t('Update')); - $this->assertFieldCheckedByName("maintainers[{$this->maintainer->uid}][permissions][administer project]", 'Permissions are displayed correctly on maintainers form.'); + $this->assertFieldCheckedByName("maintainers[{$this->maintainer->uid}][permissions][administer project settings]", 'Permissions are displayed correctly on maintainers form.'); // Login as maintainer and check access $this->drupalLogin($this->maintainer); $this->drupalGet("node/$project->nid/edit"); diff -u includes/project_maintainers.inc includes/project_maintainers.inc --- includes/project_maintainers.inc 13 Aug 2010 21:06:16 -0000 +++ includes/project_maintainers.inc 14 Aug 2010 00:53:23 -0000 @@ -120,6 +120,15 @@ // alter, theme_table() freaks out if the $header array has non-numeric // keys. So we ditch the keys at this point to avoid notices. $output .= theme('table', array_values($header), $rows); + + $project_perms = project_permission_load(); + $output .= '
'; + foreach ($project_perms as $perm => $perm_info) { + $output .= '
' . $perm_info['title'] . '
'; + $output .= '
' . $perm_info['description'] . '
'; + } + $output .= "
\n"; + $output .= drupal_render($form); return $output; } diff -u release/project_release.module release/project_release.module --- release/project_release.module 13 Aug 2010 21:06:16 -0000 +++ release/project_release.module 14 Aug 2010 01:46:14 -0000 @@ -40,7 +40,7 @@ 'title' => 'Releases', 'page callback' => 'project_release_project_edit_releases', 'page arguments' => array(1), - 'access callback' => 'project_check_admin_access', + 'access callback' => 'project_check_access', 'access arguments' => array(1, 'administer project releases'), 'type' => MENU_LOCAL_TASK, 'file' => 'includes/project_edit_releases.inc', @@ -120,7 +120,7 @@ // We can't just use project_project_access() here, since we // need to check access to the project itself, not the release // node, so we use the helper method and pass the project id. - return project_check_admin_access($node->project_release['pid'], 'administer project releases'); + return project_check_access($node->project_release['pid'], 'administer project releases'); case 'delete': // No one should ever delete a release node, only unpublish it. return FALSE; @@ -652,7 +652,7 @@ } // Display packaging errors to admins. - if (project_check_admin_access($node->project_release['pid'], 'administer project releases')) { + if (project_check_access($node->project_release['pid'], 'administer project releases')) { $rows = array(); $result = db_query('SELECT * FROM {project_release_package_errors} WHERE nid = %d', $node->nid); $error = db_fetch_object($result); @@ -733,7 +733,7 @@ $where = ''; $join = ''; $args = array($project->nid); - if (!project_check_admin_access($project, 'administer project releases')) { + if (!project_check_access($project, 'administer project releases')) { if (!empty($rids)) { $where = "AND (n.status = %d OR n.nid IN (". db_placeholders($rids) ."))"; $args[] = 1; @@ -1273,7 +1273,7 @@ ), ); - if (project_check_admin_access($node->nid, 'administer project releases')) { + if (project_check_access($node->nid, 'administer project releases')) { $links['project_release']['links']['add_new_release'] = l(t('Add new release'), 'node/add/project_release/'. $node->nid); $links['project_release']['links']['administer_releases'] = l(t('Administer releases'), 'node/'. $node->nid .'/edit/releases'); } diff -u release/includes/release_node_form.inc release/includes/release_node_form.inc --- release/includes/release_node_form.inc 13 Aug 2010 21:06:16 -0000 +++ release/includes/release_node_form.inc 14 Aug 2010 01:46:23 -0000 @@ -24,7 +24,7 @@ } // Make sure this user should have permissions to add releases for // the requested project - if (!project_check_admin_access($project, 'administer project releases')) { + if (!project_check_access($project, 'administer project releases')) { drupal_access_denied(); module_invoke_all('exit'); exit;