Index: flag.module =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/flag/Attic/flag.module,v retrieving revision 1.11.2.72.2.21 diff -u -r1.11.2.72.2.21 flag.module --- flag.module 28 Oct 2009 01:51:39 -0000 1.11.2.72.2.21 +++ flag.module 28 Oct 2009 02:31:51 -0000 @@ -694,6 +694,24 @@ return FALSE; } } + + // Restrict access by comment authorship. + if ($flag->content_type == 'comment') { + $comment = _comment_load($content_id); + $node = node_load($content_id); + if ($flag->access_author == 'node_own' && $node->uid != $account->uid) { + return FALSE; + } + elseif ($flag->access_author == 'node_others' && $node->uid == $account->uid) { + return FALSE; + } + elseif ($flag->access_author == 'comment_own' && $comment->uid != $account->uid) { + return FALSE; + } + elseif ($flag->access_author == 'comment_others' && $comment->uid == $account->uid) { + return FALSE; + } + } } /** @@ -701,12 +719,13 @@ */ function flag_flag_access_multiple($flag, $content_ids, $account) { $access = array(); + if ($flag->content_type == 'node') { // Restrict access by authorship. This is similar to flag_flag_access() // above, but returns an array of 'nid' => $access values. Similarly, we // should never return TRUE in any of these access values, only FALSE if we // want to deny access, or use the current access value provided by Flag. - $nids = implode(',', array_map('intval', array_keys($content_ids))); + $nids = implode(',', array_map('intval', array_keys($content_ids))); $placeholders = implode(',', array_fill(0, sizeof($flag->types), "'%s'")); $result = db_query("SELECT nid, uid FROM {node} WHERE nid IN ($nids) AND type in ($placeholders)", $flag->types); while ($row = db_fetch_object($result)) { @@ -718,6 +737,27 @@ } } } + + if ($flag->content_type == 'comment') { + // Restrict access by comment ownership. + $nids = implode(',', array_map('intval', array_keys($content_ids))); + $result = db_query("SELECT c.cid, c.nid, c.uid as comment_uid, n.nid as node_uid FROM {comments} c LEFT JOIN {node} n ON c.nid = n.nid WHERE cid IN ($cids)"); + while ($row = db_fetch_object($result)) { + if ($flag->access_author == 'node_own') { + $access[$row->cid] = $row->node_uid != $account->uid ? FALSE : NULL; + } + elseif ($flag->access_author == 'node_others') { + $access[$row->cid] = $row->node_uid == $account->uid ? FALSE : NULL; + } + elseif ($flag->access_author == 'comment_own') { + $access[$row->cid] = $row->comment_uid != $account->uid ? FALSE : NULL; + } + elseif ($flag->access_author == 'comment_others') { + $access[$row->cid] = $row->comment_uid == $account->uid ? FALSE : NULL; + } + } + } + // Always return an array (even if empty) of accesses. return $access; } Index: flag.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/flag/Attic/flag.inc,v retrieving revision 1.1.2.30.2.15 diff -u -r1.1.2.30.2.15 flag.inc --- flag.inc 28 Oct 2009 01:47:33 -0000 1.1.2.30.2.15 +++ flag.inc 28 Oct 2009 02:31:51 -0000 @@ -1248,6 +1248,7 @@ function options() { $options = parent::options(); $options += array( + 'access_author' => '', 'show_on_comment' => TRUE, ); return $options; @@ -1255,6 +1256,21 @@ function options_form(&$form) { parent::options_form($form); + + $form['access']['access_author'] = array( + '#type' => 'radios', + '#title' => t('Flag access by content authorship'), + '#options' => array( + '' => t('No additional restrictions'), + 'comment_own' => t('Users may only flag own comments'), + 'comment_others' => t('Users may only flag comments by others'), + 'node_own' => t('Users may only flag comments of nodes they own'), + 'node_others' => t('Users may only flag comments of nodes by others'), + ), + '#default_value' => $this->access_author, + '#description' => t("Restrict access to this flag based on the user's ownership of the content. Users must also have access to the flag through the role settings."), + ); + $form['display']['show_on_comment'] = array( '#type' => 'checkbox', '#title' => t('Display link under comment'),