From b3fa608e645144caa9df1ba30032d607aaf47902 Mon Sep 17 00:00:00 2001
From: Nathan Phillip Brink <ohnobinki@ohnopublishing.net>
Date: Wed, 6 Jul 2011 14:31:46 -0400
Subject: [PATCH] Fix issue #545916 by SimonVlc: Allow posting comments but not starting new topics.

---
 forum_access.admin.inc |   14 ++++++++++----
 forum_access.install   |   30 ++++++++++++++++++++++++++++++
 forum_access.module    |    3 ++-
 forum_access.node.inc  |    6 +++---
 4 files changed, 45 insertions(+), 8 deletions(-)

diff --git a/forum_access.admin.inc b/forum_access.admin.inc
index 16aabb9..2249cc8 100644
--- a/forum_access.admin.inc
+++ b/forum_access.admin.inc
@@ -199,7 +199,7 @@ function _forum_access_forum_form_after_build_template($form, &$form_state) {
     $form['template']['#attributes']['class'] = array('collapsible');
 
     $settings = _forum_access_get_settings($template_tid);
-    foreach (array('view', 'create', 'update', 'delete') as $grant_type) {
+    foreach (array('view', 'create', 'comment', 'update', 'delete') as $grant_type) {
       if (empty($form['grants']['checkboxes'][$grant_type])) {
         continue;
       }
@@ -259,6 +259,7 @@ function _forum_access_forum_grants_form(&$form_state, $is_container, $settings)
     $cols = array(
       'view'   => t('View this forum'),
       'create' => t('Post in this forum'),
+      'comment' => t('Comment on posts'),
       'update' => t('Edit posts'),
       'delete' => t('Delete posts'),
     );
@@ -649,7 +650,7 @@ function _forum_access_form_submit($form, &$form_state) {
     acl_save_form($fa_values['acl'], $fa_priority);
   }
   $insert = db_insert('forum_access');
-  $insert->fields(array('tid', 'rid', 'grant_view', 'grant_update', 'grant_delete', 'grant_create', 'priority'));
+  $insert->fields(array('tid', 'rid', 'grant_view', 'grant_update', 'grant_comment', 'grant_delete', 'grant_create', 'priority'));
   foreach ($access['view'] as $rid => $checked) {
     if (isset($permissions[$rid]['bypass node access'])) {
       // We prefer not to save records for these roles, because they have access anyway.
@@ -678,6 +679,7 @@ function _forum_access_form_submit($form, &$form_state) {
         'grant_update' => (int) (!empty($access['update'][$rid]) && empty($form_initial_values['grants']['checkboxes']['update'][$rid]['#disabled'])),
         'grant_delete' => (int) (!empty($access['delete'][$rid]) && empty($form_initial_values['grants']['checkboxes']['delete'][$rid]['#disabled'])),
         'grant_create' => (int) (!empty($access['create'][$rid])),
+        'grant_comment'=> (int) (!empty($access['comment'][$rid])),
         'priority'     => (int) $fa_priority,
       ));
     }
@@ -823,11 +825,12 @@ function _forum_access_forum_admin_settings_form(&$form, &$form_state) {
  * Helper function to retrieve the settings for a forum.
  */
 function _forum_access_get_settings($tid = NULL) {
-  $return = array('view' => array(), 'create' => array(), 'update' => array(), 'delete' => array(), 'priority' => 0);
+  $return = array('view' => array(), 'create' => array(), 'comment' => array(), 'update' => array(), 'delete' => array(), 'priority' => 0);
   if (!isset($tid)) {
-    // Default to all users can read; all logged in users can post.
+    // Default to all users can read; all logged in users can post and comment.
     $return['view'] = array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID);
     $return['create'] = array(DRUPAL_AUTHENTICATED_RID);
+    $return['comment'] = array(DRUPAL_AUTHENTICATED_RID);
   }
   else {
     $result = db_query("SELECT * FROM {forum_access} where tid = :tid", array(
@@ -846,6 +849,9 @@ function _forum_access_get_settings($tid = NULL) {
       if ($access->grant_create) {
         $return['create'][] = $access->rid;
       }
+      if ($access->grant_comment) {
+        $return['comment'][] = $access->rid;
+      }
       if ($access->rid == DRUPAL_AUTHENTICATED_RID) { // this is our reference
         $return['priority'] = $access->priority;
       }
diff --git a/forum_access.install b/forum_access.install
index 7dd833b..71eabd7 100644
--- a/forum_access.install
+++ b/forum_access.install
@@ -86,6 +86,13 @@ function forum_access_schema() {
         'unsigned'    => TRUE,
         'not null'    => TRUE,
         'default'     => 0),
+      'grant_comment' => array(
+        'description' => 'Whether to grant "comment" permission.',
+        'type'        => 'int',
+        'size'        => 'tiny',
+        'unsigned'    => TRUE,
+        'not null'    => TRUE,
+        'default'     => 0),
       'priority'  => array(
         'description' => 'The priority of this grant.',
         'type'        => 'int',
@@ -199,3 +206,26 @@ function forum_access_update_7001() {
   }
 }
 
+/**
+ * Add support for 'comment' permission, #545916.
+ */
+function forum_access_update_7100($sandbox) {
+  db_add_field('forum_access', 'grant_comment',
+    array(
+      'description' => 'Whether to grant "comment" permission.',
+      'type'        => 'int',
+      'size'        => 'tiny',
+      'unsigned'    => TRUE,
+      'not null'    => TRUE,
+      'default'     => 0,
+    ));
+
+  /*
+   * In previous versions of forum_access, the ability to comment was
+   * given to anyone with the ability to post('create') a new forum
+   * topic.
+   */
+  db_update('forum_access')
+    ->expression('grant_comment', 'grant_create')
+    ->execute();
+}
diff --git a/forum_access.module b/forum_access.module
index faabd3b..efc553e 100644
--- a/forum_access.module
+++ b/forum_access.module
@@ -58,7 +58,7 @@ function _forum_access_comment_access_callback($comment, $op) {
     // 'reply' is governed by AND, return TRUE by default.
     $node = $comment;
     if ($tid = _forum_access_get_tid($node)) {
-      return forum_access_access('create', $tid);
+      return forum_access_access('comment', $tid);
     }
     return TRUE;
   }
@@ -190,6 +190,7 @@ function forum_access_node_access_records($node) {
           'grant_view'   => $grant->grant_view,
           'grant_update' => $grant->grant_update,
           'grant_delete' => $grant->grant_delete,
+          'grant_comment'=> $grant->grant_comment,
           'priority'     => $grant->priority,
         );
       }
diff --git a/forum_access.node.inc b/forum_access.node.inc
index 3ce9f4e..2443ba4 100644
--- a/forum_access.node.inc
+++ b/forum_access.node.inc
@@ -21,7 +21,7 @@ function _forum_access_node_view_alter(&$build, $tid) {
 
   //dpm($build, '_forum_access_node_view_alter() BEFORE:');
   $node = $build['#node'];
-  if (forum_access_node_access($node, 'create', $user) == NODE_ACCESS_DENY) {
+  if (forum_access_node_access($node, 'comment', $user) == NODE_ACCESS_DENY) {
     unset($build['links']['comment']['#links']['comment-add']);
     unset($build['comments']['comment_form']);
   }
@@ -41,13 +41,13 @@ function _forum_access_comment_view_alter(&$build, $tid) {
   //dpm($build, "_forum_access_comment_view_alter() tid=[$tid] cid=[$comment->cid] BEFORE:");
   $links =& $build['links']['comment']['#links'];
 
-  if ($user->uid != 1 && !user_access('bypass node access') && !forum_access_access('create', $tid)) {
+  if ($user->uid != 1 && !user_access('bypass node access') && !forum_access_access('comment', $tid)) {
     unset($links['comment-reply']);
   }
 
   if (!user_access('administer comments') || !empty($user->_forum_access_moderator)) {
     $default_link_keys = array(
-      'create' => array('comment-reply'),
+      'comment' => array('comment-reply'),
       'update' => array('comment-edit', 'comment-approve'),
       'delete' => array('comment-delete'),
     );
-- 
1.7.3.4