Index: path_access.js
===================================================================
RCS file: path_access.js
diff -N path_access.js
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ path_access.js	4 Sep 2008 05:11:48 -0000
@@ -0,0 +1,60 @@
+// $ID
+if(Drupal.jsEnabled) {
+  $(document).ready( function() {
+    //Declare some vars
+    var menuCollection;
+    var absolutePathLen = Drupal.settings.path_access.absolutePath.len;
+
+    //We start out with hiding all the links to reduce flicker.
+    $('div.block ul.menu li a, ul.primary-links li a').css('display', 'none');
+
+    //Loop through every menu link and primary link and collect the paths to those links.
+    $('div.block ul.menu li a, ul.primary-links li a').each(function() {
+      menuCollection = check_url($(this), menuCollection);
+    });
+
+    //Obtain an array of the path permissions
+    $.getJSON(Drupal.settings.path_access.absolutePath + '?q=path_access.result&path=' + menuCollection, function(data) {
+      $('div.block ul.menu li a, ul.primary-links li a').each(function() {
+        qValue = getQValue($(this));
+        if(qValue) {
+
+          //Display the menu if it is allowed.
+          if(!data[qValue]['denied']) {
+            $(this).css('display', 'block');
+          }
+        }
+      });
+    });
+  });
+}
+
+//Obtains the drupal path from a link.
+function getQValue(aTag) {
+  var link = aTag[0].href;
+  var position = link.indexOf('q=');
+  if(position) {
+    urlSplit = link.split('?');
+    baseURL = urlSplit[0];
+    if (baseURL == Drupal.settings.path_access.absolutePath) {
+      qSplit = urlSplit[1].split('q=');
+      qValue = qSplit[1].split('&');
+      qValue = qValue[0];
+    }
+  }
+  else if(link.substr(0, absolutePathLen) == Drupal.settings.path_access.absolutePath) {
+    var qValue = link.substr(absolutePathLen, link.len);
+  }
+
+  return qValue;
+}
+
+//Build the list of menu paths to pass to the ajax call.
+function check_url(aTag, menuCollection) {
+  qValue = getQValue(aTag);
+  if (qValue) {
+    menuCollection += '|' + qValue;
+  }
+
+  return menuCollection;
+}
\ No newline at end of file
Index: path_access.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/path_access/path_access.module,v
retrieving revision 1.11
diff -u -p -r1.11 path_access.module
--- path_access.module	10 Aug 2008 16:42:29 -0000	1.11
+++ path_access.module	4 Sep 2008 04:36:03 -0000
@@ -23,16 +23,44 @@ function path_access_help($path, $arg) {
  * Implementation of hook_init().
  */
 function path_access_init() {
-  global $user;
 
   drupal_bootstrap(DRUPAL_BOOTSTRAP_PATH);
 
+  //Add javascript file that hides menu items.
+  drupal_add_js(drupal_get_path('module', 'path_access') .'/path_access.js');
+
+  //We need the absolute path for the menu hiding jquery.
+  $absolute_path = url('', array('absolute' => TRUE));
+  drupal_add_js(array('path_access' => array('absolutePath' => $absolute_path)), 'setting');
+
+  // The current page.
+  $path = drupal_get_path_alias(check_plain($_GET['q']));
+
+  // Check that the current page is not a protected page before blocking user.
+  if(_path_access_denied($path)) {
+    drupal_access_denied();
+    exit;
+  }
+}
+
+/**
+ * Determine if the user is allowed to access the path.
+ *
+ * @param $path
+ *  The path to test.
+ *
+ * @return
+ *  TRUE if denied.
+ */
+function _path_access_denied($path) {
+  global $user;
+
   // User #1 has all privileges:
   if ($user->uid == 1) {
-    return 1;
+    return FALSE;
   }
   // This one does not work in D6 without the role_weights module, so the user's last role_id will be taken into account.
-//  $role = module_exists('role_weights') ? module_invoke('role_weights', 'get_highest', $user->roles) : array('name' => $user->roles);
+  //  $role = module_exists('role_weights') ? module_invoke('role_weights', 'get_highest', $user->roles) : array('name' => $user->roles);
   foreach($user->roles as $k => $v) {
     $role = $k;
   }
@@ -49,8 +77,6 @@ function path_access_init() {
 
   // Match path if necessary.
   if ($pages) {
-    // The current page.
-    $path = drupal_get_path_alias(check_plain($_GET['q']));
 
     $regexp = '/^('. preg_replace(array('/(\r\n?|\n)/', '/\\\\\*/', '/(^|\|)\\\\<front\\\\>($|\|)/'), array('|', '.*', '\1'. variable_get('site_frontpage', 'node') .'\2'), preg_quote($pages, '/')) .')$/';
     $page_match = ($visibility xor preg_match($regexp, $path));
@@ -61,8 +87,7 @@ function path_access_init() {
 
   // Check that the current page is not a protected page before blocking user.
   if($page_match && !path_access_protected_pages($path)) {
-    drupal_access_denied();
-    exit;
+    return TRUE;
   }
 }
 
@@ -84,6 +109,15 @@ function path_access_menu() {
     'access arguments' => array('administer url aliases'),
     'type' => MENU_NORMAL_ITEM,
   );
+
+  $items['path_access.result'] = array(
+    'title' => 'Path Access Gateway',
+    'page callback' => 'path_access_result',
+    'page_arguments' => array(),
+    'access arguments' => array('access content'),
+    'type' => MENU_CALLBACK,
+  );
+
   return $items;
 }
 
@@ -180,4 +214,16 @@ function path_access_protected_pages($pa
   return in_array($page, $pages);
 }
 
+/*
+ * Menu callback; returns the current permissions on the menus.
+ */
+function path_access_result() {
+  $paths = explode('|', $_GET['path']);
+  foreach ($paths as $k => $path) {
+    $denied[$path]['denied'] = _path_access_denied($path);
+  }
+
+  print drupal_to_js($denied);
+}
+
 // vim: set ft=php syntax=php expandtab ts=2 sw=2 autoindent smartindent: