Index: masquerade.info =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/masquerade/masquerade.info,v retrieving revision 1.1 diff -u -r1.1 masquerade.info --- masquerade.info 20 Nov 2006 09:13:33 -0000 1.1 +++ masquerade.info 16 Feb 2008 01:04:03 -0000 @@ -1,3 +1,4 @@ -; $Id: masquerade.info,v 1.1 2006/11/20 09:13:33 Gurpartap Exp $ +; $Id: masquerade.info,v 1.1.2.2 2007/06/18 23:06:50 dww Exp $ name = Masquerade -description = This module allows administrators to masquerade as other users. \ No newline at end of file +description = "This module allows permitted users to masquerade as other users." +core = 6.x \ No newline at end of file Index: masquerade.install =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/masquerade/masquerade.install,v retrieving revision 1.3 diff -u -r1.3 masquerade.install --- masquerade.install 20 Nov 2006 09:13:33 -0000 1.3 +++ masquerade.install 16 Feb 2008 01:04:03 -0000 @@ -1,41 +1,64 @@ array( + 'fields' => array( + 'sid' => array( + 'type' => 'varchar', + 'length' => '32', + 'not null' => true, + 'default' => ''), + 'uid_from' => array( + 'type' => 'int', + 'not null' => true, + 'default' => 0, + 'disp-width' => '10'), + 'uid_as' => array( + 'type' => 'int', + 'not null' => true, + 'default' => 0, + 'disp-width' => '10') + ), + 'indexes' => array( + 'sid' => array('sid', 'uid_from'), + 'sid_2' => array('sid', 'uid_as') + ) + ) + ); +} + +/** + * Implementation of hook_install(). */ function masquerade_install() { - switch ($GLOBALS['db_type']) { - case 'mysql': - case 'mysqli': - db_query("create table {masquerade} ( - sid varchar(32) NOT NULL default '', - uid_from int(10) NOT NULL default 0, - uid_as int(10) NOT NULL default 0, - key (sid, uid_from), - key (sid, uid_as) - ) /*!40100 DEFAULT CHARACTER SET utf8 */;"); - drupal_set_message(t('The required tables were created.')); - break; - case 'pgsql': - db_query("CREATE TABLE {masquerade} ( - sid varchar(32) NOT NULL default '', - uid_from numeric(10) NOT NULL default 0, - uid_as numeric(10) NOT NULL default 0 - );"); - db_query("CREATE INDEX idx_masquerade_sid_uid_from ON {masquerade} (sid, uid_from);"); - db_query("CREATE INDEX idx_masquerade_sid_uid_as ON {masquerade} (sid, uid_as);"); - drupal_set_message(t('The required tables were created.')); - break; - } + drupal_install_schema('masquerade'); } +/** + * Implementation of hook_uninstall(). + */ +function masquerade_uninstall() { + drupal_uninstall_schema('masquerade'); + variable_del('masquerade_test_user'); + variable_del('masquerade_admin_roles'); +} + +/** + * Implementation of hook_update_N(). + */ function masquerade_update_1() { return _system_update_utf8(array('masquerade')); } Index: masquerade.module =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/masquerade/masquerade.module,v retrieving revision 1.15 diff -u -r1.15 masquerade.module --- masquerade.module 20 Nov 2006 09:13:33 -0000 1.15 +++ masquerade.module 16 Feb 2008 01:04:03 -0000 @@ -1,5 +1,5 @@ The masquerade module adds a link on a user's profile page that allows administrators to masquerade as that user. Upon masquerading, the open to 'switch back' to the original user will appear in the menus. While masquerading, the option to masquerade as another user will not appear. All masquerading transactions are logged, and $user->masquerading will be set; this could be displayed via theme.

In the masquerade settings a list of roles are presented; any checked role is considered an 'administrator' and requires the second level 'masquerade as admin' permission to masquerade as. User #1 is automatically considered an administrator, regardless of roles.

"); + return t('

The masquerade module adds a link on a user\'s profile page that allows permitted users to masquerade as that user. Upon masquerading, the link to "switch back" to the original user will appear in the menu. While masquerading, the option to masquerade as another user will not appear. All masquerading transactions are logged, and $user->masquerading will be set; this could be displayed via theme.

In the masquerade settings a list of roles are presented; any checked role is considered an "administrator" and requires the second level "masquerade as admin" permission to masquerade as. User #1 is automatically considered an administrator, regardless of roles.

'); + case 'admin/settings/masquerade': + return t('Only the users with masquerade as admin permission, will be able to masquerade as the users who belong to the roles selected below. User #1 is automatically considered an administrator, regardless of roles.'); } } /** - * Implementation of hook_menu() + * Implementation of hook_perm(). + * + * @return array */ -function masquerade_menu($may_cache) { - $items = array(); - $default_test_user = user_load(array('name' => variable_get('masquerade_test_user', ''))); - if ($may_cache) { - $items[] = array('path' => 'masquerade/switch', - 'title' => t('Switch user'), - 'callback' => 'masquerade_switch_user', - 'access' => !$GLOBALS['masquerading'] && (user_access('masquerade as user') || user_access('masquerade as admin')), - 'type' => MENU_CALLBACK); - - $items[] = array('path' => 'masquerade/quickswitch', - 'title' => t('Switch to test user'), - 'callback' => 'masquerade_switch_user', - 'callback arguments' => array($default_test_user->uid), - 'access' => !$GLOBALS['masquerading'] && (user_access('masquerade as user') || user_access('masquerade as admin')), - 'type' => MENU_NORMAL_ITEM); - - $items[] = array('path' => 'masquerade/unswitch', - 'title' => t('Switch back'), - 'callback' => 'masquerade_switch_back', - 'access' => $GLOBALS['masquerading'], - 'type' => MENU_NORMAL_ITEM); - - $items[] = array('path' => 'masquerade/autocomplete', - 'title' => t('Masquerade autocomplete'), - 'callback' => 'masquerade_autocomplete', - 'access' => $GLOBALS['masquerading'] || (user_access('masquerade as user') || user_access('masquerade as admin')), - 'type' => MENU_CALLBACK); - - $items[] = array('path' => 'admin/settings/masquerade', - 'title' => t('Masquerade'), - 'description' => t('Masquerade module allows administrators to masquerade as other users.'), - 'callback' => 'drupal_get_form', - 'callback arguments' => 'masquerade_settings', - 'type' => MENU_NORMAL_ITEM,); - } - - return $items; +function masquerade_perm() { + return array('masquerade as user', 'masquerade as admin'); } /** - * Implementation of hook_init() + * Implementation of hook_init(). */ function masquerade_init() { global $user; @@ -72,23 +40,125 @@ if ($uid) { $GLOBALS['masquerading'] = $uid; } - else{ + else { $GLOBALS['masquerading'] = null; - } + } } /** - * Implementation of hook_user() + * Implementation of hook_menu(). + */ +function masquerade_menu() { + $items = array(); + + $items['masquerade/switch/%'] = array( + 'title' => 'Masquerading', + 'page callback' => 'masquerade_switch_user', + 'page arguments' => array(2), + 'access callback' => 'masquerade_access', + 'access arguments' => array('switch'), + 'type' => MENU_NORMAL_ITEM, + ); + $items['masquerade/unswitch'] = array( + 'title' => 'Switch back', + 'page callback' => 'masquerade_switch_back', + 'access callback' => 'masquerade_access', + 'access arguments' => array('unswitch'), + 'type' => MENU_NORMAL_ITEM, + ); + $items['masquerade/autocomplete'] = array( + 'title' => 'Masquerade autocomplete', + 'page callback' => 'masquerade_autocomplete', + 'access callback' => 'masquerade_access', + 'access arguments' => array('autocomplete'), + 'type' => MENU_CALLBACK, + ); + $items['admin/settings/masquerade'] = array( + 'title' => 'Masquerade', + 'description' => 'Masquerade module allows administrators to masquerade as other users.', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('masquerade_admin_settings'), + 'access callback' => 'user_access', + 'access arguments' => array('administer permissions'), + 'type' => MENU_NORMAL_ITEM, + ); + + return $items; +} + +function masquerade_access($type) { + switch ($type) { + case 'unswitch': + return $GLOBALS['masquerading']; + case 'autocomplete': + return $GLOBALS['masquerading'] || (user_access('masquerade as user') || user_access('masquerade as admin')); + break; + case 'switch': + return empty($GLOBALS['masquerading']) && (user_access('masquerade as user') || user_access('masquerade as admin')); + break; + } +} + +/** + * Implementation of hook_settings(). + */ +function masquerade_admin_settings() { + // create a list of roles; all selected roles are considered administrative. + $rids = array(); + $result = db_query("SELECT r.rid, r.name FROM {role} r ORDER BY r.name"); + while ($obj = db_fetch_object($result)) { + $rids[$obj->rid] = $obj->name; + } + + $form['masquerade_admin_roles'] = array( + '#type' => 'checkboxes', + '#title' => t('Roles that are considered "administrator" for masquerading'), + '#options' => $rids, + '#default_value' => variable_get('masquerade_admin_roles', array()), + ); + + $test_name = _masquerade_test_user(); + $form['masquerade_test_user'] = array( + '#type' => 'textfield', + '#title' => t('Default test user'), + '#autocomplete_path' => 'masquerade/autocomplete', + '#default_value' => check_plain($test_name->name), + '#description' => t('Enter the username of an account you wish to switch easily between. The name must be an exisiting user.'), + ); + $form['#validate'][] = 'masquerade_admin_settings_validate'; + + return system_settings_form($form); +} + +function masquerade_admin_settings_validate($form, &$form_state) { + unset($form); + $test_user = user_load(array('name' => $form_state['values']['masquerade_test_user'])); + if (!$test_user) { + form_set_error('masquerade_test_user', t('No such user exists. Please enter a valid username.')); + } +} + +function _masquerade_test_user() { + $test_user->uid = 0; + $test_user->name = ''; + + $test_user = user_load(array('name' => variable_get('masquerade_test_user', $test_user->name))); + + return $test_user; +} + +/** + * Implementation of hook_user(). */ function masquerade_user($op, &$edit, &$edit_user, $category = NULL) { switch ($op) { - + case 'logout': if ($edit_user->masquerading) { global $user; - cache_clear_all(); + cache_clear_all($user->uid, 'cache_menu', true); $real_user = user_load(array('uid' => $user->masquerading)); - watchdog('masquerade', "User '$real_user->name' no longer masquerading as '$user->name'"); + watchdog('masquerade', "User %user no longer masquerading as %masq_as.", array('%user' => $real_user->name, '%masq_as' => $user->name), WATCHDOG_INFO); db_query("DELETE FROM {masquerade} WHERE sid = '%s' AND uid_as = %d", session_id(), $edit_user->uid); } break; @@ -96,32 +166,23 @@ case 'view': // check if user qualifies as admin $roles = array_keys(array_filter(variable_get('masquerade_admin_roles', array()))); - $perm = $edit_user->uid == 1 || array_intersect(array_keys($edit_user->roles), $roles) ? + $perm = $edit_user->uid == 1 || array_intersect(array_keys($edit_user->roles), $roles) ? 'masquerade as admin' : 'masquerade as user'; global $user; - if (user_access($perm) && !$edit_user->masquerading && $user->uid != $edit_user->uid) { - $items[] = array( - 'title' => t("Masquerade"), - 'value' => l(t('Masquerade as !s', array('!s' => $edit_user->name)), "masquerade/switch/$edit_user->uid", array('destination' => $_GET['q'])), - 'class' => 'masquerade', + if (user_access($perm) && empty($edit_user->masquerading) && $user->uid != $edit_user->uid) { + $edit_user->content['Masquerade'] = array( + '#value' => l(t('Masquerade as !user', array('!user' => $edit_user->name)), 'masquerade/switch/'. $edit_user->uid, array('destination' => $_GET['q'])), + '#weight' => 10 ); - return array(t('History') => $items); } break; } } /** - * Implementation of hook_perm() - */ -function masquerade_perm() { - return array('masquerade as user', 'masquerade as admin'); -} - -/** - * Implementation of hook_block() + * Implementation of hook_block(). */ function masquerade_block($op = 'list', $delta = 0, $edit = array()) { switch ($op) { @@ -129,88 +190,70 @@ $blocks[0]['info'] = t('Masquerade'); return $blocks; case 'view': - if ($GLOBALS['masquerading'] || (user_access('masquerade as user') || user_access('masquerade as admin'))) { - switch($delta) { - case 0: - $block['subject'] = t('Masquerade'); - $block['content'] = _masquerade_block_1(); - break; + if (masquerade_access('autocomplete')) { + switch ($delta) { + case 0: + $block['subject'] = t('Masquerade'); + $block['content'] = drupal_get_form('_masquerade_block_1'); + break; + } + return $block; } - return $block; - } + break; } } /** - * masquerade block form + * Masquerade block form. */ -function _masquerade_block_1() { - - $output = drupal_get_form('_masquerade_block_1_form', $form); - - if ($masq_as != '%anonymous') { - $links[] = $GLOBALS['masquerading'] ? l('switch back', 'masquerade/unswitch', array()) : l('quick switch', 'masquerade/quickswitch', array()); - } - else if ($masq_as == '%anonymous' && $GLOBALS['masquerading']) { - $links[] = l('login back', 'user/login', array()); - } - if ($links) { - $output .= theme('item_list', $links); - } - return $output; -} - -function _masquerade_block_1_form($record) { - $attributes = $GLOBALS['masquerading'] ? array('disabled' => 'disabled') : array(); - +function _masquerade_block_1($record) { if ($GLOBALS['masquerading']) { global $user; - $masq_as = $user->name ? '%masq_user' : '%anonymous'; - $markup_value = t('You are masquerading as:
' . $masq_as . '.', array('%masq_user' => $user->name, '%anonymous' => theme('placeholder', variable_get('anonymous', 'Anonymous')))); + $quick_switch_link[] = l(t('Switch back'), 'masquerade/unswitch', array()); + $markup_value = t('You are masquerading as:
%masq_as', array('%masq_as' => $user->name)) . theme('item_list', $quick_switch_link); } else { - $markup_value = t('Enter username to masquerade.
Leave blank for %anonymous.', array('%anonymous' => variable_get('anonymous', 'Anonymous'))); - } + $default_test_user = _masquerade_test_user(); + $quick_switch_link[] = $default_test_user->uid ? l(t('Quick switch to @user', array('@user' => $default_test_user->name)), 'masquerade/switch/'. $default_test_user->uid, array()) : ''; + $markup_value = t('Enter username to masquerade.') . theme('item_list', $quick_switch_link); + $form['masquerade_user_field'] = array( '#prefix' => '
', '#type' => 'textfield', - '#size' => '20', - '#default_value' => $GLOBALS['masquerading'] ? 'switch back to use' : '', - '#attributes' => $attributes, - '#autocomplete_path' => 'masquerade/autocomplete', + '#size' => '20', + '#default_value' => $GLOBALS['masquerading'] ? 'Switch back to use' : $default_test_user->name, + '#autocomplete_path' => 'masquerade/autocomplete', ); - $form['submit'] = array( - '#type' => 'submit', - '#value' => t('Go'), - '#attributes' => $attributes, + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Go'), '#suffix' => '
', - ); - $form['masquerade_desc'] = array( - '#prefix' => '
', - '#type' => 'markup', - '#value' => $markup_value, - '#suffix' => '
', - ); + ); + } + $form['masquerade_desc'] = array( + '#prefix' => '
', + '#type' => 'markup', + '#value' => $markup_value, + '#suffix' => '
', + ); return $form; } /** - * masquerade block form submit - */ -function _masquerade_block_1_form_submit($form_id, $form_values) { - $masq_user = user_load(array('name' => $form_values['masquerade_user_field'])); - masquerade_switch_user($masq_user->uid); - drupal_goto(); -} - -/** - * masquerade block form validation + * Masquerade block form validation. Implementation of hook_validate(). */ -function _masquerade_block_1_validate($form_id, $form_value) { +function _masquerade_block_1_validate($form, &$form_state) { + unset($form); + if ($form_state['values']['masquerade_user_field'] == '') { + form_set_error('masquerade_user_field', t('You cannot masquerade as %anonymous!', array('%anonymous' => variable_get('anonymous', 'Anonymous')))); + } + if ($GLOBALS['masquerading']) { + form_set_error('masquerade_user_field', t('You are already masquerading!')); + } global $user; - $masq_user = user_load(array('name' => $form_value['masquerade_user_field'])); + $masq_user = user_load(array('name' => $form_state['values']['masquerade_user_field'])); if (!$masq_user) { - form_set_error('masquerade_user_field', t('User: %masquser does not exist. You must enter username of an existing account. Leave blank for %anonymous.', array('%anonymous' => theme('placeholder', variable_get('anonymous', 'Anonymous')), '%masquser' => $form_value['masquerade_user_field']))); + form_set_error('masquerade_user_field', t('User %masq_as does not exist. Please enter a valid username.', array('%masq_as' => $form_state['values']['masquerade_user_field']))); } if ($masq_user->uid == $user->uid) { form_set_error('masquerade_user_field', t('You cannot masquerade on yourself!')); @@ -218,51 +261,25 @@ } /** - * Implementation of hook_settings() + * Masquerade block form submission. Implementation of hook_submit(). */ -function masquerade_settings() { -// create a list of roles; all selected roles are considered administrative. - $rids = array(); - $result = db_query("SELECT r.rid, r.name FROM {role} r ORDER BY r.name"); - while ($obj = db_fetch_object($result)) { - $rids[$obj->rid] = $obj->name; - } - - $test_user_id = variable_get('masquerade_test_user', ''); - if (!test_user_id) { - $test_user = user_load(array('uid' => 1)); - } - else { - $test_user = user_load(array('name' => $test_user_id)); - } - - $form['masquerade_admin_roles'] = array( - '#type' => 'checkboxes', - '#title' => t("Roles that are considered 'admins' for masquerading"), - '#default_value' => variable_get('masquerade_admin_roles', array()), - '#options' => $rids, - ); - - $form['masquerade_test_user'] = array( - '#type' => 'textfield', - '#title' => t('Default test user'), - '#default_value' => check_plain($test_user->name), - '#autocomplete_path' => 'masquerade/autocomplete', - '#description' => t('Enter the username of an account you wish to switch easily between. The name must be an exisiting user. Leave blank for %anonymous.', array('%anonymous' => theme('placeholder', variable_get('anonymous', 'Anonymous')))) - ); - - $form['#validate'] = array( - 'masquerade_settings_validate' => array() - ); - - return system_settings_form($form); +function _masquerade_block_1_submit($form, &$form_state) { + unset($form); + $masq_user = user_load(array('name' => $form_state['values']['masquerade_user_field'])); + masquerade_switch_user($masq_user->uid); } -function masquerade_settings_validate($form_id, $form_value) { - $test_user = user_load(array('name' => $form_value['masquerade_test_user'])); - if (!$test_user) { - form_set_error('masquerade_test_user', t('The name of the default test user is not an existing user.')); +/** + * Returns JS array for Masquerade autocomplete fields. + */ +function masquerade_autocomplete($string) { + $matches = array(); + $result = db_query_range("SELECT u.name FROM {users} u WHERE LOWER(u.name) LIKE LOWER('%s%%')", $string, 0, 10); + while ($user = db_fetch_object($result)) { + $matches[$user->name] = check_plain($user->name); } + print drupal_to_js($matches); + exit(); } /** @@ -270,13 +287,19 @@ * the selected user. */ function masquerade_switch_user($uid) { + if (!is_numeric($uid)) { + drupal_set_message(t('A user id was not correctly passed to the switching function.')); + watchdog('masquerade', 'The user id provided to switch users was not numeric.', NULL, WATCHDOG_ERROR); + return drupal_goto(referer_uri()); + } + $new_user = user_load(array('uid' => $uid)); if (!$new_user) { return drupal_not_found(); } $roles = array_keys(array_filter(variable_get('masquerade_admin_roles', array()))); - $perm = $uid == 1 || array_intersect(array_keys($new_user->roles), $roles) ? + $perm = $uid == 1 || array_intersect(array_keys($new_user->roles), $roles) ? 'masquerade as admin' : 'masquerade as user'; // check to see if we need admin permission @@ -287,17 +310,16 @@ global $user; // write record - if ($user->uid == $uid || $user->masquerading) { + if ($user->uid == $uid || isset($user->masquerading)) { return drupal_access_denied(); } db_query("INSERT INTO {masquerade} (uid_from, uid_as, sid) VALUES (%d, %d, '%s')", - $user->uid, $new_user->uid, session_id()); + $user->uid, $new_user->uid, session_id()); // switch user - $masqas = $new_user->name ? $new_user->name : variable_get('anonymous', 'Anonymous'); - watchdog('masquerade', "User '$user->name' now masquerading as '$masqas'."); - drupal_set_message('Browsing site as user: ' . $masqas . '.'); + watchdog('masquerade', 'User %user now masquerading as %masq_as.', array('%user' => $user->name, '%masq_as' => $new_user->name), WATCHDOG_INFO); + drupal_set_message(t('Now masquerading as %masq_as.', array('%masq_as' => $new_user->name))); $user->masquerading = $new_user->uid; $user = $new_user; drupal_goto(referer_uri()); @@ -310,24 +332,13 @@ function masquerade_switch_back() { // switch user global $user; - cache_clear_all(); - $uid = db_result(db_query("SELECT uid_from FROM {masquerade} WHERE sid = '%s' AND uid_as = %d ", session_id(), $user->uid)); + cache_clear_all($user->uid, 'cache_menu', true); + $uid = db_result(db_query("SELECT m.uid_from FROM {masquerade} m WHERE m.sid = '%s' AND m.uid_as = %d ", session_id(), $user->uid)); // erase record db_query("DELETE FROM {masquerade} WHERE sid = '%s' AND uid_as = %d ", session_id(), $user->uid); - $oldname = $user->name ? $user->name : variable_get('anonymous', 'Anonymous'); + $oldname = !empty($user->name) ? $user->name : variable_get('anonymous', 'Anonymous'); $user = user_load(array('uid' => $uid)); - watchdog('masquerade', "User '$user->name' no longer masquerading as '$oldname'."); - drupal_set_message('Browsing site as user ' . $user->name . '.'); + watchdog('masquerade', 'User %user no longer masquerading as %masq_as.', array('%user' => $user->name, '%masq_as' => $oldname), WATCHDOG_INFO); + drupal_set_message(t('No longer masquerading as %masq_as.', array('%masq_as' => $oldname))); drupal_goto(referer_uri()); } - -function masquerade_autocomplete($string) { - $matches = array(); - $result = db_query_range("SELECT name FROM {users} WHERE LOWER(name) LIKE LOWER('%s%%')", $string, 0, 10); - while ($user = db_fetch_object($result)) { - $matches[$user->name] = check_plain($user->name); - } - print drupal_to_js($matches); - exit(); -} -