--- node.module.org 2005-09-08 19:47:33.552664000 +0200 +++ node.module 2005-09-08 19:49:25.693915200 +0200 @@ -544,7 +544,7 @@ if (function_exists('comment_render') * Implementation of hook_perm(). */ function node_perm() { - return array('administer nodes', 'access content'); + return array('administer nodes', 'access content', 'moderate nodes', 'promote nodes', 'make nodes sticky', 'change revision setting', 'delete nodes'); } /** @@ -730,14 +730,26 @@ function node_admin_nodes() { /* ** Operations */ - $operations = array( - 'approve' => array(t('Approve the selected posts'), 'UPDATE {node} SET status = 1, moderate = 0 WHERE nid = %d'), - 'promote' => array(t('Promote the selected posts'), 'UPDATE {node} SET status = 1, promote = 1 WHERE nid = %d'), - 'sticky' => array(t('Make the selected posts sticky'), 'UPDATE {node} SET status = 1, sticky = 1 WHERE nid = %d'), - 'demote' => array(t('Demote the selected posts'), 'UPDATE {node} SET promote = 0 WHERE nid = %d'), - 'unpublish' => array(t('Unpublish the selected posts'), 'UPDATE {node} SET status = 0 WHERE nid = %d'), - 'delete' => array(t('Delete the selected posts'), '') - ); + $operations = array(); + + if (user_access('moderate nodes')) { + $operations['approve'] = array(t('Approve the selected posts'), 'UPDATE {node} SET status = 1, moderate = 0 WHERE nid = %d'); + $operations['unpublish'] = array(t('Unpublish the selected posts'), 'UPDATE {node} SET status = 0 WHERE nid = %d'); + } + + if (user_access('promote nodes')) { + $operations['promote'] = array(t('Promote the selected posts'), 'UPDATE {node} SET status = 1, promote = 1 WHERE nid = %d'); + $operations['demote'] = array(t('Demote the selected posts'), 'UPDATE {node} SET promote = 0 WHERE nid = %d'); + } + + if (user_access('make nodes sticky')) { + $operations['sticky'] = array(t('Make the selected posts sticky'), 'UPDATE {node} SET status = 1, sticky = 1 WHERE nid = %d'); + } + + if (user_access('delete nodes')) { + $operations['delete'] = array(t('Delete the selected posts'), ''); + } + // Handle operations $op = $_POST['op']; @@ -749,9 +761,12 @@ function node_admin_nodes() { form_set_error('', t('Please select some items to perform the update on.')); } else { - if ($operations[$edit['operation']][1]) { + if ($operations[$edit['operation']][1] || + ((($edit['operation'] == 'approve' || $edit['operation'] == 'unpublish') && user_access('moderate nodes')) || + (($edit['operation'] == 'promote' || $edit['operation'] == 'demote') && user_access('promote nodes')) || + ($edit['operation'] == 'sticky' && user_access('make nodes sticky')))) { // Flag changes - $operation = $operations[$edit['operation']][1]; + $operation = $operations[$edit['operation']][1]; foreach ($edit['nodes'] as $nid => $value) { if ($value) { db_query($operation, $nid); @@ -759,7 +774,7 @@ function node_admin_nodes() { } drupal_set_message(t('The update has been performed.')); } - else if ($edit['operation'] == 'delete') { + else if ($edit['operation'] == 'delete' && user_access('delete nodes')) { // Mass delete if ($edit['confirm']) { foreach ($edit['nodes'] as $nid => $value) { @@ -904,23 +919,25 @@ function node_admin_nodes() { // Make sure the update controls are disabled if we don't have any rows to select from. $disabled = !db_num_rows($result); - $options = array(); - foreach ($operations as $key => $value) { - $options[$key] = $value[0]; - } + if (count($operations) > 0) { + $options = array(); + foreach ($operations as $key => $value) { + $options[$key] = $value[0]; + } - $form = form_select(NULL, 'operation', 'approve', $options, NULL, ($disabled ? 'disabled="disabled"' : '')); - $form .= form_submit(t('Update'), 'op', ($disabled ? array('disabled' => 'disabled') : array())); + $form = form_select(NULL, 'operation', 'approve', $options, NULL, ($disabled ? 'disabled="disabled"' : '')); + $form .= form_submit(t('Update'), 'op', ($disabled ? array('disabled' => 'disabled') : array())); - $output .= form_group(t('Update options'), "