? securepages-750104-3.patch
Index: securepages.admin.inc
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/securepages/Attic/securepages.admin.inc,v
retrieving revision 1.1.2.2
diff -u -p -r1.1.2.2 securepages.admin.inc
--- securepages.admin.inc 11 May 2010 00:55:39 -0000 1.1.2.2
+++ securepages.admin.inc 19 Nov 2010 03:20:01 -0000
@@ -61,6 +61,13 @@
'#rows' => 5,
'#description' => t("The pages listed here will be ignored and be either returned in http or https. Enter one page per line as Drupal paths. The '*' character is a wildcard. Example paths are 'blog' for the blog page and 'blog/*' for every personal blog. '<front>' is the front page."),
);
+ $form['securepages_roles'] = array(
+ '#type' => 'checkboxes',
+ '#title' => 'User roles',
+ '#description' => t('Check all roles that should be forced to always use the site via https even if there is no page match.'),
+ '#options' => user_roles(TRUE),
+ '#default_value' => variable_get('securepages_roles', array()),
+ );
return system_settings_form($form);
}
Index: securepages.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/securepages/securepages.module,v
retrieving revision 1.15.2.26
diff -u -p -r1.15.2.26 securepages.module
--- securepages.module 10 Nov 2010 01:58:11 -0000 1.15.2.26
+++ securepages.module 19 Nov 2010 03:20:01 -0000
@@ -142,9 +142,10 @@ function securepages_link_alter(&$links,
* insecure version of the page.
*/
function securepages_redirect() {
- global $base_url;
+ global $base_url, $user;
$path = isset($_GET['q']) ? $_GET['q'] : '';
$page_match = securepages_match($path);
+ $role_match = securepages_roles($user);
if ($_POST) {
// If something has been posted to here then ignore the rules.
@@ -152,6 +153,9 @@ function securepages_redirect() {
elseif ($page_match && !securepages_is_secure()) {
securepages_goto(TRUE);
}
+ elseif ($role_match && !securepages_is_secure()) {
+ securepages_goto(TRUE);
+ }
elseif ($page_match === 0 && securepages_is_secure() && variable_get('securepages_switch', FALSE)) {
securepages_goto(FALSE);
}
@@ -237,6 +241,25 @@ function securepages_match($path) {
}
/**
+ * Check if the user is in a role that is always forced onto https.
+ *
+ * @param $account
+ * A valid user object.
+ *
+ * @return
+ * The number of roles set on the user that require https enforcing.
+ */
+function securepages_roles($account) {
+ // All rids are in the settings, so first we need to filter out the ones
+ // that aren't enabled. Otherwise this would match positive against all
+ // roles a user has set.
+ //
+ $roles = array_filter(variable_get('securepages_roles', array()));
+ $matches = array_intersect_key($account->roles, $roles);
+ return count($matches);
+}
+
+/**
* Secure Pages SSL Test
*/
function securepages_test() {