--- user.module.orig 2006-10-06 00:23:12.001529160 -0700 +++ user.module 2006-10-06 00:23:10.812669489 -0700 @@ -346,7 +346,12 @@ // To reduce the number of SQL queries, we cache the user's permissions // in a static variable. if (!isset($perm[$account->uid])) { - $result = db_query("SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN (%s)", implode(',', array_keys($account->roles))); +// +// Modified this to call user_all_roles(); +// +// $result = db_query("SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN (%s)", implode(',', array_keys($account->roles))); + $result = db_query("SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN (%s)", implode(',', user_all_roles($account))); +// $perm[$account->uid] = ''; while ($row = db_fetch_object($result)) { @@ -360,6 +365,158 @@ return FALSE; } + +// +// This function takes the global $user (or $account) value and returns a list +// of group and non-group roles for this user +// +function user_all_roles($user) { + + // This will be the process to get BOTH the group and non-group roles for a user + + $uid = $user->uid; + $gid = 0; + $nodeID = 0; + + $uri_request_id = $_SERVER['REQUEST_URI']; + $arg = explode("/", $uri_request_id); + + $ogroles = array(); + $x1 = 0; + // + // This will by default add the anonymous user + // + $ogroles[0] = 0; + $x1 = 1; + // + // We get the groupID + // + $group_node = og_get_group_context(); + $gid02 = $group_node->nid; + $gid = $gid02; + if ($gid02 === null) $gid = 0; + + // + // If the above doesn't get the groupID, then we start trying stuff + // + if ($gid == 0) { + + // http://doadance.scbbs.com/drupal03/node/79 + + if (arg(0) == 'node' && is_numeric(arg(1)) && is_null(arg(2))) { + $nodeID = (int)arg(1); + $gid = getgid($nodeID, $uid); + } + + // http://doadance.scbbs.com/drupal03/node/79/edit + // http://doadance.scbbs.com/drupal03/node/79/outline + // http://doadance.scbbs.com/drupal03/node/79/track + + if (arg(0) == 'node' && is_numeric(arg(1)) && (arg(2) == 'edit' || arg(2) == 'outline' || arg(2) == 'track' ) ) { + $nodeID = (int)arg(1); + $gid = getgid($nodeID, $uid); + } + + // Here we get the gid directly + // + // http://doadance.scbbs.com/drupal03/og/users/72 + // http://doadance.scbbs.com/drupal03/og/manage/72 + + if (arg(0) == 'og' && is_numeric(arg(2)) && is_null(arg(3))) { + $gid = (int)arg(2); + } + + // og_calendar + // + // http://doadance.scbbs.com/drupal03/og_calendar/72 + + if (arg(0) == 'og_calendar' && is_numeric(arg(1)) && is_null(arg(2))) { + $gid = (int)arg(1); + } + + // og_forum + // 0 1 2 3 + // http://sbn.scbbs.com/og_forum/39/72?edit[og_groups][]=72 + + + if ($arg[1] == 'og_forum' && strpos($arg[3], 'og_groups') !== false && (!is_null($arg[3])) ) { + $subsections = explode("=", $arg[3]); + $gid = (int)$subsections[1]; + } + + // og create nodes + // 0 1 2 3 + // http://sbn.scbbs.com/node/add/forum?edit[og_groups][]=72 + // http://sbn.scbbs.com/node/add/simplenews?edit[og_groups][]=72 + // http://sbn.scbbs.com/node/add/webform?edit[og_groups][]=72 + // http://sbn.scbbs.com/node/add/video?edit[og_groups][]=72 + // http://sbn.scbbs.com/node/add/page?edit[og_groups][]=72 + // http://sbn.scbbs.com/node/add/blog?edit[og_groups][]=72 + // http://sbn.scbbs.com/node/add/event?edit[og_groups][]=72 + // http://sbn.scbbs.com/node/add/poll?edit[og_groups][]=72 + + if ($arg[1] == 'node' && strpos($arg[3], 'og_groups') !== false && (!is_null($arg[3])) ) { + $subsections = explode("=", $arg[3]); + $gid = (int)$subsections[1]; + } + + } // end $gid if + // + // Now, using $uid and $gid we find out what roles this user has in this group; + // + // For debugging to see what the uid and gid are. + // +// $results = db_query('uid = ' . $uid . ' gid = ' . $gid . ' SELECT role.name FROM role INNER JOIN og_users_roles ON role.rid = og_users_roles.rid WHERE og_users_roles.uid = ' . $uid . ' AND og_users_roles.gid = ' . $gid ); + // + // This will test to see what comes back if I manually put in the correct gid + // Use this with "PTA" group user access at: http://doadance.scbbs.com/drupal03/node/79 + // +// $results = db_query('SELECT role.rid FROM role INNER JOIN og_users_roles ON role.rid = og_users_roles.rid WHERE og_users_roles.uid = ' . $uid . ' AND og_users_roles.gid = 72'); + // + // And, this is the query I want to use + // + $results = db_query('SELECT role.rid FROM role INNER JOIN og_users_roles ON role.rid = og_users_roles.rid WHERE og_users_roles.uid = ' . $uid . ' AND og_users_roles.gid = ' . $gid ); + + while ( $row = db_fetch_array($results) ) { + $ogroles[$x1] = $row["rid"]; + $x1++; + } + + // + // First, we need to create an array of the $user->role keys + // + // $temp = implode(", ", array_keys($user02->roles)); + + $temp = implode(", ", array_keys($user->roles)); + $c = array(); + $c = explode(", ", $temp); + // + // Next, we add the $user->roles array to the $ogroles array + // + $d = array(); + $d = array_merge($c, $ogroles); + +// +// If I don't do this, then I won't get the merged results; +// + return $d; + +} // end user_all_roles() + +function getgid($nodeID, $uid) { + + // This will return a $gid based upon the $nodeID and $uid supplied + + $gid = 0; + + $result = db_query("select node_access.gid from node_access INNER JOIN og_uid ON node_access.gid = og_uid.nid WHERE node_access.nid = $nodeID AND og_uid.uid = $uid"); + while($t = db_fetch_object($result)) { + $gid = $t->gid; + } + + return $gid; + +} // end getgid() /** * Checks for usernames blocked by user administration