? cache_negotiation-339958-D6.patch
? cache_negotiation-339958-D6.patch.1
? cache_negotiation.patch
? cache_node_load.patch
? cache_node_load_21.patch
? cache_node_load_23.patch
? chameleon.patch
? check_markup_0.patch
? drupal7-sun.simplify-caching-34.patch
? input_format_widget_03.patch
? logging_errors_cleanup_00.patch
? logging_errors_cleanup_01.patch
? parentmenuselect_02.patch
? remove_page.patch
? translatable_fields-367595-63.patch
? translatable_fields-367595-65.patch
? translatable_fields-367595-69.patch
? ub-testing-vertical-tabs-text-format-widget.patch
? user_load_multiple.patch
? user_load_multiple_15.patch
? user_load_multiple_61.patch
? user_roles_cleanup.patch
? user_roles_cleanup_0_0.patch
? vertical_tabs-323112-50.patch
? misc/vertical-tabs.css
? misc/vertical-tabs.js
? modules/book/book.js
? modules/comment/comment-node-form.js
? modules/menu/menu.js
? modules/node/node.js
? modules/path/path.js
? modules/upload/upload.js
? sites/default/files
? sites/default/settings.php
Index: modules/user/user.admin.inc
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.admin.inc,v
retrieving revision 1.40
diff -u -p -r1.40 user.admin.inc
--- modules/user/user.admin.inc 26 Feb 2009 07:30:28 -0000 1.40
+++ modules/user/user.admin.inc 11 Mar 2009 00:51:54 -0000
@@ -656,97 +656,125 @@ function theme_user_admin_perm($form) {
}
/**
- * Menu callback: administer roles.
+ * Add and edit form for roles.
*
* @ingroup forms
* @see user_admin_role_validate()
* @see user_admin_role_submit()
- * @see theme_user_admin_new_role()
*/
-function user_admin_role() {
- $rid = arg(4);
+function user_admin_role($form_id, $rid = NULL) {
if ($rid) {
- if ($rid == DRUPAL_ANONYMOUS_RID || $rid == DRUPAL_AUTHENTICATED_RID) {
- drupal_goto('admin/user/roles');
- }
- // Display the edit role form.
- $role = db_fetch_object(db_query('SELECT * FROM {role} WHERE rid = %d', $rid));
- $form['name'] = array(
- '#type' => 'textfield',
- '#title' => t('Role name'),
- '#default_value' => $role->name,
- '#size' => 30,
- '#required' => TRUE,
- '#maxlength' => 64,
- '#description' => t('The name for this role. Example: "moderator", "editorial board", "site architect".'),
- );
- $form['rid'] = array(
- '#type' => 'value',
- '#value' => $rid,
- );
- $form['submit'] = array(
- '#type' => 'submit',
- '#value' => t('Save role'),
- );
- $form['delete'] = array(
- '#type' => 'submit',
- '#value' => t('Delete role'),
- );
+ $role = db_query('SELECT rid, name, description FROM {role} WHERE rid = :rid', array(':rid' => $rid))->fetchObject();
}
- else {
- $form['name'] = array(
- '#type' => 'textfield',
- '#size' => 32,
- '#maxlength' => 64,
- );
- $form['submit'] = array(
- '#type' => 'submit',
- '#value' => t('Add role'),
- );
- $form['#submit'][] = 'user_admin_role_submit';
- $form['#validate'][] = 'user_admin_role_validate';
+ $form['name'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Role name'),
+ '#default_value' => isset($role->name) ? check_plain($role->name) : NULL,
+ '#size' => 30,
+ '#required' => TRUE,
+ '#maxlength' => 64,
+ '#description' => t('The name for this role. Example: "moderator", "editorial board", "site architect".'),
+ );
+ if($rid == DRUPAL_ANONYMOUS_RID || $rid == DRUPAL_AUTHENTICATED_RID) {
+ $form['name']['#disabled'] = true;
+ $form['name']['#value'] = t($role->name);
}
+
+ $form['description'] = array(
+ '#type' => 'textarea',
+ '#title' => t('Description'),
+ '#default_value' => isset($role->description) ? filter_xss_admin($role->description) : NULL,
+ '#description' => t('A description of the role to explain what it is for. Example: "Can perform content administration tasks, but cannot ban users."'),
+ );
+ $form['rid'] = array(
+ '#type' => 'value',
+ '#value' => $rid,
+ );
+ $form['submit'] = array(
+ '#type' => 'submit',
+ '#value' => t('Save role'),
+ );
+ $form['#submit'][] = 'user_admin_role_submit';
+ $form['#validate'][] = 'user_admin_role_validate';
return $form;
}
+/**
+ * Validation handler for the role administration form
+ *
+ * Prevents new and edited roles from being named over existing role names
+ *
+ * @ingroup forms
+ * @see user_admin_role()
+ * @see user_admin_role_submit()
+ */
function user_admin_role_validate($form, &$form_state) {
- if ($form_state['values']['name']) {
- if ($form_state['values']['op'] == t('Save role')) {
- if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = '%s' AND rid != %d", $form_state['values']['name'], $form_state['values']['rid']))) {
- form_set_error('name', t('The role name %name already exists. Please choose another role name.', array('%name' => $form_state['values']['name'])));
- }
- }
- elseif ($form_state['values']['op'] == t('Add role')) {
- if (db_result(db_query("SELECT COUNT(*) FROM {role} WHERE name = '%s'", $form_state['values']['name']))) {
- form_set_error('name', t('The role name %name already exists. Please choose another role name.', array('%name' => $form_state['values']['name'])));
- }
- }
- }
- else {
- form_set_error('name', t('You must specify a valid role name.'));
+ $role_exists = db_result(db_query("SELECT rid FROM {role} WHERE name = '%s' AND rid != %d", $form_state['values']['name'], $form_state['values']['rid']));
+ if ($role_exists) {
+ form_set_error('name', t('The role name %name already exists. Please choose another role name.', array('%name' => $form_state['values']['name'])));
}
}
-
+/**
+ * Submit handler for the role administration form
+ *
+ * Determines if new or existing role by 'rid' then saves or inserts accordingly
+ *
+ * @ingroup forms
+ * @see user_admin_role()
+ * @see user_admin_role_validate()
+ */
function user_admin_role_submit($form, &$form_state) {
- if ($form_state['values']['op'] == t('Save role')) {
- db_query("UPDATE {role} SET name = '%s' WHERE rid = %d", $form_state['values']['name'], $form_state['values']['rid']);
- drupal_set_message(t('The role has been renamed.'));
- }
- elseif ($form_state['values']['op'] == t('Delete role')) {
- db_query('DELETE FROM {role} WHERE rid = %d', $form_state['values']['rid']);
- db_query('DELETE FROM {role_permission} WHERE rid = %d', $form_state['values']['rid']);
- // Update the users who have this role set:
- db_query('DELETE FROM {users_roles} WHERE rid = %d', $form_state['values']['rid']);
-
- drupal_set_message(t('The role has been deleted.'));
+ if ($form_state['values']['rid']) {
+ db_query("UPDATE {role} SET name = '%s', description = '%s' WHERE rid = %d", $form_state['values']['name'], $form_state['values']['description'], $form_state['values']['rid']);
+ drupal_set_message(t('The role has been edited.'));
}
- elseif ($form_state['values']['op'] == t('Add role')) {
- db_query("INSERT INTO {role} (name) VALUES ('%s')", $form_state['values']['name']);
+ else {
+ db_query("INSERT INTO {role} (name, description) VALUES ('%s', '%s')", array($form_state['values']['name'], $form_state['values']['description']));
drupal_set_message(t('The role has been added.'));
}
$form_state['redirect'] = 'admin/user/roles';
return;
}
+/**
+ * Implementation of confirmation form for role deletion
+ *
+ * @ingroup forms
+ * @see user_admin_role_delete_submit()
+ */
+function user_admin_role_delete($form_id, $rid) {
+ if ($rid == DRUPAL_ANONYMOUS_RID || $rid == DRUPAL_AUTHENTICATED_RID) {
+ drupal_goto('admin/user/roles');
+ }
+ $form = array();
+ $role = db_query('SELECT * FROM {role} WHERE rid = :rid', array(':rid' => $rid))->fetchObject();
+ $form['rid'] = array(
+ '#type' => 'value',
+ '#value' => $rid,
+ );
+ $form = confirm_form($form,
+ t('Are you sure you want to delete the %title role?', array('%title' => $role->name)),
+ isset($_GET['destination']) ? $_GET['destination'] : 'admin/user/roles',
+ t('This action cannot be undone.'),
+ t('Delete role'),
+ t('Cancel')
+ );
+ return $form;
+}
+
+/**
+ * Submit handler for role deletion
+ *
+ * @ingroup forms
+ * @see user_admin_role_delete()
+ */
+function user_admin_role_delete_submit($form, &$form_state) {
+ db_query('DELETE FROM {role} WHERE rid = %d', $form_state['values']['rid']);
+ db_query('DELETE FROM {role_permission} WHERE rid = %d', $form_state['values']['rid']);
+ // Update the users who have this role set:
+ db_query('DELETE FROM {users_roles} WHERE rid = %d', $form_state['values']['rid']);
+ drupal_set_message(t('The role has been deleted.'));
+ $form_state['redirect'] = 'admin/user/roles';
+}
/**
* Theme user administration overview.
@@ -792,29 +820,34 @@ function theme_user_admin_account($form)
return $output;
}
-
/**
- * Theme the new-role form.
+ * Displays the role admin overview page.
*
- * @ingroup themeable
*/
-function theme_user_admin_new_role($form) {
- $header = array(t('Name'), array('data' => t('Operations'), 'colspan' => 2));
- foreach (user_roles() as $rid => $name) {
- $edit_permissions = l(t('edit permissions'), 'admin/user/permissions/' . $rid);
- if (!in_array($rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
- $rows[] = array($name, l(t('edit role'), 'admin/user/roles/edit/' . $rid), $edit_permissions);
+function user_admin_role_list() {
+ $header = array(t('Name'), array('data' => t('Operations'), 'colspan' => 3));
+ $result = db_query("SELECT r.rid, r.name, r.description FROM {role} r");
+ while ($role = db_fetch_object($result)) {
+ if (!in_array($role->rid, array(DRUPAL_ANONYMOUS_RID, DRUPAL_AUTHENTICATED_RID))) {
+ $delete = l(t('delete'), 'admin/user/roles/delete/' . $role->rid);
}
else {
- $rows[] = array($name, t('locked'), $edit_permissions);
+ $delete = t('required');
}
+ $rows[] = array(
+ check_plain($role->name) . ''.filter_xss_admin($role->description) . '
',
+ l(t('permissions'), 'admin/user/permissions/' . $role->rid),
+ l(t('edit'), 'admin/user/roles/edit/' . $role->rid),
+ $delete,
+ );
}
- $rows[] = array(drupal_render($form['name']), array('data' => drupal_render($form['submit']), 'colspan' => 2));
-
- $output = drupal_render_children($form);
- $output .= theme('table', $header, $rows);
-
- return $output;
+ $rows[] = array(
+ array(
+ 'data' => l(t('Add role'), 'admin/user/roles/add' ),
+ 'colspan' => 4,
+ ),
+ );
+ return theme('table', $header, $rows);
}
/**
Index: modules/user/user.install
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.install,v
retrieving revision 1.19
diff -u -p -r1.19 user.install
--- modules/user/user.install 26 Feb 2009 07:30:29 -0000 1.19
+++ modules/user/user.install 11 Mar 2009 00:51:54 -0000
@@ -80,6 +80,12 @@ function user_schema() {
'default' => '',
'description' => 'Unique role name.',
),
+ 'description' => array(
+ 'type' => 'varchar',
+ 'length' => 255,
+ 'default' => '',
+ 'description' => t("Description of the role. Used for documenting roles' usage."),
+ ),
),
'unique keys' => array(
'name' => array('name'),
@@ -464,6 +470,28 @@ function user_update_7004(&$sandbox) {
}
/**
+ * Add descriptions to roles.
+ */
+function user_update_7005() {
+ $ret = array();
+
+ // Add description column.
+ $field = array(
+ 'description' => t("Description of the role. Used for documenting roles' usage."),
+ 'type' => 'varchar',
+ 'length' => 255,
+ 'default' => '',
+ );
+ db_add_field($ret, 'role', 'description', $field);
+
+ // Populate anonymous and autheticated role descriptions.
+ $ret[] = update_sql("UPDATE {role} SET description = 'Visitors to the website who have not yet logged in. Users have limited permissions on the site.' WHERE rid = " . DRUPAL_ANONYMOUS_RID);
+ $ret[] = update_sql("UPDATE {role} SET description = 'Any logged-in user. Other roles receive the permissions of this role, as well as any other roles to which they are assigned.' WHERE rid = " . DRUPAL_AUTHENTICATED_RID);
+
+ return $ret;
+}
+
+/**
* @} End of "defgroup user-updates-6.x-to-7.x"
* The next series of updates should start at 8000.
*/
Index: modules/user/user.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/user/user.module,v
retrieving revision 1.966
diff -u -p -r1.966 user.module
--- modules/user/user.module 26 Feb 2009 07:30:29 -0000 1.966
+++ modules/user/user.module 11 Mar 2009 00:51:56 -0000
@@ -1238,16 +1238,38 @@ function user_menu() {
$items['admin/user/roles'] = array(
'title' => 'Roles',
'description' => 'List, edit, or add user roles.',
- 'page callback' => 'drupal_get_form',
- 'page arguments' => array('user_admin_new_role'),
+ 'page callback' => 'user_admin_role_list',
'access arguments' => array('administer permissions'),
);
- $items['admin/user/roles/edit'] = array(
- 'title' => 'Edit role',
+ $items['admin/user/roles/list'] = array(
+ 'title' => 'List',
+ 'type' => MENU_DEFAULT_LOCAL_TASK,
+ 'weight' => -10,
+ );
+ $items['admin/user/roles/add'] = array(
+ 'title' => 'Add role',
+ 'description' => 'List, edit, or add user roles.',
+ 'page callback' => 'drupal_get_form',
'page arguments' => array('user_admin_role'),
'access arguments' => array('administer permissions'),
+ 'type' => MENU_LOCAL_TASK,
+ );
+ $items['admin/user/roles/edit/%'] = array(
+ 'title' => 'Edit role',
+ 'page callback' => 'drupal_get_form',
+ 'page arguments' => array('user_admin_role', 4),
+ 'access callback' => array('user_role_access'),
+ 'access arguments' => array(3, 4),
'type' => MENU_CALLBACK,
);
+ $items['admin/user/roles/delete/%'] = array(
+ 'title' => 'Delete role',
+ 'page callback' => 'drupal_get_form',
+ 'page arguments' => array('user_admin_role_delete', 4),
+ 'access callback' => array('user_role_access'),
+ 'access arguments' => array(3, 4),
+ 'type' => MENU_CALLBACK,
+ );
$items['user/%user_uid_optional'] = array(
'title' => 'My account',
@@ -2256,11 +2278,7 @@ function user_help($path, $arg) {
case 'admin/user/permissions':
return '' . t('Permissions let you control what users can do on your site. Each user role (defined on the user roles page) has its own set of permissions. For example, you could give users classified as "Administrators" permission to "administer nodes" but deny this power to ordinary, "authenticated" users. You can use permissions to reveal new features to privileged users (those with subscriptions, for example). Permissions also allow trusted users to share the administrative burden of running a busy site.', array('@role' => url('admin/user/roles'))) . '
';
case 'admin/user/roles':
- return t('Roles allow you to fine tune the security and administration of Drupal. A role defines a group of users that have certain privileges as defined in user permissions. Examples of roles include: anonymous user, authenticated user, moderator, administrator and so on. In this area you will define the role names of the various roles. To delete a role choose "edit".
By default, Drupal comes with two user roles:
-
- - Anonymous user: this role is used for users that don\'t have a user account or that are not authenticated.
- - Authenticated user: this role is automatically granted to all logged in users.
-
', array('@permissions' => url('admin/user/permissions')));
+ return t('A role defines a group of users that share a common set of privileges as defined in user permissions. Examples of roles include: moderator, administrator and so on. Authenticated user and Anonymous user are two default roles that cannot be deleted.
', array('@permissions' => url('admin/user/permissions')));
case 'admin/user/search':
return '' . t('Enter a simple pattern ("*" may be used as a wildcard match) to search for a username or e-mail address. For example, one may search for "br" and Drupal might return "brian", "brad", and "brenda@example.com".') . '
';
}
@@ -2373,7 +2391,6 @@ function user_build_filter_query() {
function user_forms() {
$forms['user_admin_access_add_form']['callback'] = 'user_admin_access_form';
$forms['user_admin_access_edit_form']['callback'] = 'user_admin_access_form';
- $forms['user_admin_new_role']['callback'] = 'user_admin_role';
return $forms;
}
@@ -2783,4 +2800,25 @@ function _user_forms(&$edit, $account, $
return empty($groups) ? FALSE : $groups;
}
-
+/**
+ * Determine what operation can happen to which roles
+ * @param $op
+ * The operation being performed on the role
+ * - "edit"
+ * - "delete"
+ * @param $rid
+ * The unique id of the role
+ * @return
+ * TRUE if the operation may be performed
+ */
+function user_role_access($op, $rid = NULL) {
+ $is_protected_role = ($rid == DRUPAL_ANONYMOUS_RID || $rid == DRUPAL_AUTHENTICATED_RID);
+ if(
+ !user_access('administer permissions') || //not allowed
+ !key_exists($rid, user_roles()) || //nonexistent role
+ ($op == 'delete' && $is_protected_role) //protected role
+ ){
+ return false;
+ }
+ return true;
+}