Comment creation

Currently forum_access doesn't handle comments at all.

That said, this is an extremely valuable feature request, and this should be looked at. However, I'm not sure how feasible it is right now, I haven't done any research on it. I also don't know when I'll have the time to look on it. I've been looking for a co-maintainer for this module for awhile for reasons exactly like this -- because it has several good features still missing.

After a little discussion, the proper method to dot his appears to be:

Ensure that the comment control is completely optional.
Use hook_nodeapi, operation 'load' and set the proper comment value based upon permissions (if enabled).
use hook_form_alter and remove the comment setting from the node so that the UI doesn't get confusing.

I think that should cover it pretty well.

I was looking into this because I think this is a 'normal' behavior that Drupal should be able to do,not just for forums ( viewing nodes without be able to comment on all of them).

Following you plan above, I could remove the 'Add new comment' link on the node, as well as the Comment Controls and 'Post new comment' (if comment form on same page).

The real issue is that you can't remove the 'reply' link from each comment (see issue hook_link_alter doesn’t work for comment links). You can hack the theme to remove then, but that is hacky and superficial.

Moreover, beyond that, if someone just notices the way links are structured, the could go straight to comment/reply/6 and make a comment, since they have view permission on node 6 (based on the forum_access permissions), and of course the ‘post comments’ permission.

This may be a fundamental flaw in how comments work in a Drupal forum. Basically this means that if you don't want someone to post in a forum (as comments), don't let them view it at all.

Gman, you appear to be using a completely different method than I suggested. I was suggesting modifying the node, when loaded, to set the permission value for comments directly, rather than mucking with hook_link_alter anywhere.

Sorry, I didn't fully explain my travels on this. I did try what you said about updating $node->comment = 1 (read only) while loading the node. This only removes the reply link from the node links, not the comments links.

The comment reply links are placed directly from the comment.module using after checking node_comment_mode($nid), which directly queries the database, not the $node object.

function node_comment_mode($nid) {
  static $comment_mode;
  if (!isset($comment_mode[$nid])) {
    $comment_mode[$nid] = db_result(db_query('SELECT comment FROM {node} WHERE nid = %d', $nid));
  }
  return $comment_mode[$nid];
}

This will always return the true commenting state of the node as view/edit (given that some people can post to the thread). Which is why using a URL like /comment/reply/6/7 will always work regardless of what we do to the $node object.

I then later tried what I stated above since the 'view' check is after this check, looking for another way to intercept.

Since $node is loaded in comment_reply function, we should just change the line at/near 670 of comment.module:

if (node_comment_mode($nid) != COMMENT_NODE_READ_WRITE)

to

if ($node->comment != COMMENT_NODE_READ_WRITE)

and update comment_links function to load the $node object as well near line 830. The $node is usually present already, so there is no performance loss.

Then this approach would work. But that requires a core patch, AND it would only work if forum_access acts before comment.module.

As a quick and dirty workaround, I modified the function comment_menu() in comment.module as follows.

I changed:

if (arg(0) == 'comment' && arg(1) == 'reply' && is_numeric(arg(2))) {
  $node = node_load(arg(2));
  if ($node->nid) {
    $items[] = array('path' => 'comment/reply', 'title' => t('Reply to comment'), 'callback' => 'comment_reply', 'access' => node_access('view', $node), 'type' => MENU_CALLBACK);
  }
}

into

if (arg(0) == 'comment' && arg(1) == 'reply' && is_numeric(arg(2))) {
  // Determine if this node is a forum topic, and if so, does the user have
  // permission to reply to it?
  $can_reply = TRUE;
  if (module_exists('forum_access')) {
    $resp = db_query('SELECT tid FROM {term_node} WHERE nid = %d', arg(2));
    if (db_num_rows($resp) > 0) {
      $resp = db_fetch_object($resp);
      if (!forum_access_access($resp->tid, 'create')) {
        $can_reply = FALSE;
      }
    }
  }
  $node = node_load(arg(2));
  if ($node->nid) {
    $items[] = array('path' => 'comment/reply', 'title' => t('Reply to comment'), 'callback' => 'comment_reply', 'access' => (node_access('view', $node) && $can_reply), 'type' => MENU_CALLBACK);
  }
}

The "Add reply" links still appear, but if a user without "create" access to the forum tries to submit a comment/response, they get an "Access denied" error message. It's not perfect, but it gets the job done.

Hi rjunc,

Thanks for your hack, it worked. But it would be great if we had a solution that didn't patch the core.

Regards,
introfini

Implemented in #310254-15: Control posting rights for comments/replies in D5 for D6.

Marking this as duplicate because the other thread lead to the breakthrough.