Hello,
I just added a feature request for this a few minutes ago. Turns out it was easier to figure this out than I thought, so I have implemented my own feature request.
I have made some modifications to event.module to allow more granular control of the permissions. In the current version of this module, the only permission is 'maintain events'. I have added new permission called 'view events', which controls two things: 1) whether the 'calendar' menu item will display, and 2) whether the events calendar node will display if someone does try go to the 'event' node. As before, the 'maintain events' permission still controls whether you can see the 'events' menu item and whether you can add an event via 'create content'.
This is first time I've submitted any kind of patch to Drupal, so I'm not sure if I'm submitting this using the proper process, but here goes.
First, I made this change to the event_perm function:
Before:
return array('maintain events');
After:
return array('maintain events','view events');
Second,I changed one line in the event_menu function; as you can see, all I did was change 'maintain events' to 'view events':
Before:
$items[] = array('path' => 'event/'.event_format_date(time(), 'custom', 'Y/m/d'), 'title' => t('calendar'),
'access' => user_access('access content'),
'type' => MENU_DYNAMIC_ITEM);
After:
$items[] = array('path' => 'event/'.event_format_date(time(), 'custom', 'Y/m/d'), 'title' => t('calendar'),
'access' => user_access('view events'),
'type' => MENU_DYNAMIC_ITEM);
Finally, I added this line to the switch block in the event_access function:
case 'view':
return user_access('view events');
Suggestions welcome.
Daniel Read
Comments
Comment #1
killes@www.drop.org commentedA 'view events' permission does not make sense because your events can still be seen by other means (direct url access for example).
Comment #2
daniel read commentedOn the contrary, my patch does exactly that. I've just tested it again to be sure. That's what the code in event_access is for. Direct url access is blocked if you don't have the permission. If there's something I'm missing, please be specific about what it is so that we can work this out. That way I learn, other people learn, and we improve the module. I spent a few hours working on this, and took extra effort to integrate my solution into the existing framework so that it would be consistent. I'd like to see it through.
Is this the way this Drupal patch system works? I submit a patch and then someone can just come along and mark it "won't fix" and that's it? When you change the status like that, it basically disappears from the patch list unless you do a special search for it. If you have an issue and think the patch won't work, how about we work it out so that it does work before we just close it out?
Sorry for the sour tone.
Dan
Comment #3
(not verified) commented