Not restricting freetagging vocabularies in node form
catch - July 29, 2007 - 09:28
| Project: | Vocabulary Permissions |
| Version: | 5.x-1.x-dev |
| Component: | Code |
| Category: | bug report |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | closed |
Jump to:
Description
Hi,
I installed the vocabperms module, switched it on, and tried to restrict two free-tagging vocabularies to our editor and admin roles.
So it's:
anonymous: view only
authenticated: view only
editor: edit and view
admin: edit and view
However authenticated users can still use the freetagging vocabulary with no visible change at all. Any help much appreciated!
#1
#2
The problem seems to be restricted to freetagging vocabularies.
#3
Same problem here. I have a content type in which all anonymous visitors to my site can write a text. Later on, these texts are reviewed by, well, reviewers. They, the reviewers, and not the original contributors, are the ones whom I would like to be the only ones able to access the taxonomy terms. I was hoping VocabPerms would do this. In VocabPerms, I set the rights for Anonymous to "none". Alas, it doesn't appear to be working. Anyone visiting can still see and use the taxonomy. It also happens to be a freetagging situation.
This is what VocabPerms is supposed to be doing, or am I missing something here? And if it is, it doesn't seem to work...
Ludo
#4
Yeah it seems like freetagging forms have a different id to the select forms, so the module doesn't catch them. Should be a simple fix if I knew how to find that!
#5
Bumping to critical since this is essentially half the functionality of the module.
So the relevant bit of a select form for taxonomy looks like:
select name="taxonomy[21][]" multiple="multiple" class="form-select" id="edit-taxonomy-21"for freetagging:
input type="text" maxlength="255" name="taxonomy[tags][2]" id="edit-taxonomy-tags-2"So in the module, the references to ($form['taxonomy']) need this as well: ($form['taxonomy']['tags'])
Should be a pretty simple patch for someone who understands it more than me! Since I'm only using this for freetagging, I'm going to try hacking it in and check it works for now.
#6
OK so this is a modified vocabperms_node_form_remove function that ONLY works for freetagging vocabularies. I don't yet have an idea how to do both at the same time. If you're only using it to restrict freetagging, it's a three line change to get working, and won't conflict with it getting fixed properly later. The only change is : ($form['taxonomy']) becomes ($form['taxonomy']['tags'])
Not a real patch, but marking as needs work presumptously because, well, it needs work.
function vocabperms_node_form_remove(&$form) {global $user;
if ($user->uid != 1 && isset($form['taxonomy']['tags'])) {
foreach ($form['taxonomy']['tags'] as $vid => $elem) {
if (is_int($vid)) {
// get the saved permissions for this vocabulary
if ($perms = unserialize(variable_get('vocab_perms-'. $vid, ''))) {
$perm = VOCABPERMS_NONE;
foreach ($user->roles as $rid => $rolename) {
if (isset($perms[$rid]) && $perms[$rid] < $perm) {
$perm = $perms[$rid];
}
}
if ($perm > VOCABPERMS_EDIT) {
/* Convert the element to a value so any preset or existing values
* are retained. Use a default value if available. Otherwise, use
* the first option (which would be selected by default).
*/
$value = isset($elem['#default_value']) ? $elem['#default_value'] : key($elem['#options']);
$form['taxonomy']['tags'][$vid] = array(
'#type' => 'value',
'#value' => $value,
);
}
}
}
}
}
#7
@catch, Thanks for reporting this and debugging it. I've checked in a fix.
#8
Thanks, Cach, that did it!! I wish I could just dig down in the code like that to fix a bug/feature like this by adding a few thingies... Thanks!!
Ludo
#9
Thanks Doug, that's service for ya.
#10
Proposed patch get looked at quicker. Thanks for doing the debugging for me!
#11