I'm currently implementing Drupal on our intranet, since I believe this CMS is just great. (I use it on most of my sites too!)

However, on our intranet, profiles should be extensible, yet its contents should only be modified by privileged users, and not themselves.

For that reason, I've made a few modifications to profile.module in order to let the administrators, in the 'access control' page, decide which roles can modify the profiles content. Also, when adding or update a custom profile field, the administrators can decide whether the content of that field can be modified by the profile's user or not.

Here are some code patches for profile.module, followed by an SQL statement to add the 'editable' column in the 'profile_fields' table.

Line numbers are approximate:

Add the following line, in the while() control loop, at line ~273:

$editable = ($field->editable || user_access('edit all fields content'));

Change the following db_query() call at line ~464:

db_query("INSERT INTO {profile_fields} (title, name, explanation, category, type, weight, required, register, visibility, editable, options, page) VALUES ('%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, %d, '%s', '%s')", $data['title'], $data['name'], $data['explanation'], $data['category'], $type, $data['weight'], $data['required'], $data['register'], $data['visibility'], $data['editable'], $data['options'], $data['page']);

Change the other following db_query() call at line ~493:

db_query("UPDATE {profile_fields} SET title = '%s', name = '%s', explanation = '%s', category = '%s', weight = %d, required = %d, register = %d, visibility = %d, editable = %d, options = '%s', page = '%s' WHERE fid = %d", $data['title'], $data['name'], $data['explanation'], $data['category'], $data['weight'], $data['required'], $data['register'], $data['visibility'], $data['editable'], $data['options'], $data['page'], $fid);

Add the following implementation for hook_perm():

function profile_perm() {
  return array('edit all fields content');
}

Add the 'editable' column in the 'profile_fields' table:

ALTER TABLE `profile_fields` ADD `editable` TINYINT( 1 ) DEFAULT '1' NOT NULL AFTER `visibility` ;

Feedback welcome!

CommentFileSizeAuthor
#5 profile.module.diff3.7 KBremi

Comments

killes@www.drop.org’s picture

killes@www.drop.org commented
Status: Needs review » Active

That's not a patch.

remi’s picture

remi commented

I've put lines in my post to modify parts of the code in a certain file. This could be a patch then, even though I didn't upload a specific "patch" file for what I wrote.

boris mann’s picture

boris mann commented

Thanks for inputting this. To get accepted, you'll need to follow the patch procedure. We've heard various people ask for this, so it would be great if you could follow through and get this uploaded correctly.

Thanks!

remi’s picture

remi commented

Thanks for the useful information. I will follow the guidelines this week and submit a correct patch!

remi’s picture

remi commented
Version: 4.6.0 » 4.6.3
Status: Active » Needs review
StatusFileSize
new profile.module.diff3.7 KB

Oops... Sorry for the delay. Here's the patch. However, I think similar functionality has been implemented in the 4.7 CVS version.

moshe weitzman’s picture

moshe weitzman commented
Status: Needs review » Closed (fixed)

patches for review must be against HEAD drupal. marking as closed since poster claims 4.7 does this.