Giving permissions on children, without permissions to parent
ivlis - April 30, 2009 - 14:02
| Project: | Taxonomy Access Control Lite |
| Version: | 6.x-1.3 |
| Component: | Code |
| Category: | task |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
I have hierarchy as:
term1
---term2
------term3
term4I want to give some users post into term3 without been able to post into term1 and term2. When I select only term3 users are unable to choose anything, but when I select term1 term2 and term3 everything is fine.
Does this require lots of coding to implement?
Thank you in advance.
#1
Sorry, I do not understand the question.
If you're asking about creating new nodes, tac_lite will not do much for you. Create permission are not controlled through Drupal's node_access. If you're talking about updating or viewing nodes tagged with these terms, this module may help. But honestly I can't tell what you're asking. Can you be more specific?
#2
Sorry for being so unclear, I will try to explain the problem.
First of all, I am using tac_lite with Workflow and Revisioning. Here the tutorial I follow.
Imagine you are running some on-line journal about vehicles. You have sections:
Cars|
|-- BMW
|-- Audi
|-- Ford
You want to grand some users to alter nodes with Cars->BMW category without able to alter with Cars category. On the tac_lite side everything is ok, but when node post form is generated in taxonomy.module it rely on taxonomy_get_tree, which fails while constructing tree without root element (user does not have access to Cars), so there no element on form for user to choose. And she just can't alter form in that reason.
I guess tac_module have to implement hook_form_alter, and build form in right way. Here is my variant:
<?phpfunction tac_lite_form_alter(&$form, $form_state, $form_id)
{
global $user;
if (user_access('administer tac_lite')) {
// Only for tac_lite administrators.
return;
}
if ($form['#id'] === 'node-form') {
$vids = variable_get('tac_lite_categories', array(0));
foreach($vids as $vid) {
if (array_key_exists($vid, $form['taxonomy'])) {
$result = db_query(db_rewrite_sql('SELECT t.tid, t.*, parent FROM {term_data} t INNER JOIN {term_hierarchy} h ON t.tid = h.tid WHERE t.vid = %d ORDER BY weight, name', 't', 'tid'), $vid);
$i=1;
while ($term = db_fetch_object($result)){
$choice = new stdClass();
$choice->option = array($term->tid =>$term->name);
$form['taxonomy'][$vid]['#options'][$i]=$choice;
$i++;
}
}
}
}
}
?>
It is a real draft, it does not construct hierarchy and fails on preview. I an not a good php programmer, so if somebody will help me to implement tree builder which does not fail when parent shows nowhere this would be a great improvement for this module!
#3
I found a great module, Taxonomy Lineage which helps construct tree of terms. So I have full solution for a problem. If linage module installed a tree is generated, otherwise all terms are plain and ordered by name. I found no problem with this patch, so I would be great if someone test it and added to the module.
<?php
function tac_lite_form_alter(&$form, $form_state, $form_id)
{
global $user;
if (user_access('administer tac_lite')) {
// Only for tac_lite administrators.
return;
}
if (($form['#id'] === 'node-form') && (isset($form['taxonomy']))) {
$vids = variable_get('tac_lite_categories', array(0));
foreach($vids as $vid) {
if (array_key_exists($vid, $form['taxonomy'])) {
if (module_exists(lineage)) {
$result = db_query(db_rewrite_sql('SELECT t.tid, t.*,l.depth, parent FROM {term_data} t INNER JOIN {term_hierarchy}h ON t.tid = h.tid INNER JOIN {term_lineage} l ON t.tid = l.tid WHERE t.vid = 1 ORDER BY l.lineage', 't', 'tid'), $vid);
$i=1;
while ($term = db_fetch_object($result)){
$choice = new stdClass();
$choice->option = array($term->tid =>str_repeat('-', $term->depth).$term->name);
$form['taxonomy'][$vid]['#options'][$i]=$choice;
$i++;
}
}else{
$result = db_query(db_rewrite_sql('SELECT t.tid, t.*, parent FROM {term_data} t INNER JOIN {term_hierarchy} h ON t.tid = h.tid WHERE t.vid = %d ORDER BY name', 't', 'tid'), $vid);
$i=1;
while ($term = db_fetch_object($result)){
$choice = new stdClass();
$choice->option = array($term->tid =>$term->name);
$form['taxonomy'][$vid]['#options'][$i]=$choice;
$i++;
}
}
}
}
}
}
?>
#4
I can tell you've put some work into this. While I respect that, and this snippet of code may be helpful to others, I don't want to apply this patch for a couple reasons.
First, I don't want to add code specific to any third-party module. It makes tac_lite more difficult to support over time, and less 'lite'.
Second, this form_alter could be added to a custom module specific to your site. It doesn't really need to be in tac_lite.module.
But this issue makes me wonder about changing tac_lite in a couple ways. Right now, tac_lite hides terms from forms (and from the entire site) if the user has no permission to view the term. I could change that to be enabled/disabled by admins. And the other change would be to allow third party modules to alter grants before they are written. Something similar to #309007: Add drupal_alter() after hook_node_access_records().
Would those changes even help in this case?