Permissions
Nashville Drupaler - June 24, 2009 - 18:57
| Project: | Block Reference |
| Version: | 6.x-1.9 |
| Component: | Documentation |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed |
Jump to:
Description
When I configure my block to only allow access to certain roles the blocks showing using block reference show up anyway. How do I make it so only the blocks where the user has the proper permissions gets to view the block being referred to? Thank you
#1
Not atm I'll look into making this configurable per field.
#2
If you make it configurable per field when creating the content type you would lose the flexibility of being able to use the same content type to show different blocks with different permissions levels - I did a quick skim of your code - is there anyway to just check and see if the current user is authorized to view a block and if not, don't show it, using the same logic a sidebar would use (in regards to user accessibility, not block on this page ;) ? Or if for some reason that conflicts with something I am not seeing allow for say a collapsing area labeled permissions for each field so they could be set per field per node?
Thanks
Great little module btw!
Nash
#3
I don't know what you just said, but a configuration is all I can suggest, as pretty much everyone else that uses this module expects it to work exactly the opposite as what you described. The option would simply be whether to use the block's visibility settings or not. Hopefully I can distinguish between user based visibility and path based visibility.
#4
Good news.
It may be possible I don't have to do anything to change the module, since these options are added in the theme function
<?php
/**
* Theme function for 'default' blockreference field formatter.
*/
function theme_blockreference_formatter_default($element) {
$field_name = $element['#field_name'];
$field = content_fields($field_name);
$output = '';
if (!empty($element['#item']['bid']) && is_numeric($element['#item']['bid'])) {
$block = db_fetch_object(db_query(db_rewrite_sql("SELECT * FROM {blocks} WHERE bid = ".$element['#item']['bid'], 'blocks', 'bid')));
$block->enabled = TRUE;
$block->status = TRUE;
$block->page_match = TRUE;
$block_view = module_invoke($block->module, 'block', 'view', $block->delta);
$block->content = $block_view['content'];
$block->subject = $block->title ? $block->title : $block_view['subject'];
if ($block->content) {
$output = theme('block', $block);
}
}
return $output;
}
?
The part to concern yourself with is
$block->enabled = TRUE;$block->status = TRUE;
$block->page_match = TRUE;
Remove one of those lines - I'm not sure which.
That should be adequate.
#5
I have made a comment about this on the project page. If this continues to be unsatisfactory for several people I will consider making it a config option - but that's really a lot of dicking around.
#6
Automatically closed -- issue fixed for 2 weeks with no activity.