Hello,

I'm trying to extend the security system to allow users to edit any static page that they have created by not the pages of others. Currently there is only the "maintain static page" access right, which does not do what I want.

I managed to get the "Administer" link under every page that the user created (but not under ones which others have created) by hacking node.module's node_link() method. I added a check like this:

else if (user_access('edit own page') && $user->uid == $node->uid)
{
   $links[] = l(t('edit_page'), "admin/node/edit/$node->nid", array('title' => t('Edit this page.')));
}

Now the problem is, that when I click on the link I get an "access denied" error. But I don't know how to fix that. I tried changing node_access() to include something similar as the above, but to no avail. It seems that node_access() is not even called when I click on the "Administer" link.

Where do I have to change node.module to allow the user to edit his page?

Any help is greatly appreciated.
Thomas

Comments

killes@www.drop.org’s picture

Does the comment system know about your new permission? Did you include it in a _perm hook?

truilus’s picture

Thanks for the answer.

Yes I did include it into the _perm hook.

What do you mean with the "comment system"?

I have been reading most of the docs on this site, but unfortunately I can't find any information on how to implement this...

Regards
Thomas

killes@www.drop.org’s picture

truilus’s picture

Thanks for the link. This seems to be what I need. I will try that patch.

This is exactly what I wanted :-) this should make it into the release!
Thanks for all your help