From 5de154e843156a81634db52d27fb779265cdeb9f Mon Sep 17 00:00:00 2001 From: Chris Pliakas Date: Sun, 17 Apr 2011 13:16:49 -0500 Subject: [PATCH] Issue #877392 by cpliakas, marvil07: Add a hook that allows modules to alter voting permissions. This is a backport of the original patch on #877392-18 The main difference here is that I am applying changes only on vud module because of the plan(see #1360572). The othe minor difference is about re-naming some variables to make it D7-friendly. --- vud.api.php | 28 ++++++++++++++++++++++++++++ vud.module | 50 ++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 76 insertions(+), 2 deletions(-) diff --git a/vud.api.php b/vud.api.php index 4d1d804..3a9dc74 100644 --- a/vud.api.php +++ b/vud.api.php @@ -11,6 +11,34 @@ define('VUD_NEWENTITY_WIDGET_MESSAGE_POSTPONED', 2); /** + * Allow modules to alter access to the voting operation. + * + * @param $perm + * A string containing the permission required to modify the vote. + * @param $entity_type + * A string containing the type of content being voted on. + * @param $entity_id + * An integer containing the unique ID of the content being voted on. + * @param $value + * An integer containing the vote value, 1 for an up vote, -1 for a down vote. + * @param $tag + * A string containing the voting API tag. + * $param $account + * An object containing the user voting on the content, NULL for the current + * user. + * + * @return + * A boolean forcing access to the vote, pass NULL if the function should + * not modify the access restriction. + */ +function hook_vud_access($perm, $entity_type, $entity_id, $value, $tag, $account) { + // Denies access for all users other than user 1. + if ($account->uid != 1) { + return FALSE; + } +} + +/** * Modify the array of know messages. * * For a real implementation take a look at diff --git a/vud.module b/vud.module index 65191d4..571014d 100644 --- a/vud.module +++ b/vud.module @@ -33,7 +33,8 @@ function vud_menu() { 'title' => 'Vote', 'page callback' => 'vud_vote', 'page arguments' => array(1, 2, 3, 4, 5, 6), - 'access arguments' => array('use vote up/down'), + 'access callback' => 'vud_access_callback', + 'access arguments' => array('use vote up/down', 1, 2, 3, 4), 'type' => MENU_CALLBACK, 'file' => 'vud.theme.inc', ); @@ -42,7 +43,8 @@ function vud_menu() { 'title' => 'Reset vote', 'page callback' => 'vud_reset', 'page arguments' => array(1, 2, 3, 4), - 'access arguments' => array('reset vote up/down votes'), + 'access callback' => 'vud_access_callback', + 'access arguments' => array('reset vote up/down votes', 1, 2, 3, 4), 'type' => MENU_CALLBACK, ); @@ -97,6 +99,50 @@ function vud_admin_advanced_settings() { } /** + * Access callback for votes. + * + * @param $perm + * A string containing the permission required to modify the vote. + * @param $entity_type + * A string containing the type of content being voted on. + * @param $entity_id + * An integer containing the unique ID of the content being voted on. + * @param $value + * An integer containing the vote value, 1 for an up vote, -1 for a down vote. + * @param $tag + * A string containing the voting API tag. + * $param $account + * An object containing the user voting on the content, NULL for the current + * user. + * + * @return + * A boolean flagging whether or not the user has access to the vote. + */ +function vud_access_callback($perm, $entity_type, $entity_id, $value, $tag, $account = NULL) { + if ($account === NULL) { + global $user; + $account = $user; + } + + // If user do not pass system permissions, deny soon. + if (user_access($perm, $account) !== TRUE) { + return FALSE; + } + + // Invokes hook_vud_access(), gives modules ability to allow or disallow access. + $access_array = module_invoke_all('vud_access', $perm, $entity_type, $entity_id, $value, $tag, $account); + foreach ($access_array as $access_result) { + // If one hook implementation want to deny, end there. + if ($access_result !== TRUE) { + return FALSE; + } + } + + // If we are here, account should pass. + return TRUE; +} + +/** * Implementation of hook_permission(). */ function vud_permission() { -- 1.7.8.3