This is to limit the publishing options like 'Promoted to front page' and 'Sticky at top of lists' per role.
For example, if you want to limit a role to promote only 5 nodes and stick 10 nodes a day, this will help to limit that out.
Limit can be set for each role separately. And a custom message can be shown to user if limit is over. This can shown all the time on all pages when user has reached the limit or can be shown only when trying to promot or stick after reaching the limit while updating node. This will also work with "Rules Link".
SandBox Link: https://drupal.org/sandbox/tanvirahmad/2204859
Drupal Core Version: 7.x
Git Repository : git clone http://git.drupal.org/sandbox/TanvirAhmad/2204859.git limit_publishing_options
Manual reviews of other projects:
https://drupal.org/comment/8577317#comment-8577317
https://drupal.org/comment/8577335#comment-8577335
Comment | File | Size | Author |
---|---|---|---|
#19 | Limit Publishing Options.png | 59.76 KB | TanvirAhmad |
#14 | PAReview bugs.txt | 5.5 KB | Binu Varghese |
Comments
Comment #1
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #2
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #3
PA robot CreditAttribution: PA robot commentedWe are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)
Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #4
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #5
PA robot CreditAttribution: PA robot commentedThere are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpgitdrupalorgsandboxTanvirAhmad2204859git
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #6
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #7
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #8
mraichelson CreditAttribution: mraichelson commentedPlease take another look at the automated output of PAreview, there are coding issues to be addressed there.
Comment #9
mraichelson CreditAttribution: mraichelson commentedComment #10
TanvirAhmad CreditAttribution: TanvirAhmad commentedRemoved unused variables detected by PAReview
Comment #11
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #12
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #13
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #14
Binu Varghese CreditAttribution: Binu Varghese commented@TanvirAhmad, 2 things worth mentioning here:
1) Your git clone URL has issues (see below):
$ git clone http://git.drupal.org:sandbox/TanvirAhmad/2204859.git limit_publishing_options
Cloning into 'limit_publishing_options2'...
fatal: repository 'http://git.drupal.org:sandbox/TanvirAhmad/2204859.git/' not found
2) Issues raised in #5 and #8 still stands (see attached).
Please fix these first before requesting for a review. thanks!
Comment #15
Binu Varghese CreditAttribution: Binu Varghese commentedBeing not application release blocker(s), leaving you at "Needs review" with the hope that these are fixed!
Comment #16
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #17
TanvirAhmad CreditAttribution: TanvirAhmad commented@Binu, Thanks for the revirew.
Clone is fixed(It was a typo) and #5, #8 are also fixed.
Comment #18
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #19
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #20
manumilou CreditAttribution: manumilou commented@TanvirAhmad: did a general review of your project:
- Files do not need to be executable: limit_publishing_options.info, limit_publishing_options.install, limit_publishing_options.module are in 775.
- Remove the package entry in your info file as it is not supposed to be part of any package yet.
- Your hook implementation comments are not valid. Actually, a lot of errors are still raised by PAreview and need to be fixed.
- There are typos in the @file bloc, in limit_publishing_options.check.inc
Comment #21
TanvirAhmad CreditAttribution: TanvirAhmad commented@manumilou, thanks for the review.
I am done with the changes you metioned.
1. Persmissions set to 664.
2. Hook Comments
3. Typo in @file bloc, in limit_publishing_options.check.inc
I am using coder to review code, and I am seeing ..
I am not sure how to fix this up.
Comment #22
TanvirAhmad CreditAttribution: TanvirAhmad commentedThanks God, I am done with fixes for PAReview. :)
Comment #23
sandergo90 CreditAttribution: sandergo90 commentedHi,
Pareview looks good indeed.
I've checked the module functionality and it looks fine.
No remarks here.
Comment #24
mraichelson CreditAttribution: mraichelson commentedComment #25
itsmebhupendra CreditAttribution: itsmebhupendra commentedHi TanvirAhmad,
I have installed and configured your module as per stated in the description. My configuration for the module is
Role Limit (authenticated user)
Limit the Promote/day. => 1
Limit the Sticky/day. => 1
Role Limit (administrator)
Limit the Promote/day. => 1
Limit the Sticky/day. => 1
When I created content of type article with "admin" log in, it is not working as per configuration. It gives me the message for sticky on 3rd node creation, whereas I created total of 4 nodes but never got the message for "promoted to front page".
When I create content by log in with a authenticated user, I have never got the messages neither for "Sticky" nor "Promoted to front page"
Comment #26
TanvirAhmad CreditAttribution: TanvirAhmad commentedHello @itsmebhupendra,
Thanks for the review.
I don't know how I missed that part. :(
Actually it wasn't working with newly created content.
Anyways, yes that was a bug which is fixed now.
Comment #27
TanvirAhmad CreditAttribution: TanvirAhmad commented@mraichelson, thanks for the review.
I have added more fleshed description to the form as you mentioned.
For the first check box field 'Enable Limit Publishing Options' I have added 'This will enable the settings below to start working.'
For check box in groups, I have add 'If checked, limit will start working for this role.'
Also changed the title of Groups too to make it more understandable.
Cheers
Comment #28
TanvirAhmad CreditAttribution: TanvirAhmad commentedRaising priority, as its already been more than 4 weeks.
Cheers
Comment #29
asghar CreditAttribution: asghar commentedComment #30
TanvirAhmad CreditAttribution: TanvirAhmad commentedShould I change this to critical?
Comment #31
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #32
alinouman CreditAttribution: alinouman commentedHi Tanvir nice effort, here are some points
1- you are
using module_load_include('inc', 'limit_publishing_options', 'limit_publishing_options.check');
module_load_include is not best practice its better to add this in info files.2-in presave you are
returning return limit_publishing_options_po_notification();
i guess return is not necessary, your ajax commands will work fine without it.3-it is very simple select
you could use db_query for it.
4- removing review tag. you can add it again. if you done 3 or more reviews.
Comment #33
asghar CreditAttribution: asghar commentedHi @alinouman
I am not agree with your arguments which you have raised in your post
1- you are using module_load_include('inc', 'limit_publishing_options', 'limit_publishing_options.check'); module_load_include is not best practice its better to add this in info files.
asghar: First go to this page(https://drupal.org/node/542202#files) and read *file* content info carefully.
2-in presave you are returning return limit_publishing_options_po_notification(); i guess return is not necessary, your ajax commands will work fine without it.
asghar: Not necessary.
3-it is very simple select
asghar: Drupal community prefer more db_select because easy read, PDO formatting etc.
Comment #34
alinouman CreditAttribution: alinouman commentedHi Asghar,
1- I agree with your point 1. Sorry about that.
2-node_Presave is a hook and returning something on it doesnot make sense since his if statements are checking all conditions. he could call only limit_publishing_options_po_notification(); and i guess code will still works because ajax command will execute.
3-db_query is much faster than db_select check this https://drupal.org/node/1067802 .
4- he is also missing config link in info file too.
Comment #35
TanvirAhmad CreditAttribution: TanvirAhmad commented@alinouman
Thank you so much for your review.
But I am not completely agree with your comments. As @Asghar has already explained it as well. I will reply for some.
2. I think you have not gone through the code carefully so didnt got what node_presave is returning.
3. Using db_select or db_query is not a big issue in this case. db_select is new trend by the way.
I have already done 3 reviews, so please dont remove review tag.
Thanks
Comment #36
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #37
alinouman CreditAttribution: alinouman commentedHi Tanvir,
You are missing config link in info file.
Comment #38
TanvirAhmad CreditAttribution: TanvirAhmad commentedAdded config link in info.
Thanks
Comment #39
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #40
hmdnawaz CreditAttribution: hmdnawaz commentedWorking fine as designed.
Comment #41
heddnthis file should be removed: .limit_publishing_options.module.swp
.inc file:
Typo in @file:
tabs should be two spaces, not four.
.install file:
This doesn't support other databases. Either note that on the project page and readme or fix it. date.module uses these formats:
No need to call
drupal_uninstall_schema
in uninstall hook..module file:
These aren't valid hooks. See https://drupal.org/coding-standards/docs#functions. I typically call these things
Form callback: submit handler for foo_form().
. But call it what you want.Comment #42
heddnComment #43
PA robot CreditAttribution: PA robot commentedClosing due to lack of activity. If you are still working on this application, you should fix all known problems and then set the status to "Needs review". (See also the project application workflow).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #44
TanvirAhmad CreditAttribution: TanvirAhmad commentedHello Heddn,
Thanks for the review. I have gone through all the changes you mentioned, type, tabs, date, description and offcourse not use drupal_uninstall_schema in hook_uninstall, just read at hook_uninstall it is done automaticaly.
Thanks.
Comment #45
TanvirAhmad CreditAttribution: TanvirAhmad commentedMore over I have also updated the field lables.
Comment #46
TanvirAhmad CreditAttribution: TanvirAhmad commentedComment #47
er.pushpinderrana CreditAttribution: er.pushpinderrana commented@TanvirAhmad, thank you for your contribution!
Automated Review
Best practice issues identified by pareview.sh / drupalcs / coder. Few minor issues.
Manual Review
» People » Permissions
and also wrong spellings, make sure to go through README Template again.limit_publishing_options
schema but no insertion in this table, even you also truncating this table inlimit_publishing_options_node_validate
functiondb_truncate('limit_publishing_options')->execute();
. Please correct me if I am wrong.limit_po_count
field, what field value you are validating?if-else
condition instead of using two if statement.It should be something like this.
Also I have seen you have number of if-else statement within a function, better to give proper comment and also try to break big functions in small functions (if possible). Currently it is really difficult to debug your code, wherever possible replace multiple if-else statement with switch case (if possible).
limit_publishing_options_roles_flush_date
variable, please reply on thisThe starred items (*) are fairly big issues and warrant going back to Needs Work. Items marked with a plus sign (+) are important and should be addressed before a stable project release. The rest of the comments in the code walkthrough are recommendations.
I appreciate your module idea and your hard work.
Thanks Again!
Comment #48
PA robot CreditAttribution: PA robot commentedClosing due to lack of activity. If you are still working on this application, you should fix all known problems and then set the status to "Needs review". (See also the project application workflow).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #49
TanvirAhmad CreditAttribution: TanvirAhmad commentedHello @er.pushpinderrana,
Thank you so much for your review. I am really impressed by the points you raised.
Here is the eplanations and changes I have made against your points.
Automated Review.
I have done fixes but still seeing the same in review.
README.txt/README.md
Special characters removed.
Spellings corrected.
Coding style & Drupal API usage
1. It is working as intended. May be you missed checking "Enable Limit Publishing Options" OR " administrator" checkbox in that section to start working.
3. We are using "limit_publishing_options_form_validate" to validate date in fields.
4. In "limit_publishing_options" insertion is there in "limit_publishing_options_add_option" function.
db_truncate('limit_publishing_options')->execute()
is used on daily basis to truncate table as this module limits publishing options on daily basis for now.5. Accurate options for fields are added now.
6. If-else is added.
7.
limit_publishing_options_roles_flush_date
is used to keep last date when "limit_publishing_options" was flushed.8. REQUEST_TIME is used now.
Comment #50
klausiRemoving review bonus tag, you have not done all manual review, you just pointed to a git clone command that anyone can correct in an issue summary. Make sure to read through the source code of the other projects, as requested on the review bonus page.
Comment #51
klausiSorry for the delay. Make sure to review more project applications and get a new review bonus and this will get finished faster.
manual review:
Comment #52
Manjit.Singh@Klausi Thanks for your assistance
@TanvirAhmad What you have done in submit function, you can do that directly via system setting form, No need to write submit function. Can you please change your admin setting form and follow https://www.drupal.org/node/206761 for reference
Comment #53
klausiOK, looks like Manjit.Singh did not find the security issue, so here are the details:
limit_publishing_options_page_build(): this is vulnerable to XSS exploits. drupal_set_message() expects the message parameter to be sanitized. If I enter
<script>alert('XSS');</script>
for the limit_publishing_options_notification variable in the admin settings I will get a nasty javascript popup. You need to sanitize user provided text before printing, make sure to read https://www.drupal.org/node/28984 again. In you case using t() with the appropriate "@" placeholder will do the sanitization for you.Comment #54
PA robot CreditAttribution: PA robot commentedClosing due to lack of activity. If you are still working on this application, you should fix all known problems and then set the status to "Needs review". (See also the project application workflow).
I'm a robot and this is an automated message from Project Applications Scraper.