Merge pull request #333 from CuBoulder/feature/FIT-1581

FIT-1581 - making sure correct user roles can edit/see other roles

modules/custom/cu_users/cu_users.module

@@ -135,6 +135,26 @@ function cu_users_user_has_role($role_name, $user = NULL) {
   return FALSE;
 }
 
+/**
+ * Implements hook_views_pre_render().
+ *
+ * Hide developers and administrators on the Users overview page from lesser roles.
+ */
+function cu_users_views_pre_render(&$view) {
+  if ($view->name == 'cu_people_administration_override_view') {
+    global $user;
+    if (in_array('developer', $user->roles) || in_array('administrator', $user->roles) || $user->uid == 1) {
+      return;
+    }
+    foreach ($view->result as $key => $user) {
+      $user_object = user_load($user->uid);
+      if (in_array('developer', $user_object->roles) || in_array('administrator', $user_object->roles)) {
+        unset($view->result[$key]);
+      }
+    }
+  }
+}
+
 /**
  * Implements hook_form_FORM_ID_alter().
  *

modules/custom/express_permissions/express_permissions.module

@@ -40,7 +40,7 @@ function express_permissions_secure_permissions_roles() {
  *   An array defining all the permissions for the site.
  */
 function express_permissions_secure_permissions($role) {
-   $permissions = array(
+  $permissions = array(
     'administrator' => array(
       'access administration pages',
       'access bean overview',
@@ -64,8 +64,10 @@ function express_permissions_secure_permissions($role) {
       'assign content_editor role',
       'assign edit_my_content role',
       'assign site_owner role',
-      'cancel users with role 2',
-      'cancel users with role 6',
+      'cancel users with role authenticated user',
+      'cancel users with role content_editor',
+      'cancel users with role edit_my_content',
+      'cancel users with role site_owner',
       'check out documents',
       'create any block bean',
       'create any feature_callout bean',
@@ -96,8 +98,10 @@ function express_permissions_secure_permissions($role) {
       'edit own faqs content',
       'edit own file content',
       'edit own page content',
-      'edit users with role 2',
-      'edit users with role 6',
+      'edit users with role authenticated user',
+      'edit users with role content_editor',
+      'edit users with role edit_my_content',
+      'edit users with role site_owner',
       'execute node_assign_owner_action',
       'execute node_make_sticky_action',
       'execute node_make_unsticky_action',
@@ -416,8 +420,10 @@ function express_permissions_secure_permissions($role) {
       'assign content_editor role',
       'assign edit_my_content role',
       'assign site_owner role',
-      'cancel users with role 2',
-      'cancel users with role 6',
+      'cancel users with role authenticated user',
+      'cancel users with role content_editor',
+      'cancel users with role edit_my_content',
+      'cancel users with role site_owner',
       'check out documents',
       'create any block bean',
       'create any feature_callout bean',
@@ -448,8 +454,10 @@ function express_permissions_secure_permissions($role) {
       'edit own faqs content',
       'edit own file content',
       'edit own page content',
-      'edit users with role 2',
-      'edit users with role 6',
+      'edit users with role authenticated user',
+      'edit users with role content_editor',
+      'edit users with role edit_my_content',
+      'edit users with role site_owner',
       'execute node_assign_owner_action',
       'execute node_make_sticky_action',
       'execute node_make_unsticky_action',