From 49c7d582dd5daf017f720a8ff212d3d31b5f3c88 Mon Sep 17 00:00:00 2001 From: Andras Szepeshazi Date: Wed, 8 Feb 2012 14:54:19 -0500 Subject: [PATCH] Updates to roles plugin - implemented role based page handling --- languages/en.php | 2 ++ lib/config.php | 2 +- lib/roles.php | 32 +++++++++++--------------------- start.php | 39 ++++++++++++++++++++++++++++++++++++--- 4 files changed, 50 insertions(+), 25 deletions(-) diff --git a/languages/en.php b/languages/en.php index d8a5424..b22f82c 100644 --- a/languages/en.php +++ b/languages/en.php @@ -19,6 +19,8 @@ 'user:role:success' => 'User role has been successfully updated', 'user:role:fail' => 'Could not update user role. Please try again later.', + + 'roles:page:denied' => 'Sorry, but you do not have the necessary privileges to view that page.', ); diff --git a/lib/config.php b/lib/config.php index 56d7cdd..a3c7aeb 100644 --- a/lib/config.php +++ b/lib/config.php @@ -39,7 +39,7 @@ function roles_get_roles_config() { ), 'pages' => array( - 'group/new/$guid' => array('rule' => 'deny') + 'groups/add/{$self_guid}' => array('rule' => 'deny') ), 'menus' => array( diff --git a/lib/roles.php b/lib/roles.php index fea565a..49d4b9d 100644 --- a/lib/roles.php +++ b/lib/roles.php @@ -194,34 +194,24 @@ function roles_find_menu_index($menu_name, $item_name) { function roles_prepare_menu_vars($vars) { - $user = elgg_get_logged_in_user_entity(); - $self_username = $user->username; - $self_guid = $user->guid; $prepared_vars = $vars; if (isset($prepared_vars['href'])) { - $prepared_vars['href'] = str_replace('{$self_username}', $self_username, $prepared_vars['href']); - $prepared_vars['href'] = str_replace('{$self_guid}', $self_guid, $prepared_vars['href']); + $prepared_vars['href'] = roles_replace_dynamic_paths($prepared_vars['href']); } return $prepared_vars; } - - - - - - - - - - - - - - - - +function roles_replace_dynamic_paths($str) { + $user = elgg_get_logged_in_user_entity(); + $self_username = $user->username; + $self_guid = $user->guid; + + $res = str_replace('{$self_username}', $self_username, $str); + $res = str_replace('{$self_guid}', $self_guid, $res); + + return $res; +} diff --git a/start.php b/start.php index 66b946e..c020410 100644 --- a/start.php +++ b/start.php @@ -23,8 +23,8 @@ function roles_init() { elgg_register_plugin_hook_handler('action', 'all', 'roles_actions_permissions'); + elgg_register_plugin_hook_handler('route', 'all', 'roles_pages_permissions'); elgg_register_event_handler('pagesetup', 'system', 'roles_menus_permissions'); - elgg_register_event_handler('pagesetup', 'system', 'roles_pages_permissions'); roles_register_views_hook_handler(); @@ -81,9 +81,10 @@ function roles_views_permissions($hook_name, $entity_type, $return_value, $param } } } - } + } } + function roles_actions_permissions($hook_name, $entity_type, $return_value, $params) { } @@ -121,7 +122,39 @@ function roles_menus_permissions($event, $type, $object) { return true; } -function roles_pages_permissions($event, $type, $object) { +function roles_pages_permissions($hook_name, $entity_type, $return_value, $params) { + $role = roles_get_role(); + if (elgg_instanceof($role, 'object', 'role')) { + $role_perms = roles_get_role_permissions($role, 'pages'); + $page_path = $return_value['handler'] . '/' . implode('/', $return_value['segments']); + if (is_array($role_perms) && !empty($role_perms)) { + foreach ($role_perms as $page => $perm_details) { + error_log("Checking $page against $page_path"); + if (roles_replace_dynamic_paths($page) == $page_path) { + switch ($perm_details['rule']) { + case 'deny': + register_error(elgg_echo('roles:page:denied')); + if (isset($perm_details['forward'])) { + forward($perm_details['forward']); + } else { + forward(REFERER); + } + break; + case 'redirect': + if (isset($perm_details['forward'])) { + forward($perm_details['forward']); + } else { + forward(REFERER); + } + break; + case 'allow': + default: + break; + } + } + } + } + } } function roles_users_settings_save($hook_name, $entity_type, $return_value, $params) {