cck_field_perms.module

Tracking 5.x-1.x branch

Functions & methods

Name	Description
cck_field_perms_admin_settings	page for the admin settings form use this instead of standard settings for b/c we serialize all the data into one variable
cck_field_perms_admin_settings_form	creates the admin form
cck_field_perms_admin_settings_form_submit	save the incoming values
cck_field_perms_alter_options	defines the types of form alterting that can be done with data
cck_field_perms_form_alter	Implementation of hook form_alter
cck_field_perms_help	Implementation of hook_help().
cck_field_perms_menu	Implentation of hook menu
cck_field_perms_nodeapi	Implementation of hook_nodeapi removes fields if a user does not have perms to view it
cck_field_perms_perm	Impementation of hook perms
cck_field_perms_verbs	Defines the CRUD. @ TODO make these translatable
_cfp_content_to_readable
_cfp_field_perms_name_pair	display helper retrieve both the human and machine readable form of the permission allows cck fields to change labels without losing permission settings
_cfp_form_group_fieldset_helper	gets list of form groups from a form and removes field groups if the user does not have permission helper function for the form alter
_cfp_form_helper	helper function to unset form values
_cfp_group_form_fields	fetches the list of fields contained within a group returns fieldset form of check boxes to handle content

Name

Description

page for the admin settings form use this instead of standard settings for b/c we serialize all the data into one variable

cck_field_perms_admin_settings_form

creates the admin form

cck_field_perms_admin_settings_form_submit

save the incoming values

cck_field_perms_alter_options

defines the types of form alterting that can be done with data

cck_field_perms_form_alter

Implementation of hook form_alter

cck_field_perms_help

Implementation of hook_help().

cck_field_perms_menu

Implentation of hook menu

cck_field_perms_nodeapi

Implementation of hook_nodeapi removes fields if a user does not have perms to view it

cck_field_perms_perm

Impementation of hook perms

cck_field_perms_verbs

Defines the CRUD. @ TODO make these translatable

_cfp_content_to_readable

_cfp_field_perms_name_pair

display helper retrieve both the human and machine readable form of the permission allows cck fields to change labels without losing permission settings

_cfp_form_group_fieldset_helper

gets list of form groups from a form and removes field groups if the user does not have permission helper function for the form alter

_cfp_form_helper

helper function to unset form values

_cfp_group_form_fields

fetches the list of fields contained within a group returns fieldset form of check boxes to handle content

File

View source

<?php


/*
 * This module adds the ability to restrict some fields in a CCK node
 * to certian user roles based on create, updated, and view. Note that
 * when this module is enabled, you must positively grant view access
 * if you want users to have view access.
 * 
 *
 */

/* ********************************************* */
/* Drupal functions */
/* ********************************************* */


/**
 * Implementation of hook_help().
 */
function cck_field_perms_help($section) {
  switch ($section) {
    case 'admin/help#cck_field_perms':
      return t('<p>Gives the option of limited access to CCK data for user roles.</p>');
      break;
  }
}

/**
 * Implentation of hook menu
 */
function cck_field_perms_menu($may_cache) {
  $items = array();
  $items[] = array(
    'path' => 'admin/settings/cck_field_perms',
    'title' => t('CCK Field Permissions'),
    'description' => t('Restrict create, update and view access on specific CCK fields.'),
    'callback' => 'cck_field_perms_admin_settings',
    'access' => user_access('administer cck field permissions'),
    'type' => MENU_NORMAL_ITEM,
  );
  return $items;
}


/**
 * Impementation of hook perms
 */
function cck_field_perms_perm() {
  $perm_list[] = "administer cck field permissions";
  $field_perms = unserialize(variable_get('cfp_values', null));
  if ($field_perms) {
    foreach ($field_perms as $type_name => $fields) {
      foreach ($fields as $field_name => $value) {
        if ($value) {
          foreach (cck_field_perms_verbs() as $verb) {
            $perm_list[] = _cfp_content_to_readable($type_name, $field_name, $verb);
          }
        }
      }
    }
  }
  return $perm_list;
}

/**
 * Implementation of hook_nodeapi
 * removes fields if a user does not have perms to view it
 */
function cck_field_perms_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL) {
  
  switch ($op) { 
    
    // prevent viewing of fields
    case 'view':
      $type = $node->type;
      if ($types = variable_get('cfp_types', null)) {
        if ($types[$type]) {
          $disallowed_fields = unserialize(variable_get('cfp_values', null));
          if ($disallowed_fields) {
            foreach ($disallowed_fields[$type] as $disallowed_field => $value ) {
              if ($value == 0) {continue; }
              if (!(user_access(_cfp_content_to_readable($type, $disallowed_field, "view")))) {     
                $node->$disallowed_field['#access'] = false;
                $node->content[$disallowed_field]['#access'] = false;                   
              }   
            }
          }   
        }
      }
    break;
     
  }  
}


/**
 * Implementation of hook form_alter
 */
function cck_field_perms_form_alter($form_id, &$form) {
  //Alter the permissions page to show cck field labels instead of machine readable cck field names
  //Still store permissions by machine readable name
  if($form_id == 'user_admin_perm') {
    foreach(_cfp_field_perms_name_pair() as $field_name => $field_label) {
      $form['permission'][$field_name]['#value'] = $field_label;
    }
    return;
  }
  if ($form['#id'] != 'node-form') return;
  // detect if we're editing or creating
  if ($form['#node']->nid) {
    global $user;
    $verb = $form['uid']['#value'] == $user->uid ?  "edit own" : "edit";
  }
  else {
    $verb = "create";
  }
  $form =  _cfp_form_helper($form_id, $form, $verb);
}


/* ********************************************* */
/* CFP functions */
/* ********************************************* */

/**
 * Defines the CRUD.
 * @ TODO make these translatable
 */
function cck_field_perms_verbs() {
  return array('create', 'edit', 'edit own', 'view');
}

/**
 * defines the types of form alterting that can be done with data
 */
function cck_field_perms_alter_options() {
  $options = array(
   0 => t('Hide data'),
   1 => t('Show data, but disable form'),
  );
  return $options;
}


/**
 * display helper
 * retrieve both the human and machine readable form of the permission
 * allows cck fields to change labels without losing permission settings
 *
 * @return array
 */
function _cfp_field_perms_name_pair(){
  $perm_list = array();
  $field_perms = unserialize(variable_get('cfp_values', null));
  if ($field_perms) { 
    foreach ($field_perms as $type_name => $fields) {
      foreach ($fields as $field_name => $value) {
        if ($value) {
          foreach (cck_field_perms_verbs() as $verb){
            $perm_list[_cfp_content_to_readable($type_name, $field_name, $verb)]
              = _cfp_content_to_readable($type_name, $field_name, $verb, False);
          }
        }
      }
    }
  }
  return $perm_list;
}

/**
 * perms helper
 * converts drupal content names to human readable names
 */

function _cfp_content_to_readable ($content_type, $field_name, $verb, $by_field_name = True) {
  static $content_types;
  if (! $content_types) {$content_types = content_types();}

  // support fieldgroup content and return the label for display if requested
  if ($by_field_name || strstr($field_name, "group_")) {
    $output = $verb ." ". $content_types[$content_type]['name'] ." ". $field_name;
  } else {
    $output = $verb ." ". $content_types[$content_type]['name'] ." ". $content_types[$content_type]['fields'][$field_name]['widget']['label'];
  }
  return $output;
}

/**
 * gets list of form groups from a form and removes
 * field groups if the user does not have permission
 * helper function for the form alter
 *
 */
function _cfp_form_group_fieldset_helper(&$form, $disallowed, $content_type, $verb, $type_setting) {
  if (module_exists("fieldgroup")) {
    foreach ($form as $field_name => $value) {
      if ($value == 0 ) {continue;}
      if ($disallowed[$field_name]) {
        if (! user_access(_cfp_content_to_readable($content_type, $field_name, $verb))) {
          
          // if this is a fieldset change acces
          if($form[$field_name]['#type'] == 'fieldset') {
            $form[$field_name]['#access'] = false;
          }
          
          elseif ($type_setting[$field_name] == 1) {                                    
            $form[$field_name]['keys']['#disabled'] = true;     
          }
          else {   
            $form[$field_name]['keys']['#access'] = false;
          }
                     
        }
      }
      
      // check this item to see if it is a group
      // if group, recurse to check for sub groups and or fieldsets
      if (strstr($field_name, "group")) {
        if (is_array($form[$field_name])) {    
          _cfp_form_group_fieldset_helper($form[$field_name], $disallowed, $content_type, $verb, $type_setting);
        }        
      }
    }
  }
}


/**
 * helper function to unset form values
 *
 * @form is drupal form
 * @verb is create or update
 * @return is the modified drupal form
 *
 */
function _cfp_form_helper($form_id, $form, $verb) {
  //content_video_node_form
  $types = variable_get('cfp_types', null);
  if ($types) {
    foreach ($types as $type) {
      if ($form_id == $type ."_node_form") {       
        $disallowed_fields = unserialize(variable_get('cfp_values', null));                          
        if ($disallowed_fields) {
          $type_settings = unserialize(variable_get('cfp_display_types', ''));
          // removes fieldgroups
          _cfp_form_group_fieldset_helper($form, $disallowed_fields[$type], $type, $verb, $type_settings[$type]);     
          
          // now check fields
          foreach ($disallowed_fields[$type] as $disallowed_field => $value) {
            if ($value == 0 ) {continue;}            
            if (! user_access(_cfp_content_to_readable($type, $disallowed_field, $verb))) {
              
              //check the display type
              if ($type_settings[$type][$disallowed_field] == 1) {                            
                $form[$disallowed_field][0]['value']['#disabled'] = true;
                $form[$disallowed_field][0]['value']['#description'] .= ' '. t('You do not have access to edit this.');            
              }
              else {                
                $form[$disallowed_field][0]['value']['#access'] = false;
              }     
            }
          }
        }   
      }   
    }
  }
  return $form;
}


/* ************************ */
/* ADMIN Functions */
/* ************************ */


/**
 * page for the admin settings form
 * use this instead of standard settings for b/c we
 * serialize all the data into one variable
 */
function cck_field_perms_admin_settings() {
  $output = drupal_get_form('cck_field_perms_admin_settings_form');
  return $output;
}

/**
 * creates the admin form
 */
function cck_field_perms_admin_settings_form() {
  $form['field_perms'] = array(
    '#type' => 'fieldset',
    '#title' => t('Enable field permissions on content types.'),
    '#description' => t('This module allows an administrator to restrict CCK fields to some roles. '.
      'Once you have enabled a content type, select which fields you\'d like to restrict. '.
      'Then, go to '. l("admin/user/access", "admin/user/access") .' to allow user roles acces to that field. '.
      'Please note: you must grant view access for a field once you enable this field to be permissions controlled. '.
      'If you do not do this, no users will be able to view the field. '. 
      '<p>This module can also restrict a CCK field from being indexed by Drupal\'s search engine.'),
  );

  $types = content_types();

  foreach ($types as $key => $value) {
    $options[$key] = $value['name'];
  }
  $enabled_types = variable_get('cfp_types', null);
  $form['field_perms']['cfp_types'] = array(
   '#type' => 'checkboxes',
   '#title' => t('Content types'),
   '#description' => t('Select content types for which you wish to enable permissions.'),
   '#options' => $options,
   '#default_value' =>  $enabled_types,
  );

  $the_settings = unserialize(variable_get('cfp_values', '' ));
  $type_settings = unserialize(variable_get('cfp_display_types', ''));
  $search_settings = unserialize(variable_get('cfp_search_limit', ''));
  
  if ($enabled_types) {
    foreach ($enabled_types as $enabled_type) {
      if ($enabled_type) {
        $form['field_fields'][$enabled_type] = array(
          '#type' => 'fieldset',
          '#title' => $types[$enabled_type]['name'] ." content fields",                           
        );

        if ($types[$enabled_type]['fields']) {

          // deal with grouped content
          _cfp_group_form_fields($form, $types[$enabled_type]['fields'], $enabled_type, $the_settings, $type_settings);

          // creates the table for the display
          $form['field_fields'][$enabled_type]['markup_top'] = array(
            '#type' => 'markup',
            '#value' => '<table>',
          );

          foreach ($types[$enabled_type]['fields'] as $field) {          
            $field_perms[$field['field_name']] = $field['widget']['label'];                   


            $form['field_fields'][$enabled_type]["{$enabled_type}_{$field['field_name']}"]= array(
              '#type' => 'checkbox',
              '#title' => $field['widget']['label'],
              '#description' => t(''),
              '#default_value' => $the_settings[$enabled_type][$field['field_name']],
              '#description' => t("Enable permissions on this field."),
              '#prefix' => '<tr><td>',
              '#suffix' => '</td>',
            );


            $form['field_fields'][$enabled_type]["{$enabled_type}_{$field['field_name']}_cfp_type"] = array(
              '#title' => $field['widget']['label'] . t(' no permission settings'),
              '#type' => 'select',
              '#options' => cck_field_perms_alter_options(),
              '#default_value' => $type_settings[$enabled_type][$field['field_name']],
              '#description' => t('Sets how the field is displayed if the user does not have access'),
              '#prefix' => '<td>',
              '#suffix' => '</td>',                       
            );
            
            $form['field_fields'][$enabled_type]["{$enabled_type}_{$field['field_name']}_search"]= array(
              '#type' => 'checkbox',
              '#title' => $field['widget']['label'],
              '#description' => t('Prevent indexing'),
              '#default_value' => $search_settings[$enabled_type][$field['field_name']],
              '#description' => t('Prevent indexing of this field.'),
              '#prefix' => '<td>',
              '#suffix' => '</td></tr>',
            );
            

          }
        }

        // closes table
        $form['field_fields'][$enabled_type]['markup_bottom'] = array(
          '#type' => 'markup',
          '#value' => '</table>',
        );

      }
    }       
  }

  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Save')
  );
  return $form;
}

/**
 * fetches the list of fields contained within a group
 * returns fieldset form of check boxes to handle content
 */
function _cfp_group_form_fields(&$form, &$fields, $type, $values, $type_settings) {
  if (module_exists("fieldgroup")) {
    $groups = fieldgroup_groups($type);
    foreach ($groups as $group_name => $data) {
      $form['field_fields'][$type][$group_name ."_fields"] = array(
        '#type' => 'fieldset',
        '#title' => $data['label'] ." field group",
      );
      $form['field_fields'][$type][$group_name ."_fields"][$type ."_". $group_name] = array(
        '#type' => 'checkbox',
        '#title' => $data['label'],
        '#description' => t("Checking this box will hide this complete field group"),
        '#default_value' => $values[$type][$group_name],
      );

      // creates the table for the display
      $form['field_fields'][$type][$group_name ."_fields"]['fields_markup_top'] = array(
        '#type' => 'markup',
        '#value' => '<table>',
      );


      foreach ($data['fields'] as $afield) {
        $form['field_fields'][$type][$group_name ."_fields"][$type ."_". $afield['field_name']] = array(
          '#type' => 'checkbox',
          '#title' => $afield['label'] ." field",
          '#description' => t('Checking this box will hide this field.'),
          '#default_value' => $values[$type][$afield['field_name']],
          '#prefix' => '<tr><td>',
          '#suffix' => '</td>',  

        );
        
        // remove this field from the list of fields that we have to 
        // prevent duplicates        
        unset($fields[$afield['field_name']]);
        
        $form['field_fields'][$type][$group_name ."_fields"]["{$type}_{$afield['field_name']}_cfp_type"] = array(
          '#title' => $afield['label'] . t(' no permission settings'),
          '#type' => 'select',
          '#options' => cck_field_perms_alter_options(),
          '#default_value' => $type_settings[$type][$afield['field_name']],
          '#description' => t('Sets how the field is displayed if the user does not have access'),
          '#prefix' => '<td>',
          '#suffix' => '</td></tr>',                       
        );
                              
      }
      
      // closes the table for the display
      $form['field_fields'][$type][$group_name ."_fields"]['fields_markup_bottom'] = array(
        '#type' => 'markup',
        '#value' => '</table>',
      );
      
    }
  }
}


/**
 * save the incoming values
 */
function cck_field_perms_admin_settings_form_submit($form_id, $form_values) {

  // @ TODO figure out why the hell it is neccessary to do this
  // maybe body and title?
  if ($form_values['cfp_types'][0]) { unset($form_values['cfp_types'][0]); }
  if ($form_values['cfp_types'][1]) { unset($form_values['cfp_types'][1]); }

  variable_set('cfp_types', $form_values['cfp_types']);

  foreach ($form_values as $key => $value) {
    if (strstr($key, '_cfp_type')) {
      $type = substr($key, 0, strpos($key, "_field"));
      $field = str_replace('_cfp_type', '', substr($key, strpos($key, "field")));      
      $display_types[$type][$field] = $value;      
    }
    elseif (strstr($key, '_search')) {
      $type = substr($key, 0, strpos($key, "_field"));
      $field = str_replace('_search', '', substr($key, strpos($key, "field")));      
      $limit_search[$type][$field] = $value;      
    }    
    elseif (strstr($key, '_field_') ) {
      $type = substr($key, 0, strpos($key, "_field"));
      $field = substr($key, strpos($key, "field"));
      $stored_values[$type][$field] = $value;
    }
    elseif (strstr($key, '_group_') ) {
      $type = substr($key, 0, strpos($key, "_group"));
      $field = substr($key, strpos($key, "group"));
      $stored_values[$type][$field] = $value;
    }        
  }
  
  variable_set('cfp_values', serialize($stored_values));
  variable_set('cfp_display_types', serialize($display_types));
  variable_set('cfp_search_limit', serialize($limit_search));
  
  drupal_set_message("Remember to update ". l("admin/user/access", "admin/user/access") ." after you've changed permissions.");
}

Support DrupalContrib

DrupalContrib API believes developer documentation should be ad-free. Please make a donation below if you would like to help us to pay our hosting and maintenance costs.

cck_field_perms.module

Functions & methods

File

API Navigation

Search 5

Support DrupalContrib

Recurring donation:

One-off donation:

Flattr: