hosting_client.access.inc

Control client node access.

Functions

Namesort descending Description
hosting_client_disabling Function to make sure we don't respond with grants when disabling ourselves.
hosting_client_node_access_records Implements hook_node_access_records().
hosting_client_node_grants Implements hook_node_grants().
hosting_client_user_cancel Implements hook_user_cancel().
hosting_client_user_form Add items to the user forms when editing or registering.
hosting_client_user_form_submit Save the values submitted when editing or adding a user.
hosting_client_user_form_validate Validate the submission of a user form.
hosting_client_user_insert Implements hook_user_insert().
hosting_client_user_load Implements hook_user_load().
hosting_client_user_presave Implements hook_user_presave().
hosting_client_user_view Implements hook_user_view().
hosting_client_user_XXX Implements hook_user_XXX().
hosting_client_view_user Add visible items when viewing a user().
hosting_get_client_from_user Get relationships a user has with different clients.
theme_hosting_client_user_form Returns HTML for the client area on the user form.

File

client/hosting_client.access.inc
View source
  1. <?php
  2. /**
  3. * @file
  4. * Control client node access.
  5. */
  6. /**
  7. * Implements hook_user_load().
  8. */
  9. function hosting_client_user_load($users) {
  10. foreach ($users as $uid => $user) {
  11. $users[$uid]->client_id = hosting_get_client_from_user($user->uid);
  12. }
  13. }
  14. /**
  15. * Implements hook_user_view().
  16. */
  17. function hosting_client_user_view($account, $view_mode) {
  18. if (hosting_feature('client')) {
  19. return hosting_client_view_user($account);
  20. }
  21. }
  22. /**
  23. * Implements hook_user_XXX().
  24. */
  25. function hosting_client_user_XXX($edit, $account) {
  26. if (hosting_feature('client')) {
  27. return hosting_client_user_form($edit, $account, $category);
  28. }
  29. }
  30. /**
  31. * Implements hook_user_presave().
  32. */
  33. function hosting_client_user_presave(&$edit, $account, $category) {
  34. return hosting_client_user_form_validate($edit);
  35. }
  36. /**
  37. * Implements hook_user_insert().
  38. */
  39. function hosting_client_user_insert(&$edit, $account, $category) {
  40. hosting_client_user_form_submit($edit, $account);
  41. $edit['hosting_client'] = NULL;
  42. }
  43. /**
  44. * Implements hook_user_cancel().
  45. */
  46. function hosting_client_user_cancel($edit, $account, $method) {
  47. db_delete('hosting_client_user')
  48. ->condition('user', $account->uid)
  49. ->execute();
  50. }
  51. /**
  52. * Add visible items when viewing a user().
  53. *
  54. * @see hosting_client_user()
  55. */
  56. function hosting_client_view_user($user) {
  57. if ($user->client_id) {
  58. foreach ($user->client_id as $client => $type) {
  59. $rows[] = array(_hosting_node_link($client));
  60. }
  61. // This is a table because we'll have types for clients eventually.
  62. $header = array(t('Hosting client'));
  63. $items['client_list'] = array(
  64. 'value' => theme('table', array('header' => $header, 'rows' => $rows)),
  65. 'class' => 'client',
  66. );
  67. return array(t('Clients') => $items);
  68. }
  69. }
  70. /**
  71. * Add items to the user forms when editing or registering.
  72. *
  73. * @see hosting_client_user()
  74. */
  75. function hosting_client_user_form($edit, $user, $category) {
  76. $clients = array();
  77. if ($user->client_id) {
  78. foreach ($user->client_id as $client => $type) {
  79. $clients[$client] = '';
  80. $fields[$category]['name'][$client] = array(
  81. '#type' => 'markup',
  82. '#value' => _hosting_node_link($client),
  83. );
  84. }
  85. }
  86. if (user_access('edit client users')) {
  87. $fields[$category]['clients'] = array(
  88. '#type' => 'checkboxes',
  89. '#options' => $clients,
  90. );
  91. }
  92. $fields[$category]['header'] = array(
  93. '#type' => 'value',
  94. '#value' => array(array('data' => t('Accessible clients')), array('data' => t('Remove'))),
  95. );
  96. if (user_access('edit client users')) {
  97. $fields[$category]['hosting_client'] = array(
  98. '#type' => 'textfield',
  99. '#title' => t('Associate a client to this user'),
  100. '#weight' => 2,
  101. '#autocomplete_path' => 'hosting_client/autocomplete/client',
  102. '#description' => t('This field allows you to associate an existing client to a user.
  103. It does not create a new client, but allows this user
  104. to manage sites belonging to the given client.'),
  105. );
  106. }
  107. $fields[$category]['#theme'] = 'hosting_client_user_form';
  108. return $fields;
  109. }
  110. /**
  111. * Returns HTML for the client area on the user form.
  112. */
  113. function theme_hosting_client_user_form($variables) {
  114. $form = $variables['form'];
  115. if (array_key_exists('hosting_client', $form)) {
  116. $edit_name = drupal_render($form['hosting_client']);
  117. }
  118. else {
  119. $edit_name = '';
  120. }
  121. foreach (element_children($form['name']) as $client) {
  122. $row = array();
  123. $row['data'][] = drupal_render($form['name'][$client]);
  124. if (user_access('edit client users')) {
  125. $row['data'][] = drupal_render($form['clients'][$client]);
  126. }
  127. $rows[] = $row;
  128. }
  129. $output = drupal_render_children($form);
  130. $output .= theme('table', array('header' => $form['header']['#value'], 'rows' => $rows));
  131. $output .= $edit_name;
  132. return $output;
  133. }
  134. /**
  135. * Validate the submission of a user form.
  136. *
  137. * @see hosting_client_user()
  138. */
  139. function hosting_client_user_form_validate($edit) {
  140. if (array_key_exists('hosting_client', $edit) && $edit['hosting_client'] && (!$client = hosting_get_client($edit['hosting_client']))) {
  141. form_set_error('hosting_client', 'Please fill in a valid client');
  142. }
  143. }
  144. /**
  145. * Save the values submitted when editing or adding a user.
  146. *
  147. * @see hosting_client_user()
  148. */
  149. function hosting_client_user_form_submit($edit, $user) {
  150. if (array_key_exists('clients', $edit)) {
  151. foreach ($edit['clients'] as $client) {
  152. $query = db_delete('hosting_client_user')
  153. ->condition('user', $user->uid)
  154. ->condition('client', $client)
  155. ->execute();
  156. }
  157. }
  158. if (array_key_exists('hosting_client', $edit) && $edit['hosting_client']) {
  159. $client = hosting_get_client($edit['hosting_client']);
  160. $query = $id = db_insert('hosting_client_user')
  161. ->fields(array(
  162. 'client' => $client->nid,
  163. 'user' => $user->uid,
  164. 'contact_type' => '',
  165. ))
  166. ->execute();
  167. }
  168. }
  169. /**
  170. * Function to make sure we don't respond with grants when disabling ourselves.
  171. */
  172. function hosting_client_disabling($set = NULL) {
  173. static $disabling = FALSE;
  174. if ($set !== NULL) {
  175. $disabling = $set;
  176. }
  177. return $disabling;
  178. }
  179. /**
  180. * Implements hook_node_grants().
  181. */
  182. function hosting_client_node_grants($account, $op) {
  183. $grants = &drupal_static(__FUNCTION__);
  184. if (!isset($grants)) {
  185. $grants = array();
  186. }
  187. $cache_id = $account->uid . $op;
  188. if (!isset($grants[$cache_id])) {
  189. $account->client_id = hosting_get_client_from_user($account->uid);
  190. $types = hosting_feature_node_types();
  191. foreach ($types as $type) {
  192. if (user_access('administer ' . $type . 's', $account)) {
  193. $grants[$cache_id]['hosting ' . $type] = array(1);
  194. }
  195. elseif (user_access($op . ' ' . $type, $account)) {
  196. // TODO: restrict access to certain op-type based on the user relationship to this client - see content of $client_relations
  197. $grants[$cache_id]['hosting ' . $type] = array_keys($account->client_id);
  198. }
  199. elseif ($op == 'update' && user_access('edit ' . $type, $account)) {
  200. $grants[$cache_id]['hosting ' . $type] = array_keys($account->client_id);
  201. }
  202. }
  203. }
  204. return isset($grants[$cache_id]) ? $grants[$cache_id] : array();
  205. }
  206. /**
  207. * Implements hook_node_access_records().
  208. */
  209. function hosting_client_node_access_records($node) {
  210. if (hosting_client_disabling()) {
  211. return;
  212. }
  213. $grants = array();
  214. $base_grant = array(
  215. 'realm' => 'hosting ' . $node->type,
  216. 'grant_view' => 1,
  217. 'grant_update' => 1,
  218. 'grant_delete' => 0,
  219. 'priority' => 1,
  220. );
  221. // Tasks inherit from their parent.
  222. if ($node->type == 'task') {
  223. $node = node_load($node->rid);
  224. $base_grant['grant_update'] = 0;
  225. }
  226. switch ($node->type) {
  227. case 'site':
  228. $base_grant['gid'] = $node->client;
  229. break;
  230. case 'client':
  231. $base_grant['gid'] = $node->nid;
  232. break;
  233. case 'package':
  234. $base_grant['grant_update'] = 0;
  235. break;
  236. case 'task':
  237. // The rest of the node types are configuration, so only admin should see them.
  238. $base_grant['gid'] = HOSTING_ADMIN_CLIENT;
  239. break;
  240. case 'server':
  241. // The rest of the node types are configuration, so only admin should see them.
  242. $base_grant['gid'] = HOSTING_ADMIN_CLIENT;
  243. // Lookup platforms on this server.
  244. $platforms = _hosting_get_platforms($node->nid);
  245. $gids = array();
  246. foreach ($platforms as $nid => $title) {
  247. $node = node_load($nid);
  248. if (!empty($node->clients)) {
  249. foreach ($node->clients as $cid => $client) {
  250. if ($cid != HOSTING_ADMIN_CLIENT) {
  251. $gids[] = $cid;
  252. }
  253. }
  254. }
  255. }
  256. // Lookup databaaes hosted on this server.
  257. $databases = hosting_get_sites_on_db_server($node->nid);
  258. foreach ($databases as $nid => $dbname) {
  259. $node = node_load($nid);
  260. if (!empty($node->client)) {
  261. if ($node->client != HOSTING_ADMIN_CLIENT) {
  262. $gids[] = $node->client;
  263. }
  264. }
  265. }
  266. $gids = array_unique($gids);
  267. // Grant access to all clients who have access to a platform.
  268. foreach ($gids as $cid) {
  269. $grants[] = array_merge($base_grant, array('gid' => $cid, 'grant_update' => 0));
  270. }
  271. break;
  272. case 'platform':
  273. $base_grant['gid'] = HOSTING_ADMIN_CLIENT;
  274. if (isset($node->clients)) {
  275. foreach ($node->clients as $cid => $client) {
  276. if ($cid != HOSTING_ADMIN_CLIENT) {
  277. $grants[] = array_merge($base_grant, array('gid' => $cid, 'grant_update' => 0));
  278. }
  279. }
  280. }
  281. break;
  282. default:
  283. // Not hosting node, don't change access.
  284. return;
  285. }
  286. if (isset($base_grant['gid'])) {
  287. $grants[] = $base_grant;
  288. // This should _always_ happen.
  289. if ($base_grant['gid'] != HOSTING_ADMIN_CLIENT) {
  290. // Also give full access to the administrator user.
  291. $base_grant['gid'] = HOSTING_ADMIN_CLIENT;
  292. $grants[] = $base_grant;
  293. }
  294. return $grants;
  295. }
  296. }
  297. /**
  298. * Get relationships a user has with different clients.
  299. *
  300. * @param int $uid
  301. * The user to get the relationships for.
  302. *
  303. * @return array
  304. * An array of clients and their contact type relationships to the specified
  305. * user.
  306. */
  307. function hosting_get_client_from_user($uid) {
  308. $clients = array();
  309. if ($results = db_query("SELECT client, contact_type FROM {hosting_client_user} WHERE user = :user", array(':user' => $uid))) {
  310. foreach ($results as $result) {
  311. $clients[$result->client] = explode(',', $result->contact_type);
  312. }
  313. }
  314. return $clients;
  315. }