diff options
| -rw-r--r-- | CHANGELOG.txt | 2 | ||||
| -rw-r--r-- | INSTALL.txt | 10 | ||||
| -rw-r--r-- | database/database.4.0.mysql | 11 | ||||
| -rw-r--r-- | database/database.4.1.mysql | 11 | ||||
| -rw-r--r-- | database/database.pgsql | 11 | ||||
| -rw-r--r-- | database/updates.inc | 26 | ||||
| -rw-r--r-- | modules/block.module | 51 | ||||
| -rw-r--r-- | modules/block/block.module | 51 | ||||
| -rw-r--r-- | modules/taxonomy.module | 2 | ||||
| -rw-r--r-- | modules/taxonomy/taxonomy.module | 2 |
10 files changed, 152 insertions, 25 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 94b65d7b8..50ddb55f9 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -3,6 +3,8 @@ Drupal x.x.x, xxxx-xx-xx (development version) - usability: * added support for auto-complete forms (AJAX) to user profiles. * improved configurability of the contact forms. +- block system: + * extended the block visibility settings with a role specific settings.. - distributed authentication: * added default server option. - fixed critical SQL issue, see SA-2006-005 diff --git a/INSTALL.txt b/INSTALL.txt index d13cb101f..fc2e5529a 100644 --- a/INSTALL.txt +++ b/INSTALL.txt @@ -144,11 +144,11 @@ INSTALLATION by the Drupal server process. You can change the name of this subdirectory at "Administer > Settings > File system settings". - SECURITY NOTICE: Certain Apache configurations can be vulnerable - to a security exploit allowing arbitrary code execution. Drupal - will attempt to automatically create a .htaccess file in your - "files" directory to protect you. If you already have a .htaccess - file in that location, please add the following line: + SECURITY NOTICE: Certain Apache configurations can be vulnerable + to a security exploit allowing arbitrary code execution. Drupal + will attempt to automatically create a .htaccess file in your + "files" directory to protect you. If you already have a .htaccess + file in that location, please add the following line: SetHandler This_is_a_Drupal_security_line_do_not_remove You can now launch your browser and point it to your Drupal site. diff --git a/database/database.4.0.mysql b/database/database.4.0.mysql index dfd96323c..e2a9d0009 100644 --- a/database/database.4.0.mysql +++ b/database/database.4.0.mysql @@ -569,6 +569,17 @@ CREATE TABLE role ( ); -- +-- Table structure for table 'blocks_roles' +-- +CREATE TABLE blocks_roles ( + module varchar(64) NOT NULL, + delta varchar(32) NOT NULL, + rid int(10) unsigned NOT NULL, + PRIMARY KEY (module, delta, rid) +) +/*!40100 DEFAULT CHARACTER SET utf8 */ ; + +-- -- Table structure for table 'search_dataset' -- CREATE TABLE search_dataset ( diff --git a/database/database.4.1.mysql b/database/database.4.1.mysql index 8c2c3318f..4518b7224 100644 --- a/database/database.4.1.mysql +++ b/database/database.4.1.mysql @@ -608,6 +608,17 @@ CREATE TABLE role ( DEFAULT CHARACTER SET utf8; -- +-- Table structure for table 'blocks_roles' +-- +CREATE TABLE blocks_roles ( + module varchar(64) NOT NULL, + delta varchar(32) NOT NULL, + rid int(10) unsigned NOT NULL, + PRIMARY KEY (module, delta, rid) +) +/*!40100 DEFAULT CHARACTER SET utf8 */ ; + +-- -- Table structure for table 'search_dataset' -- CREATE TABLE search_dataset ( diff --git a/database/database.pgsql b/database/database.pgsql index 7d468f82b..a2812b604 100644 --- a/database/database.pgsql +++ b/database/database.pgsql @@ -572,6 +572,17 @@ CREATE TABLE role ( ); -- +-- Table structure for table 'blocks_roles' +-- + +CREATE TABLE blocks_roles ( + module varchar(64) NOT NULL, + delta varchar(32) NOT NULL, + rid integer NOT NULL, + PRIMARY KEY (module, delta, rid) +); + +-- -- Table structure for table 'search_dataset' -- CREATE TABLE search_dataset ( diff --git a/database/updates.inc b/database/updates.inc index 0e357850f..d641da08b 100644 --- a/database/updates.inc +++ b/database/updates.inc @@ -2014,3 +2014,29 @@ function system_update_182() { return $ret; } + +function system_update_183() { + $ret = array(); + switch ($GLOBALS['db_type']) { + case 'mysql': + case 'mysqli': + $ret[] = update_sql("CREATE TABLE blocks_roles ( + module varchar(64) NOT NULL, + delta varchar(32) NOT NULL, + rid int(10) unsigned NOT NULL, + PRIMARY KEY (module, delta, rid) + ) /*!40100 DEFAULT CHARACTER SET utf8 */;"); + break; + + case 'pgsql': + $ret[] = update_sql("CREATE TABLE blocks_roles ( + module varchar(64) NOT NULL, + delta varchar(32) NOT NULL, + rid integer NOT NULL, + PRIMARY KEY (module, delta, rid) + );"); + break; + + } + return $ret; +} diff --git a/modules/block.module b/modules/block.module index 9d48ca777..588bb2918 100644 --- a/modules/block.module +++ b/modules/block.module @@ -22,6 +22,7 @@ function block_help($section) { <li>Its page visibility settings. Blocks can be configured to be visible/hidden on certain pages.</li> <li>Its custom visibility settings. Blocks can be configured to be visible only when specific conditions are true.</li> <li>Its user visibility settings. Administrators can choose to let users decide whether to show/hide certain blocks.</li> +<li>Its user-role visibility settings. Administrators can choose to let blocks be visible only for certain user roles.</li> <li>Its function. Some dynamic blocks, such as those generated by modules, will be displayed only on certain pages.</li> </ul> '); @@ -365,7 +366,7 @@ function block_admin_configure($module = NULL, $delta = 0) { $form['block_settings'] = array( '#type' => 'fieldset', '#title' => t('Block specific settings'), - '#collapsible' => true, + '#collapsible' => TRUE, ); foreach ($settings as $k => $v) { @@ -382,19 +383,48 @@ function block_admin_configure($module = NULL, $delta = 0) { $form['user_vis_settings'] = array( '#type' => 'fieldset', '#title' => t('User specific visibility settings'), - '#collapsible' => true, + '#collapsible' => TRUE, ); $form['user_vis_settings']['custom'] = array( '#type' => 'radios', '#title' => t('Custom visibility settings'), - '#options' => array(t('Users cannot control whether or not they see this block.'), t('Show this block by default, but let individual users hide it.'), t('Hide this block by default but let individual users show it.')), + '#options' => array( + t('Users cannot control whether or not they see this block.'), + t('Show this block by default, but let individual users hide it.'), + t('Hide this block by default but let individual users show it.') + ), '#description' => t('Allow individual users to customize the visibility of this block in their account settings.'), '#default_value' => $edit['custom'], ); + + // Role-based visibility settings + $default_role_options = array(); + $result = db_query("SELECT rid FROM {blocks_roles} WHERE module = '%s' AND delta = '%s'", $module, $delta); + while ($role = db_fetch_object($result)) { + $default_role_options[] = $role->rid; + } + $result = db_query('SELECT rid, name FROM {role} ORDER BY name'); + $role_options = array(); + while ($role = db_fetch_object($result)) { + $role_options[$role->rid] = $role->name; + } + $form['role_vis_settings'] = array( + '#type' => 'fieldset', + '#title' => t('Role specific visibility settings'), + '#collapsible' => TRUE, + ); + $form['role_vis_settings']['roles'] = array( + '#type' => 'checkboxes', + '#title' => t('Show block for specific roles'), + '#default_value' => $default_role_options, + '#options' => $role_options, + '#description' => t('Show this block only for the selected role(s). If you select no roles, the block will be visible to all users.'), + ); + $form['page_vis_settings'] = array( '#type' => 'fieldset', '#title' => t('Page specific visibility settings'), - '#collapsible' => true, + '#collapsible' => TRUE, ); $access = user_access('use PHP for block visibility'); @@ -444,6 +474,10 @@ function block_admin_configure_validate($form_id, $form_values) { function block_admin_configure_submit($form_id, $form_values) { if (!form_get_errors()) { db_query("UPDATE {blocks} SET visibility = %d, pages = '%s', custom = %d WHERE module = '%s' AND delta = '%s'", $form_values['visibility'], $form_values['pages'], $form_values['custom'], $form_values['module'], $form_values['delta']); + db_query("DELETE FROM {blocks_roles} WHERE module = '%s' AND delta = '%s'", $form_values['module'], $form_values['delta']); + foreach (array_filter($form_values['roles']) as $rid) { + db_query("INSERT INTO {blocks_roles} (rid, module, delta) VALUES (%d, '%s', '%s')", $rid, $form_values['module'], $form_values['delta']); + } module_invoke($form_values['module'], 'block', 'save', $form_values['delta'], $form_values); drupal_set_message(t('The block configuration has been saved.')); cache_clear_all(); @@ -540,7 +574,7 @@ function block_box_save($edit, $delta = NULL) { else { db_query("INSERT INTO {boxes} (title, body, info, format) VALUES ('%s', '%s', '%s', %d)", $edit['title'], $edit['body'], $edit['info'], $edit['format']); } - return true; + return TRUE; } /** @@ -550,10 +584,11 @@ function block_box_save($edit, $delta = NULL) { * the site. */ function block_user($type, $edit, &$user, $category = NULL) { + global $user; switch ($type) { case 'form': if ($category == 'account') { - $result = db_query('SELECT * FROM {blocks} WHERE status = 1 AND custom != 0 ORDER BY weight, module, delta'); + $result = db_query("SELECT DISTINCT b.* FROM {blocks} b LEFT JOIN {blocks_roles} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom != 0 AND (r.rid IN (%s) OR r.rid IS NULL) ORDER BY b.weight, b.module", implode(',', array_keys($user->roles))); $form['block'] = array('#type' => 'fieldset', '#title' => t('Block configuration'), '#weight' => 3, '#collapsible' => TRUE, '#tree' => TRUE); while ($block = db_fetch_object($result)) { $data = module_invoke($block->module, 'block', 'list'); @@ -600,7 +635,7 @@ function block_list($region) { static $blocks = array(); if (!count($blocks)) { - $result = db_query("SELECT * FROM {blocks} WHERE theme = '%s' AND status = 1 ORDER BY region, weight, module", $theme_key); + $result = db_query("SELECT DISTINCT b.* FROM {blocks} b LEFT JOIN {blocks_roles} r ON b.module = r.module AND b.delta = r.delta WHERE b.theme = '%s' AND b.status = 1 AND (r.rid IN (%s) OR r.rid IS NULL) ORDER BY b.region, b.weight, b.module", $theme_key, implode(',', array_keys($user->roles))); while ($block = db_fetch_object($result)) { if (!isset($blocks[$block->region])) { $blocks[$block->region] = array(); @@ -656,5 +691,3 @@ function block_list($region) { } return $blocks[$region]; } - - diff --git a/modules/block/block.module b/modules/block/block.module index 9d48ca777..588bb2918 100644 --- a/modules/block/block.module +++ b/modules/block/block.module @@ -22,6 +22,7 @@ function block_help($section) { <li>Its page visibility settings. Blocks can be configured to be visible/hidden on certain pages.</li> <li>Its custom visibility settings. Blocks can be configured to be visible only when specific conditions are true.</li> <li>Its user visibility settings. Administrators can choose to let users decide whether to show/hide certain blocks.</li> +<li>Its user-role visibility settings. Administrators can choose to let blocks be visible only for certain user roles.</li> <li>Its function. Some dynamic blocks, such as those generated by modules, will be displayed only on certain pages.</li> </ul> '); @@ -365,7 +366,7 @@ function block_admin_configure($module = NULL, $delta = 0) { $form['block_settings'] = array( '#type' => 'fieldset', '#title' => t('Block specific settings'), - '#collapsible' => true, + '#collapsible' => TRUE, ); foreach ($settings as $k => $v) { @@ -382,19 +383,48 @@ function block_admin_configure($module = NULL, $delta = 0) { $form['user_vis_settings'] = array( '#type' => 'fieldset', '#title' => t('User specific visibility settings'), - '#collapsible' => true, + '#collapsible' => TRUE, ); $form['user_vis_settings']['custom'] = array( '#type' => 'radios', '#title' => t('Custom visibility settings'), - '#options' => array(t('Users cannot control whether or not they see this block.'), t('Show this block by default, but let individual users hide it.'), t('Hide this block by default but let individual users show it.')), + '#options' => array( + t('Users cannot control whether or not they see this block.'), + t('Show this block by default, but let individual users hide it.'), + t('Hide this block by default but let individual users show it.') + ), '#description' => t('Allow individual users to customize the visibility of this block in their account settings.'), '#default_value' => $edit['custom'], ); + + // Role-based visibility settings + $default_role_options = array(); + $result = db_query("SELECT rid FROM {blocks_roles} WHERE module = '%s' AND delta = '%s'", $module, $delta); + while ($role = db_fetch_object($result)) { + $default_role_options[] = $role->rid; + } + $result = db_query('SELECT rid, name FROM {role} ORDER BY name'); + $role_options = array(); + while ($role = db_fetch_object($result)) { + $role_options[$role->rid] = $role->name; + } + $form['role_vis_settings'] = array( + '#type' => 'fieldset', + '#title' => t('Role specific visibility settings'), + '#collapsible' => TRUE, + ); + $form['role_vis_settings']['roles'] = array( + '#type' => 'checkboxes', + '#title' => t('Show block for specific roles'), + '#default_value' => $default_role_options, + '#options' => $role_options, + '#description' => t('Show this block only for the selected role(s). If you select no roles, the block will be visible to all users.'), + ); + $form['page_vis_settings'] = array( '#type' => 'fieldset', '#title' => t('Page specific visibility settings'), - '#collapsible' => true, + '#collapsible' => TRUE, ); $access = user_access('use PHP for block visibility'); @@ -444,6 +474,10 @@ function block_admin_configure_validate($form_id, $form_values) { function block_admin_configure_submit($form_id, $form_values) { if (!form_get_errors()) { db_query("UPDATE {blocks} SET visibility = %d, pages = '%s', custom = %d WHERE module = '%s' AND delta = '%s'", $form_values['visibility'], $form_values['pages'], $form_values['custom'], $form_values['module'], $form_values['delta']); + db_query("DELETE FROM {blocks_roles} WHERE module = '%s' AND delta = '%s'", $form_values['module'], $form_values['delta']); + foreach (array_filter($form_values['roles']) as $rid) { + db_query("INSERT INTO {blocks_roles} (rid, module, delta) VALUES (%d, '%s', '%s')", $rid, $form_values['module'], $form_values['delta']); + } module_invoke($form_values['module'], 'block', 'save', $form_values['delta'], $form_values); drupal_set_message(t('The block configuration has been saved.')); cache_clear_all(); @@ -540,7 +574,7 @@ function block_box_save($edit, $delta = NULL) { else { db_query("INSERT INTO {boxes} (title, body, info, format) VALUES ('%s', '%s', '%s', %d)", $edit['title'], $edit['body'], $edit['info'], $edit['format']); } - return true; + return TRUE; } /** @@ -550,10 +584,11 @@ function block_box_save($edit, $delta = NULL) { * the site. */ function block_user($type, $edit, &$user, $category = NULL) { + global $user; switch ($type) { case 'form': if ($category == 'account') { - $result = db_query('SELECT * FROM {blocks} WHERE status = 1 AND custom != 0 ORDER BY weight, module, delta'); + $result = db_query("SELECT DISTINCT b.* FROM {blocks} b LEFT JOIN {blocks_roles} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom != 0 AND (r.rid IN (%s) OR r.rid IS NULL) ORDER BY b.weight, b.module", implode(',', array_keys($user->roles))); $form['block'] = array('#type' => 'fieldset', '#title' => t('Block configuration'), '#weight' => 3, '#collapsible' => TRUE, '#tree' => TRUE); while ($block = db_fetch_object($result)) { $data = module_invoke($block->module, 'block', 'list'); @@ -600,7 +635,7 @@ function block_list($region) { static $blocks = array(); if (!count($blocks)) { - $result = db_query("SELECT * FROM {blocks} WHERE theme = '%s' AND status = 1 ORDER BY region, weight, module", $theme_key); + $result = db_query("SELECT DISTINCT b.* FROM {blocks} b LEFT JOIN {blocks_roles} r ON b.module = r.module AND b.delta = r.delta WHERE b.theme = '%s' AND b.status = 1 AND (r.rid IN (%s) OR r.rid IS NULL) ORDER BY b.region, b.weight, b.module", $theme_key, implode(',', array_keys($user->roles))); while ($block = db_fetch_object($result)) { if (!isset($blocks[$block->region])) { $blocks[$block->region] = array(); @@ -656,5 +691,3 @@ function block_list($region) { } return $blocks[$region]; } - - diff --git a/modules/taxonomy.module b/modules/taxonomy.module index ba7827d70..0ee530d6b 100644 --- a/modules/taxonomy.module +++ b/modules/taxonomy.module @@ -1147,7 +1147,7 @@ function taxonomy_render_nodes($result) { $output .= theme('pager', NULL, variable_get('default_nodes_main', 10), 0); } else { - $output .= t('There are currently no posts in this category.'); + $output .= '<p>'. t('There are currently no posts in this category.') .'</p>'; } return $output; } diff --git a/modules/taxonomy/taxonomy.module b/modules/taxonomy/taxonomy.module index ba7827d70..0ee530d6b 100644 --- a/modules/taxonomy/taxonomy.module +++ b/modules/taxonomy/taxonomy.module @@ -1147,7 +1147,7 @@ function taxonomy_render_nodes($result) { $output .= theme('pager', NULL, variable_get('default_nodes_main', 10), 0); } else { - $output .= t('There are currently no posts in this category.'); + $output .= '<p>'. t('There are currently no posts in this category.') .'</p>'; } return $output; } |