From 72065fb8351b54eee5f1928c18e06ad81aa9b502 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Wed, 20 Jun 2001 20:00:40 +0000
Subject: - Added a brand-new access.module which allows you to manage 'roles' 
  (groups) and 'permissions' ... (inspired by Zope's system).

    + Once installed, click the help-link for more information.

    + See updates/2.00-to-x.xx.sql for the SQL updates.

- Modified loads of code to use our new access.module.  The system
  still has to mature though: new permissions have to be added and
  existing permissions need stream-lining.  Awaiting suggestions.

- As a direct result of the new access system, I had to rewrite the
  way the top-level links in admin.php are rendered and displayed,
  and xhtml-ified admin.php while I was at it.

TODO

- Home-brewed modules need updating, home-brewed themes not.
  (Examples: file.module, trip_link.module)

- As soon we *finished* the refactoring of the user system (KJ has
  been working on this refactoring already) we should consider to
  embed this role and permission code into account.module ...
---
 modules/block.module | 42 +++++++++++++++++++++++++-----------------
 1 file changed, 25 insertions(+), 17 deletions(-)

(limited to 'modules/block.module')

diff --git a/modules/block.module b/modules/block.module
index 108ee645c..0de1f0146 100644
--- a/modules/block.module
+++ b/modules/block.module
@@ -9,6 +9,10 @@ function block_help() {
  <?php
 }
 
+function block_perm() {
+  return array("add and edit blocks");
+}
+
 function block_admin_save($edit) {
   foreach ($edit as $key=>$value) {
     db_query("UPDATE blocks SET region = '". check_input($value[region]) ."', status = '". check_input($value[status]) ."', weight = '". check_input($value[weight]) ."' WHERE name = '". check_input($key) ."'");
@@ -99,24 +103,28 @@ function block_admin_preview() {
 }
 
 function block_admin() {
-  global $op, $edit;
-
-  print "<SMALL><A HREF=\"admin.php?mod=block\">configure</A> | <A HREF=\"admin.php?mod=block&op=preview\">preview</A> | <A HREF=\"admin.php?mod=block&op=help\">help</A></SMALL><HR>\n";
-
-  switch ($op) {
-    case "help":
-      block_help();
-      break;
-    case "preview":
-      block_admin_preview();
-      break;
-    case "Save blocks":
-      block_admin_save($edit);
-      // fall through
-    default:
-      block_admin_display();
+  global $user, $op, $edit;
+
+  if (user_access($user, "add and edit blocks")) {
+    print "<SMALL><A HREF=\"admin.php?mod=block\">configure</A> | <A HREF=\"admin.php?mod=block&op=preview\">preview</A> | <A HREF=\"admin.php?mod=block&op=help\">help</A></SMALL><HR>\n";
+
+    switch ($op) {
+      case "help":
+        block_help();
+        break;
+      case "preview":
+        block_admin_preview();
+        break;
+      case "Save blocks":
+        block_admin_save($edit);
+        // fall through
+      default:
+        block_admin_display();
+    }
+  }
+  else {
+    print message_access();
   }
-
 }
 
 ?>
-- 
cgit v1.2.3