From 72065fb8351b54eee5f1928c18e06ad81aa9b502 Mon Sep 17 00:00:00 2001 From: Dries Buytaert Date: Wed, 20 Jun 2001 20:00:40 +0000 Subject: - Added a brand-new access.module which allows you to manage 'roles' (groups) and 'permissions' ... (inspired by Zope's system). + Once installed, click the help-link for more information. + See updates/2.00-to-x.xx.sql for the SQL updates. - Modified loads of code to use our new access.module. The system still has to mature though: new permissions have to be added and existing permissions need stream-lining. Awaiting suggestions. - As a direct result of the new access system, I had to rewrite the way the top-level links in admin.php are rendered and displayed, and xhtml-ified admin.php while I was at it. TODO - Home-brewed modules need updating, home-brewed themes not. (Examples: file.module, trip_link.module) - As soon we *finished* the refactoring of the user system (KJ has been working on this refactoring already) we should consider to embed this role and permission code into account.module ... --- modules/forum.module | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) (limited to 'modules/forum.module') diff --git a/modules/forum.module b/modules/forum.module index 61d05f561..8bce520e3 100644 --- a/modules/forum.module +++ b/modules/forum.module @@ -24,9 +24,7 @@ function forum_form($edit = array()) { function forum_save($edit) { global $user, $status; - if (user_access($user)) { - node_save($edit, array(author => $user->id, body, comment => variable_get("forum_comment", 0), moderate => variable_get("forum_moderate", ""), promote => variable_get("forum_promote", 0), score => 0, status => $status[posted], timestamp => time(), title, type => "forum", votes => 0)); - } + node_save($edit, array(author => $user->id, body, comment => variable_get("forum_comment", 0), moderate => variable_get("forum_moderate", ""), promote => variable_get("forum_promote", 0), score => 0, status => $status[posted], timestamp => time(), title, type => "forum", votes => 0)); } function forum_num_comments($nid) { @@ -40,21 +38,28 @@ function forum_last_comment($nid) { } function forum_page() { - global $theme; + global $user, $theme; - $result = db_query("SELECT nid FROM node WHERE type = 'forum' ORDER BY title"); + if (user_access($user, "view content")) { + $result = db_query("SELECT nid FROM node WHERE type = 'forum' ORDER BY title"); - $output .= "\n"; - $output .= " "; - while ($node = db_fetch_object($result)) { - $node = node_get_object(array("nid" => $node->nid)); - $output .= " "; - } - $output .= "
". t("Forum") ."". t("Comments") ."". t("Last comment") ."". t("Moderators") ."
nid\">". check_output($node->title) ."
". check_output($node->body, 1) ."		". forum_num_comments($node->nid) ."". forum_last_comment($node->nid) ."". check_output($node->moderate) ."
\n"; + $output .= "\n"; + $output .= " "; + while ($node = db_fetch_object($result)) { + $node = node_get_object(array("nid" => $node->nid)); + $output .= " "; + } + $output .= "
". t("Forum") ."". t("Comments") ."". t("Last comment") ."". t("Moderators") ."
nid\">". check_output($node->title) ."
". check_output($node->body, 1) ."		". forum_num_comments($node->nid) ."". forum_last_comment($node->nid) ."". check_output($node->moderate) ."
\n"; - $theme->header(); - $theme->box(t("Discussion forum"), $output); - $theme->footer(); + $theme->header(); + $theme->box(t("Discussion forum"), $output); + $theme->footer(); + } + else { + $theme->header(); + $theme->box(t("Access denied"), message_access()); + $theme->footer(); + } } ?> \ No newline at end of file -- cgit v1.2.3