From 72065fb8351b54eee5f1928c18e06ad81aa9b502 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Wed, 20 Jun 2001 20:00:40 +0000
Subject: - Added a brand-new access.module which allows you to manage 'roles' 
  (groups) and 'permissions' ... (inspired by Zope's system).

    + Once installed, click the help-link for more information.

    + See updates/2.00-to-x.xx.sql for the SQL updates.

- Modified loads of code to use our new access.module.  The system
  still has to mature though: new permissions have to be added and
  existing permissions need stream-lining.  Awaiting suggestions.

- As a direct result of the new access system, I had to rewrite the
  way the top-level links in admin.php are rendered and displayed,
  and xhtml-ified admin.php while I was at it.

TODO

- Home-brewed modules need updating, home-brewed themes not.
  (Examples: file.module, trip_link.module)

- As soon we *finished* the refactoring of the user system (KJ has
  been working on this refactoring already) we should consider to
  embed this role and permission code into account.module ...
---
 modules/poll/poll.module | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'modules/poll')

diff --git a/modules/poll/poll.module b/modules/poll/poll.module
index f99718e94..01b143654 100644
--- a/modules/poll/poll.module
+++ b/modules/poll/poll.module
@@ -78,7 +78,7 @@ function poll_search($keys) {
   global $status, $user;
   $result = db_query("SELECT n.*, p.* FROM poll p LEFT JOIN node n ON n.nid = p.nid AND n.lid = p.lid WHERE n.status = '$status[posted]' AND (n.title LIKE '%$keys%') LIMIT 20");
   while ($poll = db_fetch_object($result)) {
-    $find[$i++] = array("title" => check_output($poll->title), "link" => (user_access($user, "poll") ? "admin.php?mod=poll&op=edit&id=$poll->nid" : "node.php?id=$poll->nid"), "user" => $poll->userid, "date" => $poll->timestamp);
+    $find[$i++] = array("title" => check_output($poll->title), "link" => (user_access($user, "add and edit nodes") ? "admin.php?mod=poll&op=edit&id=$poll->nid" : "node.php?id=$poll->nid"), "user" => $poll->userid, "date" => $poll->timestamp);
   }
   return $find;
 }
@@ -176,7 +176,7 @@ function poll_form($edit = array(), $nocheck = 0) {
 
   $active = array(0 => "Closed", 1 => "Active");
 
-  $admin = ($edit[nid] && user_access($user,"poll")) ? 1 : 0;
+  $admin = ($edit[nid] && user_access($user, "add and edit nodes")) ? 1 : 0;
 
   if ($edit[title]) {
     $form .= poll_view(new Poll(node_preview($edit)));
@@ -234,7 +234,7 @@ function poll_save($edit) {
   if (!$edit[nid]) {
     $nid = node_save($edit, array(active => 1, attributes => node_attributes_save("poll", $edit), author => $user->id, comment => variable_get("poll_comment", 0), moderate => variable_get("poll_moderate", ""), promote => variable_get("poll_promote", 0), runtime, score => 0, status => variable_get("poll_status", $status[queued]), timestamp => time(), title, type => "poll", votes => 0, voters => ""));
   }
-  else if (user_access($user)) {
+  else if (user_access($user, "add and edit nodes")) {
     $nid = node_save($edit, array(active, attributes => node_attributes_save("poll", $edit), runtime, title, type => "poll"));
     db_query("DELETE FROM poll_choices WHERE nid='" . $nid . "'");
   }
-- 
cgit v1.2.3