From 72065fb8351b54eee5f1928c18e06ad81aa9b502 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Wed, 20 Jun 2001 20:00:40 +0000
Subject: - Added a brand-new access.module which allows you to manage 'roles' 
  (groups) and 'permissions' ... (inspired by Zope's system).

    + Once installed, click the help-link for more information.

    + See updates/2.00-to-x.xx.sql for the SQL updates.

- Modified loads of code to use our new access.module.  The system
  still has to mature though: new permissions have to be added and
  existing permissions need stream-lining.  Awaiting suggestions.

- As a direct result of the new access system, I had to rewrite the
  way the top-level links in admin.php are rendered and displayed,
  and xhtml-ified admin.php while I was at it.

TODO

- Home-brewed modules need updating, home-brewed themes not.
  (Examples: file.module, trip_link.module)

- As soon we *finished* the refactoring of the user system (KJ has
  been working on this refactoring already) we should consider to
  embed this role and permission code into account.module ...
---
 modules/story.module | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'modules/story.module')

diff --git a/modules/story.module b/modules/story.module
index ca9ff6946..9773f2af4 100644
--- a/modules/story.module
+++ b/modules/story.module
@@ -16,7 +16,7 @@ function story_search($keys) {
   global $status, $user;
   $result = db_query("SELECT n.*, s.* FROM story s LEFT JOIN node n ON n.nid = s.nid AND n.lid = s.lid WHERE n.status = '$status[posted]' AND (n.title LIKE '%$keys%' OR s.abstract LIKE '%$keys%' OR s.body LIKE '%$keys%') LIMIT 20");
   while ($story = db_fetch_object($result)) {
-    $find[$i++] = array("title" => check_output($story->title), "link" => (user_access($user, "story") ? "admin.php?mod=node&type=story&op=edit&id=$story->nid" : "node.php?id=$story->nid"), "user" => $story->userid, "date" => $story->timestamp);
+    $find[$i++] = array("title" => check_output($story->title), "link" => (user_access($user, "add and edit nodes") ? "admin.php?mod=node&type=story&op=edit&id=$story->nid" : "node.php?id=$story->nid"), "user" => $story->userid, "date" => $story->timestamp);
   }
   return $find;
 }
@@ -75,7 +75,7 @@ function story_save($edit) {
   if (!$edit[nid]) {
     node_save($edit, array(abstract, attributes => node_attributes_save("story", $edit), author => $user->id, body, comment => variable_get("story_comment", 0), moderate => variable_get("story_moderate", ""), promote => variable_get("story_promote", 0), score => 0, status => variable_get("story_status", $status[queued]), timestamp => time(), title, type => "story", votes => 0));
   }
-  else if (user_access($user)) {
+  else if (user_access($user, "add and edit nodes")) {
     node_save($edit, array(abstract, attributes => node_attributes_save("story", $edit), body, title, type => "story"));
   }
 }
-- 
cgit v1.2.3