diff options
| author | Gábor Hojtsy <gabor@hojtsy.hu> | 2008-01-09 09:51:35 +0000 |
|---|---|---|
| committer | Gábor Hojtsy <gabor@hojtsy.hu> | 2008-01-09 09:51:35 +0000 |
| commit | 33f455d2df47ef80dd5b3c736762cecd23b0ba63 (patch) | |
| tree | bb98ef555f3b1844b2043668c8539cfe99b71a8c /modules/blog/blog.module | |
| parent | 7de29914a9cbb6d82e4d5798f46565322e41b021 (diff) | |
| download | brdo-33f455d2df47ef80dd5b3c736762cecd23b0ba63.tar.gz brdo-33f455d2df47ef80dd5b3c736762cecd23b0ba63.tar.bz2 | |
#153998 by David_Rothstein and myself: clean up permissions in book, blog, blogapi, forum and locale modules
Diffstat (limited to 'modules/blog/blog.module')
| -rw-r--r-- | modules/blog/blog.module | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/modules/blog/blog.module b/modules/blog/blog.module index 0f2987781..4efb8c291 100644 --- a/modules/blog/blog.module +++ b/modules/blog/blog.module @@ -23,21 +23,21 @@ function blog_node_info() { * Implementation of hook_perm(). */ function blog_perm() { - return array('edit own blog'); + return array('create blog entries', 'delete own blog entries', 'delete any blog entry', 'edit own blog entries', 'edit any blog entry'); } /** * Implementation of hook_access(). */ function blog_access($op, $node, $account) { - if ($op == 'create') { - return user_access('edit own blog', $account) && $account->uid; - } - - if ($op == 'update' || $op == 'delete') { - if (user_access('edit own blog', $account) && ($node->uid == $account->uid)) { - return TRUE; - } + switch ($op) { + case 'create': + // Anonymous users cannot post even if they have the permission. + return user_access('create blog entries', $account) && $account->uid; + case 'update': + return user_access('edit any blog entry', $account) || (user_access('edit own blog entries', $account) && ($node->uid == $account->uid)); + case 'delete': + return user_access('delete any blog entry', $account) || (user_access('delete own blog entries', $account) && ($node->uid == $account->uid)); } } @@ -45,7 +45,7 @@ function blog_access($op, $node, $account) { * Implementation of hook_user(). */ function blog_user($type, &$edit, &$user) { - if ($type == 'view' && user_access('edit own blog', $user)) { + if ($type == 'view' && user_access('create blog entries', $user)) { $user->content['summary']['blog'] = array( '#type' => 'user_profile_item', '#title' => t('Blog'), @@ -145,7 +145,7 @@ function blog_menu() { 'page callback' => 'blog_page_user', 'page arguments' => array(1), 'access callback' => 'user_access', - 'access arguments' => array('edit own blog', 1), + 'access arguments' => array('create blog entries', 1), 'file' => 'blog.pages.inc', ); $items['blog/%user/feed'] = array( |