diff options
| author | Dries Buytaert <dries@buytaert.net> | 2010-03-21 21:20:43 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2010-03-21 21:20:43 +0000 |
| commit | 25feb96f6dd5d5f1a73249a6f63354537db58fd2 (patch) | |
| tree | d9528d316a10ed4328675fd52eeb55f74395ac10 /modules/system | |
| parent | 9b8c393d4ef0883d8e1bb0d2c7059c52a8ad4fe1 (diff) | |
| download | brdo-25feb96f6dd5d5f1a73249a6f63354537db58fd2.tar.gz brdo-25feb96f6dd5d5f1a73249a6f63354537db58fd2.tar.bz2 | |
- Patch #248598 by David_Rothstein, pwolanin, aspilicious: improved warning about dangerous permissions.
Diffstat (limited to 'modules/system')
| -rw-r--r-- | modules/system/system.api.php | 23 | ||||
| -rw-r--r-- | modules/system/system.module | 2 |
2 files changed, 17 insertions, 8 deletions
diff --git a/modules/system/system.api.php b/modules/system/system.api.php index bd42f2292..c43bcf05e 100644 --- a/modules/system/system.api.php +++ b/modules/system/system.api.php @@ -1012,13 +1012,22 @@ function hook_system_info_alter(&$info, $file, $type) { * For a detailed usage example, see page_example.module. * * @return - * An array of which permission names are the keys and their corresponding - * values are descriptions of each permission. - * The permission names (keys of the array) must not be wrapped with - * the t() function, since the string extractor takes care of - * extracting permission names defined in the perm hook for - * translation. The permission descriptions (values of the array) - * should be wrapped in the t() function so they can be translated. + * An array whose keys are permission names and whose corresponding values + * are arrays containing the following key-value pairs: + * - title: The human-readable name of the permission, to be shown on the + * permission administration page. This should be wrapped in the t() + * function so it can be translated. + * - description: (optional) A description of what the permission does. This + * should be wrapped in the t() function so it can be translated. + * - restrict access: (optional) A boolean which can be set to TRUE to + * indicate that site administrators should restrict access to this + * permission to trusted users. This should be used for permissions that + * have inherent security risks across a variety of potential use cases + * (for example, the "administer filters" and "bypass node access" + * permissions provided by Drupal core). When set to TRUE, a standard + * warning message defined in user_admin_permissions() will be associated + * with the permission and displayed with it on the permission + * administration page. Defaults to FALSE. */ function hook_permission() { return array( diff --git a/modules/system/system.module b/modules/system/system.module index f4b31ce1c..2154d0573 100644 --- a/modules/system/system.module +++ b/modules/system/system.module @@ -207,7 +207,7 @@ function system_permission() { ), 'administer site configuration' => array( 'title' => t('Administer site configuration'), - 'description' => drupal_placeholder(array('text' => t('Warning: Give to trusted roles only; this permission has security implications.'))), + 'restrict access' => TRUE, ), 'administer themes' => array( 'title' => t('Administer themes'), |