danielebarchiesi@0: <?php
danielebarchiesi@0: 
danielebarchiesi@0: /**
danielebarchiesi@0:  * @file
danielebarchiesi@0:  * Plugin to provide access control based on user permission strings.
danielebarchiesi@0:  */
danielebarchiesi@0: 
danielebarchiesi@0: /**
danielebarchiesi@0:  * Plugins are described by creating a $plugin array which will be used
danielebarchiesi@0:  * by the system that includes this file.
danielebarchiesi@0:  */
danielebarchiesi@0: $plugin = array(
danielebarchiesi@0:   'title' => t("User: permission"),
danielebarchiesi@0:   'description' => t('Control access by permission string.'),
danielebarchiesi@0:   'callback' => 'ctools_perm_ctools_access_check',
danielebarchiesi@0:   'default' => array('perm' => 'access content'),
danielebarchiesi@0:   'settings form' => 'ctools_perm_ctools_access_settings',
danielebarchiesi@0:   'summary' => 'ctools_perm_ctools_access_summary',
danielebarchiesi@0:   'required context' => new ctools_context_required(t('User'), 'user'),
danielebarchiesi@0: );
danielebarchiesi@0: 
danielebarchiesi@0: /**
danielebarchiesi@0:  * Settings form for the 'by perm' access plugin
danielebarchiesi@0:  */
danielebarchiesi@0: function ctools_perm_ctools_access_settings($form, &$form_state, $conf) {
danielebarchiesi@0:   $perms = array();
danielebarchiesi@0:   // Get list of permissions
danielebarchiesi@0:   foreach (module_list(FALSE, FALSE, TRUE) as $module) {
danielebarchiesi@0:     // By keeping them keyed by module we can use optgroups with the
danielebarchiesi@0:     // 'select' type.
danielebarchiesi@0:     if ($permissions = module_invoke($module, 'permission')) {
danielebarchiesi@0:       foreach ($permissions as $id => $permission) {
danielebarchiesi@0:         $perms[$module][$id] = $permission['title'];
danielebarchiesi@0:       }
danielebarchiesi@0:     }
danielebarchiesi@0:   }
danielebarchiesi@0: 
danielebarchiesi@0:   $form['settings']['perm'] = array(
danielebarchiesi@0:     '#type' => 'select',
danielebarchiesi@0:     '#options' => $perms,
danielebarchiesi@0:     '#title' => t('Permission'),
danielebarchiesi@0:     '#default_value' => $conf['perm'],
danielebarchiesi@0:     '#description' => t('Only users with the selected permission flag will be able to access this.'),
danielebarchiesi@0:   );
danielebarchiesi@0: 
danielebarchiesi@0:   return $form;
danielebarchiesi@0: }
danielebarchiesi@0: 
danielebarchiesi@0: /**
danielebarchiesi@0:  * Check for access.
danielebarchiesi@0:  */
danielebarchiesi@0: function ctools_perm_ctools_access_check($conf, $context) {
danielebarchiesi@0:   // As far as I know there should always be a context at this point, but this
danielebarchiesi@0:   // is safe.
danielebarchiesi@0:   if (empty($context) || empty($context->data)) {
danielebarchiesi@0:     return FALSE;
danielebarchiesi@0:   }
danielebarchiesi@0: 
danielebarchiesi@0:   return user_access($conf['perm'], $context->data);
danielebarchiesi@0: }
danielebarchiesi@0: 
danielebarchiesi@0: /**
danielebarchiesi@0:  * Provide a summary description based upon the checked roles.
danielebarchiesi@0:  */
danielebarchiesi@0: function ctools_perm_ctools_access_summary($conf, $context) {
danielebarchiesi@0:   if (!isset($conf['perm'])) {
danielebarchiesi@0:     return t('Error, unset permission');
danielebarchiesi@0:   }
danielebarchiesi@0: 
danielebarchiesi@0:   $permissions = module_invoke_all('permission');
danielebarchiesi@0:   return t('@identifier has "@perm"', array('@identifier' => $context->identifier, '@perm' => $permissions[$conf['perm']]['title']));
danielebarchiesi@0: }
danielebarchiesi@0: