This repository was archived by the owner on Jun 9, 2022. It is now read-only.
forked from bricel/og_subgroups
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathog_subgroups.module
More file actions
executable file
·142 lines (136 loc) · 4.92 KB
/
og_subgroups.module
File metadata and controls
executable file
·142 lines (136 loc) · 4.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
<?php
/**
* @file
* Enable defining hierarchy of groups for organic groups.
*/
/**
* Check if a user has access permmission (given) in one of the encestors groups
* and retuen the tree structure of the group hierarchy.
*
* @param $entity_groups
* Array of group id to check and start moving up in the hierarchy.
*
* @param $account
* Optional; The account to check
* @param $string_perm
* Optional; The permission string, if empty return the full tree stucture in
* $structure, otherwise stops when the permission is grant.
* @param $structure
* Optional; This is the array that you should send by ref to get back the
* all the tree structure of the given groups.
* Array contain 2 keys ['gid'] - group id, and ['level'] the depth of the
* parent.
* @param $level
* Optional; Level of tree to start counting from, nomaly no need to change
* this. Deafult 0 beeing the entity given.
*
* @return
* TRUE if user has access grant with the given perm to one of the enstertors
* groups.
*/
function og_subgroups_get_reverse_hierarchy_tree_perm($entity_groups, $string = '', $account = NULL, &$structure = array(), $level = 0) {
// Check if user has the permission in a parent group.
foreach($entity_groups as $gid) {
// Save the hierarchy structure.
$structure[$gid] = array();
$structure[$gid]['gid'] = $gid;
$structure[$gid]['level'] = $level;
if ($string) {
if (og_user_access($gid, $string, $account, TRUE)) {
return TRUE;
}
}
}
// Get all groups that are content of user_groups (as an array of group ids).
$groups = og_load_multiple($entity_groups);
$parent_groups = array();
foreach ($groups as $group) {
// Load the entity associated with the group.
$entity = og_load_entity_from_group($group->gid);
// Get all groups that are associated with passed group.
$parent_groups += og_get_entity_groups($group->entity_type, $entity);
}
if ($parent_groups) {
// Recurssion call of the function.
return og_subgroups_get_reverse_hierarchy_tree_perm($parent_groups, $string, $account, $structure, ++$level);
}
else {
// Reached a dead end, return false.
return FALSE;
}
}
/**
* Implements hook_og_user_access_alter()
*/
function og_subgroups_og_user_access_alter(&$perm, $context) {
// Update the permission for a user that tries to access a sub group.
// This gives to any users his og group permission to all his subgroups,
// without the -need for him to be a member in the groups.
$perm[$context['string']] = og_subgroups_get_reverse_hierarchy_tree_perm(array($context['group']->gid), $context['string'], $context['account']);
}
/**
* Implements hook_node_access_records_alter().
*
* This alter is fired on node save, we want to add view permission to a user's
* subgroups (private groups), to do so we add the parent groups id to all
* groups.
*/
function og_subgroups_node_access_records_alter(&$grants, $node) {
// Relevant only for private groups.
if (module_exists('og_access')) {
// The group IDs, that in case access is granted, will be recorded.
$gids = array();
$private = FALSE;
$groups = array();
// Dealing with a node group that is private.
if (!empty($node->{OG_ACCESS_FIELD}[LANGUAGE_NONE][0]['value'])) {
$group = og_get_group('node', $node->nid);
if ($group) {
$groups[] = $group->gid;
$private = TRUE;
}
}
// Dealing with a group content.
elseif (isset($node->{OG_CONTENT_ACCESS_FIELD}[LANGUAGE_NONE][0]['value'])) {
// If no groups with og realm are defined, this means it's a public group
// then do nothing, otherwise treat as a private group.
if (($node->{OG_CONTENT_ACCESS_FIELD}[LANGUAGE_NONE][0]['value'] == OG_CONTENT_ACCESS_PRIVATE) ||
($node->{OG_CONTENT_ACCESS_FIELD}[LANGUAGE_NONE][0]['value'] == OG_CONTENT_ACCESS_DEFAULT && og_subgroups_grants_has_og_realm($grants))) {
$groups = og_get_entity_groups('node', $node);
$private = TRUE;
}
}
// If group is private, then grant permissions for parent groups.
if ($private) {
og_subgroups_get_reverse_hierarchy_tree_perm($groups,'', NULL, $gids);
// Check existing grant and remove from gids[], to avoid duplication.
foreach ($grants as $granted) {
if (isset($gids[$granted['gid']])) {
unset($gids[$granted['gid']]);
}
}
// Build the new access Grant array.
foreach ($gids as $gid) {
$grants[] = array (
'realm' => OG_ACCESS_AUTHENTICATED_REALM,
'gid' => $gid['gid'],
'grant_view' => 1,
'grant_update' => 0,
'grant_delete' => 0,
'priority' => 0,
);
}
}
}
}
/*
* @return TRUE if $grants contain an OG realm
*/
function og_subgroups_grants_has_og_realm($grants) {
foreach ($grants as $granted) {
if ($granted['realm'] == OG_ACCESS_AUTHENTICATED_REALM) {
return TRUE;
}
}
return FALSE;
}