diff --git a/includes/flag.views.inc b/includes/flag.views.inc index cba81ac..2adf8ba 100644 --- a/includes/flag.views.inc +++ b/includes/flag.views.inc @@ -60,9 +60,16 @@ function flag_views_plugins() { // A comment validator won't be very useful. Moreover, having it will // contribute to the argument object's $options polution, so let's skip // it. + 'flag_plugin_owner_perm' => array( + 'title' => t("Current user ID matches argument value"), + 'handler' => 'flag_plugin_validate_user', + 'parent' => 'user', + 'path' => drupal_get_path('module', 'flag') . '/includes', + ), ), ); } + /** * Implementation of hook_views_data(). */ diff --git a/includes/flag.views_default.inc b/includes/flag.views_default.inc index 6de1239..50d2cc1 100644 --- a/includes/flag.views_default.inc +++ b/includes/flag.views_default.inc @@ -163,12 +163,13 @@ function flag_views_default_views() { 'default_action' => 'empty', 'style_plugin' => 'default_summary', 'style_options' => array(), - 'wildcard' => 'all', - 'wildcard_substitution' => 'All', + 'exception' => array( + 'value' => '', + ), 'title' => '%1\'s bookmarks', 'default_argument_type' => 'fixed', 'default_argument' => '', - 'validate_type' => 'none', + 'validate_type' => 'flag_plugin_owner_perm', 'validate_fail' => 'not found', 'break_phrase' => 0, 'not' => 0, @@ -183,6 +184,7 @@ function flag_views_default_views() { 'default_argument_user' => 0, 'default_argument_fixed' => '', 'default_argument_php' => '', + 'validate_user_argument_type' => 'uid', ), ); diff --git a/includes/flag_plugin_validate_user.inc b/includes/flag_plugin_validate_user.inc new file mode 100644 index 0000000..64ff664 --- /dev/null +++ b/includes/flag_plugin_validate_user.inc @@ -0,0 +1,88 @@ + 'administer users'); + + return $options; + } + + /** + * Returns a option form for the plugin. + */ + function options_form(&$form, &$form_state) { + // Get the options form from the base class. + parent::options_form($form, $form_state); + + $perms = array(); + + $perms[] = t(' - None - '); + + // Produce an array of permissions keyed by module name. + foreach (module_implements('perm') as $module) { + $permissions = module_invoke($module, 'perm'); + foreach ($permissions as $perm) { + $perms[$module][$perm] = strip_tags($perm); + } + } + + asort($perms); + + // Create the form field for the validator. Returned by reference. + $form['bypass_perm'] = array( + '#type' => 'select', + '#options' => $perms, + '#title' => t('Override permission'), + '#default_value' => $this->options['bypass_perm'], + '#description' => t('Users with this permission bypass the argument check and are granted access.'), + ); + } + + /** + * Validates the argument to be a proper UID. + * @param mixed $argument + * @return boolean + */ + function validate_argument($argument) { + // The parent class takes care of all its options, returning TRUE if the + // argument value validates to a user account, and an account that has the + // required role. + $argument_validates = parent::validate_argument($argument); + + // If the parent didn't validate the argument, then we certainly can't + // either. + if ($argument_validates === FALSE) { + return $argument_validates; + } + + // If the current user has the bypass permission, then we're done: return + // the validation status we got from the parent. + if (!empty($this->options['bypass_perm']) && user_access($this->options['bypass_perm'])) { + return $argument_validates; + } + + // Otherwise, perform our additional check to enforce that the argument + // user ID is the current user. + // The parent method has stored the uid from the argument. + return ($this->argument->argument === $GLOBALS['user']->uid); + } + +}