summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEarl Miles2010-03-10 21:03:19 (GMT)
committer Earl Miles2010-03-10 21:03:19 (GMT)
commit5eb98d56d3fbd7be82a587a3aae3477064735acd (patch)
tree46816f58294648fd58e712146e6c9b03204a333c
parentcbbed3f645416c940a45564990bd3259a549f0ef (diff)
#673852 by yhahn: Allow access plugins to choose whether or not "access all views" should be used.
-rw-r--r--CHANGELOG.txt1
-rw-r--r--plugins/views_plugin_access_perm.inc4
-rw-r--r--plugins/views_plugin_access_role.inc4
-rw-r--r--views.module32
4 files changed, 24 insertions, 17 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 0dcf2e2..a418775 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -122,6 +122,7 @@ Views 3.x-7.x-dev
o #737120 by james.williams: Fix help text for date offsets which gave incorrect information.
o #737118 by DeFr: Allow API calls to delete to not clear the views cache to facilitate batch operations.
o #684656 by yhahn: Prevent Views from performing an unneeded variable_set() during block list.
+ o #673852 by yhahn: Allow access plugins to choose whether or not "access all views" should be used.
Views 6.x-3.x-dev
o #396380 by merlinofchaos, dereine and dagmar: Initial support for GROUP BY queries!!!!!!!!!!!!
diff --git a/plugins/views_plugin_access_perm.inc b/plugins/views_plugin_access_perm.inc
index fd7fe60..032170f 100644
--- a/plugins/views_plugin_access_perm.inc
+++ b/plugins/views_plugin_access_perm.inc
@@ -6,11 +6,11 @@
*/
class views_plugin_access_perm extends views_plugin_access {
function access($account) {
- return user_access($this->options['perm'], $account);
+ return views_check_perm($this->options['perm'], $account);
}
function get_access_callback() {
- return array('user_access', array($this->options['perm']));
+ return array('views_check_perm', array($this->options['perm']));
}
function summary_title() {
diff --git a/plugins/views_plugin_access_role.inc b/plugins/views_plugin_access_role.inc
index 22ada69..2d3ea51 100644
--- a/plugins/views_plugin_access_role.inc
+++ b/plugins/views_plugin_access_role.inc
@@ -6,9 +6,7 @@
*/
class views_plugin_access_role extends views_plugin_access {
function access($account) {
- $roles = array_keys($account->roles);
- $roles[] = $account->uid ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID;
- return array_intersect(array_filter($this->options['role']), $roles);
+ return views_check_roles(array_filter($this->options['role']), $account);
}
function get_access_callback() {
diff --git a/views.module b/views.module
index c212acc..8871c27 100644
--- a/views.module
+++ b/views.module
@@ -442,10 +442,6 @@ function views_invalidate_cache() {
* is accessible, then the view is accessible.
*/
function views_access() {
- if (user_access('access all views')) {
- return TRUE;
- }
-
$args = func_get_args();
foreach ($args as $arg) {
if ($arg === TRUE) {
@@ -466,17 +462,29 @@ function views_access() {
}
/**
- * Access callback to determine if the logged in user has any of the
- * requested roles.
+ * Access callback for the views_plugin_access_perm access plugin.
*
- * This must be in views.module as it is called by menu access callback
- * and can be called often.
+ * Determine if the specified user has access to a view on the basis of
+ * permissions. If the $account argument is omitted, the current user
+ * is used.
+ */
+function views_check_perm($perm, $account = NULL) {
+ return user_access($perm, $account) || user_access('access all views', $account);
+}
+
+/**
+ * Access callback for the views_plugin_access_role access plugin.
+
+ * Determine if the specified user has access to a view on the basis of any of
+ * the requested roles. If the $account argument is omitted, the current user
+ * is used.
*/
-function views_check_roles($rids) {
+function views_check_roles($rids, $account = NULL) {
global $user;
- $roles = array_keys($user->roles);
- $roles[] = $user->uid ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID;
- return array_intersect(array_filter($rids), $roles);
+ $account = isset($account) ? $account : $user;
+ $roles = array_keys($account->roles);
+ $roles[] = $account->uid ? DRUPAL_AUTHENTICATED_RID : DRUPAL_ANONYMOUS_RID;
+ return user_access('access all views', $account) || array_intersect(array_filter($rids), $roles);
}
// ------------------------------------------------------------------
// Functions to help identify views that are running or ran