bachir/materio-base-legacy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

FINAL suepr merge step : added all modules to this super repos

Browse Source
This commit is contained in:
Bachir Soussi Chiadmi
2015-04-19 16:46:59 +02:00
parent 7b6bd36fea df0ec71ac7
commit f2b8ace9b7
7585 changed files with 1723356 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
sites/all/modules/contrib/users/role_delegation/CHANGELOG.txt Normal file
View File

@@ -0,0 +1,19 @@
Role Delegation 7.x-1.1, 2011-06-20
-----------------------------------
#1119192 by Andrew Schulman: fix Role Delegation tab in user profile appears as an action, not a tab.
#1180600 by jyee: fix overwrites role attributes in forms.
#1185796 by Andrew Schulman: fix Role delegation options appear in every profile edit form with Profile 2.
#1193868 by Andrew Schulman: fix Unsanitized output in role_delegation_delegate_roles_action_form().
Role Delegation 7.x-1.0, 2010-12-21
-----------------------------------
#170543 by Andrew Schulman: Rename or delete 'assign role' permissions when roles are renamed or deleted.
#811932 by Pasqualle: Use 'restrict access' parameter for labeling unsafe permissions.
Fix wrong assertion in RoleDelegationRoleEditingTestCase::testRenameRole() in role_delegation.test.
Role Delegation 7.x-1.0-beta1, 2010-12-07
-----------------------------------------
#660640 by Pasqualle: Port to D7; add "Delegate roles" action.
#598840 by Andrew Schulman: Add batch add and remove role operations.
#983574 by Andrew Schulman: Add simple tests for D7.
#946506 by spam38: Fix htmlspecialchars warning on admin/people* pages in drupal 7.x.

274
sites/all/modules/contrib/users/role_delegation/LICENSE.txt Normal file
View File

@@ -0,0 +1,274 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave,
Cambridge, MA 02139, USA. Everyone is permitted to copy and distribute
verbatim copies of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your freedom to
share and change it. By contrast, the GNU General Public License is
intended to guarantee your freedom to share and change free software--to
make sure the software is free for all its users. This General Public License
applies to most of the Free Software Foundation's software and to any other
program whose authors commit to using it. (Some other Free Software
Foundation software is covered by the GNU Library General Public License
instead.) You can apply it to your programs, too.
When we speak of free software, we are referring to freedom, not price. Our
General Public Licenses are designed to make sure that you have the
freedom to distribute copies of free software (and charge for this service if
you wish), that you receive source code or can get it if you want it, that you
can change the software or use pieces of it in new free programs; and that
you know you can do these things.
To protect your rights, we need to make restrictions that forbid anyone to
deny you these rights or to ask you to surrender the rights. These restrictions
translate to certain responsibilities for you if you distribute copies of the
software, or if you modify it.
For example, if you distribute copies of such a program, whether gratis or for
a fee, you must give the recipients all the rights that you have. You must make
sure that they, too, receive or can get the source code. And you must show
them these terms so they know their rights.
We protect your rights with two steps: (1) copyright the software, and (2)
offer you this license which gives you legal permission to copy, distribute
and/or modify the software.
Also, for each author's protection and ours, we want to make certain that
everyone understands that there is no warranty for this free software. If the
software is modified by someone else and passed on, we want its recipients
to know that what they have is not the original, so that any problems
introduced by others will not reflect on the original authors' reputations.
Finally, any free program is threatened constantly by software patents. We
wish to avoid the danger that redistributors of a free program will individually
obtain patent licenses, in effect making the program proprietary. To prevent
this, we have made it clear that any patent must be licensed for everyone's
free use or not licensed at all.
The precise terms and conditions for copying, distribution and modification
follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND
MODIFICATION
0. This License applies to any program or other work which contains a notice
placed by the copyright holder saying it may be distributed under the terms
of this General Public License. The "Program", below, refers to any such
program or work, and a "work based on the Program" means either the
Program or any derivative work under copyright law: that is to say, a work
containing the Program or a portion of it, either verbatim or with
modifications and/or translated into another language. (Hereinafter, translation
is included without limitation in the term "modification".) Each licensee is
addressed as "you".
Activities other than copying, distribution and modification are not covered
by this License; they are outside its scope. The act of running the Program is
not restricted, and the output from the Program is covered only if its contents
constitute a work based on the Program (independent of having been made
by running the Program). Whether that is true depends on what the Program
does.
1. You may copy and distribute verbatim copies of the Program's source
code as you receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice and
disclaimer of warranty; keep intact all the notices that refer to this License
and to the absence of any warranty; and give any other recipients of the
Program a copy of this License along with the Program.
You may charge a fee for the physical act of transferring a copy, and you
may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion of it,
thus forming a work based on the Program, and copy and distribute such
modifications or work under the terms of Section 1 above, provided that you
also meet all of these conditions:
a) You must cause the modified files to carry prominent notices stating that
you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in whole or in
part contains or is derived from the Program or any part thereof, to be
licensed as a whole at no charge to all third parties under the terms of this
License.
c) If the modified program normally reads commands interactively when run,
you must cause it, when started running for such interactive use in the most
ordinary way, to print or display an announcement including an appropriate
copyright notice and a notice that there is no warranty (or else, saying that
you provide a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this License.
(Exception: if the Program itself is interactive but does not normally print such
an announcement, your work based on the Program is not required to print
an announcement.)
These requirements apply to the modified work as a whole. If identifiable
sections of that work are not derived from the Program, and can be
reasonably considered independent and separate works in themselves, then
this License, and its terms, do not apply to those sections when you distribute
them as separate works. But when you distribute the same sections as part
of a whole which is a work based on the Program, the distribution of the
whole must be on the terms of this License, whose permissions for other
licensees extend to the entire whole, and thus to each and every part
regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest your rights to
work written entirely by you; rather, the intent is to exercise the right to
control the distribution of derivative or collective works based on the
Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of a
storage or distribution medium does not bring the other work under the scope
of this License.
3. You may copy and distribute the Program (or a work based on it, under
Section 2) in object code or executable form under the terms of Sections 1
and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable source
code, which must be distributed under the terms of Sections 1 and 2 above
on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three years, to give
any third party, for a charge no more than your cost of physically performing
source distribution, a complete machine-readable copy of the corresponding
source code, to be distributed under the terms of Sections 1 and 2 above on
a medium customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer to distribute
corresponding source code. (This alternative is allowed only for
noncommercial distribution and only if you received the program in object
code or executable form with such an offer, in accord with Subsection b
above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source code
means all the source code for all modules it contains, plus any associated
interface definition files, plus the scripts used to control compilation and
installation of the executable. However, as a special exception, the source
code distributed need not include anything that is normally distributed (in
either source or binary form) with the major components (compiler, kernel,
and so on) of the operating system on which the executable runs, unless that
component itself accompanies the executable.
If distribution of executable or object code is made by offering access to
copy from a designated place, then offering equivalent access to copy the
source code from the same place counts as distribution of the source code,
even though third parties are not compelled to copy the source along with the
object code.
4. You may not copy, modify, sublicense, or distribute the Program except as
expressly provided under this License. Any attempt otherwise to copy,
modify, sublicense or distribute the Program is void, and will automatically
terminate your rights under this License. However, parties who have received
copies, or rights, from you under this License will not have their licenses
terminated so long as such parties remain in full compliance.
5. You are not required to accept this License, since you have not signed it.
However, nothing else grants you permission to modify or distribute the
Program or its derivative works. These actions are prohibited by law if you
do not accept this License. Therefore, by modifying or distributing the
Program (or any work based on the Program), you indicate your acceptance
of this License to do so, and all its terms and conditions for copying,
distributing or modifying the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the original
licensor to copy, distribute or modify the Program subject to these terms and
conditions. You may not impose any further restrictions on the recipients'
exercise of the rights granted herein. You are not responsible for enforcing
compliance by third parties to this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues), conditions
are imposed on you (whether by court order, agreement or otherwise) that
contradict the conditions of this License, they do not excuse you from the
conditions of this License. If you cannot distribute so as to satisfy
simultaneously your obligations under this License and any other pertinent
obligations, then as a consequence you may not distribute the Program at all.
For example, if a patent license would not permit royalty-free redistribution
of the Program by all those who receive copies directly or indirectly through
you, then the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under any
particular circumstance, the balance of the section is intended to apply and
the section as a whole is intended to apply in other circumstances.
It is not the purpose of this section to induce you to infringe any patents or
other property right claims or to contest validity of any such claims; this
section has the sole purpose of protecting the integrity of the free software
distribution system, which is implemented by public license practices. Many
people have made generous contributions to the wide range of software
distributed through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing to
distribute software through any other system and a licensee cannot impose
that choice.
This section is intended to make thoroughly clear what is believed to be a
consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in certain
countries either by patents or by copyrighted interfaces, the original copyright
holder who places the Program under this License may add an explicit
geographical distribution limitation excluding those countries, so that
distribution is permitted only in or among countries not thus excluded. In such
case, this License incorporates the limitation as if written in the body of this
License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will be
similar in spirit to the present version, but may differ in detail to address new
problems or concerns.
Each version is given a distinguishing version number. If the Program specifies
a version number of this License which applies to it and "any later version",
you have the option of following the terms and conditions either of that
version or of any later version published by the Free Software Foundation. If
the Program does not specify a version number of this License, you may
choose any version ever published by the Free Software Foundation.
10. If you wish to incorporate parts of the Program into other free programs
whose distribution conditions are different, write to the author to ask for
permission. For software which is copyrighted by the Free Software
Foundation, write to the Free Software Foundation; we sometimes make
exceptions for this. Our decision will be guided by the two goals of
preserving the free status of all derivatives of our free software and of
promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE,
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT
PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE
STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL
NECESSARY SERVICING, REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR
AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR
ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE
LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL,
SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
ARISING OUT OF THE USE OR INABILITY TO USE THE
PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA
OR DATA BEING RENDERED INACCURATE OR LOSSES
SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE
PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN
IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF
THE POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS

40
sites/all/modules/contrib/users/role_delegation/README.txt Normal file
View File

@@ -0,0 +1,40 @@
README file for the Role Delegation Drupal module.
Description
***********
This module allows site administrators to grant some roles the authority to
assign selected roles to users, without them needing the 'administer
permissions' permission.
For each role, Role Delegation provides a new 'assign <ROLE> role' permission to
allow the assignment of that role.
The module also adds an 'assign all roles' permission. Enabling this permission
for a role is a convenient way to allow the assignment of any other role without
having to check all the 'assign <ROLE> role' permissions in the Permissions
page.
If an administrator has the 'administer users' permission, a role assignment
widget gets displayed in the account creation or editing form, and bulk
add/remove role operations become available on the user administration page.
Otherwise, if s/he has at least the 'access user profiles' permission, the
module adds its own 'Roles' tab to the user profile so that roles can be
assigned.
Installation
************
1. Extract the 'role_delegation' module directory, including all its
subdirectories, into your Drupal modules directory.
2. Go to the Administer > Site building > Modules page, and enable the module.
3. Go to the Administer > User management > Permissions and scroll down to
the role_delegation group of permissions. Each role now has a corresponding
'assign <ROLE> role' permission. Grant this permission to roles that shall have
the power to assign role ROLE to users.

12
sites/all/modules/contrib/users/role_delegation/role_delegation.info Normal file
View File

@@ -0,0 +1,12 @@
name = Role delegation
description = Allows site administrators to grant some roles the authority to assign selected roles to users.
core = 7.x
files[] = role_delegation.module
files[] = role_delegation.test
; Information added by drupal.org packaging script on 2011-06-20
version = "7.x-1.1"
core = "7.x"
project = "role_delegation"
datestamp = "1308565019"

401
sites/all/modules/contrib/users/role_delegation/role_delegation.module Normal file
View File

@@ -0,0 +1,401 @@
<?php
/**
* @file
*
* This module allows site administrators to grant some roles the authority to
* change roles assigned to users, without them needing the 'administer access
* control' permission.
*
* It provides its own tab in the user profile so that roles can be changed
* without needing access to the user edit form.
*/
/**
* Implements hook_help().
*/
function role_delegation_help($path, $arg) {
switch ($path) {
case 'admin/help#role_delegation':
$output = '<p>' . t('This module allows site administrators to grant some roles the authority to assign selected roles to users, without them needing the <em>administer permissions</em> permission.') . '</p>';
$output .= '<p>' . t('It provides its own tab in the user profile so that roles can be assigned without needing access to the user edit form.') . '</p>';
return $output;
}
}
/**
* Implements hook_theme().
*/
function role_delegation_theme() {
return array(
'role_delegation_delegate_roles_action_form' => array(
'render element' => 'form',
),
);
};
/**
* Implements hook_permission().
*/
function role_delegation_permission() {
$roles = _role_delegation_roles();
$perms['assign all roles'] = array(
'title' => t('Assign all roles'),
'restrict access' => TRUE,
);
foreach ($roles as $rid => $role) {
$perms["assign $role role"] = array(
'title' => t('Assign %role role', array('%role' => $role)),
);
}
return $perms;
}
/**
* Implements hook_menu().
*/
function role_delegation_menu() {
$items['user/%user/roles'] = array(
'title' => 'Roles',
'page callback' => 'drupal_get_form',
'page arguments' => array('role_delegation_roles_form', 1),
'access callback' => 'role_delegation_access',
'type' => MENU_LOCAL_TASK,
);
return $items;
}
/**
* Helper function to create the role options.
*/
function _role_delegation_add_roles_to_form(&$form, $account) {
$roles_current = $account->roles;
$roles_delegate = array();
$roles = _role_delegation_roles();
foreach ($roles as $rid => $role) {
if (user_access('assign all roles') || user_access("assign $role role")) {
$roles_delegate[$rid] = isset($form['account']['roles']['#options'][$rid]) ? $form['account']['roles']['#options'][$rid] : $role;
}
}
if (empty($roles_delegate)) {
// No role can be assigned.
return;
}
if (!isset($form['account'])) {
$form['account'] = array(
'#type' => 'value',
'#value' => $account,
);
}
// Generate the form items.
$form['account']['roles_change'] = array(
'#type' => 'checkboxes',
'#title' => isset($form['account']['roles']['#title']) ? $form['account']['roles']['#title'] : t('Roles'),
'#options' => $roles_delegate,
'#default_value' => array_keys(array_intersect_key($roles_current, $roles_delegate)),
'#description' => isset($form['account']['roles']['#description']) ? $form['account']['roles']['#description'] : t('Change roles assigned to user.'),
);
}
/**
* Provides a form for assigning roles to the current user.
*/
function role_delegation_roles_form($form, $form_state, $account) {
_role_delegation_add_roles_to_form($form, $account);
$form['submit'] = array(
'#type' => 'submit',
'#value' => t('Save'),
);
return $form;
}
/**
* Saves the roles assigned to the account given in the form.
*/
function role_delegation_roles_form_submit($form, &$form_state) {
if (is_array($form_state['values']['roles_change']) && isset($form_state['values']['account']->uid)) {
$uid = (int)$form_state['values']['account']->uid;
role_delegation_save(array($uid), $form_state['values']['roles_change']);
drupal_set_message(t('The roles have been updated.'));
}
}
function role_delegation_save($uids, $roles_change) {
$rolenames = user_roles(TRUE);
foreach ($roles_change as $rid => $value) {
if (!empty($value)) {
// Use the role name for changed roles.
$roles_change[$rid] = $rolenames[$rid];
}
}
$accounts = user_load_multiple($uids);
foreach ($accounts as $account) {
$roles_current = $account->roles;
$roles = array_filter($roles_change + $roles_current);
user_save($account, array('roles' => $roles));
}
}
/**
* Access callback for menu hook.
*/
function role_delegation_access() {
// Check access to user profile page.
if (!user_access('access user profiles')) {
return FALSE;
}
// Check if they can edit users. In that case, the Roles tab is not needed.
if (user_access('administer users')) {
return FALSE;
}
// Check access to role assignment page.
if (user_access('administer permissions')) {
return TRUE;
}
$perms = array_keys(role_delegation_permission());
foreach ($perms as $perm) {
if (user_access($perm)) {
return TRUE;
}
}
return FALSE;
}
/**
* Returns all existing roles, except anonymous and authenticated user.
*/
function _role_delegation_roles() {
$roles = user_roles(TRUE);
unset($roles[DRUPAL_AUTHENTICATED_RID]);
// Do not allow to delegate users to administator role. Let's keep this
// privilege to users with 'Administer permissions' permission only.
unset($roles[variable_get('user_admin_role', 0)]);
return $roles;
}
/**
* Implements hook_form_alter().
*/
function role_delegation_form_alter(&$form, $form_state, $form_id) {
// Only add role delegation options to:
// * Registration tab of account registration form
// * Account editing tab of account editing form
// These are normally the only tabs present on those forms, but other tabs may be added
// by other modules, e.g. profile editing tabs by Profile 2.
if (!( ($form_id == 'user_register_form' && $form['#user_category'] == 'register')
|| ($form_id == 'user_profile_form' && $form['#user_category'] == 'account' ) )) {
return;
}
if (user_access('administer permissions')) {
return;
}
$account = $form['#user'];
_role_delegation_add_roles_to_form($form, $account);
}
/**
* Implements hook_form_FORM_ID_alter() for user_admin_role().
*/
function role_delegation_form_user_admin_role_alter(&$form, $form_state) {
$form['#submit'][] = 'role_delegation_form_user_admin_role_submit';
}
/**
* Submit function for the user_admin_role form:
* When a role is renamed, renames the "assign role" permission for that role.
* We can't use hook_user_role_update() for this, because it doesn't have
* access to the old role name.
*/
function role_delegation_form_user_admin_role_submit($form, $form_state) {
$op = $form_state['values']['op'];
if ($op != t('Save role')) {
return;
}
$oldrole = $form_state['build_info']['args'][0]->name;
$newrole = $form_state['values']['name'];
if ($oldrole == $newrole) {
return;
}
db_update('role_permission')
->condition('permission', "assign $oldrole role")
->fields(array('permission' => "assign $newrole role"))
->execute();
}
/**
* Implements hook_user_role_delete().
* When a role is deleted, deletes the "assign role" permission for that role.
*/
function role_delegation_user_role_delete($role) {
db_delete('role_permission')
->condition('permission', "assign {$role->name} role")
->execute();
}
/**
* Implements hook_user_presave().
*/
function role_delegation_user_presave(&$edit, $account, $category) {
if (isset($edit['roles_change'])) {
$edit['roles'] = array_filter($edit['roles_change'] + $edit['roles']);
unset($edit['roles_change']);
}
}
/**
* Implements hook_user_operations().
*/
function role_delegation_user_operations($form = array(), $form_state = array()) {
// Only provide role add/remove operations when user can't assign permissions
// without Role Delegation.
if (user_access('administer permissions')) {
return;
}
// Provide add/remove operations for delegated roles.
$add_roles = array();
$remove_roles = array();
foreach (_role_delegation_roles() as $rid => $role) {
if (user_access('assign all roles') || user_access("assign $role role")) {
$add_roles['role_delegation_add_role-' . $rid]['label'] = t('Add role: !role', array('!role' => $role));
$remove_roles['role_delegation_remove_role-' . $rid]['label'] = t('Remove role: !role', array('!role' => $role));
}
}
$operations = $add_roles + $remove_roles;
// If the form has been posted, insert the proper data for role editing.
if (!empty($form_state['submitted'])) {
$operation_rid = explode('-', $form_state['values']['operation']);
$operation = $operation_rid[0];
if ($operation == 'role_delegation_add_role' || $operation == 'role_delegation_remove_role') {
if (array_key_exists($form_state['values']['operation'], $operations)) {
$rid = $operation_rid[1];
$operations[$form_state['values']['operation']] += array(
// use the standard add_role and remove_role operations:
'callback' => 'user_multiple_role_edit',
'callback arguments' => array(str_replace('role_delegation_', '', $operation), $rid),
);
}
else {
watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
return;
}
}
}
return $operations;
}
/**
* Implements hook_form_FORM_ID_alter() for user_admin_account().
*
* In the user bulk update form, separates out the role delegation operations
* and groups and relabels them under 'Add a role' and 'Remove a role' optgroups.
*/
function role_delegation_form_user_admin_account_alter(&$form, $form_state, $form_id) {
$options = $form['options']['operation']['#options'];
$roles = _role_delegation_roles();
$add_roles = array();
$remove_roles = array();
foreach ($options as $option => $label) {
$operation_rid = explode('-', $option);
$operation = $operation_rid[0];
if ($operation == 'role_delegation_add_role') {
$rid = $operation_rid[1];
$add_roles[$option] = $roles[$rid];
unset($options[$option]);
}
elseif ($operation == 'role_delegation_remove_role') {
$rid = $operation_rid[1];
$remove_roles[$option] = $roles[$rid];
unset($options[$option]);
}
}
if (count($add_roles)) {
$form['options']['operation']['#options'] = $options + array(
t('Add a role to the selected users') => $add_roles,
t('Remove a role from the selected users') => $remove_roles,
);
}
}
/**
* Implements hook_action_info().
*/
function role_delegation_action_info() {
return array(
'role_delegation_delegate_roles_action' => array(
'type' => 'user',
'label' => t('Delegate roles'),
'configurable' => TRUE,
'triggers' => array(),
),
);
}
function role_delegation_delegate_roles_action_form($context) {
$form['#tree'] = TRUE;
$form['#theme'] = 'role_delegation_delegate_roles_action_form';
foreach (_role_delegation_roles() as $rid => $role_name) {
$form['role_change'][$rid] = array(
'#type' => 'select',
'#title' => check_plain($role_name),
'#default_value' => isset($context['roles_change'][$rid]) ? $context['roles_change'][$rid] : -1,
'#options' => array(
-1 => t('Do not change'),
1 => t('Add this role'),
0 => t('Remove this role'),
),
);
}
return $form;
}
function theme_role_delegation_delegate_roles_action_form($variables) {
$form = $variables['form'];
$rows = array();
$header = array(
t('Role'),
t('Operation'),
);
foreach (element_children($form['role_change']) as $key) {
$role = $form['role_change'][$key]['#title'];
unset($form['role_change'][$key]['#title']);
$operation = drupal_render($form['role_change'][$key]);
$row = array(
array('data' => $role),
array('data' => $operation),
);
$rows[] = $row;
}
$output = drupal_render($form['actions_label']);
$output .= theme('table', array('header' => $header, 'rows' => $rows, 'attributes' => array('id' => 'role-delegation-table')));
$output .= drupal_render_children($form);
return $output;
}
function role_delegation_delegate_roles_action_submit($form, $form_state) {
$roles_change = array();
foreach ($form_state['values']['role_change'] as $rid => $value) {
if ($value > -1) {
$roles_change[$rid] = $value;
}
}
return array('roles_change' => $roles_change);
}
function role_delegation_delegate_roles_action(&$user, $context) {
$roles_current = $user->roles;
$roles_change = $context['roles_change'];
role_delegation_save(array($user->uid), $roles_change);
}

332
sites/all/modules/contrib/users/role_delegation/role_delegation.test Normal file
View File

@@ -0,0 +1,332 @@
<?php
/**
* @file
* Tests for the Role Delegation module.
*/
/**
* Base class for Role Delegation tests.
*/
class RoleDelegationTestCase extends DrupalWebTestCase {
protected $rid_high, $rid_low, $user_high, $user_low;
/**
* Assign or remove one role to/from one user.
*
* The logged in user must have the "administer users"
* permission in order for this function to succeed.
*
* @param $rid
* The role id of the role to assign or remove.
* @param $user
* The user object of the user to assign/remove the role to.
* @param $assign
* TRUE (the default) to assign the role, or
* FALSE to remove it.
*
* @return
* TRUE or FALSE depending on whether the role was
* successfully assigned or removed.
*/
protected function assignRoleToUser($rid, $user, $assign = TRUE) {
$this->drupalGet("user/{$user->uid}/edit");
if (count($this->xpath("//input[@name='roles[$rid]']"))) {
$name = "roles[$rid]";
}
elseif (count($this->xpath("//input[@name='roles_change[$rid]']"))) {
$name = "roles_change[$rid]";
}
else {
return FALSE;
}
$this->drupalPost(NULL, array($name => $assign), t('Save'));
$elements = $this->xpath("//input[@name='$name']");
return isset($elements[0]) && ($assign XOR empty($elements[0]['checked']));
}
/**
* Assign or remove one permission to/from one role, and assert
* that the result succeeded.
*
* @param $permission
* The name of the permission to assign or remove.
* @param $rid
* The role id of the role to assign/remove the permission to/from.
* @param $assign
* TRUE (the default) to assign the permission, or
* FALSE to remove it.
*
* @return
* TRUE or FALSE depending on whether the permission was
* successfully assigned or removed.
*/
protected function assignPermissionToRole($permission, $rid, $assign = TRUE) {
$name = "{$rid}[{$permission}]";
$this->drupalPost("admin/people/permissions/$rid", array($name => $assign), t('Save permissions'));
$elements = $this->xpath("//input[@name='$name']");
$this->assertTrue(
isset($elements[0]) && ($assign XOR empty($elements[0]['checked'])),
($assign ? 'Assign' : 'Remove') . ' permission "' . $permission . '" ' . ($assign ? 'to' : 'from') . " role $rid."
);
}
public function setUp() {
// Enable modules
parent::setUp('role_delegation');
// Create roles
$this->rid_high = $this->drupalCreateRole(array(), 'high');
$this->rid_low = $this->drupalCreateRole(array(), 'low' );
// Create users
$this->user_high = $this->drupalCreateUser(array('administer users'));
$this->user_low = $this->drupalCreateUser(array('administer users'));
// Create privileged user and log in
$this->drupalLogin($this->drupalCreateUser(array('administer users', 'administer permissions')));
// Assign permissions to roles
$this->assignPermissionToRole('assign low role', $this->rid_high); // 'high' can assign 'low'
// Assign roles to users
$this->assertTrue(
$this->assignRoleToUser($this->rid_high, $this->user_high),
'Assign high role to high user'
);
}
}
/**
* Functional tests for permissions.
*/
class RoleDelegationPermissionsTestCase extends RoleDelegationTestCase {
public static function getInfo() {
return array(
'name' => t('Permissions'),
'description' => t('Check that role assignment permissions are enforced.'),
'group' => t('Role Delegation'),
);
}
/**
* Check that high role can assign low role.
*/
public function testHighLow() {
$this->drupalLogin($this->user_high);
$this->assertTrue(
$this->assignRoleToUser($this->rid_low, $this->user_low), // could be any user
t('!role1 role can assign !role2 role.', array('!role1' => 'High', '!role2' => 'low')),
t('Role Delegation')
);
}
/**
* Check that high role can't assign high role.
*/
public function testHighHigh() {
$this->drupalLogin($this->user_high);
// Just check that no option is presented to the user.
$this->assertFalse(
$this->assignRoleToUser($this->rid_high, $this->user_high), // could be any user
t("!role1 role can't assign !role2 role.", array('!role1' => 'High', '!role2' => 'high')),
t('Role Delegation')
);
}
/**
* Check that roles can't be assigned by forgery.
*/
public function testRoleForgery() {
$this->drupalLogin($this->user_high);
// Have the nefarious high user forge an option to assign the high role...
$this->drupalGet("user/{$this->user_low->uid}/edit");
$name = "roles_change[{$this->rid_low}]";
$input = $this->xpath("//input[@name='$name']");
$dome = dom_import_simplexml($input[0]);
$dome->setAttribute('value', $this->rid_high);
// ... then submit the form, and check that he didn't get the role.
$this->drupalPost(NULL, array($name => TRUE), t('Save'));
$this->assertRaw(
t('An illegal choice has been detected. Please contact the site administrator.'),
t('Role assignment forgery is blocked.') . ' (#1)',
t('Role Delegation')
);
$this->assertFieldByName(
$name,
$this->rid_low,
t('Role assignment forgery is blocked.') . ' (#2)',
t('Role Delegation')
);
}
}
/**
* Functional tests for operations.
*/
class RoleDelegationOperationsTestCase extends RoleDelegationTestCase {
public static function getInfo() {
return array(
'name' => t('Operations'),
'description' => t('Check that role assignment bulk operations are available and work as intended.'),
'group' => t('Role Delegation'),
);
}
/**
* Check that the right combination of Add and Remove role
* operations is present in the user bulk update form.
*/
public function testOperationsExist() {
$this->drupalLogin($this->user_high);
$this->drupalGet('admin/people');
$this->assertFieldByXPath(
'//select[@name="operation"]//option',
"role_delegation_add_role-{$this->rid_low}",
t("!user user can use Add !role role operation.", array('!user' => 'High', '!role' => 'low')),
t('Role Delegation')
);
$this->assertFieldByXPath(
'//select[@name="operation"]//option',
"role_delegation_remove_role-{$this->rid_low}",
t("!user user can use Remove !role role operation.", array('!user' => 'High', '!role' => 'low')),
t('Role Delegation')
);
$this->assertNoFieldByXPath(
'//select[@name="operation"]//option',
"role_delegation_add_role-{$this->rid_high}",
t("!user user can't use Add !role role operation.", array('!user' => 'High', '!role' => 'high')),
t('Role Delegation')
);
$this->assertNoFieldByXPath(
'//select[@name="operation"]//option',
"role_delegation_remove_role-{$this->rid_high}",
t("!user user can't use Remove !role role operation.", array('!user' => 'High', '!role' => 'high')),
t('Role Delegation')
);
}
/**
* Check that Add and Remove role operations work as intended.
*/
public function testOperationsWork() {
$uids_to_test = array($this->user_high->uid, $this->user_low->uid);
$edit = array();
foreach ($uids_to_test as $uid) {
$edit["accounts[$uid]"] = TRUE;
}
$this->drupalLogin($this->user_high);
$this->drupalGet('admin/people');
// Add low role
$edit['operation'] = "role_delegation_add_role-{$this->rid_low}";
$this->drupalPost(NULL, $edit, t('Update'));
foreach ($uids_to_test as $uid) {
$this->assertFieldByXPath(
"//tbody/tr[$uid]/td[4]//li",
'low',
t('!user user assigned !role role to user !uid.', array('!user' => 'High', '!role' => 'low', '!uid' => $uid)),
t('Role Delegation')
);
}
// Remove low role
$edit['operation'] = "role_delegation_remove_role-{$this->rid_low}";
$this->drupalPost(NULL, $edit, t('Update'));
foreach ($uids_to_test as $uid) {
$this->assertNoFieldByXPath(
"//tbody/tr[$uid]/td[4]//li",
'low',
t('!user user removed !role role from user !uid.', array('!user' => 'High', '!role' => 'low', '!uid' => $uid)),
t('Role Delegation')
);
}
}
/**
* Check that operations can't be forged.
*/
public function testOperationsForgery() {
$this->drupalLogin($this->user_high);
$this->drupalGet('admin/people');
// Forge an operation to add the high role...
$option = $this->xpath("//select[@name='operation']//option[@value='role_delegation_add_role-{$this->rid_low}']");
if (count($option)==0) {
return;
}
$dome = dom_import_simplexml($option[0]);
$dome->setAttribute('value', "role_delegation_add_role-{$this->rid_high}");
// ... then submit the form, and check that it wasn't granted.
$edit = array(
"accounts[{$this->user_low->uid}]" => TRUE,
"operation" => "role_delegation_add_role-{$this->rid_high}",
);
$this->drupalPost(NULL, $edit, t('Update'));
$this->assertRaw(
t('An illegal choice has been detected. Please contact the site administrator.'),
t('Role assignment forgery is blocked.') . ' (#1)',
t('Role Delegation')
);
$this->assertNoFieldByXPath(
"//tbody/tr[{$this->user_high->uid}]/td[4]//li",
'high',
t('Role assignment forgery is blocked.') . ' (#2)',
t('Role Delegation')
);
}
}
/**
* Functional tests for editing roles.
*/
class RoleDelegationRoleEditingTestCase extends RoleDelegationTestCase {
public static function getInfo() {
return array(
'name' => t('Role editing'),
'description' => t('Check that role assignment permissions are updated correctly when roles are renamed or deleted.'),
'group' => t('Role Delegation'),
);
}
/**
* Rename a role, and check that users that had permission to assign
* the old role now have permission to assign the new one.
*/
public function testRenameRole() {
$this->drupalPost("admin/people/permissions/roles/edit/{$this->rid_low}", array('name' => 'new low'), t('Save role'));
$this->drupalGet('admin/people/permissions');
$this->assertFieldChecked(
"edit-{$this->rid_high}-assign-new-low-role",
t('Permissions are updated when role is renamed.'),
t('Role Delegation')
);
}
/**
* Delete a role, then create a new one with the same name.
* Check that no users have permission to assign the new role.
*/
public function testDeleteRole() {
$this->drupalPost("admin/people/permissions/roles/delete/{$this->rid_low}", NULL, t('Delete'));
$this->drupalPost('admin/people/permissions/roles', array('name' => 'low'), t('Add role'));
$this->drupalGet('admin/people/permissions');
$this->assertNoFieldChecked(
"edit-{$this->rid_high}-assign-low-role",
t('Permissions are updated when role is deleted.'),
t('Role Delegation')
);
}
}