bachir/popsu-d7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security update core+modules

Browse Source
This commit is contained in:
Bachir Soussi Chiadmi
2015-04-26 18:38:56 +02:00
parent 2f45ea820a
commit 7c96373038
1022 changed files with 30319 additions and 11259 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
sites/all/modules/ctools/plugins/access/book.inc Normal file
View File

@ -0,0 +1,94 @@
<?php
/**
* @file
* Plugin to provide access control based on whether a node belongs to a book.
*/
/**
* Plugins are described by creating a $plugin array which will be used
* by the system that includes this file.
*/
if (module_exists('book')) {
$plugin = array(
'title' => t("Book: node is in a book"),
'description' => t('Control access based upon a node belonging to a book.'),
'callback' => 'ctools_book_node_ctools_access_check',
'default' => array('book' => array()),
'settings form' => 'ctools_book_node_ctools_access_settings',
'settings form submit' => 'ctools_book_node_ctools_access_settings_submit',
'summary' => 'ctools_book_node_ctools_access_summary',
'required context' => new ctools_context_required(t('Node'), 'node'),
);
}
/**
* Settings form for the 'by book_node' access plugin.
*/
function ctools_book_node_ctools_access_settings($form, &$form_state, $conf) {
$options = array(
'any' => t('In any book'),
);
$books = book_get_books();
foreach ($books as $bid => $book) {
$options[$bid] = $book['title'];
}
$form['settings']['book'] = array(
'#title' => t('Book'),
'#type' => 'checkboxes',
'#options' => $options,
'#description' => t('Pass only if the node belongs to one of the selected books'),
'#default_value' => $conf['book'],
'#required' => TRUE,
);
return $form;
}
/**
* Check for access.
*/
function ctools_book_node_ctools_access_check($conf, $context) {
// As far as I know there should always be a context at this point, but this
// is safe.
if (empty($context) || empty($context->data) || empty($context->data->book)) {
return FALSE;
}
if ($conf['book']['any']) {
return !empty($context->data->book);
}
foreach ($conf['book'] as $bid => $value) {
if ($bid == 'any') {
continue;
}
if ($value && ($bid == $context->data->book['bid'])) {
return TRUE;
}
}
return FALSE;
}
/**
* Provide a summary description based upon the checked node_languages.
*/
function ctools_book_node_ctools_access_summary($conf, $context) {
if ($conf['book']['any']) {
return t('@identifier belongs to a book', array('@identifier' => $context->identifier));
}
$books = array();
foreach ($conf['book'] as $bid => $value) {
if ($value) {
$node = node_load($bid);
$books[] = $node->title;
}
}
if (count($books) == 1) {
return t('@identifier belongs to the book "@book"', array('@book' => $books[0], '@identifier' => $context->identifier));
}
return t('@identifier belongs in multiple books', array('@identifier' => $context->identifier));
}

301
sites/all/modules/ctools/plugins/access/entity_field_value.inc
View File

@ -16,8 +16,8 @@ $plugin = array(
'get child' => 'ctools_entity_field_value_ctools_access_get_child',
'get children' => 'ctools_entity_field_value_ctools_access_get_children',
);
function ctools_entity_field_value_ctools_access_get_child($plugin, $parent, $child) {
function ctools_entity_field_value_ctools_access_get_child($plugin, $parent, $child) {
$plugins = &drupal_static(__FUNCTION__, array());
if (empty($plugins[$parent . ':' . $child])) {
list($entity_type, $bundle_type, $field_name) = explode(':', $child);
@ -48,7 +48,6 @@ function ctools_entity_field_value_ctools_access_get_children($plugin, $parent)
}
function _ctools_entity_field_value_ctools_access_get_child($plugin, $parent, $entity_type, $bundle_type, $field_name, $entity = NULL, $bundle = NULL, $field = NULL) {
// check that the entity, bundle and field arrays have a value.
// If not, load theme using machine names.
if (empty($entity)) {
@ -86,12 +85,34 @@ function ctools_entity_field_value_ctools_access_settings($form, &$form_state, $
$instance = $instances[$field_name];
$field = field_info_field_by_id($instance['field_id']);
foreach ($field['columns'] as $column => $attributes) {
$columns[] = _field_sql_storage_columnname($field_name, $column);
$columns[$column] = _field_sql_storage_columnname($field_name, $column);
}
ctools_include('fields');
$entity = (object)array(
$entity_info['entity keys']['bundle'] => $bundle_type,
);
foreach ($columns as $column => $sql_column) {
if (isset($conf[$sql_column])) {
if (is_array($conf[$sql_column])) {
foreach ($conf[$sql_column] as $delta => $conf_value) {
if (is_numeric($delta)) {
if (is_array($conf_value)) {
$entity->{$field_name}[LANGUAGE_NONE][$delta][$column] = $conf_value[$column];
}
else {
$entity->{$field_name}[LANGUAGE_NONE][$delta][$column] = $conf_value;
}
}
}
}
else {
$entity->{$field_name}[LANGUAGE_NONE][0][$column] = $conf[$sql_column];
}
}
}
$form['#parents'] = array('settings');
$langcode = field_valid_language(NULL);
$form['settings'] += (array) ctools_field_invoke_field($instance, 'form', $entity_type, $entity, $form, $form_state, array('default' => TRUE, 'language' => $langcode));
// weight is really not important once this is populated and will only interfere with the form layout.
@ -99,26 +120,9 @@ function ctools_entity_field_value_ctools_access_settings($form, &$form_state, $
unset($form['settings'][$element]['#weight']);
}
// Need more logic here to handle compound fields.
foreach ($columns as $column) {
if (isset($conf[$column]) && is_array($conf[$column])) {
foreach ($conf[$column] as $delta => $conf_value) {
if (is_numeric($delta) && is_array($conf_value)) {
$form['settings'][$field_name][LANGUAGE_NONE][$delta]['value']['#default_value'] = $conf_value['value'];
}
}
}
else {
$form['settings'][$field_name][LANGUAGE_NONE]['#default_value'] = $conf[$column];
}
}
return $form;
}
/**
* Compress the entity bundles allowed to the minimum.
*/
function ctools_entity_field_value_ctools_access_settings_submit($form, &$form_state) {
$plugin = $form_state['plugin'];
list($parent, $entity_type, $bundle_type, $field_name) = explode(':', $plugin['name']);
@ -128,17 +132,82 @@ function ctools_entity_field_value_ctools_access_settings_submit($form, &$form_s
$instance = $instances[$field_name];
$field = field_info_field_by_id($instance['field_id']);
foreach ($field['columns'] as $column => $attributes) {
$columns[] = _field_sql_storage_columnname($field_name, $column);
$columns[$column] = _field_sql_storage_columnname($field_name, $column);
}
$items = _ctools_entity_field_value_get_proper_form_items($field, $form_state['values']['settings'][$field_name][$langcode], array_keys($columns));
foreach ($columns as $column => $sql_column) {
$column_items = _ctools_entity_field_value_filter_items_by_column($items, $column);
$form_state['values']['settings'][$sql_column] = $column_items;
}
$form_state['values']['settings'][$field_name][$langcode] = $items;
}
function _ctools_entity_field_value_get_proper_form_items($field, $form_items, $columns) {
$items = array();
if (!is_array($form_items)) { // Single value item.
foreach ($columns as $column) {
$items[0][$column] = $form_items;
}
return $items;
}
foreach ($form_items as $delta => $value) {
$item = array();
if (is_numeric($delta)) { // Array of field values.
if (!is_array($value)) { // Single value in array.
foreach ($columns as $column) {
$item[$column] = $value;
}
}
else { // Value has colums.
foreach ($columns as $column) {
$item[$column] = isset($value[$column]) ? $value[$column] : '';
}
}
}
$items[] = $item;
}
// Check if $form_items is an array of columns.
$item = array();
$has_columns = FALSE;
foreach ($columns as $column) {
$form_state['values']['settings'][$column] = $form_state['input']['settings'][$field_name][$langcode];
if (isset($form_items[$column])) {
$has_columns = TRUE;
$item[$column] = $form_items[$column];
}
else {
$item[$column] = '';
}
}
if ($has_columns) {
$items[] = $item;
}
// Remove empty values.
$items = _field_filter_items($field, $items);
return $items;
}
function _ctools_entity_field_value_filter_items_by_column($items, $column) {
$column_items = array();
foreach ($items as $delta => $values) {
$column_items[$delta] = isset($values[$column]) ? $values[$column] : '';
}
return $column_items;
}
/**
* Check for access.
*/
function ctools_entity_field_value_ctools_access_check($conf, $context, $plugin) {
if ((!is_object($context)) || (empty($context->data))) {
// If the context doesn't exist -- for example, a newly added entity
// reference is used as a pane visibility criteria -- we deny access.
return FALSE;
}
list($parent, $entity_type, $bundle_type, $field_name) = explode(':', $plugin['name']);
if ($field_items = field_get_items($entity_type, $context->data, $field_name)) {
@ -150,35 +219,46 @@ function ctools_entity_field_value_ctools_access_check($conf, $context, $plugin)
foreach ($field['columns'] as $column => $attributes) {
$columns[$column] = _field_sql_storage_columnname($field_name, $column);
}
foreach ($conf as $potential_field => $values) {
if ($field_name === $potential_field) {
$conf_value_array = _ctools_entity_field_value_ctools_access_get_conf_field_values($values, $langcode);
if (empty($conf_value_array)) {
return FALSE;
}
if (isset($conf[$field_name])) {
// We have settings for this field.
$conf_value_array = _ctools_entity_field_value_ctools_access_get_conf_field_values($conf[$field_name], $langcode);
if (empty($conf_value_array)) {
return FALSE;
}
// Check field value.
foreach ($field_items as $field_value) {
// Check field value.
foreach ($field_items as $field_value) {
// Iterate through config values.
foreach ($conf_value_array as $conf_value) {
$match = FALSE;
foreach ($field_value as $field_column => $value) {
// Iterate through config values.
foreach ($conf_value_array as $conf_value) {
//
// Check access only for stored in config column values.
if (isset($conf_value[$field_column])) {
if ($value == $conf_value[$field_column]) {
return TRUE;
$match = TRUE;
}
else {
$match = FALSE;
break;
}
}
}
if ($match) {
return TRUE;
}
}
}
return FALSE;
}
}
return FALSE;
}
function _ctools_entity_field_value_ctools_access_get_conf_field_values($values, $langcode = LANGUAGE_NONE) {
if (!is_array($values) || !isset($values[$langcode])) {
return;
return NULL;
}
$conf_values = array();
@ -201,39 +281,130 @@ function ctools_entity_field_value_ctools_access_summary($conf, $context, $plugi
$entity = (object)array(
$entity_info['entity keys']['bundle'] => $bundle_type,
);
$string = '';
$keys = array();
$values = array();
$value_keys = array();
$keyed_elements = array();
foreach ($field['columns'] as $column => $attributes) {
$conf_key = _field_sql_storage_columnname($field_name, $column);
if (count($field['columns']) > 1) {
// Add some sort of handling for compound fields
}
else {
if (isset($conf[$conf_key])) {
$entity->{$field_name}[LANGUAGE_NONE][] = array($column => $conf[$conf_key]);
$keyed_elements["@{$column}_value"] = array();
if (isset($conf[$conf_key])) {
if (is_array($conf[$conf_key])) {
$i = 0;
foreach ($conf[$conf_key] as $conf_value) {
if (!is_array($conf_value)) {
$entity->{$field_name}[LANGUAGE_NONE][$i][$column] = $conf_value;
$keyed_elements["@{$column}_value"][$i] = array('#markup' => $conf_value);
}
elseif (isset($conf_value[$column])) {
$entity->{$field_name}[LANGUAGE_NONE][$i][$column] = $conf_value[$column];
$keyed_elements["@{$column}_value"][$i] = array('#markup' => $conf_value[$column]);
}
$i++;
}
}
else {
$entity->{$field_name}[LANGUAGE_NONE][0][$column] = $conf[$conf_key];
$keyed_elements["@{$column}_value"][0] = array('#markup' => $conf[$conf_key]);
}
}
$string .= " @{$column} equals @{$column}_value";
$keys['@' . $column] = $column;
$values["@{$column}_value"] = $conf[$conf_key];
}
$view_mode = 'full';
$null = NULL;
$options = array('language' => LANGUAGE_NONE);
ctools_include('fields');
$display = field_get_display($instance, $view_mode, $entity);
$display['type'] = 'list_default';
$function = $display['module'] . '_field_formatter_view';
$items = isset($entity->{$field_name}[LANGUAGE_NONE]) ? $entity->{$field_name}[LANGUAGE_NONE] : array();
if (function_exists($function)) {
$elements = $function($entity_type, $entity, $field, $instance, LANGUAGE_NONE, $items, $display);
}
$value_keys = array_keys($values);
foreach ($value_keys as $key => $value) {
$values[$value] = $elements[$key]['#markup'];
}
$values = array_merge($keys, $values);
return t($string, $values);
}
$keys['@' . $column] = $column;
$value_keys[] = "@{$column}_value";
}
$elements = array();
$items = isset($entity->{$field_name}[LANGUAGE_NONE]) ? $entity->{$field_name}[LANGUAGE_NONE] : array();
$view_mode = 'full';
ctools_include('fields');
$display = field_get_display($instance, $view_mode, $entity);
if (!isset($display['module'])) {
$display['module'] = $field['module'];
}
if (isset($display['module'])) {
// Choose simple formatter for well known cases.
switch ($display['module']) {
case 'text':
$display['type'] = 'text_default';
break;
case 'list':
$display['type'] = 'list_default';
if ($field['type'] == 'list_boolean') {
$allowed_values = list_allowed_values($field, $instance, $entity_type, $entity);
foreach ($items as $item) {
if (isset($allowed_values[$item['value']])) {
if ($allowed_values[$item['value']] == '') {
$display['type'] = 'list_key';
break;
}
}
else {
$display['type'] = 'list_key';
}
}
}
break;
case 'taxonomy':
$display['type'] = 'taxonomy_term_reference_plain';
break;
case 'entityreference':
$display['type'] = 'entityreference_label';
break;
default :
// Use field instance formatter setting.
break;
}
$function = $display['module'] . '_field_formatter_view';
if (function_exists($function)) {
$entity_group = array(0 => $entity);
$item_group = array(0 => $items);
$instance_group = array(0 => $instance);
field_default_prepare_view($entity_type, $entity_group, $field, $instance_group, LANGUAGE_NONE, $item_group, $display);
$elements = $function($entity_type, $entity, $field, $instance, LANGUAGE_NONE, $item_group[0], $display);
}
}
if (count($elements) > 0) {
foreach ($field['columns'] as $column => $attributes) {
if (count($field['columns']) == 1) {
$keyed_elements["@{$column}_value"] = $elements;
}
}
}
$values = array();
foreach ($value_keys as $key) {
$output = array();
$elements = $keyed_elements[$key];
if (is_array($elements)) {
foreach ($elements as $element_key => $element) {
if (is_numeric($element_key)) {
$value_str= strip_tags(drupal_render($element));
if (strlen($value_str) > 0) {
$output[] = $value_str;
}
}
}
}
else {
$value_str = strip_tags(drupal_render($elements));
if (strlen($value_str) > 0) {
$output[] = $value_str;
}
}
$value = implode(', ', $output);
if ($value !== '') {
$values[$key] = implode(', ', $output);
}
}
$string = '';
$value_count = count($values);
foreach ($keys as $key_name => $column) {
if (isset($values[$key_name . '_value'])) {
$string .= ($value_count > 1) ? " @{$column} = @{$column}_value" : "@{$column}_value";
}
}
return t('@field is set to "!value"', array('@field' => $instance['label'], '!value' => format_string($string, array_merge($keys, $values))));
}

31
sites/all/modules/ctools/plugins/access/node_comment.inc Normal file
View File

@ -0,0 +1,31 @@
<?php
/**
* @file
* Plugin to provide access control based upon node comment status.
*/
/**
* Plugins are described by creating a $plugin array which will be used
* by the system that includes this file.
*/
$plugin = array(
'title' => t("Node: comments are open"),
'description' => t('Control access by the nodes comment status.'),
'callback' => 'ctools_node_comment_ctools_access_check',
'summary' => 'ctools_node_comment_ctools_access_summary',
'required context' => new ctools_context_required(t('Node'), 'node'),
);
/**
* Checks for access.
*/
function ctools_node_comment_ctools_access_check($conf, $context) {
return (!empty($context->data) && $context->data->comment == 2);
}
/**
* Provides a summary description based upon the checked node_status.
*/
function ctools_node_comment_ctools_access_summary($conf, $context) {
return t('Returns true if the nodes comment status is "open".');
}

4
sites/all/modules/ctools/plugins/access/string_length.inc
View File

@ -59,7 +59,7 @@ function ctools_string_length_ctools_access_check($conf, $context) {
return $length < $conf['length'];
case '<=':
return $length <= $conf['length'];
case '==':
case '=':
return $length == $conf['length'];
case '!=':
return $length != $conf['length'];
@ -68,6 +68,8 @@ function ctools_string_length_ctools_access_check($conf, $context) {
case '>=':
return $length >= $conf['length'];
}
// Invalid Operator sent, return FALSE.
return FALSE;
}
/**

60
sites/all/modules/ctools/plugins/access/term_vocabulary.inc
View File

@ -17,7 +17,11 @@ $plugin = array(
'settings form' => 'ctools_term_vocabulary_ctools_access_settings',
'settings form submit' => 'ctools_term_vocabulary_ctools_access_settings_submit',
'summary' => 'ctools_term_vocabulary_ctools_access_summary',
'required context' => new ctools_context_required(t('Vocabulary'), array('taxonomy_term', 'terms', 'taxonomy_vocabulary')),
'required context' => new ctools_context_required(t('Vocabulary'), array(
'taxonomy_term',
'terms',
'taxonomy_vocabulary'
)),
);
/**
@ -27,15 +31,17 @@ function ctools_term_vocabulary_ctools_access_settings($form, &$form_state, $con
$options = array();
$vocabularies = taxonomy_get_vocabularies();
foreach ($vocabularies as $voc) {
$options[$voc->vid] = check_plain($voc->name);
$options[$voc->machine_name] = check_plain($voc->name);
}
$form['settings']['vids'] = array(
_ctools_term_vocabulary_ctools_access_map_vids($conf);
$form['settings']['machine_name'] = array(
'#type' => 'checkboxes',
'#title' => t('Vocabularies'),
'#options' => $options,
'#description' => t('Only the checked vocabularies will be valid.'),
'#default_value' => $conf['vids'],
'#default_value' => $conf['machine_name'],
);
return $form;
}
@ -44,7 +50,7 @@ function ctools_term_vocabulary_ctools_access_settings($form, &$form_state, $con
* Compress the term_vocabularys allowed to the minimum.
*/
function ctools_term_vocabulary_ctools_access_settings_submit($form, &$form_state) {
$form_state['values']['settings']['vids'] = array_filter($form_state['values']['settings']['vids']);
$form_state['values']['settings']['machine_name'] = array_filter($form_state['values']['settings']['machine_name']);
}
/**
@ -53,11 +59,13 @@ function ctools_term_vocabulary_ctools_access_settings_submit($form, &$form_stat
function ctools_term_vocabulary_ctools_access_check($conf, $context) {
// As far as I know there should always be a context at this point, but this
// is safe.
if (empty($context) || empty($context->data) || empty($context->data->vid)) {
if (empty($context) || empty($context->data) || empty($context->data->vocabulary_machine_name)) {
return FALSE;
}
if (array_filter($conf['vids']) && empty($conf['vids'][$context->data->vid])) {
_ctools_term_vocabulary_ctools_access_map_vids($conf);
if (array_filter($conf['machine_name']) && empty($conf['machine_name'][$context->data->vocabulary_machine_name])) {
return FALSE;
}
@ -73,15 +81,47 @@ function ctools_term_vocabulary_ctools_access_summary($conf, $context) {
}
$vocabularies = taxonomy_get_vocabularies();
_ctools_term_vocabulary_ctools_access_map_vids($conf);
$names = array();
foreach (array_filter($conf['vids']) as $vid) {
$names[] = check_plain($vocabularies[$vid]->name);
if (!empty($conf['machine_name'])) {
foreach (array_filter($conf['machine_name']) as $machine_name) {
foreach ($vocabularies as $vocabulary) {
if ($vocabulary->machine_name === $machine_name) {
$names[] = check_plain($vocabulary->name);
continue;
}
}
}
}
if (empty($names)) {
return t('@identifier is any vocabulary', array('@identifier' => $context->identifier));
}
return format_plural(count($names), '@identifier vocabulary is "@vids"', '@identifier vocabulary is one of "@vids"', array('@vids' => implode(', ', $names), '@identifier' => $context->identifier));
return format_plural(count($names), '@identifier vocabulary is "@machine_names"', '@identifier vocabulary is one of "@machine_names"', array(
'@machine_names' => implode(', ', $names),
'@identifier' => $context->identifier
));
}
/**
* Helper function to map the vids from old features to the new machine_name.
*
* Add the machine_name key to $conf if the vids key exist.
*
* @param array $conf
* The configuration of this plugin.
*/
function _ctools_term_vocabulary_ctools_access_map_vids(&$conf) {
if (!empty($conf['vids'])) {
$conf['machine_name'] = array();
$vocabularies = taxonomy_get_vocabularies();
foreach ($conf['vids'] as $vid) {
$machine_name = $vocabularies[$vid]->machine_name;
$conf['machine_name'][$machine_name] = $vocabularies[$vid]->machine_name;
}
}
}