drupal/booking
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

fix permissions

Browse Source
This commit is contained in:
Nathan Coad
2018-05-04 22:41:36 +10:00
parent 9a4b327250
commit 6a056c80eb
1 changed files with 803 additions and 809 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
booking.module
View File

@@ -420,6 +420,7 @@ function booking_menu() {
'title' => 'Variety Session CSV', 'title' => 'Variety Session CSV',
'description' => 'CSV Report of Variety Session Timeslot', 'description' => 'CSV Report of Variety Session Timeslot',
'page callback' => 'booking_varietysessions_csv_report', 'page callback' => 'booking_varietysessions_csv_report',
'access arguments' => array('access administration pages'),
'page arguments' => array(4), 'page arguments' => array(4),
//'type' => MENU_CALLBACK, //'type' => MENU_CALLBACK,
); );
@@ -823,14 +824,12 @@ function booking_node_access($node, $op, $account) {
//watchdog('booking', "Booking node_access processing user id '!account' performing operation !op for node type !type. @info", //watchdog('booking', "Booking node_access processing user id '!account' performing operation !op for node type !type. @info",
// array('!account' => $account->uid, '!op' => $op, '!type' => $type, '@info' => var_export($account, TRUE))); // array('!account' => $account->uid, '!op' => $op, '!type' => $type, '@info' => var_export($account, TRUE)));
if ($op == 'view') if ($op == 'view') {
{
//watchdog('booking', 'Booking node_access checking permissions for view operation.'); //watchdog('booking', 'Booking node_access checking permissions for view operation.');
if (user_access('view bookings', $account)) if (user_access('view bookings', $account))
return NODE_ACCESS_ALLOW; return NODE_ACCESS_ALLOW;
} }
elseif ($op == 'create') elseif ($op == 'create') {
{
//watchdog('booking', 'Booking node_access checking permissions for create operation.'); //watchdog('booking', 'Booking node_access checking permissions for create operation.');
if (user_access('create bookings', $account)) if (user_access('create bookings', $account))
return NODE_ACCESS_ALLOW; return NODE_ACCESS_ALLOW;
@@ -839,8 +838,7 @@ function booking_node_access($node, $op, $account) {
else else
return NODE_ACCESS_DENY; return NODE_ACCESS_DENY;
} }
elseif ($op == 'update' || $op == 'delete') elseif ($op == 'update' || $op == 'delete') {
{
if (user_access('edit bookings', $account)) if (user_access('edit bookings', $account))
return NODE_ACCESS_ALLOW; return NODE_ACCESS_ALLOW;
} }
@@ -853,20 +851,16 @@ function booking_node_access($node, $op, $account) {
return NODE_ACCESS_DENY; return NODE_ACCESS_DENY;
} }
//Check access levels for travel form node //Check access levels for travel form node
elseif ($type == 'travel' && in_array($type, node_permissions_get_configured_types())) elseif ($type == 'travel' && in_array($type, node_permissions_get_configured_types())) {
{ if ($op == 'view') {
if ($op == 'view')
{
if (user_access('view_travel_forms', $account)) if (user_access('view_travel_forms', $account))
return NODE_ACCESS_ALLOW; return NODE_ACCESS_ALLOW;
} }
elseif ($op == 'create') elseif ($op == 'create') {
{
if (user_access('create_travel_forms', $account)) if (user_access('create_travel_forms', $account))
return NODE_ACCESS_ALLOW; return NODE_ACCESS_ALLOW;
} }
elseif ($op == 'update' || $op == 'delete') elseif ($op == 'update' || $op == 'delete') {
{
if (user_access('edit_travel_forms', $account)) if (user_access('edit_travel_forms', $account))
return NODE_ACCESS_ALLOW; return NODE_ACCESS_ALLOW;
} }