Commit fee42217 authored by Gábor Hojtsy's avatar Gábor Hojtsy

Drupal 6.2

parent c7971e7f
// $Id$
Drupal 6.2-dev, xxxx-xx-xx (development version)
Drupal 6.2, 2008-04-09
----------------------
- fixed a variety of small bugs
- fixed a security issue (Access bypasses), see SA-2008-026
Drupal 6.1, 2008-02-27
----------------------
......
......@@ -577,7 +577,7 @@ function drupal_error_handler($errno, $message, $filename, $line, $context) {
return;
}
if ($errno & (E_ALL)) {
if ($errno & (E_ALL ^ E_NOTICE)) {
$types = array(1 => 'error', 2 => 'warning', 4 => 'parse error', 8 => 'notice', 16 => 'core error', 32 => 'core warning', 64 => 'compile error', 128 => 'compile warning', 256 => 'user error', 512 => 'user warning', 1024 => 'user notice', 2048 => 'strict warning', 4096 => 'recoverable fatal error');
// For database errors, we want the line number/file name of the place that
......
......@@ -2275,9 +2275,10 @@ function _menu_router_build($callbacks) {
if (!isset($item['tab_root']) && !$parent['_tab']) {
$item['tab_root'] = $parent_path;
}
// If a callback is not found, we try to find the first parent that
// has a callback.
if (!isset($item['access callback']) && isset($parent['access callback'])) {
// If an access callback is not found for a default local task we use
// the callback from the parent, since we expect them to be identical.
// In all other cases, the access parameters must be specified.
if (($item['type'] == MENU_DEFAULT_LOCAL_TASK) && !isset($item['access callback']) && isset($parent['access callback'])) {
$item['access callback'] = $parent['access callback'];
if (!isset($item['access arguments']) && isset($parent['access arguments'])) {
$item['access arguments'] = $parent['access arguments'];
......
......@@ -201,6 +201,7 @@ function aggregator_menu() {
$items['aggregator/sources/%aggregator_feed'] = array(
'page callback' => 'aggregator_page_source',
'page arguments' => array(2),
'access arguments' => array('access news feeds'),
'type' => MENU_CALLBACK,
'file' => 'aggregator.pages.inc',
);
......
......@@ -132,6 +132,7 @@ function block_menu() {
$items['admin/build/block/list/js'] = array(
'title' => 'JavaScript List Form',
'page callback' => 'block_admin_display_js',
'access arguments' => array('administer blocks'),
'type' => MENU_CALLBACK,
'file' => 'block.admin.inc',
);
......@@ -139,6 +140,7 @@ function block_menu() {
'title' => 'Configure block',
'page callback' => 'drupal_get_form',
'page arguments' => array('block_admin_configure'),
'access arguments' => array('administer blocks'),
'type' => MENU_CALLBACK,
'file' => 'block.admin.inc',
);
......@@ -146,6 +148,7 @@ function block_menu() {
'title' => 'Delete block',
'page callback' => 'drupal_get_form',
'page arguments' => array('block_box_delete'),
'access arguments' => array('administer blocks'),
'type' => MENU_CALLBACK,
'file' => 'block.admin.inc',
);
......@@ -153,6 +156,7 @@ function block_menu() {
'title' => 'Add block',
'page callback' => 'drupal_get_form',
'page arguments' => array('block_add_block_form'),
'access arguments' => array('administer blocks'),
'type' => MENU_LOCAL_TASK,
'file' => 'block.admin.inc',
);
......
......@@ -140,19 +140,20 @@ function blog_menu() {
'type' => MENU_SUGGESTED_ITEM,
'file' => 'blog.pages.inc',
);
$items['blog/%user_current'] = array(
$items['blog/%user_uid_optional'] = array(
'title' => 'My blog',
'page callback' => 'blog_page_user',
'page arguments' => array(1),
'access callback' => 'user_access',
'access arguments' => array('create blog entries', 1),
'access callback' => 'blog_page_user_access',
'access arguments' => array(1),
'file' => 'blog.pages.inc',
);
$items['blog/%user/feed'] = array(
'title' => 'Blogs',
'page callback' => 'blog_feed_user',
'page arguments' => array(1),
'access arguments' => array('access content'),
'access callback' => 'blog_page_user_access',
'access arguments' => array(1),
'type' => MENU_CALLBACK,
'file' => 'blog.pages.inc',
);
......@@ -167,6 +168,23 @@ function blog_menu() {
return $items;
}
/**
* Access callback for user blog pages.
*/
function blog_page_user_access($account) {
// The visitor must be able to access the site's content.
// For a blog to 'exist' the user must either be able to
// create new blog entries, or it must have existing posts.
return $account->uid && user_access('access content') && (user_access('create blog entries', $account) || _blog_post_exists($account));
}
/**
* Helper function to determine if a user has blog posts already.
*/
function _blog_post_exists($account) {
return (bool)db_result(db_query_range(db_rewrite_sql("SELECT 1 FROM {node} n WHERE n.type = 'blog' AND n.uid = %d AND n.status = 1"), $account->uid, 0, 1));
}
/**
* Implementation of hook_block().
*
......
......@@ -211,6 +211,7 @@ function comment_menu() {
$items['admin/content/comment/approval'] = array(
'title' => 'Approval queue',
'page arguments' => array('approval'),
'access arguments' => array('administer comments'),
'type' => MENU_LOCAL_TASK,
'file' => 'comment.admin.inc',
);
......
......@@ -59,6 +59,7 @@ function contact_menu() {
'title' => 'Add category',
'page callback' => 'drupal_get_form',
'page arguments' => array('contact_admin_edit', 3),
'access arguments' => array('administer site-wide contact form'),
'type' => MENU_LOCAL_TASK,
'weight' => 1,
'file' => 'contact.admin.inc',
......@@ -67,6 +68,7 @@ function contact_menu() {
'title' => 'Edit contact category',
'page callback' => 'drupal_get_form',
'page arguments' => array('contact_admin_edit', 3, 4),
'access arguments' => array('administer site-wide contact form'),
'type' => MENU_CALLBACK,
'file' => 'contact.admin.inc',
);
......@@ -74,6 +76,7 @@ function contact_menu() {
'title' => 'Delete contact',
'page callback' => 'drupal_get_form',
'page arguments' => array('contact_admin_delete', 4),
'access arguments' => array('administer site-wide contact form'),
'type' => MENU_CALLBACK,
'file' => 'contact.admin.inc',
);
......@@ -81,6 +84,7 @@ function contact_menu() {
'title' => 'Settings',
'page callback' => 'drupal_get_form',
'page arguments' => array('contact_admin_settings'),
'access arguments' => array('administer site-wide contact form'),
'type' => MENU_LOCAL_TASK,
'weight' => 2,
'file' => 'contact.admin.inc',
......
......@@ -47,6 +47,7 @@ function dblog_menu() {
'description' => 'Settings for logging to the Drupal database logs. This is the most common method for small to medium sites on shared hosting. The logs are viewable from the admin pages.',
'page callback' => 'drupal_get_form',
'page arguments' => array('dblog_admin_settings'),
'access arguments' => array('administer site configuration'),
'file' => 'dblog.admin.inc',
);
......@@ -54,6 +55,7 @@ function dblog_menu() {
'title' => 'Recent log entries',
'description' => 'View events that have recently been logged.',
'page callback' => 'dblog_overview',
'access arguments' => array('access site reports'),
'weight' => -1,
'file' => 'dblog.admin.inc',
);
......@@ -62,6 +64,7 @@ function dblog_menu() {
'description' => "View 'page not found' errors (404s).",
'page callback' => 'dblog_top',
'page arguments' => array('page not found'),
'access arguments' => array('access site reports'),
'file' => 'dblog.admin.inc',
);
$items['admin/reports/access-denied'] = array(
......@@ -69,12 +72,14 @@ function dblog_menu() {
'description' => "View 'access denied' errors (403s).",
'page callback' => 'dblog_top',
'page arguments' => array('access denied'),
'access arguments' => array('access site reports'),
'file' => 'dblog.admin.inc',
);
$items['admin/reports/event/%'] = array(
'title' => 'Details',
'page callback' => 'dblog_event',
'page arguments' => array(3),
'access arguments' => array('access site reports'),
'type' => MENU_CALLBACK,
'file' => 'dblog.admin.inc',
);
......
......@@ -82,6 +82,7 @@ function filter_menu() {
$items['admin/settings/filters/add'] = array(
'title' => 'Add input format',
'page callback' => 'filter_admin_format_page',
'access arguments' => array('administer filters'),
'type' => MENU_LOCAL_TASK,
'weight' => 1,
'file' => 'filter.admin.inc',
......@@ -90,6 +91,7 @@ function filter_menu() {
'title' => 'Delete input format',
'page callback' => 'drupal_get_form',
'page arguments' => array('filter_admin_delete'),
'access arguments' => array('administer filters'),
'type' => MENU_CALLBACK,
'file' => 'filter.admin.inc',
);
......@@ -120,6 +122,7 @@ function filter_menu() {
'title' => 'Configure',
'page callback' => 'filter_admin_configure_page',
'page arguments' => array(3),
'access arguments' => array('administer filters'),
'type' => MENU_LOCAL_TASK,
'weight' => 1,
'file' => 'filter.admin.inc',
......@@ -128,6 +131,7 @@ function filter_menu() {
'title' => 'Rearrange',
'page callback' => 'filter_admin_order_page',
'page arguments' => array(3),
'access arguments' => array('administer filters'),
'type' => MENU_LOCAL_TASK,
'weight' => 2,
'file' => 'filter.admin.inc',
......
......@@ -106,6 +106,7 @@ function forum_menu() {
'title' => 'Add container',
'page callback' => 'forum_form_main',
'page arguments' => array('container'),
'access arguments' => array('administer forums'),
'type' => MENU_LOCAL_TASK,
'parent' => 'admin/content/forum',
'file' => 'forum.admin.inc',
......@@ -114,6 +115,7 @@ function forum_menu() {
'title' => 'Add forum',
'page callback' => 'forum_form_main',
'page arguments' => array('forum'),
'access arguments' => array('administer forums'),
'type' => MENU_LOCAL_TASK,
'parent' => 'admin/content/forum',
'file' => 'forum.admin.inc',
......@@ -122,6 +124,7 @@ function forum_menu() {
'title' => 'Settings',
'page callback' => 'drupal_get_form',
'page arguments' => array('forum_admin_settings'),
'access arguments' => array('administer forums'),
'weight' => 5,
'type' => MENU_LOCAL_TASK,
'parent' => 'admin/content/forum',
......@@ -129,6 +132,7 @@ function forum_menu() {
);
$items['admin/content/forum/edit/%forum_term'] = array(
'page callback' => 'forum_form_main',
'access arguments' => array('administer forums'),
'type' => MENU_CALLBACK,
'file' => 'forum.admin.inc',
);
......@@ -136,6 +140,7 @@ function forum_menu() {
'title' => 'Edit container',
'page callback' => 'forum_form_main',
'page arguments' => array('container', 5),
'access arguments' => array('administer forums'),
'type' => MENU_CALLBACK,
'file' => 'forum.admin.inc',
);
......@@ -143,6 +148,7 @@ function forum_menu() {
'title' => 'Edit forum',
'page callback' => 'forum_form_main',
'page arguments' => array('forum', 5),
'access arguments' => array('administer forums'),
'type' => MENU_CALLBACK,
'file' => 'forum.admin.inc',
);
......
......@@ -23,6 +23,7 @@ function help_menu() {
'title' => $module,
'page callback' => 'help_page',
'page arguments' => array(2),
'access arguments' => array('access administration pages'),
'type' => MENU_CALLBACK,
'file' => 'help.admin.inc',
);
......
......@@ -99,6 +99,7 @@ function locale_menu() {
'title' => 'Add language',
'page callback' => 'locale_inc_callback',
'page arguments' => array('locale_languages_add_screen'), // two forms concatenated
'access arguments' => array('administer languages'),
'weight' => 5,
'type' => MENU_LOCAL_TASK,
);
......@@ -106,6 +107,7 @@ function locale_menu() {
'title' => 'Configure',
'page callback' => 'locale_inc_callback',
'page arguments' => array('drupal_get_form', 'locale_languages_configure_form'),
'access arguments' => array('administer languages'),
'weight' => 10,
'type' => MENU_LOCAL_TASK,
);
......@@ -113,12 +115,14 @@ function locale_menu() {
'title' => 'Edit language',
'page callback' => 'locale_inc_callback',
'page arguments' => array('drupal_get_form', 'locale_languages_edit_form', 4),
'access arguments' => array('administer languages'),
'type' => MENU_CALLBACK,
);
$items['admin/settings/language/delete/%'] = array(
'title' => 'Confirm',
'page callback' => 'locale_inc_callback',
'page arguments' => array('drupal_get_form', 'locale_languages_delete_form', 4),
'access arguments' => array('administer languages'),
'type' => MENU_CALLBACK,
);
......@@ -141,11 +145,13 @@ function locale_menu() {
'type' => MENU_LOCAL_TASK,
'page callback' => 'locale_inc_callback',
'page arguments' => array('locale_translate_seek_screen'), // search results and form concatenated
'access arguments' => array('translate interface'),
);
$items['admin/build/translate/import'] = array(
'title' => 'Import',
'page callback' => 'locale_inc_callback',
'page arguments' => array('drupal_get_form', 'locale_translate_import_form'),
'access arguments' => array('translate interface'),
'weight' => 20,
'type' => MENU_LOCAL_TASK,
);
......@@ -153,6 +159,7 @@ function locale_menu() {
'title' => 'Export',
'page callback' => 'locale_inc_callback',
'page arguments' => array('locale_translate_export_screen'), // possibly multiple forms concatenated
'access arguments' => array('translate interface'),
'weight' => 30,
'type' => MENU_LOCAL_TASK,
);
......@@ -160,12 +167,14 @@ function locale_menu() {
'title' => 'Edit string',
'page callback' => 'locale_inc_callback',
'page arguments' => array('drupal_get_form', 'locale_translate_edit_form', 4),
'access arguments' => array('translate interface'),
'type' => MENU_CALLBACK,
);
$items['admin/build/translate/delete/%'] = array(
'title' => 'Delete string',
'page callback' => 'locale_inc_callback',
'page arguments' => array('locale_translate_delete', 4), // directly deletes, no confirmation
'access arguments' => array('translate interface'),
'type' => MENU_CALLBACK,
);
......
......@@ -63,6 +63,7 @@ function menu_menu() {
'title' => 'Add menu',
'page callback' => 'drupal_get_form',
'page arguments' => array('menu_edit_menu', 'add'),
'access arguments' => array('administer menu'),
'type' => MENU_LOCAL_TASK,
'file' => 'menu.admin.inc',
);
......@@ -70,6 +71,7 @@ function menu_menu() {
'title' => 'Settings',
'page callback' => 'drupal_get_form',
'page arguments' => array('menu_configure'),
'access arguments' => array('administer menu'),
'type' => MENU_LOCAL_TASK,
'weight' => 5,
'file' => 'menu.admin.inc',
......@@ -94,6 +96,7 @@ function menu_menu() {
'title' => 'Add item',
'page callback' => 'drupal_get_form',
'page arguments' => array('menu_edit_item', 'add', NULL, 3),
'access arguments' => array('administer menu'),
'type' => MENU_LOCAL_TASK,
'file' => 'menu.admin.inc',
);
......@@ -101,6 +104,7 @@ function menu_menu() {
'title' => 'Edit menu',
'page callback' => 'drupal_get_form',
'page arguments' => array('menu_edit_menu', 'edit', 3),
'access arguments' => array('administer menu'),
'type' => MENU_LOCAL_TASK,
'file' => 'menu.admin.inc',
);
......@@ -108,6 +112,7 @@ function menu_menu() {
'title' => 'Delete menu',
'page callback' => 'menu_delete_menu_page',
'page arguments' => array(3),
'access arguments' => array('administer menu'),
'type' => MENU_CALLBACK,
'file' => 'menu.admin.inc',
);
......@@ -115,6 +120,7 @@ function menu_menu() {
'title' => 'Edit menu item',
'page callback' => 'drupal_get_form',
'page arguments' => array('menu_edit_item', 'edit', 4, NULL),
'access arguments' => array('administer menu'),
'type' => MENU_CALLBACK,
'file' => 'menu.admin.inc',
);
......@@ -122,6 +128,7 @@ function menu_menu() {
'title' => 'Reset menu item',
'page callback' => 'drupal_get_form',
'page arguments' => array('menu_reset_item_confirm', 4),
'access arguments' => array('administer menu'),
'type' => MENU_CALLBACK,
'file' => 'menu.admin.inc',
);
......@@ -129,6 +136,7 @@ function menu_menu() {
'title' => 'Delete menu item',
'page callback' => 'menu_item_delete_page',
'page arguments' => array(4),
'access arguments' => array('administer menu'),
'type' => MENU_CALLBACK,
'file' => 'menu.admin.inc',
);
......
......@@ -1447,6 +1447,7 @@ function node_menu() {
'title' => 'Add content type',
'page callback' => 'drupal_get_form',
'page arguments' => array('node_type_form'),
'access arguments' => array('administer content types'),
'file' => 'content_types.inc',
'type' => MENU_LOCAL_TASK,
);
......@@ -1496,6 +1497,7 @@ function node_menu() {
$items['admin/content/node-type/'. $type_url_str .'/delete'] = array(
'title' => 'Delete',
'page arguments' => array('node_type_delete_confirm', $type),
'access arguments' => array('administer content types'),
'file' => 'content_types.inc',
'type' => MENU_CALLBACK,
);
......@@ -1546,6 +1548,8 @@ function node_menu() {
'load arguments' => array(3),
'page callback' => 'node_show',
'page arguments' => array(1, NULL, TRUE),
'access callback' => '_node_revision_access',
'access arguments' => array(1),
'type' => MENU_CALLBACK,
);
$items['node/%node/revisions/%/revert'] = array(
......
......@@ -30,6 +30,8 @@ function openid_menu() {
'title' => 'Delete OpenID',
'page callback' => 'openid_user_delete',
'page arguments' => array(1),
'access callback' => 'user_edit_access',
'access arguments' => array(1),
'type' => MENU_CALLBACK,
'file' => 'openid.pages.inc',
);
......
......@@ -46,6 +46,7 @@ function path_menu() {
$items['admin/build/path/edit'] = array(
'title' => 'Edit alias',
'page callback' => 'path_admin_edit',
'access arguments' => array('administer url aliases'),
'type' => MENU_CALLBACK,
'file' => 'path.admin.inc',
);
......@@ -53,6 +54,7 @@ function path_menu() {
'title' => 'Delete alias',
'page callback' => 'drupal_get_form',
'page arguments' => array('path_admin_delete_confirm'),
'access arguments' => array('administer url aliases'),
'type' => MENU_CALLBACK,
'file' => 'path.admin.inc',
);
......
......@@ -95,12 +95,14 @@ function profile_menu() {
'title' => 'Add field',
'page callback' => 'drupal_get_form',
'page arguments' => array('profile_field_form'),
'access arguments' => array('administer users'),
'type' => MENU_CALLBACK,
'file' => 'profile.admin.inc',
);
$items['admin/user/profile/autocomplete'] = array(
'title' => 'Profile category autocomplete',
'page callback' => 'profile_admin_settings_autocomplete',
'access arguments' => array('administer users'),
'type' => MENU_CALLBACK,
'file' => 'profile.admin.inc',
);
......@@ -108,6 +110,7 @@ function profile_menu() {
'title' => 'Edit field',
'page callback' => 'drupal_get_form',
'page arguments' => array('profile_field_form'),
'access arguments' => array('administer users'),
'type' => MENU_CALLBACK,
'file' => 'profile.admin.inc',
);
......@@ -115,6 +118,7 @@ function profile_menu() {
'title' => 'Delete field',
'page callback' => 'drupal_get_form',
'page arguments' => array('profile_field_delete'),
'access arguments' => array('administer users'),
'type' => MENU_CALLBACK,
'file' => 'profile.admin.inc',
);
......@@ -453,7 +457,7 @@ function profile_categories() {
'title' => $category->category,
'weight' => 3,
'access callback' => 'profile_category_access',
'access arguments' => array($category->category)
'access arguments' => array(1, $category->category)
);
}
return $data;
......@@ -462,12 +466,12 @@ function profile_categories() {
/**
* Menu item access callback - check if a user has access to a profile category.
*/
function profile_category_access($category) {
if (user_access('administer users')) {
function profile_category_access($account, $category) {
if (user_access('administer users') && $account->uid > 0) {
return TRUE;
}
else {
return db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE category = '%s' AND visibility <> %d", $category, PROFILE_HIDDEN));
return user_edit_access($account) && db_result(db_query("SELECT COUNT(*) FROM {profile_fields} WHERE category = '%s' AND visibility <> %d", $category, PROFILE_HIDDEN));
}
}
......
......@@ -194,6 +194,7 @@ function search_menu() {
'description' => 'View most popular search phrases.',
'page callback' => 'dblog_top',
'page arguments' => array('search'),
'access arguments' => array('access site reports'),
'file' => 'dblog.admin.inc',
'file path' => drupal_get_path('module', 'dblog'),
);
......
......@@ -32,6 +32,7 @@ function syslog_menu() {
'description' => 'Settings for syslog logging. Syslog is an operating system administrative logging tool used in systems management and security auditing. Most suited to medium and large sites, syslog provides filtering tools that allow messages to be routed by type and severity.',
'page callback' => 'drupal_get_form',
'page arguments' => array('syslog_admin_settings'),
'access arguments' => array('administer site configuration'),
);
return $items;
}
......
......@@ -9,7 +9,7 @@
/**
* The current system version.
*/
define('VERSION', '6.2-dev');
define('VERSION', '6.2');
/**
* Core API compatibility.
......@@ -212,18 +212,21 @@ function system_menu() {
$items['admin/compact'] = array(
'title' => 'Compact mode',
'page callback' => 'system_admin_compact_page',
'access arguments' => array('access administration pages'),
'type' => MENU_CALLBACK,
'file' => 'system.admin.inc',
);
$items['admin/by-task'] = array(
'title' => 'By task',
'page callback' => 'system_main_admin_page',
'access arguments' => array('access administration pages'),
'file' => 'system.admin.inc',
'type' => MENU_DEFAULT_LOCAL_TASK,
);
$items['admin/by-module'] = array(
'title' => 'By module',
'page callback' => 'system_admin_by_module',
'access arguments' => array('access administration pages'),
'file' => 'system.admin.inc',
'type' => MENU_LOCAL_TASK,
'weight' => 2,
......@@ -234,6 +237,7 @@ function system_menu() {
'position' => 'left',
'weight' => -10,
'page callback' => 'system_admin_menu_block_page',
'access arguments' => array('access administration pages'),
'file' => 'system.admin.inc',
);
......@@ -244,6 +248,7 @@ function system_menu() {
'position' => 'right',
'weight' => -5,
'page callback' => 'system_settings_overview',
'access arguments' => array('access administration pages'),
'file' => 'system.admin.inc',
);
$items['admin/build'] = array(
......@@ -252,6 +257,7 @@ function system_menu() {
'position' => 'right',
'weight' => -10,
'page callback' => 'system_admin_menu_block_page',
'access arguments' => array('access administration pages'),
'file' => 'system.admin.inc',
);
$items['admin/settings/admin'] = array(
......@@ -282,6 +288,7 @@ function system_menu() {
$items['admin/build/themes/settings'] = array(
'title' => 'Configure',
'page arguments' => array('system_theme_settings'),
'access arguments' => array('administer site configuration'),
'type' => MENU_LOCAL_TASK,
);
// Theme configuration subtabs
......@@ -316,15 +323,18 @@ function system_menu() {
);
$items['admin/build/modules/list/confirm'] = array(
'title' => 'List',
'access arguments' => array('administer site configuration'),
'type' => MENU_CALLBACK,
);
$items['admin/build/modules/uninstall'] = array(
'title' => 'Uninstall',
'page arguments' => array('system_modules_uninstall'),
'access arguments' => array('administer site configuration'),
'type' => MENU_LOCAL_TASK,
);
$items['admin/build/modules/uninstall/confirm'] = array(
'title' => 'Uninstall',
'access arguments' => array('administer site configuration'),
'type' => MENU_CALLBACK,
);
......@@ -346,6 +356,7 @@ function system_menu() {
'title' => 'Configure an advanced action',
'page callback' => 'drupal_get_form',
'page arguments' => array('system_actions_configure'),
'access arguments' => array('administer actions'),
'type' => MENU_CALLBACK,
);
$items['admin/settings/actions/delete/%actions'] = array(
......@@ -353,11 +364,13 @@ function system_menu() {
'description' => 'Delete an action.',
'page callback' => 'drupal_get_form',
'page arguments' => array('system_actions_delete_form', 4),
'access arguments' => array('administer actions'),
'type' => MENU_CALLBACK,
);
$items['admin/settings/actions/orphan'] = array(
'title' => 'Remove orphans',
'page callback' => 'system_actions_remove_orphans',
'access arguments' => array('administer actions'),
'type' => MENU_CALLBACK,
);
......@@ -429,6 +442,7 @@ function system_menu() {
'title' => 'Date and time lookup',
'type' => MENU_CALLBACK,
'page callback' => 'system_date_time_lookup',
'access arguments' => array('administer site configuration'),
'file' => 'system.admin.inc',
);
$items['admin/settings/site-maintenance'] = array(
......@@ -485,18 +499,21 @@ function system_menu() {
$items['admin/reports/status/run-cron'] = array(
'title' => 'Run cron',
'page callback' => 'system_run_cron',
'access arguments' => array('administer site configuration'),
'type' => MENU_CALLBACK,
'file' => 'system.admin.inc',
);
$items['admin/reports/status/php'] = array(
'title' => 'PHP',
'page callback' => 'system_php',
'access arguments' => array('administer site configuration'),
'type' => MENU_CALLBACK,
'file' => 'system.admin.inc',
);
$items['admin/reports/status/sql'] = array(
'title' => 'SQL',
'page callback' => 'system_sql',
'access arguments' => array('administer site configuration'),
'type' => MENU_CALLBACK,
'file' => 'system.admin.inc',
);
......
......@@ -128,6 +128,7 @@ function taxonomy_menu() {
'title' => 'Add vocabulary',
'page callback' => 'drupal_get_form',
'page arguments' => array('taxonomy_form_vocabulary'),
'access arguments' => array('administer taxonomy'),
'type' => MENU_LOCAL_TASK,
'parent' => 'admin/content/taxonomy',
'file' => 'taxonomy.admin.inc',
......@@ -137,6 +138,7 @@ function taxonomy_menu() {
'title' => 'Edit vocabulary',
'page callback' => 'taxonomy_admin_vocabulary_edit',
'page arguments' => array(5),
'access arguments' => array('administer taxonomy'),
'type' => MENU_CALLBACK,
'file' => 'taxonomy.admin.inc',
);
......@@ -144,6 +146,7 @@ function taxonomy_menu() {
$items['admin/content/taxonomy/edit/term'] = array(
'title' => 'Edit term',
'page callback' => 'taxonomy_admin_term_edit',
'access arguments' => array('administer taxonomy'),
'type' => MENU_CALLBACK,
'file' => 'taxonomy.admin.inc',
);
......@@ -183,6 +186,7 @@ function taxonomy_menu() {
'title' => 'Add term',
'page callback' => 'taxonomy_add_term_page',
'page arguments' => array(3),
'access arguments' => array('administer taxonomy'),
'type' => MENU_LOCAL_TASK,
'parent' => 'admin/content/taxonomy/%taxonomy_vocabulary',
'file' => 'taxonomy.admin.inc',
......
......@@ -33,11 +33,11 @@ function tracker_menu() {
$items['tracker/all'] = array(
'title' => 'All recent posts',
'type' => MENU_DEFAULT_LOCAL_TASK,
'access callback' => 'user_is_logged_in',
);
$items['tracker/%user_current'] = array(
$items['tracker/%user_uid_optional'] = array(
'title' => 'My recent posts',
'access callback' => 'user_is_logged_in',
'access callback' => '_tracker_myrecent_access',
'access arguments' => array(1),
'page arguments' => array(1),
'type' => MENU_LOCAL_TASK,
);
......@@ -46,6 +46,8 @@ function tracker_menu() {
'title' => 'Track',
'page callback' => 'tracker_page',
'page arguments' => array(1, TRUE),
'access callback' => '_tracker_user_access',
'access arguments' => array(1),
'type' => MENU_LOCAL_TASK,
'file' => 'tracker.pages.inc',
);
......@@ -55,3 +57,19 @@ function tracker_menu() {
);
return $items;
}
/**
* Access callback for tracker/%user_uid_optional
*/
function _tracker_myrecent_access($account) {
// This path is only allowed for authenticated users looking at their own posts.
return $account->uid && ($GLOBALS['user']->uid == $account->uid) && user_access('access content');
}
/**
* Access callback for user/%user/track
*/
function _tracker_user_access($account) {
return user_view_access($account) && user_access('access content');
}