Commit 19ab3c61 authored by jhedstrom's avatar jhedstrom Committed by amitaibu

Issue #2216649 by jhedstrom: Allow normal authenticated users to edit value of...

Issue #2216649 by jhedstrom: Allow normal authenticated users to edit value of an og membership field.
parent 05f64fd0
......@@ -19,7 +19,6 @@ function og_field_widget_info() {
return $widgets;
}
/**
* Implements hook_field_widget_form().
*/
......
......@@ -587,13 +587,13 @@ function og_field_access($op, $field, $entity_type, $entity, $account) {
$field_name = $field['field_name'];
list($id, $vid, $bundle_name) = entity_extract_ids($entity_type, $entity);
$instance = field_info_instance($entity_type, $field_name, $bundle_name);
if ($field_name == OG_GROUP_FIELD) {
$wrapper = entity_metadata_wrapper($entity_type, $entity);
if ($wrapper->getIdentifier() && !$wrapper->{OG_GROUP_FIELD}->value()) {
// Entity isn't an active group.
return;
}
$instance = field_info_instance($entity_type, $field_name, $bundle_name);
if (!empty($instance['widget']['settings']['og_hide'])) {
return FALSE;
}
......@@ -609,6 +609,10 @@ function og_field_access($op, $field, $entity_type, $entity, $account) {
// Check if we are editing the user entity.
if ($entity_type == 'user') {
if (!empty($instance['settings']['behaviors']['og_widget']['access_override'])) {
return;
}
return user_access('administer group', $account);
}
}
......
......@@ -2350,3 +2350,51 @@ class OgSelectAccessibleGroupsValidation extends DrupalWebTestCase {
$this->assertText('Group content New group content 4 has been created.', 'The group content created successfully');
}
}
/**
* Test group-audience field access settings.
*/
class OgAudienceFieldAccessOverrideTestCase extends DrupalWebTestCase {
public static function getInfo() {
return array(
'name' => 'OG audience field access settings',
'description' => 'Test the ability to use entity access instead of field access for the audience field.',
'group' => 'Organic groups',
);
}
function setUp() {
parent::setUp('og');
}
/**
* Test auto-attaching group-audience fields to the user entity.
*/
function testAutoAttach() {
$type1 = $this->drupalCreateContentType();
og_create_field(OG_GROUP_FIELD, 'node', $type1->type);
$this->assertTrue(field_info_instance('user', 'og_user_node', 'user'), 'Field was added to the user entity.');
// Check that a normal user cannot access this field by default.
$permissions = array(
'access content',
"create $type1->type content",
'administer group',
);
$user1 = $this->drupalCreateUser();
$this->drupalLogin($user1);
$this->drupalGet('user/' . $user1->uid . '/edit');
$this->assertNoRaw('id="edit-og-user-node"');
// Change field to use entity access instead.
$instance = field_info_instance('user', 'og_user_node', 'user');
$instance['settings']['behaviors']['og_widget']['access_override'] = TRUE;
field_update_instance($instance);
// The field should now be present.
$this->drupalGet('user/' . $user1->uid . '/edit');
$this->assertRaw('id="edit-og-user-node"');
}
}
......@@ -838,6 +838,12 @@ function og_ui_field_access($op, $field, $entity_type, $entity, $account) {
return;
}
list($id, $vid, $bundle_name) = entity_extract_ids($entity_type, $entity);
$instance = field_info_instance($entity_type, $field['field_name'], $bundle_name);
if (!empty($instance['settings']['behaviors']['og_widget']['access_override'])) {
return;
}
if (!user_access('administer group', $account)) {
return FALSE;
}
......
......@@ -51,6 +51,14 @@ class OgWidgetHandler extends EntityReference_BehaviorHandler_Abstract {
);
}
// Field access settings.
$form['access_override'] = array(
'#title' => t('Allow entity access to control field access'),
'#description' => t('By default, the <em>administer group</em> permission is required to directly edit this field. Selecting this option will allow access to anybody with access to edit the entity.'),
'#type' => 'checkbox',
'#default_value' => isset($settings['access_override']) ? $settings['access_override'] : FALSE,
);
return $form;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment