Commit e34d18d8 authored by merlinofchaos's avatar merlinofchaos

Simplify access control code

parent fdb9236f
......@@ -478,17 +478,12 @@ function views_reset_inline_args_cache($locale = 'en') {
* Helper function to add a menu item for a view.
*/
function _views_create_menu_item(&$items, $view, $path, $local_task_type = MENU_NORMAL_ITEM, $args = array()) {
static $roles = NULL;
if ($roles == NULL) {
global $user;
$roles = array_keys($user->roles);
}
$title = filter_xss_admin(views_get_title($view, 'menu'));
$type = _views_menu_type($view);
if ($type == MENU_LOCAL_TASK || $type == MENU_DEFAULT_LOCAL_TASK) {
$weight = $view->menu_tab_weight;
}
$access = !$view->access || array_intersect($view->access, $roles);
$access = views_access($view);
$items[] = _views_menu_item($path, $title, $view, $args, $access, $type, $weight);
if ($type == MENU_DEFAULT_LOCAL_TASK) {
......@@ -496,6 +491,41 @@ function _views_create_menu_item(&$items, $view, $path, $local_task_type = MENU_
}
}
/**
* Implementation of hook_perm
*/
function views_perm() {
return array('access all views');
}
/**
* Determine if the specified user has access to a view.
*/
function views_access($view, $account = NULL) {
if (!$account) {
global $user;
$account = $user;
}
// Administrator privileges
if (user_access('access all views', $account)) {
return TRUE;
}
// All views with an empty access setting are available to all roles.
if (!$view->access) {
return TRUE;
}
// Otherwise, check roles
static $roles = array();
if (!isset($roles[$account->uid])) {
$roles[$account->uid] = array_keys($account->roles);
}
return array_intersect($view->access, $roles[$account->uid]);
}
/**
* Helper function to create a menu item for a view.
*/
......@@ -645,13 +675,7 @@ function views_view_block($vid) {
return NULL;
}
global $user;
if (!$user->roles) {
return NULL;
}
$roles = array_keys($user->roles);
if ($view->access && !array_intersect($roles, $view->access)) {
if (!views_access($view)) {
return NULL;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment