Code
/
islandora
7
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
Browse Source

Broke apart permissions to view objects and datastreams. They are now two seperate permissions. Got rid of permission to view management tabs, as these are now displayed only if the user has appropriate permissions to use the tabs.

pull/231/head
Kris Bulman 12 years ago
parent
ca227d118b
commit
12f9c81e28
1 changed files with 29 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 51
      islandora.module

51
islandora.module
Unescape View File

@ -26,13 +26,13 @@
define('DS_COMP_STREAM', 'DS-COMPOSITE-MODEL');
// Permissions
define('FEDORA_VIEW', 'view fedora repository');
define('FEDORA_VIEW_OBJECTS', 'view fedora repository objects');
define('FEDORA_VIEW_DATASTREAMS', 'view fedora repository datastreams');
define('FEDORA_METADATA_EDIT', 'edit fedora metadata');
define('FEDORA_ADD_DS', 'add fedora datastreams');
define('FEDORA_INGEST', 'ingest fedora objects');
define('FEDORA_PURGE', 'delete fedora objects and datastreams');
define('FEDORA_MANAGE_PROPERTIES', 'manage object properties');
define('FEDORA_MANAGE', 'manage fedora items');
// Hooks
define('ISLANDORA_VIEW_HOOK', 'islandora_view_object');
@ -82,7 +82,7 @@ function islandora_menu() {
'title' => 'Islandora Repository',
'page callback' => 'islandora_view_default_object',
'type' => MENU_NORMAL_ITEM,
'access arguments' => array(FEDORA_VIEW),
'access arguments' => array(FEDORA_VIEW_OBJECTS),
);
$items['islandora/object/%islandora_object'] = array(
'title' => 'Repository',
@ -90,7 +90,7 @@ function islandora_menu() {
'page arguments' => array(2),
'type' => MENU_NORMAL_ITEM,
'access callback' => 'islandora_object_access_callback',
'access arguments' => array(FEDORA_VIEW, 2),
'access arguments' => array(array(FEDORA_VIEW_OBJECTS), 2),
);
$items['islandora/object/%islandora_object/view'] = array(
'title' => 'View',
@ -108,7 +108,7 @@ function islandora_menu() {
'page arguments' => array(2),
'type' => MENU_LOCAL_TASK,
'access callback' => 'islandora_object_access_callback',
'access arguments' => array(FEDORA_MANAGE, 2),
'access arguments' => array(array(FEDORA_VIEW_OBJECTS, FEDORA_VIEW_DATASTREAMS), 2),
);
$items['islandora/object/%islandora_object/manage/datastreams'] = array(
'title' => 'Datastreams',
@ -122,7 +122,7 @@ function islandora_menu() {
'page arguments' => array('islandora_object_properties_form', 2),
'type' => MENU_LOCAL_TASK,
'access callback' => 'islandora_object_access_callback',
'access arguments' => array(FEDORA_MANAGE_PROPERTIES, 2),
'access arguments' => array(array(FEDORA_MANAGE_PROPERTIES), 2),
'weight' => -5,
);
$items['islandora/object/%islandora_object/delete'] = array(
@ -132,7 +132,7 @@ function islandora_menu() {
'page arguments' => array('islandora_delete_object_form', 2),
'type' => MENU_CALLBACK,
'access callback' => 'islandora_object_access_callback',
'access arguments' => array(FEDORA_PURGE, 2),
'access arguments' => array(array(FEDORA_PURGE), 2),
);
$items['islandora/object/%islandora_object/manage/datastreams/add'] = array(
'title' => 'Add a datastream',
@ -141,7 +141,7 @@ function islandora_menu() {
'page arguments' => array('islandora_add_datastream_form', 2),
'type' => MENU_LOCAL_ACTION,
'access callback' => 'islandora_object_access_callback',
'access arguments' => array(FEDORA_ADD_DS, 2)
'access arguments' => array(array(FEDORA_ADD_DS), 2)
);
$items['islandora/object/%islandora_object/manage/datastreams/add/autocomplete'] = array(
'file' => 'includes/add_datastream.form.inc',
@ -149,7 +149,7 @@ function islandora_menu() {
'page arguments' => array(2),
'type' => MENU_CALLBACK,
'access callback' => 'islandora_object_access_callback',
'access arguments' => array(FEDORA_ADD_DS, 2)
'access arguments' => array(array(FEDORA_ADD_DS), 2)
);
$items['islandora/object/%islandora_object/datastream/%islandora_datastream'] = array(
'title' => 'View datastream',
@ -158,7 +158,7 @@ function islandora_menu() {
'type' => MENU_CALLBACK,
'file' => 'includes/datastream.inc',
'access callback' => 'islandora_object_datastream_access_callback',
'access arguments' => array(FEDORA_VIEW, 2, 4),
'access arguments' => array(FEDORA_VIEW_DATASTREAMS, 2, 4),
'load arguments' => array(2),
);
// This menu item uses token authentication in islandora_tokened_object.
@ -174,7 +174,7 @@ function islandora_menu() {
'type' => MENU_CALLBACK,
'file' => 'includes/datastream.inc',
'access callback' => 'islandora_object_datastream_access_callback',
'access arguments' => array(FEDORA_VIEW, 2, 4),
'access arguments' => array(FEDORA_VIEW_DATASTREAMS, 2, 4),
'load arguments' => array(2),
);
$items['islandora/object/%islandora_object/datastream/%islandora_datastream/edit'] = array(
@ -248,9 +248,13 @@ function islandora_theme() {
*/
function islandora_permission() {
return array(
FEDORA_VIEW => array(
'title' => t('View repository objects and datastreams'),
'description' => t('View objects in the repository and their associated datastreams. Note: Fedora XACML security policies may override this permission.')
FEDORA_VIEW_OBJECTS => array(
'title' => t('View repository objects'),
'description' => t('View objects in the repository. Note: Fedora XACML security policies may override this permission.')
),
FEDORA_VIEW_DATASTREAMS => array(
'title' => t('View repository object datastreams'),
'description' => t('View datastreams of objects in the repository. Note: Fedora XACML security policies may override this permission.')
),
FEDORA_ADD_DS => array(
'title' => t('Add datastreams to repository objects'),
@ -272,10 +276,6 @@ function islandora_permission() {
'title' => t('Manage object properties'),
'description' => t('Modify object labels, owner IDs, and states.')
),
FEDORA_MANAGE => array(
'title' => t('View object management tabs'),
'description' => t('View tabs that provide object management functions.')
)
);
}
@ -302,8 +302,8 @@ function islandora_forms($form_id) {
* @see islandora_object_load() To find potential solutions to enable
* page not found errors.
*
* @param string $perm
* The user permission to test for.
* @param string $perms
* Array of user permission to test for.
* @param FedoraObject $object
* The object to test, if NULL given the object doesn't exist or is
* inaccessible.
@ -311,7 +311,7 @@ function islandora_forms($form_id) {
* @return boolean
* TRUE if the user is allowed to access this object, FALSE otherwise.
*/
function islandora_object_access_callback($perm, $object = NULL) {
function islandora_object_access_callback($perms, $object = NULL) {
module_load_include('inc', 'islandora', 'includes/utilities');
if (!$object && !islandora_describe_repository()) {
@ -319,7 +319,14 @@ function islandora_object_access_callback($perm, $object = NULL) {
return FALSE;
}
return user_access($perm) && is_object($object) && islandora_namespace_accessible($object->id);
// Check to see if user has one of any of the allowable permissions
$has_access = FALSE;
for ($i = 0; $i < count($perms) && !$has_access; $i++) {
$has_access = $has_access || user_access($perms[$i]);
}
return $has_access && is_object($object) && islandora_namespace_accessible($object->id);
}
/**

Write Preview
Loading…
Cancel
Save