Users on my site can add nodes of a custom type (let's call it "Player") but cannot publish them. Effectively they need moderating before posting. Once an admin / moderator has published them, I want the owner / publisher to be changed to an the relevant admin / moderator. This is so that the user is be unable to edit them and also so it is possible to track who approved them etc.
How do I go about this? I thought it might involve Actions / Rules / Workflow / Workflow-ng etc, but I've looked at each and can't seem to figure out how to make it work!
Another alternative is to write a short module that includes an 'approve' link using hook_link(). Point that link to a menu callback that changes the node's ownership from the current user to the user that clicked the 'Approve' link.
It could be nice, clean way of solving this, but requires a bit of Drupal knowhow. However, if you ask someone in the #drupal IRC channel on irc.freenode.net, they could show you how to get started, or even code it as a contributed module for you.
You can do it manually when you're editing the Player nodes. There's a group of two settings towards the end where you can change the node creator and creation time.
Alternatively, can you give the non-admin users permission to create nodes, but remove their permission to edit these nodes. Might work, but could be painful for these users.
Just to add some more info - BrainV helped me develop the following code for a custom module - called publishtrigger here. I wanted the approve button to publish the Player node and then assign it to the "contentadmin" user, which has ID 6 in my case...
<?php
/**
* Implementation of hook_perm().
*/
function publishtrigger_perm() {
return array('approve nodes');
}
/**
* Implementation of hook_menu().
*/
function publishtrigger_menu() {
$items['approve/%'] = array(
'title' => 'Approve',
'page callback' => 'publishtrigger_approve_node',
'page arguments' => array(1),
'access arguments' => array('approve nodes'),
'type' => MENU_CALLBACK,
);
return $items;
}
/**
* Implementation of hook_link().
*/
function publishtrigger_link($type, $object, $teaser = FALSE) {
// Show this link at the bottom of nodes of the Player type which are not yet
// owned by contentadmin (UID 6).
if ($type == 'node' && $object->type == 'player') {
// Make sure user has permission to approve nodes.
if (user_access('approve nodes')) {
$links = array();
if ($object->uid != 6 || $object->status == 0) {
// Node is not owned by contentadmin (UID 6), and therefore not approved.
$links['approve_link'] = array(
'title' => 'Approve',
'href' => 'approve/' . $object->nid,
);
}
else {
// Node is already approved
$links['approve_link'] = array('title' => 'Already approved');
}
return $links;
}
}
}
/**
* When this code is run, adjust the owner of the indicated node to 'contentadmin',
* UID 6.
*
* #param $nid
* The node id of the node we want to change the owner of.
*/
function publishtrigger_approve_node($nid) {
// Load the node.
$node = node_load($nid);
// Set the UID to 6 (for contentadmin).
$node->uid = 6;
// Publish the node
$node->status = 1;
// Save the node again.
node_save($node);
// Go back to the node page
drupal_goto($node->path);
}
Related
I have built a custom registration form using module_form_alter hook. I have also added the required new fields to the database with db_add_field. Now I'm able to add the values to the table in user registration/ user profile edit and the values are also getting stored in the database.. But what I'm not able to do is get the values that are stored in the database in the user profile edit form is displayed. Is there a hook to load the values from database to form on form load? Or is there any other way?
function customUser_schema_alter(&$schema) {
// Add field to existing schema.
$schema['users']['fields']['detail'] = array(
'type' => 'varchar',
'length' => 100,
);
}
function customUser_install() {
$schema = drupal_get_schema('users');
db_add_field('users', 'detail', $schema['fields']['detail']);
}
function customUser_form_alter(&$form, &$form_state, $form_id) {
// check to see if the form is the user registration or user profile form
// if not then return and don’t do anything
if (!($form_id == 'user_register_form' || $form_id == 'user_profile_form')) {
return;
}
$form['account']['detail'] = array(
'#type' => 'textfield',
'#title' => t('Additional Detail'),
);
}
A proper answer needs more details. I can only assume what you did.
You added fields to the {users} table. You didn't update the database schema which made drupal_write_record not be aware of the new fields, that being the reason they are not populated.
You created a new table {my_table} with the fields.
In both cases you need hook_user_insert()
/**
* Implements hook_user_insert().
*/
function mymodule_user_insert(&$edit, $account, $category) {
// Here you add the code to update the entry in {users} table,
// or int your custom table.
// $edit has the values from the form, $account->uid has the
// uid of the newly created user.
}
Note: If my first assumption is true that's not the drupal way to do it. You should have done the 2nd way instead. And even in that case use the hook_schema to create your table in mymodule.install instead of doing db_add_field().
For drupal 7 you could have uses the profile module (core) or profile2 to achieve that.
Based on that code
Try to change to this inside the form alter.
$account = $form['#user'];
$form['account']['detail'] = array(
'#type' => 'textfield',
'#title' => t('Additional Detail'),
'#default_value' => $account->detail,
);
I have several things I want to check before a user may create a node. So, if the user visits node/add/proposal I want to check if he may do so, so I wrote a module:
function proposals_menu() {
$items['node/add/proposal'] = array(
'title' => t('Proposal'),
'access callback' => 'proposals_access',
);
return $items;
}
function proposals_access() {
$cond1;
$cond2;
...
return cond1 && cond2 && ....;
}
When I click on add content -> proposal I get a blank page. What am I missing?
To override existing menu items you need to use hook_menu_alter() instead of hook_menu(). e.g.
function proposals_menu_alter(&$items) {
$items['node/add/proposal']['access callback'] = 'some_function';
}
But there's also hook_node_access() which would be preferable to use for (as the name suggests) checking node access. e.g.
function proposals_node_access($node, $op, $account) {
$type = is_string($node) ? $node : $node->type;
if ($type == 'proposal' && $op == 'create') {
if ($allow_access) {
return NODE_ACCESS_ALLOW;
}
else {
return NODE_ACCESS_DENY;
}
}
return NODE_ACCESS_IGNORE;
}
Assuming you populate $allow_access with your access check. Be sure to use the $account object that's passed to the hook to verify the operation against that user object. Don't depend on the currently logged in user, which will not always be the same.
You get a blank page because you are not telling drupal how to render the path you are creating. For that you need to add a page callback to the item. As specified in the hook_menu documentation, this function will be called to display the page when the user visits the path.
...
$items['node/add/proposal'] = array(
...
'page callback' => 'proposals_display_function'
);
...
Goal: Is to save information of a node which gets updated. We need to gather the node id of the node which is updated and also the user names of people who have bookmarked it.
Implementation:
I have managed to get the both this detail using flags and rules module. I made a custom module which implemented the hook to get this info.
I am getting stuck here:
Now I need to save the user name and the node id. I am still deciding if I want to use fields or the db layer.
One username can have multiple node id saved.
Now the problem is I don't know for sure how many nodes will be enough. It depends on the user. It can be 5 can be 500 or even 5000 node ids that might need to be saved for one user.
So how do I make provision for this ?
So I am stuck with the logic. How should I use the db layer or the fields in custom content type to save this ? and how should I do it ?
Please advice. I am using d7.
custom module code
/*
* Implementation of the hook_rules_action_info()
*
*/
function customvishal_rules_action_info()
{
$actions = array(
'customvishal_action_userdetail' => array(
'label' =>t('Custom function to send notifications'),
'group'=>t('Cusotm Code for sending notifications'),
'parameter'=> array(
'account'=> array(
'type'=>'user',
'label'=>t('Going to get user list'),
),
// for the node
'productdetail'=> array(
'type'=>'node',
'label'=>t('Passding the node data'),
),
)
),
);
return $actions;
}
/*
* The action function for the rules exampled hello world
*
*/
function customvishal_action_userdetail($account,$productdetail)
{
drupal_set_message(t('This user #username! has flagged it',
array('#username' => $account->mail)));
drupal_set_message(t('This node #nid has got updated',
array('#nid' => $productdetail->nid)));
// The above takes care of the node and the user information later I will put
// it in a db or something like that.
// end of the function customvishal_action_userdetail
}
It really seems like you should be using hook_node_update() and hook_node_insert() to for access to nodes that have just been added or updated.
If you wanted access to the node data just before it was saved, then hook_node_presave() would be the one to use.
I don't think you need presave though because you mentioned you needed the node ID, and presave does not have that for new nodes yet.
Here's a way to process new and updated nodes. The first 2 functions just hook into the right place and route the node to the 3rd function.
<?php
// hook into node inserts
function customvishal_node_insert($node) {
if ($node->type == 'mynodetype') {
customvishal_handle_data($node);
}
}
// hook into node updates
function customvishal_node_update($node) {
if ($node->type == 'mynodetype') {
customvishal_handle_data($node);
}
}
// custom handler for the nodes
function customvishal_handle_data($node) {
// load a user object of the node's author
$author = user_load($node->uid);
// now do what we need to do with $node and $user data
}
Remember you need to clear the Drupal cache for new hooks in your module to work in D7.
In the context of organic groups, I am writing a module which will stop users who are not members of a group from adding group posts into that group.
My module currently sets the permissions necessary and detects whether a user has the permission.
So when a user(s) are looking at a group page, I want to disable/remove the standard link to create group posts.
Try this method.
function mymodule_menu_alter(&$items) {
global $user;
// Perform code for finding out users permissions.
// lets suppose we set true or false to $restricted after all
if ($restricted && isset($items['node/add/yourtype'])) {
$items['node/add/yourtype']['access arguments'] = FALSE;
// or unset($items['node/add/yourtype']) to remove item for user
}
}
If I understood right you don't want certain users to create a content type.
So the steps are:
1) Create a menu hook.
// Here we make sure if the user goes to for creating this node type
// we can use the appropriate call back function to stop it.
function yourmodoule_menu() {
$items = array();
$items['node/add/page'] = array(
'page arguments' => array('yourmodule_additional_actions'),
'access arguments' => array('administer create content')
);
}
2) Then make a permission hook to make sure only certain users have this permission.
// drupal will only allow access to to path 'node/add/page' with people
// who have access given by you.
function yourmodule_permission() {
return array(
'add content' => array(
'title' => t('Administer create conent'),
'description' => t('Perform administration tasks and create content')
)
)
}
3) Write your code for those users who have the permission.
// Only affter they have this permisson drupal will allow them access
// to the below function.
function yourmodule_additional_actions() {
// this code will only execute if the user has the permission
// "Administer create conent"
}
I'm using WordPress to make my users make their own website/blog. I have a set up that I'm cloning out to all the users with some special user-roles and standard plugins.
However, some of the plugins are not supposed to be changed or inactivated by the users.
Is their any way to select which plugins different user roles are allowed to use? Or a easy way to hide some plugins in the plugins-page but still have them working as normal?
Maybe there's some plugin that helps me to do this?
You could write a plugin that uses the "all_plugins" filter hook to remove from the array plugins that you don't want displaying for a certain user. Something like this:
$plugin_credentials = array(
'bob' => array(
'Hello Dolly' => 1
),
'jim' => array(
'Akismet' => 1,
'Hello Dolly' => 1,
),
'admin' => "**ALL**"
);
function plugin_permissions($plugins)
{
global $current_user, $plugin_credentials;
$username = $current_user->user_login;
if ($plugin_credentials[$username] == "**ALL**")
return $plugins;
$viewable_plugins = array();
foreach ($plugins as $plugin) {
if (isset($plugin_credentials[$username]) &&
isset($plugin_credentials[$username][$plugin['Name']]) &&
$plugin_credentials[$username][$plugin['Name']] == 1) {
array_push($viewable_plugins, $plugin);
}
}
return $viewable_plugins;
}
add_filter('all_plugins', 'plugin_permissions');
Managing the user permissions in the plugin itself is not ideal, but it is probably easiest. You can expand on that idea to create admin pages for managing the users and their viewable plugins in a database table somewhere.
Each plugin will usually specify their own role/permission, which you can see if you look at their add_submenu_page() or such function calls. You can create new roles for those plugins and replace the one specified by the author, but it will also break the changes if you upgrade the plugins.
You should stratify the users. Make sure that the Admin user(s) are trusted and know not to fiddle with what they don't understand. The others should be limited to their roles. Authors, editors, etc. For example, if they're just a part of the site to write articles, then they don't need to see the rest of it. Make them an author and be done with it.
This is part of client education. If its a smaller client with less stratified roles, then make them two accounts. Tell them "this is the account you administer the site with, you'll be using this rarely. And this is the account that you'll use most of the time to write and edit. You can do all of your daily tasks here and will most likely never need the administrator account". You won't always have luck with this approach, but its less time and effort invested in crap you shouldn't be wasting time on.
I've done a new version based on #spuriousdata Answer. This one uses the plugin slugs (file name minus the extension) to build the list of restrictions. This way is easier as we can unset the array using the first level $keys.
Configuration instructions in the code itself.
<?php
/**
* Plugin Name: Limit Plugins by User
* Plugin URI: http://stackoverflow.com/q/14340131/1287812
* Description: Show selected plugins for specific users.
* Based on the code by spuriousdata, http://stackoverflow.com/a/3713985.
* Author: brasofilo
* Author URI: http://wordpress.stackexchange.com/users/12615/brasofilo
* Version: 1.0
* License: GPLv2 or later
*/
add_filter( 'all_plugins', 'plugin_permissions_so_3707134' );
/**
* Filter the list of plugins according to user_login
*
* Usage: configure the variable $plugin_credentials, which holds a list of users and their plugins.
* To give full access, put a simple string "ALL"
* To grant only for some plugins, create an array with the Plugin Slug,
* which is the file name without extension (akismet.php, hello.php)
*
* #return array List of plugins
*/
function plugin_permissions_so_3707134( $plugins )
{
// Config
$plugin_credentials = array(
'admin' => "ALL",
'other-admin' => array(
'akismet',
),
'another-admin' => array(
'akismet',
'hello',
),
);
// Current user
global $current_user;
$username = $current_user->user_login;
// Super admin, return everything
if ( "ALL" == $plugin_credentials[ $username ] )
return $plugins;
// Filter the plugins of the user
foreach ( $plugins as $key => $value )
{
// Get the file name minus extension
$plugin_slug = basename( $key, '.php' );
// If not in the list of allowed plugins, remove from array
if( !in_array( $plugin_slug, $plugin_credentials[ $username ] ) )
unset( $plugins[ $key ] );
}
return $plugins;
}