Last active
November 12, 2015 16:50
-
-
Save zviryatko/358f3c97c7c2c6b8a9d1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Implements hook_menu_alter(). | |
*/ | |
function familink_custom_menu_alter(&$items) { | |
$items['user/%user/cancel']['access callback'] = 'familink_custom_user_admin_access'; | |
$items['user/%user/cancel']['access arguments'] = array(1, 'user_cancel_access'); | |
$items['user/%user/cancel/confirm/%/%']['access callback'] = 'familink_custom_user_admin_access'; | |
$items['user/%user/cancel/confirm/%/%']['access arguments'] = array(1, 'user_cancel_access'); | |
$items['user/%user/edit']['access callback'] = 'familink_custom_user_admin_access'; | |
$items['user/%user/edit']['access arguments'] = array(1, 'user_edit_access'); | |
} | |
/** | |
* Restrict access to edit/cancel is not administrator edit administrator user. | |
* | |
* @param $user | |
* @param $next | |
* | |
* @return bool | |
*/ | |
function familink_custom_user_admin_access($account, $next) { | |
global $user; | |
$admin_role = user_role_load_by_name('administrator'); | |
if (user_has_role($admin_role->rid, $account) && !user_has_role($admin_role->rid, $user) && $user->uid != $account->uid) { | |
drupal_set_message(t("You don't have access to edit this user.")); | |
return FALSE; | |
} | |
return is_callable($next) && $next($account); | |
} | |
/** | |
* Implements hook_form_FORM_ID_alter(). | |
*/ | |
function familink_custom_form_user_admin_account_alter(&$form, &$form_state, $form_id) { | |
$form['#after_build'][] = 'familink_custom_form_user_admin_account_after_build'; | |
} | |
function familink_custom_form_user_admin_account_after_build($form, $form_state) { | |
$key = array_search('user_admin_account_submit', $form['#submit']); | |
$form['#submit'][$key] = 'familink_custom_form_user_admin_account_submit'; | |
return $form; | |
} | |
/** | |
* Submit the user administration update form. | |
*/ | |
function familink_custom_form_user_admin_account_submit($form, &$form_state) { | |
global $user; | |
$operations = module_invoke_all('user_operations', $form, $form_state); | |
$operation = $operations[$form_state['values']['operation']]; | |
// Filter out unchecked accounts. | |
$uids = array_filter($form_state['values']['accounts']); | |
if ($function = $operation['callback']) { | |
$admin_role = user_role_load_by_name('administrator'); | |
if (!user_has_role($admin_role->rid, $user)) { | |
$restriction = array(); | |
$accounts = user_load_multiple($uids); | |
foreach ($accounts as $account) { | |
if (user_has_role($admin_role->rid, $account)) { | |
$restriction[] = format_username($account); | |
unset($uids[array_search($account->uid, $uids)]); | |
} | |
} | |
if (count($restriction)) { | |
$message = t("You don't have access to perform operation %op for this users: %names.", array( | |
'%op' => $operation['label'], | |
'%names' => implode(', ', $restriction) | |
)); | |
drupal_set_message($message, 'warning', FALSE); | |
} | |
} | |
// Add in callback arguments if present. | |
if (isset($operation['callback arguments'])) { | |
$args = array_merge(array($uids), $operation['callback arguments']); | |
} | |
else { | |
$args = array($uids); | |
} | |
call_user_func_array($function, $args); | |
drupal_set_message(t('The update has been performed.')); | |
} | |
} | |
/** | |
* Implements hook_form_FORM_ID_alter(). | |
*/ | |
function familink_custom_form_user_multiple_cancel_confirm_alter(&$form, &$form_state, $form_id) { | |
$form['#after_build'][] = 'familink_custom_form_user_multiple_cancel_confirm_after_build'; | |
} | |
function familink_custom_form_user_multiple_cancel_confirm_after_build($form, $form_state) { | |
$key = array_search('user_admin_account_submit', $form['#submit']); | |
$form['#submit'][$key] = 'familink_custom_form_user_multiple_cancel_confirm_submit'; | |
return $form; | |
} | |
function familink_custom_form_user_multiple_cancel_confirm_submit($form, &$form_state) { | |
global $user; | |
if ($form_state['values']['confirm']) { | |
$admin_role = user_role_load_by_name('administrator'); | |
$accounts = user_load_multiple(array_keys($form_state['values']['accounts'])); | |
$restriction = array(); | |
foreach ($form_state['values']['accounts'] as $uid => $value) { | |
// Prevent programmatic form submissions from cancelling user 1. | |
if ($uid <= 1) { | |
continue; | |
} | |
// Restrict access for canceling administrator by non admin user. | |
if (!user_has_role($admin_role->rid, $user) && user_has_role($admin_role->rid, $accounts[$uid])) { | |
$restriction[] = format_username($accounts[$uid]); | |
continue; | |
} | |
// Prevent user administrators from deleting themselves without confirmation. | |
if ($uid == $user->uid) { | |
$admin_form_state = $form_state; | |
unset($admin_form_state['values']['user_cancel_confirm']); | |
$admin_form_state['values']['_account'] = $user; | |
user_cancel_confirm_form_submit(array(), $admin_form_state); | |
} | |
else { | |
user_cancel($form_state['values'], $uid, $form_state['values']['user_cancel_method']); | |
} | |
} | |
if (count($restriction)) { | |
$message = t("You don't have access to perform operation %op for this users: %names.", array( | |
'%op' => t('Cancel the selected user accounts'), | |
'%names' => implode(', ', $restriction) | |
)); | |
drupal_set_message($message, 'warning', FALSE); | |
} | |
} | |
$form_state['redirect'] = 'admin/people'; | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment