0

I have a small module which creates and adds some custom settings for a block. Now I would like to control access to this blocks edit page. All users should be able to display the block, while changing the actual the configuration only should be available to certain users. Since I am not able to use hook_permission() I am not really sure how to best solve this so any help would be much appreciated.

Edit

I have tried this without any success:

function MYMODULE_block_info() { return array( 'MYBLOCK' => array( 'info' => t('MYBLOCK'), 'cache' => DRUPAL_CACHE_GLOBAL, ), ); }

When I clear the cache and tries to go to the blocks edit page the url changes but nothing happens. It is like I am still standing on the block overview page?

function MYMODULE_permission() { return array( 'administer MYBLOCK' => array( 'title' => t('Administer MYBLOCK'), 'description' => t('Administer MYBLOCK settings.'), ), ); } function MYMODULE_menu_alter(&$items) { $items['admin/structure/block/manage/MYMODULE/MYBLOCK/configure']['access arguments'] = array('administer MYBLOCK'); }

Edit

If I use user_access() in hook_block_configure() I almost achieve what I want. I don't know if this would be a valid way to solve this problem:

function MYMODULE_block_configure($delta = '') { $form = array(); if ($delta == 'MYBLOCK') { if (!user_access('administer MYBLOCK')) { drupal_set_message(t('You are not allowed to edit the @block block.', array('@block' => $delta)), WATCHDOG_WARNING); drupal_goto('admin/structure/block/manage'); drupal_exit(); } // Setup form for the block here. } return $form; }
Improve this question
16
  • How does the PATH look like for somebody who wants to EDIT such blocks? Commented Aug 2, 2017 at 13:45
  • "Since I am not able to use hook_permission" - why? Commented Aug 2, 2017 at 13:59
  • You could accomplish this by using hook_permission() and hook_menu_alter(). Commented Aug 2, 2017 at 14:31
  • @FatGuyLaughing - Could you add an answer which show an example on how to do this? Commented Aug 2, 2017 at 17:43
  • 1
    If this is a block you've provided through a module, then you can always guarantee the block's path. However, if it was created through the frontend of the site, then your path will be admin/structure/block/manage/block/BLOCK_ID/configure. You could still use this path directly if you would like but just be aware that if the block were to be deleted and recreated from the frontend of the site, the BLOCK_ID would change. Commented Aug 3, 2017 at 14:44

2 Answers 2

Reset to default
1 
/** * Implements hook_permission(). */ function my_module_permission() { return [ 'my_module_custom_permission' => [ 'title' => t('My Module Custom Permission'), 'description' => t('Explain what this permission allows the user to do.'), ], ]; } /** * Implements hook_menu_alter(). */ function my_module_menu_alter(&$items) { $items['admin/structure/block/manage/block/5/configure']['access arguments'] = ['my_module_custom_permission']; }

If you use the code above, follow the steps below.

Steps

  1. Replace all instances of 'my_module_custom_permission' to a machine name that makes sense.
  2. Update the 'title' and 'description' for the custom permission.
  3. Replace all instances of the word 'my_module' with your module's machine name.
  4. Change the $items path from what I have to the block path you are trying to update.

Important to note

If the block you are editing was created from the frontend of the Drupal website, then it can be deleted. If it gets deleted and then recreated, the block's ID will change. Which in turn changes the path to the block's configuration page.

Testing

Make sure to give your test user the permission we've just made and make sure they can edit the block configuration. Also, test a user who does not have the permission and make sure they can not edit the block configuration.

Improve this answer
2
  • The above does not seem to work? The altered menu item is $items['admin/structure/block/manage/MYMODULE/MYMODULEBLOCK/configure']['access arguments'] = array('mypermission'); and the only things that happens after I haved cleared the cache and trying to edit the block is that the actual form is not displayed? This block is created by the module through hook_block_info(). Commented Aug 12, 2017 at 7:52
  • I have updated the question with relevant information. Commented Aug 12, 2017 at 8:01
0

I was not able to solve this using hook_menu_alter(), instead I created a custom permission for my block and then used user_access() in the hook_block_configure() to check if the user has access or not:

function MYMODULE_permission() { return array( 'administer MYBLOCK' => array( 'title' => t('Administer MYBLOCK'), ), ); } function MYMODULE_block_configure($delta = '') { $form = array(); if ($delta == 'MYBLOCK') { // Check if user has permission to configure the block. if (!user_access('administer MYBLOCK')) { // In case the user does not have correct permission we // returns to the block overview screen and displays a warning // message. drupal_set_message(t('You are not allowed to edit the @block block.', array('@block' => $delta)), WATCHDOG_WARNING); drupal_goto('admin/structure/block/manage'); drupal_exit(); } // Setup form for the block here. } return $form; }
Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.