Skip to main content
Drupal Answers

Return to Answer

added 3049 characters in body
Source Link
avpaderno
avpaderno
  • 98.1k
  • 15
  • 165
  • 284

As side note, rather than checking for a role, you should:

  • Create a user permission you assign to a specific role you use for those users who should see that page/view
  • Through the user interface, create a new role you assign just to those users who should see that page/view

To create a new user permission, your module needs to implement hook_permission() (Drupal 7.x) or hook_perm() (Drupal 6.x or previous). In your specific case, the permission would be two:

  • View own info page
  • View any info page

This is similar to what the Node module does, which defines the following permissions for each content type: edit own $type content and edit any $type content.

In your case, you cannot use user_access() as access callback, since that function can just check a single permission, which is then applied to every user. The code you would use should be similar to the following one.

function hide_tabs_user_info_access($account) { global $user; if ($account->uid == $user->uid) { // The logged-in user is viewing the page for their own account. return user_access('view own info page', $account); } else { // The logged-in user is viewing somebody else's page. return user_access('view any info page', $account); } // The previous lines can be simplified to the following one. // $permission = ($account->uid == $user->uid ? 'view own info page' : 'view any info page'); // return user_access($permission, $account); }

This is the code I would write.

function hide_tabs_module_implements_alter(&$implementations, $hook) { if ($hook == 'menu') { $group = $implementations['hide_tabs']; unset($implementations['hide_tabs']); $implementations['hide_tabs'] = $group; } } function hide_tabs_menu_alter(&$items) { if (isset($items['user/%user/infos'])) { $items['user/%user/infos']['access callback'] = ''; $items['user/%user/infos']['access arguments'] = array(1); } } function hide_tabs_user_info_access($account) { global $user; $permission = ($account->uid == $user->uid ? 'view own info page' : 'view any info page'); return user_access($permission, $account); }

(I will leave as exercise the implementation of hook_permission().)

Another error in your code is checking in hook_menu_alter() if the currently logged-in user has a role. That doesn't work because hook_menu_alter() is not always invoked; it is invoked when the information returned from hook_menu() needs to be re-build. You are not checking the role the logged-in user has, but the role of the user who is logged-in when Drupal re-builds the hook_menu() information.

As side note, rather than checking for a role, you should:

  • Create a user permission you assign to a specific role you use for those users who should see that page/view
  • Through the user interface, create a new role you assign just to those users who should see that page/view

To create a new user permission, your module needs to implement hook_permission() (Drupal 7.x) or hook_perm() (Drupal 6.x or previous). In your specific case, the permission would be two:

  • View own info page
  • View any info page

This is similar to what the Node module does, which defines the following permissions for each content type: edit own $type content and edit any $type content.

In your case, you cannot use user_access() as access callback, since that function can just check a single permission, which is then applied to every user. The code you would use should be similar to the following one.

function hide_tabs_user_info_access($account) { global $user; if ($account->uid == $user->uid) { // The logged-in user is viewing the page for their own account. return user_access('view own info page', $account); } else { // The logged-in user is viewing somebody else's page. return user_access('view any info page', $account); } // The previous lines can be simplified to the following one. // $permission = ($account->uid == $user->uid ? 'view own info page' : 'view any info page'); // return user_access($permission, $account); }

This is the code I would write.

function hide_tabs_module_implements_alter(&$implementations, $hook) { if ($hook == 'menu') { $group = $implementations['hide_tabs']; unset($implementations['hide_tabs']); $implementations['hide_tabs'] = $group; } } function hide_tabs_menu_alter(&$items) { if (isset($items['user/%user/infos'])) { $items['user/%user/infos']['access callback'] = ''; $items['user/%user/infos']['access arguments'] = array(1); } } function hide_tabs_user_info_access($account) { global $user; $permission = ($account->uid == $user->uid ? 'view own info page' : 'view any info page'); return user_access($permission, $account); }

(I will leave as exercise the implementation of hook_permission().)

Another error in your code is checking in hook_menu_alter() if the currently logged-in user has a role. That doesn't work because hook_menu_alter() is not always invoked; it is invoked when the information returned from hook_menu() needs to be re-build. You are not checking the role the logged-in user has, but the role of the user who is logged-in when Drupal re-builds the hook_menu() information.

Source Link
avpaderno
avpaderno
  • 98.1k
  • 15
  • 165
  • 284

The Views module uses hook_menu_alter() to add its pages. That is why hide_tabs_menu_alter() doesn't work: views_menu_alter() is invoked after hide_tabs_menu_alter(), and the changes made from your module are overridden from the Views module.
You need to change the order hooks are executed, implementing hook_module_implements_alter() or changing module weight.

function hide_tabs_module_implements_alter(&$implementations, $hook) { if ($hook == 'menu') { $group = $implementations['hide_tabs']; unset($implementations['hide_tabs']); $implementations['hide_tabs'] = $group; } }