Error message

The spam filter installed on this site is currently unavailable. Per site policy, we are unable to accept new submissions until that problem is resolved. Please try resubmitting the form in a couple of minutes.

Drupal CCK FileField (ImageField) Permissions Granularity

Category: 

So I had a content type with an optional, unlimited value Imagefield attached to it. The content type's user permissions where set to allow all authenticated users to edit any node of that type. Which is all fine and dandy like sour candy. However, by default users are able to edit and/or remove other user's images in that field. Out-of-the-box that is the intended functionality, but I wanted user's images to be protected from other users. Here is how it can be done with a module:

function my_module_form_alter(&$form, &$form_state, $form_id) {
  global $user;
  switch ($form['type']['#value']) {
    case "my_content_type":
      if (user_access("administer nodes")) { break; }
      foreach (array_keys($form['field_my_images']) as $key) {
        if (!is_numeric($key)) { continue; }
        if ($form['field_my_images'][$key]['#default_value']['fid']) {
          if ($form['field_my_images'][$key]['#default_value']['uid'] != $user->uid) {
            $form['field_my_images'][$key]['#access'] = false;
          }
        }
      }
      break;
  }
}

Add new comment