I want a permission that will prevent people from logging in. (So, all users of role X could be temporarily blocked, while keeping their profile pages available.)
Excerpt of the login process from Pro Drupal Development 2nd Edition:
- POST from login form
- User is blocked?
- User is denied by access control?
I want to stop users at step three of the process. I have a module:
/**
* Implementation of hook_perm().
*/
function odp_perm() {
return array('log in');
}
/**
* Implementation of hook_user
* lock out without the 'log in' permission
*/
function odp_user($op, &$edit, &$account, $category = NULL) {
if ($op == 'login' && ! user_access('log in')) {
drupal_set_message("You do not have access to log in.", "error");
drupal_goto('logout'); //doesn't work
drupal_goto('content/party-tonight'); //also doesn't work
}
}
Perhaps I'm using drupal_goto wrong.
What is the best way to do this?