From 7e5a35fd4ff3917203d2aecfdd63ccd00048a510 Mon Sep 17 00:00:00 2001 From: Stanislav Kutasevits Date: Wed, 27 Sep 2023 10:48:02 +0300 Subject: [PATCH] os2forms_permissions_by_term: removing node access control --- .../os2forms_permissions_by_term/README.md | 2 +- .../os2forms_permissions_by_term.module | 28 ---- .../src/Helper/Helper.php | 140 ------------------ 3 files changed, 1 insertion(+), 169 deletions(-) diff --git a/modules/os2forms_permissions_by_term/README.md b/modules/os2forms_permissions_by_term/README.md index 6d305f7..2c57293 100644 --- a/modules/os2forms_permissions_by_term/README.md +++ b/modules/os2forms_permissions_by_term/README.md @@ -19,7 +19,7 @@ Alternative change your site configuration on admin/permissions-by-term/settings be thoroughly tested. ## Usage -- The user affiliation taxonomy is added to webform config form, nodes (of type webform) and Maestro workflow forms. +- The user affiliation taxonomy is added to webform config form and Maestro workflow forms. - The Permissions by Term module adds a form element to the user form. - When a user visits an entity of the above mentioned this module checks for match between the entity and the users affiliation. If no match is found access is denied. diff --git a/modules/os2forms_permissions_by_term/os2forms_permissions_by_term.module b/modules/os2forms_permissions_by_term/os2forms_permissions_by_term.module index 12ea729..31ab4b7 100644 --- a/modules/os2forms_permissions_by_term/os2forms_permissions_by_term.module +++ b/modules/os2forms_permissions_by_term/os2forms_permissions_by_term.module @@ -8,7 +8,6 @@ use Drupal\Core\Config\Entity\ConfigEntityInterface; use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Session\AccountInterface; -use Drupal\node\NodeInterface; use Drupal\os2forms_permissions_by_term\Form\SettingsForm; use Drupal\views\Plugin\views\query\QueryPluginBase; use Drupal\views\ViewExecutable; @@ -50,15 +49,6 @@ function os2forms_permissions_by_term_form_webform_settings_form_alter(array &$f \Drupal::service('os2forms_permissions_by_term.helper')->webformAlter($form, $form_state, 'settings'); } -/** - * Implements hook_form_FORM_ID_alter(). - * - * Alter the node add/edit form. - */ -function os2forms_permissions_by_term_form_node_form_alter(array &$form, FormStateInterface $form_state) { - \Drupal::service('os2forms_permissions_by_term.helper')->nodeFormAlter($form, $form_state); -} - /** * Implements hook_ENTITY_TYPE_access() for webform entities. * @@ -68,15 +58,6 @@ function os2forms_permissions_by_term_webform_access(WebformInterface $webform, return \Drupal::service('os2forms_permissions_by_term.helper')->webformAccess($webform, $operation, $account); } -/** - * Implements hook_ENTITY_TYPE_access() for node entities. - * - * Allow/deny access to node. - */ -function os2forms_permissions_by_term_node_access(NodeInterface $node, $operation, AccountInterface $account) { - return \Drupal::service('os2forms_permissions_by_term.helper')->nodeAccess($node, $operation, $account); -} - /** * Implements hook_form_FORM_ID_alter(). * @@ -122,15 +103,6 @@ function os2forms_permissions_by_term_form_alter(array &$form, FormStateInterfac \Drupal::service('os2forms_permissions_by_term.maestro_template_helper')->maestroFormAlter($form, $form_state, $form_id); } -/** - * Implements hook_options_list_alter(). - * - * Change options list field for node.field_os2forms_permissions. - */ -function os2forms_permissions_by_term_options_list_alter(array &$options, array $context) { - \Drupal::service('os2forms_permissions_by_term.helper')->optionsListAlter($options, $context); -} - /** * Implements hook_views_query_alter(). * diff --git a/modules/os2forms_permissions_by_term/src/Helper/Helper.php b/modules/os2forms_permissions_by_term/src/Helper/Helper.php index 06a916d..47c6d30 100644 --- a/modules/os2forms_permissions_by_term/src/Helper/Helper.php +++ b/modules/os2forms_permissions_by_term/src/Helper/Helper.php @@ -11,10 +11,7 @@ use Drupal\Core\Session\AccountInterface; use Drupal\Core\Session\AccountProxyInterface; use Drupal\Core\StringTranslation\StringTranslationTrait; -use Drupal\Core\Url; -use Drupal\node\NodeInterface; use Drupal\permissions_by_term\Service\AccessStorage; -use Drupal\user\Entity\User; use Drupal\webform\WebformInterface; /** @@ -209,34 +206,6 @@ public function webformAccess(WebformInterface $webform, $operation, AccountInte return AccessResult::neutral(); } - /** - * Implementation of hook_ENTITY_TYPE_access(). - * - * Check access on node related operations. - * - * @param \Drupal\node\NodeInterface $node - * The node entity. - * @param string $operation - * The operation being performed on the node. - * @param \Drupal\Core\Session\AccountInterface $account - * The current user. - * - * @return mixed - * The resulting access permission. - */ - public function nodeAccess(NodeInterface $node, $operation, AccountInterface $account) { - if ('webform' === $node->bundle()) { - switch ($operation) { - case 'view': - // Deny access to node view if no permission by term is set. - $nodePermissionsByTerm = $node->field_os2forms_permissions->getValue(); - return empty($nodePermissionsByTerm) - ? AccessResult::forbidden() - : AccessResult::neutral(); - } - } - } - /** * Custom submit handler for webform add/edit form. * @@ -263,54 +232,6 @@ public function webformSubmit(array $form, FormStateInterface $form_state) { $webform->save(); } - /** - * Implementation of hook_form_FORM_ID_alter(). - * - * Add permission by term selection to node "add" and "edit". - * - * @param array $form - * The form being altered. - * @param \Drupal\Core\Form\FormStateInterface $form_state - * The state of the form. - * - * @throws \Drupal\Component\Plugin\Exception\InvalidPluginDefinitionException - * @throws \Drupal\Component\Plugin\Exception\PluginNotFoundException - */ - public function nodeFormAlter(array &$form, FormStateInterface $form_state) { - /** @var \Drupal\Core\Entity\EntityForm $formObject */ - $formObject = $form_state->getFormObject(); - $nodeBundle = $formObject->getEntity()->bundle(); - if (1 === (int) $this->account->id() || 'webform' !== $nodeBundle) { - return; - } - - // Run custom submit handler before default node submission. - array_unshift( - $form['actions']['submit']['#submit'], - [$this, 'nodeWebformPermisisonsByTermSubmit'] - ); - $user = $this->entityTypeManager->getStorage('user')->load($this->account->id()); - $userTerms = $this->accessStorage->getPermittedTids($user->id(), $user->getRoles()); - $anonymousTerms = $this->accessStorage->getPermittedTids(0, ['anonymous']); - $webformReference = $form['webform']['widget'][0]['target_id']['#default_value']; - // If a webform is referenced from the node add message. - if ($webformReference) { - $url = URL::fromRoute('entity.webform.settings_access', ['webform' => $webformReference])->toString(); - $form['field_os2forms_permissions']['widget'][0]['#prefix'] = - '
' . $this->t('Anonymous access to view this content is set on the related webform access page . (Create submissions permission)', ['@url' => $url]) . '
'; - } - // Disable anonymous terms. They should always be fetched from webform. - foreach ($anonymousTerms as $termId) { - $form['field_os2forms_permissions']['widget'][$termId]['#disabled'] = TRUE; - } - - // Set access value automatically if user only has one term option. - if (1 === count($userTerms)) { - $form['field_os2forms_permissions']['widget']['#disabled'] = TRUE; - $form['field_os2forms_permissions']['widget']['#default_value'][] = $userTerms[0]; - } - } - /** * Implements hook_field_widget_multivalue_WIDGET_TYPE_form_alter(). * @@ -330,67 +251,6 @@ public function fieldWidgetWebformEntityReferenceFormAlter(array &$elements) { $elements[0]['target_id']['#options'] = $result; } - /** - * Implements hook_options_list_alter(). - * - * Change options list field for node.field_os2forms_permissions. - * Add anonymous option to allow the form to be displayed for anonymous users. - * - * @param array $options - * The options of the list. - * @param array $context - * The context of the options list. - * - * @throws \Drupal\Component\Plugin\Exception\InvalidPluginDefinitionException - * @throws \Drupal\Component\Plugin\Exception\PluginNotFoundException - */ - public function optionsListAlter(array &$options, array $context) { - // Alter the field_os2forms_permissions options list. - if ('node.field_os2forms_permissions' !== $context['fieldDefinition']->getFieldStorageDefinition()->id()) { - return; - } - // Limit options to those available on user profile. - $options = []; - $user = $this->entityTypeManager->getStorage('user')->load($this->account->id()); - $userTerms = $this->accessStorage->getPermittedTids($user->id(), $user->getRoles()); - foreach ($userTerms as $userTerm) { - $term = $this->entityTypeManager->getStorage('taxonomy_term')->load($userTerm); - $options[$userTerm] = $term->label(); - } - $anonymousTerms = $this->accessStorage->getPermittedTids(0, ['anonymous']); - foreach ($anonymousTerms as $termId) { - $term = $this->entityTypeManager->getStorage('taxonomy_term')->load($termId); - $label = $this->t('@term_label (Note: View permission only. This setting depends on the related webform.)', ['@term_label' => $term->label()]); - $options = [$termId => $label] + $options; - } - } - - /** - * Custom submit handler for setting permissions by term on node. - * - * @param array $form - * The form that is being submitted. - * @param \Drupal\Core\Form\FormStateInterface $form_state - * The state of the form being submitted. - */ - public function nodeWebformPermisisonsByTermSubmit(array $form, FormStateInterface $form_state) { - $webformReference = $form_state->getValue('webform'); - $webformTarget = $webformReference['0']['target_id'] ?? NULL; - if (!$webformTarget) { - return; - } - $existingValues = $form_state->getValue('field_os2forms_permissions'); - $anonymousTerms = $this->accessStorage->getPermittedTids(0, ['anonymous']); - $anonymousUser = User::getAnonymousUser(); - $referencedWebform = $this->entityTypeManager->getStorage('webform')->load($webformTarget); - foreach ($anonymousTerms as $termId) { - if ($referencedWebform->access('submission_create', $anonymousUser)) { - $existingValues[] = ['target_id' => $termId]; - } - } - $form_state->setValue('field_os2forms_permissions', $existingValues); - } - /** * Add to the private variable webformSelectOptions. *