#871: Applied patch fixing os2forms_nemid authentication check

CHANGELOG.md

@@ -6,6 +6,8 @@ Nedenfor ses dato for release og beskrivelse af opgaver som er implementeret.
 
 ## [Under udvikling]
 
+* Tilføjede patch på OS2Forms Nemid autentificeringstjek.
+
 ## [2.7.7] 2024-02-15
 
 * Opdaterede installationsguide.

composer.json

@@ -146,6 +146,9 @@
             "drupal/maestro": {
                 "Fix check for task notifications": "patches/drupal/maestro/maestro_notification.patch",
                 "Maestro task notification permission patch": "patches/drupal/maestro/maestro_task_select_notification_role_permission.patch"
+            },
+            "os2forms/os2forms": {
+                "Authentication check fix": "patches/drupal/os2forms/os2forms_nemid_authentication_check_update.patch"
             }
         },
         "patches-ignore": {

patches/drupal/os2forms/os2forms_nemid_authentication_check_update.patch

@@ -0,0 +1,52 @@
+diff --git a/modules/os2forms_nemid/os2forms_nemid.module b/modules/os2forms_nemid/os2forms_nemid.module
+index cd86dc4..a24b0a5 100644
+--- a/modules/os2forms_nemid/os2forms_nemid.module
++++ b/modules/os2forms_nemid/os2forms_nemid.module
+@@ -134,21 +134,37 @@ function os2forms_nemid_webform_submission_form_alter(array &$form, FormStateInt
+     // User is authenticated, check if the form type is corresponding to
+     // authentication type.
+     if ($authProviderPlugin->isAuthenticated()) {
+-      if ($authProviderPlugin->isAuthenticatedPerson() && $webform_type !== NemidElementBase::WEBFORM_TYPE_PERSONAL
+-        || $authProviderPlugin->isAuthenticatedCompany() && $webform_type !== NemidElementBase::WEBFORM_TYPE_COMPANY) {
+-        \Drupal::messenger()
+-          ->addWarning(t('Your login type does match the login type required by the webform. Please <a href="@logout">log out</a> and sign in with a different account', [
+-            '@logout' => $authProviderService->getLogoutUrl()
+-              ->toString(),
+-          ]));
+-        foreach (Element::children($form['actions']) as $key) {
+-          $form['actions'][$key]['#disabled'] = TRUE;
+-        }
++      // Users often login on behalf of company as themselves
++      // i.e. values may contain both a cpr and cvr value,
++      // and they will be considered authenticated as company AND person.
++      if ($webform_type === NemidElementBase::WEBFORM_TYPE_COMPANY && !$authProviderPlugin->isAuthenticatedCompany()) {
++        _os2forms_nemid_add_authentication_warning_and_disable_form($form, $authProviderService->getLogoutUrl()->toString());
++      }
++      elseif ($webform_type === NemidElementBase::WEBFORM_TYPE_PERSONAL && !$authProviderPlugin->isAuthenticatedPerson()) {
++        _os2forms_nemid_add_authentication_warning_and_disable_form($form, $authProviderService->getLogoutUrl()->toString());
+       }
+     }
+   }
+ }
+
++/**
++ * Adds authentication warning and disables actions on form.
++ *
++ * @param array $form
++ *   Form array.
++ * @param string $logoutUrl
++ *   Logout url.
++ */
++function _os2forms_nemid_add_authentication_warning_and_disable_form(array $form, string $logoutUrl) {
++  \Drupal::messenger()
++    ->addWarning(t('Your login type does match the login type required by the webform. Please <a href="@logout">log out</a> and sign in with a different account', [
++      '@logout' => $logoutUrl,
++    ]));
++  foreach (Element::children($form['actions']) as $key) {
++    $form['actions'][$key]['#disabled'] = TRUE;
++  }
++}
++
+ /**
+  * Implements hook_preprocess().
+  */