/**
* {@inheritdoc}
*
* When the $operation is 'add' then the $entity is of type 'profile_type',
* otherwise $entity is of type 'profile'.
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
{
$account = $this->prepareUser($account);
$user_page = \Drupal::request()->attributes->get('user');
// Some times, operation edit is called update.
// Use edit in any case.
if ($operation == 'update') {
$operation = 'edit';
}
// Check that if profile type has require roles, the user the profile is
// being added to has any of the required roles.
if ($entity->getEntityTypeId() == 'profile') {
$profile_roles = ProfileType::load($entity->bundle())->getRoles();
$user_roles = $entity->getOwner()->getRoles(TRUE);
if (!empty(array_filter($profile_roles)) && !array_intersect($user_roles, $profile_roles)) {
return AccessResult::forbidden();
}
} elseif ($entity->getEntityTypeId() == 'profile_type') {
$profile_roles = $entity->getRoles();
$user_roles = User::load($user_page->id())->getRoles(TRUE);
if (!empty(array_filter($profile_roles)) && !array_intersect($user_roles, $profile_roles)) {
return AccessResult::forbidden();
}
}
if ($account->hasPermission('bypass profile access')) {
return AccessResult::allowed()->cachePerPermissions();
} elseif ($operation == 'add' && ($user_page->id() == $account->id() && $account->hasPermission($operation . ' own ' . $entity->id() . ' profile') || $account->hasPermission($operation . ' any ' . $entity->id() . ' profile')) || $operation != 'add' && ($entity->getOwnerId() == $account->id() && $account->hasPermission($operation . ' own ' . $entity->getType() . ' profile') || $account->hasPermission($operation . ' any ' . $entity->getType() . ' profile'))) {
return AccessResult::allowed()->cachePerPermissions();
} else {
return AccessResult::forbidden()->cachePerPermissions();
}
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
{
if ($entity->getOwnerId() == $account->id()) {
return AccessResult::allowedIfHasPermission($account, $operation . ' own ' . $entity->bundle() . ' entity');
}
return AccessResult::allowedIfHasPermission($account, $operation . ' any ' . $entity->bundle() . ' entity');
}
/**
* Prepares the link to the profile.
*
* @param \Drupal\Core\Entity\EntityInterface $profile
* The profile entity this field belongs to.
* @param ResultRow $values
* The values retrieved from the view's result set.
*
* @return string
* Returns a string for the link text.
*/
protected function renderLink($profile, ResultRow $values) {
// Ensure user has access to edit this profile.
if (!$profile->access('update')) {
return;
}
$this->options['alter']['make_link'] = TRUE;
$this->options['alter']['path'] = "user/" . $profile->getOwnerId() . "/profile/" . $profile->bundle() . "/" . $profile->id();
$this->options['alter']['query'] = \Drupal::destination()->getAsArray();
$text = !empty($this->options['text']) ? $this->options['text'] : t('Edit');
return $text;
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
{
/** @var ScheduledUpdate $entity */
if ($operation == 'view') {
return AccessResult::allowedIfHasPermission($account, 'view scheduled update entities');
}
$type_id = $entity->bundle();
if ($entity->getOwnerId() == $account->id()) {
// If owner that needs either own or any permission, not both.
return AccessResult::allowedIfHasPermissions($account, ["{$operation} any {$type_id} scheduled updates", "{$operation} own {$type_id} scheduled updates"], 'OR');
} else {
return AccessResult::allowedIfHasPermission($account, "{$operation} any {$type_id} scheduled updates");
}
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $support_ticket, $operation, AccountInterface $account)
{
/** @var \Drupal\support_ticket\SupportTicketInterface $support_ticket */
// Fetch information from the support_ticket object if possible.
$status = $support_ticket->isPublished();
$uid = $support_ticket->getOwnerId();
// Check if authors can view their own unpublished support tickets.
if ($operation === 'view' && !$status && $account->hasPermission('view own unpublished support tickets') && $account->isAuthenticated() && $account->id() == $uid) {
return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($support_ticket);
}
if ($operation === 'view') {
return AccessResult::allowedIf($status)->cacheUntilEntityChanges($support_ticket);
}
// No opinion.
return AccessResult::neutral();
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
{
$account = $this->prepareUser($account);
$user_page = \Drupal::request()->attributes->get('user');
// Some times, operation edit is called update.
// Use edit in any case.
if ($operation == 'update') {
$operation = 'edit';
}
if ($account->hasPermission('bypass profile access')) {
return AccessResult::allowed()->cachePerPermissions();
} elseif ($operation == 'add' && ($user_page->id() == $account->id() && $account->hasPermission($operation . ' own ' . $entity->id() . ' profile') || $account->hasPermission($operation . ' any ' . $entity->id() . ' profile')) || $operation != 'add' && ($entity->getOwnerId() == $account->id() && $account->hasPermission($operation . ' own ' . $entity->getType() . ' profile') || $account->hasPermission($operation . ' any ' . $entity->getType() . ' profile'))) {
return AccessResult::allowed()->cachePerPermissions();
} else {
return AccessResult::forbidden()->cachePerPermissions();
}
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account)
{
/** @var \Drupal\Core\Entity\EntityInterface|\Drupal\user\EntityOwnerInterface $entity */
switch ($operation) {
case 'view':
return $account->hasPermission('access comments');
break;
case 'update':
return $account->id() && $account->id() == $entity->getOwnerId() && $entity->status->value == CommentInterface::PUBLISHED && $account->hasPermission('edit own comments') || $account->hasPermission('administer comments');
break;
case 'delete':
return $account->hasPermission('administer comments');
break;
case 'approve':
return $account->hasPermission('administer comments');
break;
}
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $order, $operation, AccountInterface $account)
{
/** @var \Drupal\uc_order\OrderInterface $order */
switch ($operation) {
case 'view':
case 'invoice':
// Admins can view all orders.
if ($account->hasPermission('view all orders')) {
return AccessResult::allowed()->cachePerPermissions();
}
// Non-anonymous users can view their own orders and invoices with permission.
$permission = $operation == 'view' ? 'view own orders' : 'view own invoices';
if ($account->id() && $account->id() == $order->getOwnerId() && $account->hasPermission($permission)) {
return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($order);
}
return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($order);
case 'update':
return AccessResult::allowedIfHasPermission($account, 'edit orders')->cachePerPermissions()->cachePerUser();
case 'delete':
if ($account->hasPermission('unconditionally delete orders')) {
// Unconditional deletion perms are always TRUE.
return AccessResult::allowed()->cachePerPermissions()->cachePerUser();
}
if ($account->hasPermission('delete orders')) {
// Only users with unconditional deletion perms can delete completed orders.
if ($order->getStateId() == 'completed') {
return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($order);
} else {
// See if any modules have a say in this order's eligibility for deletion.
$module_handler = \Drupal::moduleHandler();
foreach ($module_handler->getImplementations('uc_order_can_delete') as $module) {
$function = $module . '_uc_order_can_delete';
if ($function($order) === FALSE) {
return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($order);
}
}
return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($order);
}
}
return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($order);
}
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account)
{
/** @var \Drupal\Core\Entity\EntityInterface|\Drupal\user\EntityOwnerInterface $entity */
switch ($operation) {
case 'view':
if ($account->hasPermission('access comments') && $entity->isPublished() || $account->hasPermission('administer comments')) {
return $entity->getCommentedEntity()->access($operation, $account);
}
break;
case 'update':
return $account->id() && $account->id() == $entity->getOwnerId() && $entity->isPublished() && $account->hasPermission('edit own comments') || $account->hasPermission('administer comments');
break;
case 'delete':
return $account->hasPermission('administer comments');
break;
case 'approve':
return $account->hasPermission('administer comments');
break;
}
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
{
switch ($operation) {
case 'view':
if ($account->hasPermission('access grade items') && $account->isAuthenticated() && $account->id() == $entity->getOwnerId()) {
return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->cacheUntilEntityChanges($entity);
}
case 'update':
if ($account->hasPermission('administer grade items')) {
return AccessResult::allowed()->cachePerPermissions();
}
if (!$account->hasPermission('access grade items')) {
return AccessResult::neutral()->cachePerPermissions();
}
return AccessResult::allowedIf($account->hasPermission('customize grade items') && $entity == grade_scale_current_displayed_set($account))->cachePerPermissions()->cacheUntilEntityChanges($entity);
case 'delete':
return AccessResult::allowedIf($account->hasPermission('administer grade items') && $entity->id() != 'default')->cachePerPermissions();
default:
// No opinion.
return AccessResult::neutral();
}
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $node, $operation, AccountInterface $account)
{
/** @var \Drupal\node\NodeInterface $node */
// Fetch information from the node object if possible.
$status = $node->isPublished();
$uid = $node->getOwnerId();
// Check if authors can view their own unpublished nodes.
if ($operation === 'view' && !$status && $account->hasPermission('view own unpublished content') && $account->isAuthenticated() && $account->id() == $uid) {
return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->addCacheableDependency($node);
}
// Evaluate node grants.
return $this->grantStorage->access($node, $operation, $account);
}
/**
* {@inheritdoc}
*
* Each comment must have a comment body, which always has a text format.
*/
protected function getAdditionalCacheTagsForEntity(EntityInterface $entity)
{
/** @var \Drupal\comment\CommentInterface $entity */
return array('filter_format:plain_text', 'user:'******'user_view');
}
/**
* {@inheritdoc}
*
* Each node must have an author.
*/
protected function getAdditionalCacheTagsForEntity(EntityInterface $node)
{
return array('user:'******'user_view');
}
/**
* {@inheritdoc}
*/
public function buildRow(EntityInterface $entity) {
/** @var \Drupal\profile\ProfileInterface $entity */
$mark = [
'#theme' => 'mark',
'#mark_type' => node_mark($entity->id(), $entity->getChangedTime()),
];
$langcode = $entity->language()->id;
$uri = $entity->urlInfo();
$options = $uri->getOptions();
$options += ($langcode != LanguageInterface::LANGCODE_NOT_SPECIFIED && isset($languages[$langcode]) ? ['language' => $languages[$langcode]] : []);
$uri->setOptions($options);
$row['label']['data'] = [
'#type' => 'link',
'#title' => $entity->label(),
'#suffix' => ' ' . drupal_render($mark),
] + $uri->toRenderArray();
$row['type'] = $entity->getType()->id();
$row['owner']['data'] = [
'#theme' => 'username',
'#account' => $entity->getOwner(),
];
$row['status'] = $entity->isActive() ? $this->t('active') : $this->t('not active');
$row['changed'] = $this->dateFormatter->format($entity->getChangedTime(), 'short');
$language_manager = \Drupal::languageManager();
if ($language_manager->isMultilingual()) {
$row['language_name'] = $language_manager->getLanguageName($langcode);
}
$route_params = ['user' => $entity->getOwnerId(), 'type' => $entity->bundle(), 'profile' => $entity->id()];
$links['edit'] = [
'title' => t('Edit'),
'route_name' => 'entity.profile.edit_form',
'route_parameters' => $route_params,
];
$links['delete'] = [
'title' => t('Delete'),
'route_name' => 'entity.profile.delete_form',
'route_parameters' => $route_params,
];
$row[] = [
'data' => [
'#type' => 'operations',
'#links' => $links,
],
];
return $row + parent::buildRow($entity);
}
/**
* Assign a player to a team.
*
* Incoming entity will be a registration node with a reference
* to a team. When that's updated, load the team node and make
* sure the player is assigned/removed from the team node.
*
* TODO: This does not update the previous revision, so manual
* clean up is needed if the player is switched to a different
* team.
*
* @param \Drupal\Core\Entity\EntityInterface $entity
*/
public function assignPlayerToTeam(\Drupal\Core\Entity\EntityInterface $entity)
{
$team_nid = $entity->get('field_registration_teams')->getValue();
if (isset($team_nid[0]['target_id'])) {
$team_node = \Drupal\node\Entity\Node::load($team_nid[0]['target_id']);
$player_nids = array_merge($team_node->get('field_players')->getValue(), array(array('target_id' => $entity->getOwnerId())));
$player_nids = array_map("unserialize", array_unique(array_map("serialize", $player_nids)));
$team_node->get('field_players')->setValue($player_nids);
$team_node->save();
}
}
