/**
* Theme a "you can't post comments" notice.
*
* @param $node
* The comment node.
* @ingroup themeable
*/
function city_magazine_comment_post_forbidden($node)
{
global $user;
static $authenticated_post_comments;
if (!$user->uid) {
if (!isset($authenticated_post_comments)) {
// We only output any link if we are certain, that users get permission
// to post comments by logging in. We also locally cache this information.
$authenticated_post_comments = array_key_exists(DRUPAL_AUTHENTICATED_RID, user_roles(TRUE, 'post comments') + user_roles(TRUE, 'post comments without approval'));
}
if ($authenticated_post_comments) {
// We cannot use drupal_get_destination() because these links
// sometimes appear on /node and taxonomy listing pages.
if (variable_get('comment_form_location_' . $node->type, COMMENT_FORM_SEPARATE_PAGE) == COMMENT_FORM_SEPARATE_PAGE) {
$destination = 'destination=' . rawurlencode("comment/reply/{$node->nid}#comment-form");
} else {
$destination = 'destination=' . rawurlencode("node/{$node->nid}#comment-form");
}
if (variable_get('user_register', 1)) {
// Users can register themselves.
// original
//return t('<a href="@login"><span>Login</span></a> <span class="regulat-text">or</span> <a href="@register"><span>register</span></a> <span class="regulat-text">to post comments</span>', array('@login' => url('user/login', array('query' => $destination)), '@register' => url('user/register', array('query' => $destination))));
// no register
return t('<a href="@login"><span>Login</span></a> <span class="regulat-text">to post comments</span>', array('@login' => url('user/login', array('query' => $destination))));
} else {
// Only admins can add new users, no public registration.
return t('<a href="@login"><span>Login</span></a> to post comments', array('@login' => url('user/login', array('query' => $destination))));
}
}
}
}
/**
* {@inheritdoc}
*/
public function settingsForm(array $form, FormStateInterface $form_state, Editor $editor)
{
$settings = $editor->getSettings();
$medium_editors = array();
foreach (entity_load_multiple('medium_editor') as $medium_editor) {
$medium_editors[$medium_editor->id()] = $medium_editor->label();
}
// Default editor
$form['default_editor'] = array('#type' => 'select', '#title' => $this->t('Medium Editor'), '#options' => $medium_editors, '#default_value' => $settings['default_editor'], '#description' => $this->t('Select the default editor for the authorized roles. Editors can be configured at <a href="!url">Medium admin page</a>.', array('!url' => \Drupal::url('medium.admin'))), '#empty_option' => '- ' . $this->t('Select an editor') . ' -');
// Roles editors
$role_ids = array();
if ($format_form = $form_state->getCompleteForm()) {
if (isset($format_form['roles']['#value'])) {
$role_ids = $format_form['roles']['#value'];
} elseif (isset($format_form['roles']['#default_value'])) {
$role_ids = $format_form['roles']['#default_value'];
}
} elseif ($format = $editor->getFilterFormat()) {
$role_ids = array_keys(filter_get_roles_by_format($format));
}
if (count($role_ids) > 1) {
$form['roles_editors'] = array('#type' => 'details', '#title' => t('Role specific editors'));
$roles = user_roles();
foreach ($role_ids as $role_id) {
$form['roles_editors'][$role_id] = array('#type' => 'select', '#title' => $this->t('Editor for %role', array('%role' => $roles[$role_id]->label())), '#options' => $medium_editors, '#default_value' => isset($settings['roles_editors'][$role_id]) ? $settings['roles_editors'][$role_id] : '', '#empty_option' => '- ' . $this->t('Use the default') . ' -');
}
}
return $form;
}
/**
* Overrides \RestfulEntityBase::getQueryForList().
*/
public function getQueryForList() {
$query = parent::getQueryForList();
// Get the configured roles.
if (!$options = $this->getPluginKey('options')) {
return $query;
}
// Get a list of role ids for the configured roles.
$roles_list = user_roles();
$selected_rids = array();
foreach ($roles_list as $rid => $role) {
if (in_array($role, $options['roles'])) {
$selected_rids[] = $rid;
}
}
if (empty($selected_rids)) {
return $query;
}
// Get the list of user ids belonging to the selected roles.
$uids = db_query('SELECT uid FROM {users_roles} WHERE rid IN (:rids)', array(
':rids' => $selected_rids,
))->fetchAllAssoc('uid');
// Restrict the list of entities to the nodes authored by any user on the
// list of users with the administrator role.
if (!empty($uids)) {
$query->propertyCondition('uid', array_keys($uids), 'IN');
}
return $query;
}
/**
* Returns roles-profiles table.
*/
public function buildRolesProfilesTable(array $roles_profiles)
{
$rp_table = array('#type' => 'table');
// Prepare roles. Reverse the role order to prioritize the permissive ones.
$roles = array_reverse(user_roles());
$wrappers = \Drupal::service('stream_wrapper_manager')->getNames(StreamWrapperInterface::WRITE_VISIBLE);
// Prepare profile options
$options = array('' => '-' . $this->t('None') . '-');
foreach (\Drupal::entityManager()->getStorage('imce_profile')->loadMultiple() as $pid => $profile) {
$options[$pid] = $profile->label();
}
// Build header
$imce_url = \Drupal::url('imce.page');
$rp_table['#header'] = array($this->t('Role'));
$default = file_default_scheme();
foreach ($wrappers as $scheme => $name) {
$url = $scheme === $default ? $imce_url : $imce_url . '/' . $scheme;
$rp_table['#header'][]['data'] = array('#markup' => '<a href="' . $url . '">' . Html::escape($name) . '</a>');
}
// Build rows
foreach ($roles as $rid => $role) {
$rp_table[$rid]['role_name'] = array('#plain_text' => $role->label());
foreach ($wrappers as $scheme => $name) {
$rp_table[$rid][$scheme] = array('#type' => 'select', '#options' => $options, '#default_value' => isset($roles_profiles[$rid][$scheme]) ? $roles_profiles[$rid][$scheme] : '');
}
}
// Add description
$rp_table['#prefix'] = '<h3>' . $this->t('Role-profile assignments') . '</h3>';
$rp_table['#suffix'] = '<div class="description">' . $this->t('Assign configuration profiles to user roles for available file systems. The default file system %name is accessible at :url path.', array('%name' => $wrappers[file_default_scheme()], ':url' => $imce_url)) . '</div>';
return $rp_table;
}
/**
* Implementation of THEMEHOOK_settings() function.
*
* @param $saved_settings
* array An array of saved settings for this theme.
* @return
* array A form array.
*/
function rootcandy_settings($saved_settings, $subtheme_defaults = array())
{
// Get the default values from the .info file.
$themes = list_themes();
$defaults = $themes['rootcandy']->info['settings'];
// Allow a subtheme to override the default values.
$defaults = array_merge($defaults, $subtheme_defaults);
// Merge the saved variables and their default values.
$settings = array_merge($defaults, $saved_settings);
// Create the form widgets using Forms API
$form['header'] = array('#type' => 'fieldset', '#title' => t('Header'), '#weight' => 1, '#collapsible' => TRUE, '#collapsed' => TRUE);
$form['header']['rootcandy_header_display'] = array('#type' => 'checkbox', '#title' => t('Disable header'), '#default_value' => $settings['rootcandy_header_display']);
$form['dashboard'] = array('#type' => 'fieldset', '#title' => t('Dashboard'), '#weight' => 1, '#collapsible' => TRUE, '#collapsed' => TRUE);
$form['dashboard']['rootcandy_dashboard_display'] = array('#type' => 'checkbox', '#title' => t('Disable dashboard'), '#default_value' => $settings['rootcandy_dashboard_display']);
$form['dashboard']['rootcandy_dashboard_help'] = array('#type' => 'select', '#options' => array('left' => t('Left'), 'right' => t('Right'), 'content' => t('Content')), '#title' => t('Help box position'), '#default_value' => $settings['rootcandy_dashboard_help']);
$form['dashboard']['rootcandy_dashboard_messages'] = array('#type' => 'select', '#options' => array('left' => t('Left'), 'right' => t('Right'), 'content' => t('Content')), '#title' => t('Messages box position'), '#default_value' => $settings['rootcandy_dashboard_messages']);
$form['dashboard']['rootcandy_dashboard_content_display'] = array('#type' => 'checkbox', '#title' => t('Disable content on a dashboard'), '#default_value' => $settings['rootcandy_dashboard_content_display']);
$form['navigation'] = array('#type' => 'fieldset', '#title' => t('Navigation'), '#weight' => 1, '#collapsible' => TRUE, '#collapsed' => TRUE);
// Create the form widgets using Forms API
$form['navigation']['rootcandy_navigation_icons'] = array('#type' => 'checkbox', '#title' => t('Disable icons for main navigation'), '#default_value' => $settings['rootcandy_navigation_icons']);
$form['navigation']['rootcandy_navigation_icons_size'] = array('#type' => 'select', '#options' => array(16 => 16, 24 => 24, 32 => 32), '#title' => t('Set icons size for main navigation'), '#default_value' => $settings['rootcandy_navigation_icons_size']);
$form['navigation']['nav-by-role'] = array('#type' => 'fieldset', '#title' => t('Menu source by role'), '#weight' => 1, '#collapsible' => TRUE, '#collapsed' => TRUE);
$primary_options = array(NULL => t('None'), '_rootcandy_default_navigation' => t('default navigation'));
$primary_options = array_merge($primary_options, menu_get_menus());
$roles = user_roles(FALSE);
foreach ($roles as $rid => $role) {
$form['navigation']['nav-by-role']['rootcandy_navigation_source_' . $rid] = array('#type' => 'select', '#title' => t('@role navigation', array('@role' => $role)), '#default_value' => $settings['rootcandy_navigation_source_' . $rid], '#options' => $primary_options, '#tree' => FALSE, '#description' => t('Select what should be displayed as the navigation menu for role @role.', array('@role' => $role)));
}
$form['navigation']['custom-icons'] = array('#type' => 'fieldset', '#title' => t('Custom icons'), '#weight' => 1, '#collapsible' => TRUE, '#collapsed' => TRUE);
$form['navigation']['custom-icons']['rootcandy_navigation_custom_icons'] = array('#type' => 'textarea', '#title' => t('Custom icons'), '#default_value' => $settings['rootcandy_navigation_custom_icons'], '#description' => t('Format: menu href|icon path (relative to drupal root) - one item per row. eg. admin/build|files/myicons/admin-build.png'), '#required' => FALSE);
// Return the additional form widgets
return $form;
}
/**
* Provide the actual editing form.
*/
function edit_form(&$form, &$form_state)
{
parent::edit_form($form, $form_state);
$item = $form_state['item'];
$form['info']['admin_title']['#required'] = TRUE;
$form['info']['admin_title']['#maxlength'] = 80;
$form['path'] = array('#type' => 'textarea', '#title' => t('Paths'), '#default_value' => $item->path, '#maxlength' => 128, '#size' => 45, '#description' => t('Specify pages by using their paths. Enter one path per line. The \'*\' character is a wildcard. Example paths are %blog for the blog page and %blog-wildcard for every personal blog. %front is the front page.', array('%blog' => 'blog', '%blog-wildcard' => 'blog/*', '%front' => '<front>')), '#required' => TRUE);
$form['help'] = array('#type' => 'textarea', '#title' => t('Help message'), '#default_value' => $item->help, '#description' => t('Specify a help message.'), '#required' => TRUE);
$form['options'] = array('#type' => 'vertical_tabs');
$form['options_roles'] = array('#type' => 'fieldset', '#title' => t('Roles'), '#collapsible' => TRUE, '#group' => 'options', '#weight' => -50);
$item->options = unserialize($item->options);
$roles = user_roles(FALSE, 'view custom help text');
// Get all Authenticated roles
if (isset($roles[DRUPAL_AUTHENTICATED_RID])) {
$roles += array_diff(user_roles(TRUE), $roles);
}
if (user_access('administer permissions')) {
$permission_link = l(t('View custom help text'), 'admin/people/permissions', array('fragment' => 'module-custom_help_text'));
} else {
$permission_link = t('View custom help text');
}
$form['options_roles']['roles'] = array('#type' => 'checkboxes', '#options' => $roles, '#title' => t('User roles that can view the custom help text'), '#required' => TRUE, '#description' => t('Check the roles that needs to view the help message and have currently the permission \'!permission_url\'.', array('!permission_url' => $permission_link)));
if (!empty($item->options['roles'])) {
foreach ($item->options['roles'] as $role_name) {
if ($role = user_role_load_by_name($role_name)) {
$form['options_roles']['roles']['#default_value'][] = $role->rid;
}
}
} else {
$form['options_roles']['roles']['#default_value'] = array();
}
}
public function preRender(&$values)
{
$uids = array();
$this->items = array();
foreach ($values as $result) {
$uids[] = $this->getValue($result);
}
if ($uids) {
$roles = user_roles();
$result = $this->database->query('SELECT u.entity_id as uid, u.roles_target_id as rid FROM {user__roles} u WHERE u.entity_id IN ( :uids[] ) AND u.roles_target_id IN ( :rids[] )', array(':uids[]' => $uids, ':rids[]' => array_keys($roles)));
foreach ($result as $role) {
$this->items[$role->uid][$role->rid]['role'] = $roles[$role->rid]->label();
$this->items[$role->uid][$role->rid]['rid'] = $role->rid;
}
// Sort the roles for each user by role weight.
$ordered_roles = array_flip(array_keys($roles));
foreach ($this->items as &$user_roles) {
// Create an array of rids that the user has in the role weight order.
$sorted_keys = array_intersect_key($ordered_roles, $user_roles);
// Merge with the unsorted array of role information which has the
// effect of sorting it.
$user_roles = array_merge($sorted_keys, $user_roles);
}
}
}
/**
* @param array $form
* @param \Drupal\user\UserInterface $user
* @return array
*/
public static function addRoleDelegationElement(array $form, UserInterface $user)
{
$current_user = \Drupal::currentUser();
$roles_current = $user->getRoles(TRUE);
$roles_delegate = array();
$roles = user_roles(TRUE);
unset($roles[AccountInterface::AUTHENTICATED_ROLE]);
unset($roles['administrator']);
foreach ($roles as $rid => $role) {
if ($current_user->hasPermission('assign all roles') || $current_user->hasPermission("assign {$role->get('id')} role")) {
$roles_delegate[$rid] = isset($form['account']['roles']['#options'][$rid]) ? $form['account']['roles']['#options'][$rid] : $role->get('id');
}
}
if (empty($roles_delegate)) {
// No role can be assigned.
return $form;
}
if (!isset($form['account'])) {
$form['account'] = array('#type' => 'value', '#value' => $user);
}
$default_options = array();
foreach ($roles_current as $role) {
if (in_array($role, $roles_delegate)) {
$default_options[$role] = $role;
}
}
// Generate the form items.
$form['account']['roles_change'] = array('#type' => 'checkboxes', '#title' => isset($form['account']['roles']['#title']) ? $form['account']['roles']['#title'] : t('Roles'), '#options' => $roles_delegate, '#default_value' => array_keys(array_intersect_key(array_flip($roles_current), $roles_delegate)), '#description' => isset($form['account']['roles']['#description']) ? $form['account']['roles']['#description'] : t('Change roles assigned to user.'));
return $form;
}
public static function createFromFile($file)
{
$roles = array();
$matrix = array();
// this redefines $roles and $matrix
include $file;
$sys_roles = array();
$roles_perms = array();
foreach (user_roles() as $rid => $role) {
$sys_roles[$role] = $rid;
$roles_perms[$rid] = array();
}
$index_to_rid = array();
foreach ($roles as $role) {
$index_to_rid[] = isset($sys_roles[$role]) ? $sys_roles[$role] : FALSE;
}
foreach ($matrix as $module => $perms) {
foreach ($perms as $perm => $vals) {
foreach ($vals as $col => $val) {
if (isset($val) && $index_to_rid[$col]) {
$roles_perms[$index_to_rid[$col]][$module][$perm] = $val;
}
}
}
}
return self::create(user_roles(), $roles_perms);
}
/**
* Implements hook_form_FORM_ID_alter().
*
* @param $form
* The form.
* @param $form_state
* The form state.
*/
function rootcandy_form_system_theme_settings_alter(&$form, &$form_state)
{
global $custom_theme;
$custom_theme = 'rootcandy';
// Create the form widgets using Forms API
$form['header'] = array('#type' => 'fieldset', '#title' => t('Header'), '#weight' => 1, '#collapsible' => TRUE, '#collapsed' => TRUE);
$form['header']['rootcandy_header_display'] = array('#type' => 'checkbox', '#title' => t('Disable header'), '#default_value' => theme_get_setting('rootcandy_header_display'));
$form['header']['rootcandy_header_display_overlay'] = array('#type' => 'checkbox', '#title' => t('Disable header in overlay'), '#default_value' => theme_get_setting('rootcandy_header_display_overlay'));
$form['header']['rootcandy_hide_panel'] = array('#type' => 'checkbox', '#title' => t('Disable sliding panel'), '#default_value' => theme_get_setting('rootcandy_hide_panel'));
$form['header']['rootcandy_hide_panel_overlay'] = array('#type' => 'checkbox', '#title' => t('Disable sliding panel in overlay'), '#default_value' => theme_get_setting('rootcandy_hide_panel_overlay'));
$form['navigation'] = array('#type' => 'fieldset', '#title' => t('Navigation'), '#weight' => 1, '#collapsible' => TRUE, '#collapsed' => TRUE);
// Create the form widgets using Forms API
$form['navigation']['rootcandy_navigation_icons'] = array('#type' => 'checkbox', '#title' => t('Disable icons for main navigation'), '#default_value' => theme_get_setting('rootcandy_navigation_icons'));
$form['navigation']['rootcandy_navigation_icons_size'] = array('#type' => 'select', '#options' => array(16 => 16, 24 => 24, 32 => 32), '#title' => t('Set icons size for main navigation'), '#default_value' => theme_get_setting('rootcandy_navigation_icons_size'));
$menu_options = array_merge(array('_rootcandy_default_navigation' => t('default navigation')), menu_get_menus());
if (!($rootcandy_navigation_source_admin = theme_get_setting('rootcandy_navigation_source_admin'))) {
$rootcandy_navigation_source_admin = '_rootcandy_default_navigation';
}
$form['navigation']['rootcandy_superuser_menu'] = array('#type' => 'fieldset', '#title' => t('Super user (uid 1) menu'), '#weight' => 1, '#collapsible' => TRUE, '#collapsed' => TRUE);
$form['navigation']['rootcandy_superuser_menu']['rootcandy_navigation_source_admin'] = array('#type' => 'select', '#default_value' => theme_get_setting('rootcandy_navigation_source_admin'), '#options' => $menu_options, '#tree' => FALSE);
$primary_options = array(NULL => t('None'));
$primary_options = array_merge($primary_options, $menu_options);
$form['navigation']['role-weights'] = array('#type' => 'fieldset', '#title' => t('Menu by role and weights'), '#weight' => 2, '#collapsible' => TRUE, '#collapsed' => TRUE);
// roles setting
$roles = user_roles(FALSE);
$max_weight = 0;
foreach ($roles as $rid => $role) {
$form['navigation']['role-weights']['group-' . $rid] = array('#type' => 'fieldset', '#title' => $role, '#collapsible' => TRUE, '#collapsed' => TRUE);
$form['navigation']['role-weights']['group-' . $rid]['rootcandy_navigation_source_' . $rid] = array('#type' => 'select', '#default_value' => theme_get_setting('rootcandy_navigation_source_' . $rid), '#options' => $primary_options, '#tree' => FALSE);
// TODO: calculate defaults - change to select
$form['navigation']['role-weights']['group-' . $rid]['role-weight-' . $rid] = array('#type' => 'textfield', '#title' => t('Weight'), '#default_value' => theme_get_setting('role-weight-' . $rid), '#size' => 4, '#maxlength' => 4);
}
// Return the additional form widgets
return $form;
}
/**
* Tests the hook_modules_uninstalled() of the user module.
*/
function testUserPermsUninstalled()
{
// Uninstalls the module_test module, so hook_modules_uninstalled()
// is executed.
$this->container->get('module_installer')->uninstall(array('module_test'));
// Are the perms defined by module_test removed?
$this->assertFalse(user_roles(FALSE, 'module_test perm'), 'Permissions were all removed.');
}
/**
* {@inheritdoc}
*/
public function __construct(array $plugin_info, $resource = NULL) {
parent::__construct($plugin_info, $resource);
$limit = variable_get('restful_global_rate_limit', 0);
foreach (user_roles() as $rid => $role_info) {
$this->limits[$rid] = $limit;
}
$this->period = new \DateInterval(variable_get('restful_global_rate_period', 'P1D'));
}
/**
* Build form.
*
* @param CRM_Core_Form $form
*/
public static function buildForm(&$form)
{
// We should not build form elements in dashlet mode.
if ($form->_section) {
return;
}
// Check role based permission.
$instanceID = $form->getVar('_id');
if ($instanceID && !CRM_Report_Utils_Report::isInstanceGroupRoleAllowed($instanceID)) {
$url = CRM_Utils_System::url('civicrm/report/list', 'reset=1');
CRM_Core_Error::statusBounce(ts('You do not have permission to access this report.'), $url);
}
$attributes = CRM_Core_DAO::getAttribute('CRM_Report_DAO_ReportInstance');
$form->add('text', 'title', ts('Report Title'), $attributes['title']);
$form->add('text', 'description', ts('Report Description'), $attributes['description']);
$form->add('text', 'email_subject', ts('Subject'), $attributes['email_subject']);
$form->add('text', 'email_to', ts('To'), $attributes['email_to']);
$form->add('text', 'email_cc', ts('CC'), $attributes['email_subject']);
$form->add('number', 'row_count', ts('Limit Dashboard Results'), array('class' => 'four', 'min' => 1));
$form->add('textarea', 'report_header', ts('Report Header'), $attributes['header']);
$form->add('textarea', 'report_footer', ts('Report Footer'), $attributes['footer']);
$form->addElement('checkbox', 'is_navigation', ts('Include Report in Navigation Menu?'), NULL, array('onclick' => "return showHideByValue('is_navigation','','navigation_menu','table-row','radio',false);"));
$form->addElement('select', 'view_mode', ts('Configure link to...'), array('view' => ts('View Results'), 'criteria' => ts('Show Criteria')));
$form->addElement('checkbox', 'addToDashboard', ts('Available for Dashboard?'));
$form->add('number', 'cache_minutes', ts('Cache dashlet for'), array('class' => 'four', 'min' => 1));
$form->addElement('checkbox', 'add_to_my_reports', ts('Add to My Reports?'), NULL);
$form->addElement('checkbox', 'is_reserved', ts('Reserved Report?'));
if (!CRM_Core_Permission::check('administer reserved reports')) {
$form->freeze('is_reserved');
}
$config = CRM_Core_Config::singleton();
if ($config->userFramework != 'Joomla' || $config->userFramework != 'WordPress') {
$form->addElement('select', 'permission', ts('Permission'), array('0' => ts('Everyone (includes anonymous)')) + CRM_Core_Permission::basicPermissions());
// prepare user_roles to save as names not as ids
if (function_exists('user_roles')) {
$user_roles_array = user_roles();
foreach ($user_roles_array as $key => $value) {
$user_roles[$value] = $value;
}
$grouprole =& $form->addElement('advmultiselect', 'grouprole', ts('ACL Group/Role'), $user_roles, array('size' => 5, 'style' => 'width:240px', 'class' => 'advmultiselect'));
$grouprole->setButtonAttributes('add', array('value' => ts('Add >>')));
$grouprole->setButtonAttributes('remove', array('value' => ts('<< Remove')));
}
}
// navigation field
$parentMenu = CRM_Core_BAO_Navigation::getNavigationList();
$form->add('select', 'parent_id', ts('Parent Menu'), array('' => ts('- select -')) + $parentMenu);
// For now we only providing drilldown for one primary detail report only. In future this could be multiple reports
foreach ($form->_drilldownReport as $reportUrl => $drillLabel) {
$instanceList = CRM_Report_Utils_Report::getInstanceList($reportUrl);
if (count($instanceList) > 1) {
$form->add('select', 'drilldown_id', $drillLabel, array('' => ts('- select -')) + $instanceList);
}
break;
}
$form->addButtons(array(array('type' => 'submit', 'name' => ts('Save Report'), 'isDefault' => TRUE), array('type' => 'cancel', 'name' => ts('Cancel'))));
$form->addFormRule(array('CRM_Report_Form_Instance', 'formRule'), $form);
}
/**
* {@inheritdoc}
*/
public function buildForm(array $form, FormStateInterface $form_state)
{
// Get the list of checks.
$checks = Checklist::getChecks();
// Get the user roles.
$roles = user_roles();
$options = array();
foreach ($roles as $rid => $role) {
$options[$rid] = SafeMarkup::checkPlain($role->label());
}
// Notify the user if anonymous users can create accounts.
$message = '';
if (in_array(AccountInterface::AUTHENTICATED_ROLE, Security::defaultUntrustedRoles())) {
$message = 'You have allowed anonymous users to create accounts without approval so the authenticated role defaults to untrusted.';
}
// Show the untrusted roles form element.
$form['untrusted_roles'] = array('#type' => 'checkboxes', '#title' => t('Untrusted roles'), '#description' => t('Define which roles are for less trusted users. The anonymous role defaults to untrusted. @message Most Security Review checks look for resources usable by untrusted roles.', array('@message' => $message)), '#options' => $options, '#default_value' => Security::untrustedRoles());
// TODO: Report inactive namespaces. Old: security_review.pages.inc:146-161.
$form['advanced'] = array('#type' => 'details', '#title' => t('Advanced'), '#open' => TRUE);
// Show the logging setting.
$form['advanced']['logging'] = array('#type' => 'checkbox', '#title' => t('Log checklist results and skips'), '#description' => t('The result of each check and skip can be logged to watchdog for tracking.'), '#default_value' => SecurityReview::isLogging());
// Skipped checks.
$values = array();
$options = array();
foreach ($checks as $check) {
// Determine if check is being skipped.
if ($check->isSkipped()) {
$values[] = $check->id();
$label = t('!name <em>skipped by UID !uid on !date</em>', array('!name' => $check->getTitle(), '!uid' => $check->skippedBy()->id(), '!date' => format_date($check->skippedOn())));
} else {
$label = $check->getTitle();
}
$options[$check->id()] = $label;
}
$form['advanced']['skip'] = array('#type' => 'checkboxes', '#title' => t('Checks to skip'), '#description' => t('Skip running certain checks. This can also be set on the <em>Run & review</em> page. It is recommended that you do not skip any checks unless you know the result is wrong or the process times out while running.'), '#options' => $options, '#default_value' => $values);
// Iterate through checklist and get check-specific setting pages.
foreach ($checks as $check) {
// Get the check's setting form.
$checkForm = $check->settings()->buildForm();
// If not empty, add it to the form.
if (!empty($checkForm)) {
// If this is the first non-empty setting page initialize the 'details'
if (!isset($form['advanced']['check_specific'])) {
$form['advanced']['check_specific'] = array('#type' => 'details', '#title' => t('Check-specific settings'), '#open' => FALSE, '#tree' => TRUE);
}
// Add the form.
$subForm =& $form['advanced']['check_specific'][$check->id()];
$title = $check->getTitle();
// If it's an external check, tell the user its namespace.
if ($check->getMachineNamespace() != 'security_review') {
$title .= ' <em>(' . $check->getNamespace() . ')</em>';
}
$subForm = array('#type' => 'details', '#title' => t($title), '#open' => TRUE, '#tree' => TRUE, 'form' => $checkForm);
}
}
// Return the finished form.
return parent::buildForm($form, $form_state);
}
public static function roles()
{
$available_roles = array();
$system_roles = user_roles();
foreach ($system_roles as $system_role) {
$available_roles[$system_role->id()] = $system_role->label();
}
$display_roles = array("#type" => "checkboxes", "#title" => t('Choose roles'), "#options" => $available_roles);
return $display_roles;
}
/**
* {@inheritdoc}
*/
public function buildConfigurationForm(array $form, FormStateInterface $form_state)
{
$form = parent::buildConfigurationForm($form, $form_state);
$options = array_map(function (RoleInterface $role) {
return SafeMarkup::checkPlain($role->label());
}, user_roles());
$form['default'] = array('#type' => 'radios', '#title' => $this->t('Which users should be indexed?'), '#default_value' => $this->configuration['default'], '#options' => array(1 => $this->t('All but those from one of the selected roles'), 0 => $this->t('Only those from the selected roles')));
$form['roles'] = array('#type' => 'select', '#title' => $this->t('Roles'), '#default_value' => array_combine($this->configuration['roles'], $this->configuration['roles']), '#options' => $options, '#size' => min(4, count($options)), '#multiple' => TRUE);
return $form;
}
/**
* Checks that hook_entity_operation_alter() can add an operation.
*
* @see entity_test_entity_operation_alter()
*/
public function testEntityOperationAlter()
{
// Check that role listing contain our test_operation operation.
$this->drupalGet('admin/people/roles');
$roles = user_roles();
foreach ($roles as $role) {
$this->assertLinkByHref($role->url() . '/test_operation');
$this->assertLink(format_string('Test Operation: @label', array('@label' => $role->label())));
}
}
/**
* Define permissions for proxy registrations by role.
*
* @return array
*/
public function eventProxyRolePermissions()
{
$permissions = [];
$permissions['rng register self'] = ['title' => $this->t('Register self'), 'description' => $this->t('Can register the logged-in user.')];
foreach (user_roles(TRUE) as $role) {
$role_id = $role->id();
$t_args = ['%role_name' => $role->label()];
$permissions["rng register role {$role_id}"] = ['title' => $this->t('Register users with role: %role_name', $t_args), 'description' => $this->t('Can register other users with this role.')];
}
return $permissions;
}
/**
* Returns an array of node type permissions.
*
* @return array
*/
public function rolePermissions()
{
$perms = array();
$roles = user_roles(TRUE);
unset($roles[AccountInterface::AUTHENTICATED_ROLE]);
unset($roles['administrator']);
foreach ($roles as $rid => $role) {
$perms["assign {$role->get('id')} role"] = array('title' => $this->t('Assign %role role', array('%role' => $role->label())));
}
return $perms;
}
/**
* Get user roles Assigned by Permission.
*
* @param string $permission_name
* Permission Name.
*
* @return array
* User roles filtered by permission else empty array.
*/
public function getRolesAssignedByPermission($permission_name)
{
$roles = user_roles();
$roles_found = [];
foreach ($roles as $role) {
if ($role->hasPermission($permission_name)) {
$roles_found[] = $role->getOriginalId();
}
}
return $roles_found;
}
public function refreshConsumerIDs()
{
$this->drupalRolesByName = array();
foreach (array_flip(user_roles()) as $role_name => $rid) {
$this->drupalRolesByName[drupal_strtolower($role_name)] = $rid;
}
$this->_availableConsumerIDs = array();
// array_values(user_roles(TRUE));
foreach (array_values(user_roles(TRUE)) as $role_name) {
$this->_availableConsumerIDs[drupal_strtolower($role_name)] = $role_name;
}
}
/**
* Allows the use of custom logic to alter the roles assigned to a user.
*
* Whenever a user's roles are evaluated this hook will be called, allowing
* custom logic to be used to alter or even completely replace the roles
* evaluated.
*
* @param array &$roles
* The roles that have been selected for the current user
* by the role evaluation process, in the format array($rid => $rid)
*/
function hook_simplesamlphp_auth_user_roles_alter(&$roles)
{
global $_simplesamlphp_auth_saml_attributes;
if (isset($_simplesamlphp_auth_saml_attributes['roles'])) {
// The roles provided by the IdP.
$sso_roles = $_simplesamlphp_auth_saml_attributes['roles'];
// Match role names in the saml attributes to local role names.
$user_roles = array_intersect(user_roles(), $sso_roles);
foreach (array_keys($user_roles) as $rid) {
$roles[$rid] = $rid;
}
}
}
/**
* @param crumbs_Container_WildcardDataSorted $weight_keeper
*/
function initWeights($weight_keeper)
{
if ('user' !== $this->entityType) {
return;
}
foreach (user_roles(TRUE) as $rid => $role) {
$weight = $weight_keeper->valueAtKey($role);
if (FALSE !== $weight) {
$this->weights[$rid] = $weight;
}
}
asort($this->weights);
}
/**
* Constructs a Drupal\Component\Plugin\PluginBase object.
*
* @param ResourceInterface $subject
* The decorated object.
* @param RateLimitManager $rate_limit_manager
* Injected rate limit manager.
*/
public function __construct(ResourceInterface $subject, RateLimitManager $rate_limit_manager = NULL)
{
$this->subject = $subject;
$plugin_definition = $subject->getPluginDefinition();
$rate_limit_info = empty($plugin_definition['rateLimit']) ? array() : $plugin_definition['rateLimit'];
if ($limit = variable_get('restful_global_rate_limit', 0)) {
$rate_limit_info['global'] = array('period' => variable_get('restful_global_rate_period', 'P1D'), 'limits' => array());
foreach (user_roles() as $role_name) {
$rate_limit_info['global']['limits'][$role_name] = $limit;
}
}
$this->rateLimitManager = $rate_limit_manager ? $rate_limit_manager : new RateLimitManager($this, $rate_limit_info);
}
public function buildConfigurationForm(array &$form, array &$form_state)
{
$form['status'] = array('#type' => 'radios', '#title' => $this->t('Status'), '#description' => $this->t('Select whether users should be imported active or blocked.'), '#options' => array(0 => $this->t('Blocked'), 1 => $this->t('Active')), '#default_value' => $this->configuration['status']);
$roles = user_roles(TRUE);
unset($roles['authenticated']);
$options = array();
foreach ($roles as $role) {
$options[$role->id()] = $role->label();
}
if ($options) {
$form['roles'] = array('#type' => 'checkboxes', '#title' => $this->t('Additional roles'), '#description' => $this->t('Every user is assigned the "authenticated user" role. Select additional roles here.'), '#default_value' => $this->configuration['roles'], '#options' => $options);
}
$form['defuse_mail'] = array('#type' => 'checkbox', '#title' => $this->t('Defuse e-mail addresses'), '#description' => $this->t('This appends _test to all imported e-mail addresses to ensure they cannot be used as recipients.'), '#default_value' => $this->configuration['defuse_mail']);
}
public function buildRowForm(array $form, FormStateInterface $form_state, $index)
{
$row = array();
$mappings = $this->configuration['profile']->getConsumerMappings();
$role_options = array();
$roles = user_roles(TRUE);
foreach ($roles as $key => $role) {
if ($key != 'authenticated') {
$role_options[$key] = $role->label();
}
}
$row['role'] = array('#type' => 'select', '#title' => t('Role'), '#options' => $role_options, '#default_value' => $mappings[$index]['role'], '#description' => 'Choose the Drupal role to apply to the user.');
return $row;
}
/**
* This constructor will allow the role to be selected either
* via the role id or via the role name.
*/
public function __construct($rid = DRUPAL_ANONYMOUS_RID)
{
$this->roles = user_roles();
if (!is_numeric($rid)) {
$role_name = $rid;
if (in_array($role_name, $this->roles)) {
$rid = array_search($role_name, $this->roles);
}
}
if (isset($this->roles[$rid])) {
$this->rid = $rid;
$this->name = $this->roles[$rid];
} else {
throw new DrushRoleException(dt('Could not find the role: !role', array('!role' => $rid)));
}
}
/**
* @return int Approximate number of bytes of ram required to render the permissions form.
*/
public static function getRequiredMemory($suffix = '')
{
$permission = \Drupal::service('user.permissions');
$permissions_count = count($permission->getPermissions());
$user_roles_count = count(user_roles());
$page_ram_required = 9 * 1024 * 1024;
// Takes ~26kb per row without any checkboxes.
$permission_row_overhead = 27261.028783658;
$permissions_ram_required = $permissions_count * $permission_row_overhead;
// Determined by checking peak ram on permissions page, over several different number of visible roles.
$bytes_per_checkbox = 18924.508820799;
$checkboxes_ram_required = $permissions_count * $user_roles_count * $bytes_per_checkbox;
$output = (int) ($page_ram_required + $permissions_ram_required + $checkboxes_ram_required);
if (!empty($suffix)) {
return $output . $suffix;
}
return $output;
}
static function buildForm(&$form)
{
// we should not build form elements in dashlet mode
if ($form->_section) {
return;
}
// check role based permission
$instanceID = $form->getVar('_id');
if ($instanceID && !CRM_Report_Utils_Report::isInstanceGroupRoleAllowed($instanceID)) {
$url = CRM_Utils_System::url('civicrm/report/list', 'reset=1');
CRM_Core_Error::statusBounce(ts('You do not have permission to access this report.'), $url);
}
$attributes = CRM_Core_DAO::getAttribute('CRM_Report_DAO_Instance');
$form->add('text', 'title', ts('Report Title'), $attributes['title']);
$form->add('text', 'description', ts('Report Description'), $attributes['description']);
$form->add('text', 'email_subject', ts('Subject'), $attributes['email_subject']);
$form->add('text', 'email_to', ts('To'), $attributes['email_to']);
$form->add('text', 'email_cc', ts('CC'), $attributes['email_subject']);
$form->add('textarea', 'report_header', ts('Report Header'), $attributes['header']);
$form->add('textarea', 'report_footer', ts('Report Footer'), $attributes['footer']);
$form->addElement('checkbox', 'is_navigation', ts('Include Report in Navigation Menu?'), NULL, array('onclick' => "return showHideByValue('is_navigation','','navigation_menu','table-row','radio',false);"));
$form->addElement('checkbox', 'addToDashboard', ts('Available for Dashboard?'));
$form->addElement('checkbox', 'is_reserved', ts('Reserved Report?'));
if (!CRM_Core_Permission::check('administer reserved reports')) {
$form->freeze('is_reserved');
}
$config = CRM_Core_Config::singleton();
if ($config->userFramework != 'Joomla' || $config->userFramework != 'WordPress') {
$form->addElement('select', 'permission', ts('Permission'), array('0' => ts('Everyone (includes anonymous)')) + CRM_Core_Permission::basicPermissions());
// prepare user_roles to save as names not as ids
if (function_exists('user_roles')) {
$user_roles_array = user_roles();
foreach ($user_roles_array as $key => $value) {
$user_roles[$value] = $value;
}
$form->addElement('advmultiselect', 'grouprole', ts('ACL Group/Role'), $user_roles, array('size' => 5, 'style' => 'width:240px', 'class' => 'advmultiselect'));
}
}
// navigation field
$parentMenu = CRM_Core_BAO_Navigation::getNavigationList();
$form->add('select', 'parent_id', ts('Parent Menu'), array('' => ts('-- select --')) + $parentMenu);
$form->addButtons(array(array('type' => 'submit', 'name' => ts('Save Report'), 'isDefault' => TRUE), array('type' => 'cancel', 'name' => ts('Cancel'))));
$form->addFormRule(array('CRM_Report_Form_Instance', 'formRule'), $form);
}
public function submitForm(array &$form, FormStateInterface $form_state)
{
$system_roles = user_roles($membersonly = TRUE);
$config_list = array();
foreach ($system_roles as $system_role) {
if ($form_state->getValue($system_role->id()) == 1) {
$config_list[$system_role->id()]['id'] = $system_role->id();
$config_list[$system_role->id()]['default'] = 1;
$config_list[$system_role->id()]['label'] = $system_role->label();
$config_list[$system_role->id()]['needs_approval'] = $form_state->getValue($system_role->id() . "needs_approval");
}
}
$this->config('registration_role_with_approval.settings')->set('profile_roles', $config_list);
$this->config('registration_role_with_approval.settings')->set('mailing_list', $form_state->getValue('mailing_list'));
$this->config('registration_role_with_approval.settings')->set('email_subject', $form_state->getValue('email_subject'));
$this->config('registration_role_with_approval.settings')->set('email_body', $form_state->getValue('email_body'));
$this->config('registration_role_with_approval.settings')->save();
parent::submitForm($form, $form_state);
}
