You are here

Home » API reference » Apigee Edge 8 » TeamPermissionHandler.php » TeamPermissionHandler

public function TeamPermissionHandler::getDeveloperPermissionsByTeam in Apigee Edge 8

Returns team permissions of a developer within a team.

Parameters

\Drupal\apigee_edge_teams\Entity\TeamInterface $team: The team entity, the developer is not necessarily member of the team.

\Drupal\Core\Session\AccountInterface $account: The user entity.

Return value

array Array of team permissions names.

Throws

\Drupal\apigee_edge_teams\Exception\InvalidArgumentException

Overrides TeamPermissionHandlerInterface::getDeveloperPermissionsByTeam

File

modules/apigee_edge_teams/src/TeamPermissionHandler.php, line 146

Class

TeamPermissionHandler
Provides the available team permissions based on yml files.

Namespace

Drupal\apigee_edge_teams

Code

public function getDeveloperPermissionsByTeam(TeamInterface $team, AccountInterface $account) : array {
  if ($account
    ->isAnonymous()) {
    throw new InvalidArgumentException('Anonymous user can not be member of a team.');
  }
  $permissions = [];
  try {
    $developer_team_ids = $this->teamMembershipManager
      ->getTeams($account
      ->getEmail());
  } catch (\Exception $e) {
    $developer_team_ids = [];
  }

  // Only add team membership based permissions to the list if the developer
  // is still member of the team in Apigee Edge.
  if (in_array($team
    ->id(), $developer_team_ids)) {

    /** @var \Drupal\apigee_edge_teams\Entity\TeamRoleInterface $member_role */
    $member_role = $this->entityTypeManager
      ->getStorage('team_role')
      ->load(TeamRoleInterface::TEAM_MEMBER_ROLE);
    $permissions += $member_role
      ->getPermissions();

    /** @var \Drupal\apigee_edge_teams\Entity\TeamMemberRoleInterface|null $dev_team_role */
    $dev_team_role = $this->entityTypeManager
      ->getStorage('team_member_role')
      ->loadByDeveloperAndTeam($account, $team);
    if ($dev_team_role) {
      foreach ($dev_team_role
        ->getTeamRoles() as $role) {
        $permissions = array_merge($permissions, $role
          ->getPermissions());
      }
    }
  }

  // Allow 3rd-party modules to modify a developer's team-level permissions
  // withing a team.
  // WARNING: Alter hooks gets called even if the developer is not member
  // of a team (company) in Apigee Edge. This allows to grant team-level
  // permissions to a developer (Drupal user) to a team without adding it as a
  // member to the team (company) in Apigee Edge. (Ex.: for team management
  // purposes, etc.)
  $this->moduleHandler
    ->alter('apigee_edge_teams_developer_permissions_by_team', $permissions, $team, $account);
  return array_unique($permissions);
}