View source
<?php
namespace Drupal\apigee_edge\Form;
use Drupal\Core\Config\ConfigFactoryInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\Core\Form\ConfigFormBase;
use Drupal\Core\Form\FormStateInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
class ApiProductAccessControlForm extends ConfigFormBase {
protected $entityTypeManager;
public function __construct(ConfigFactoryInterface $config_factory, EntityTypeManagerInterface $entity_type_manager) {
parent::__construct($config_factory);
$this->entityTypeManager = $entity_type_manager;
}
public static function create(ContainerInterface $container) {
return new static($container
->get('config.factory'), $container
->get('entity_type.manager'));
}
protected function getEditableConfigNames() {
return [
'apigee_edge.api_product_settings',
];
}
public function getFormId() {
return 'apigee_edge_api_product_access_control_form';
}
public function buildForm(array $form, FormStateInterface $form_state) {
$role_storage = $this->entityTypeManager
->getStorage('user_role');
$role_names = [];
$roles_with_bypass_perm = [];
$form['access'] = [
'#type' => 'details',
'#title' => $this
->t('Access by visibility'),
'#description' => $this
->t('Limit access to API products by "Access" settings on Apigee Edge.'),
'#open' => TRUE,
'#tree' => TRUE,
];
foreach ($role_storage
->loadMultiple() as $role_name => $role) {
$role_names[$role_name] = $role
->label();
$roles_with_bypass_perm[$role_name] = in_array('bypass api product access control', $role
->getPermissions()) || $role
->isAdmin();
}
$form['access']['role_names'] = [
'#type' => 'value',
'#value' => $role_names,
];
$form['access']['roles_with_bypass'] = [
'#type' => 'value',
'#value' => $roles_with_bypass_perm,
];
$form['access']['visibility'] = [
'#type' => 'table',
'#header' => [
t('Visibility'),
],
'#id' => 'visibility',
'#attributes' => [
'class' => [
'visibility',
'js-visibility',
],
],
'#sticky' => TRUE,
];
foreach ($role_names as $name) {
$form['access']['visibility']['#header'][] = [
'data' => $name,
'class' => [
'checkbox',
],
];
}
$visibilities = [
'public' => $this
->t('Public'),
'private' => $this
->t('Private'),
'internal' => $this
->t('Internal'),
];
$form['access']['visibility']['options'] = [
'#type' => 'value',
'#value' => $visibilities,
];
foreach ($visibilities as $visibility => $label) {
$selected_roles = $this
->config('apigee_edge.api_product_settings')
->get('access')[$visibility] ?? [];
$form['access']['visibility'][$visibility]['name'] = [
'#markup' => $label,
];
foreach ($role_names as $rid => $name) {
$form['access']['visibility'][$visibility][$rid] = [
'#title' => $label,
'#title_display' => 'invisible',
'#wrapper_attributes' => [
'class' => [
'checkbox',
],
],
'#type' => 'checkbox',
'#default_value' => in_array($rid, $selected_roles) ? 1 : 0,
'#attributes' => [
'class' => [
'rid-' . $rid,
'js-rid-' . $rid,
],
],
'#parents' => [
'access',
'visibility',
$rid,
$visibility,
],
];
if ($roles_with_bypass_perm[$rid]) {
$form['access']['visibility'][$visibility][$rid]['#disabled'] = TRUE;
$form['access']['visibility'][$visibility][$rid]['#default_value'] = TRUE;
$form['access']['visibility'][$visibility][$rid]['#attributes']['title'] = $this
->t('This checkbox is disabled because this role has "Bypass API product access control" permission.');
}
}
}
$form['#attached']['library'][] = 'apigee_edge/apiproduct_access_admin';
return parent::buildForm($form, $form_state);
}
public function submitForm(array &$form, FormStateInterface $form_state) {
$rid_product_map = [];
foreach ($form_state
->getValue([
'access',
'role_names',
], []) as $rid => $name) {
if (!$form_state
->getValue([
'access',
'roles_with_bypass',
$rid,
], FALSE)) {
$rid_product_map[$rid] = array_filter($form_state
->getValue([
'access',
'visibility',
$rid,
], []));
}
}
$visibility_rid_map = array_fill_keys(array_keys($form_state
->getValue([
'access',
'visibility',
'options',
])), []);
foreach ($rid_product_map as $rid => $products) {
foreach (array_keys($products) as $product) {
$visibility_rid_map[$product][$rid] = $rid;
}
}
$this
->config('apigee_edge.api_product_settings')
->set('access', $visibility_rid_map)
->save();
parent::submitForm($form, $form_state);
}
}