You are here

class UserModuleStatusAccessControlHandler in Opigno module 8

Same name and namespace in other branches
  1. 3.x src/UserModuleStatusAccessControlHandler.php \Drupal\opigno_module\UserModuleStatusAccessControlHandler

Access controller for the User module status entity.

Hierarchy

Expanded class hierarchy of UserModuleStatusAccessControlHandler

See also

\Drupal\opigno_module\Entity\UserModuleStatus.

File

src/UserModuleStatusAccessControlHandler.php, line 15

Namespace

Drupal\opigno_module
View source
class UserModuleStatusAccessControlHandler extends EntityAccessControlHandler {

  /**
   * {@inheritdoc}
   */
  protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {

    /** @var \Drupal\opigno_module\Entity\UserModuleStatusInterface $entity */

    // Check if user view own results
    if ($entity
      ->getOwnerId() === $account
      ->id() && $account
      ->hasPermission('view own module results') && $operation == 'view' && $entity
      ->isFinished()) {
      return AccessResult::allowed();
    }

    // Get trainings where the current user is a 'student manager' or user has global role 'class manager'.
    $membership_service = \Drupal::service('group.membership_loader');
    $memberships = $membership_service
      ->loadByUser($account, [
      'learning_path-user_manager',
      'opigno_class-class_manager',
    ]);
    $db_connection = \Drupal::service('database');
    $groups_ids = [];
    $owner_check = FALSE;
    foreach ($memberships as $membership) {
      $group = $membership
        ->getGroup();
      $gid = $group
        ->id();
      $members_ids = $db_connection
        ->select('group_content_field_data', 'g_c_f_d')
        ->fields('g_c_f_d', [
        'entity_id',
      ])
        ->condition('gid', $gid)
        ->condition('type', [
        'learning_path-group_membership',
        'opigno_class-group_membership',
        'opigno_course-group_membership',
      ], 'IN')
        ->execute()
        ->fetchCol();
      if (in_array($entity
        ->getOwnerId(), $members_ids)) {
        $owner_check = TRUE;
      }
      if ($group
        ->bundle() == 'opigno_class') {
        $query_class = $db_connection
          ->select('group_content_field_data', 'g_c_f_d')
          ->fields('g_c_f_d', [
          'gid',
        ])
          ->condition('entity_id', $gid)
          ->condition('type', 'group_content_type_27efa0097d858')
          ->execute()
          ->fetchAll();
        foreach ($query_class as $result_ids) {
          $groups_ids[] = $result_ids->gid;
        }
      }
      else {
        $groups_ids[] = $group
          ->id();
      }
    }
    $lp_id = $entity
      ->get('learning_path')
      ->getValue()[0]['target_id'];
    if (in_array($lp_id, $groups_ids) && ($operation == 'view' || $operation == 'update') && $owner_check) {
      return AccessResult::allowed();
    }
    switch ($operation) {
      case 'view':
        if ($account
          ->hasPermission('view module results')) {
          return AccessResult::allowed();
        }
        if (!$entity
          ->isPublished()) {
          return AccessResult::allowedIfHasPermission($account, 'view unpublished user module status entities');
        }
        return AccessResult::allowedIfHasPermission($account, 'view published user module status entities');
      case 'update':
        return AccessResult::allowedIfHasPermission($account, 'edit user module status entities');
      case 'delete':
        return AccessResult::allowedIfHasPermission($account, 'delete user module status entities');
    }

    // Unknown operation, no opinion.
    return AccessResult::neutral();
  }

  /**
   * {@inheritdoc}
   */
  protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
    return AccessResult::allowedIfHasPermission($account, 'add user module status entities');
  }

}

Members

Namesort descending Modifiers Type Description Overrides
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
EntityAccessControlHandler::$accessCache protected property Stores calculated access check results.
EntityAccessControlHandler::$entityType protected property Information about the entity type.
EntityAccessControlHandler::$entityTypeId protected property The entity type ID of the access control handler instance.
EntityAccessControlHandler::$viewLabelOperation protected property Allows to grant access to just the labels. 5
EntityAccessControlHandler::access public function Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface::access 1
EntityAccessControlHandler::checkFieldAccess protected function Default field access as determined by this access control handler. 4
EntityAccessControlHandler::createAccess public function Checks access to create an entity. Overrides EntityAccessControlHandlerInterface::createAccess 1
EntityAccessControlHandler::fieldAccess public function Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface::fieldAccess
EntityAccessControlHandler::getCache protected function Tries to retrieve a previously cached access value from the static cache.
EntityAccessControlHandler::prepareUser protected function Loads the current account object, if it does not exist yet.
EntityAccessControlHandler::processAccessHookResults protected function We grant access to the entity if both of these conditions are met:
EntityAccessControlHandler::resetCache public function Clears all cached access checks. Overrides EntityAccessControlHandlerInterface::resetCache
EntityAccessControlHandler::setCache protected function Statically caches whether the given user has access.
EntityAccessControlHandler::__construct public function Constructs an access control handler instance. 5
EntityHandlerBase::$moduleHandler protected property The module handler to invoke hooks on. 2
EntityHandlerBase::moduleHandler protected function Gets the module handler. 2
EntityHandlerBase::setModuleHandler public function Sets the module handler for this handler.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.
UserModuleStatusAccessControlHandler::checkAccess protected function Performs access checks. Overrides EntityAccessControlHandler::checkAccess
UserModuleStatusAccessControlHandler::checkCreateAccess protected function Performs create access checks. Overrides EntityAccessControlHandler::checkCreateAccess