You are here

Home » API reference » Paranoia 8 » paranoia.module

function paranoia_form_user_form_alter in Paranoia 8

Implements hook_form_FORM_ID_alter().

File

./paranoia.module, line 100
Disables PHP block visibility permission and gives status error if a role has this permission. Disables the PHP module. Hides the PHP and paranoia modules from the modules page. Prevents user/1 editing which could give access to abitrary contrib…

Code

function paranoia_form_user_form_alter(&$form, FormStateInterface $form_state) {
  $user_id = $form_state
    ->getBuildInfo()['callback_object']
    ->getEntity()
    ->id();
  if ($user_id == 1) {
    $user = \Drupal::currentUser();

    // Allow user/1 to edit own details.
    if ($user
      ->id() != 1) {
      \Drupal::messenger()
        ->addWarning(t('You must log in as this user (user/1) to modify the name, email address, and password for this account.'));
      $form['account']['name']['#access'] = FALSE;
      $form['account']['mail']['#access'] = FALSE;
      $form['account']['pass']['#access'] = FALSE;
      $form['account']['current_pass']['#access'] = FALSE;
    }
  }
}