You are here

Home » API reference » Role Access Control 8

rac_fca.module in Role Access Control 8

Module providing role base access for field collection items.

File

contrib/rac_fca/rac_fca.module
View source 
<?php

/**
 * @file
 * Module providing role base access for field collection items.
 */
use Drupal\field_collection\Entity\FieldCollectionItem;
use Drupal\Core\Session\AccountInterface;
use Drupal\Core\Form\FormStateInterface;

/**
 * Implements hook_field_collection_item_grants().
 */
function rac_fca_field_collection_item_grants($op, AccountInterface $account) {
  $grants = [];
  if ($op === 'view' && ($g = rac_fca_field_collection_item_grants('update', $account))) {
    $grants = $g;
  }
  $access = $op === 'view' ? 1 : 2;
  $userRoles = _rac_get_account_roles($op, $account);
  foreach ($userRoles as $role) {
    $grants["rac_" . $role
      ->id()][] = $access;
  }
  if (count($grants)) {
    return $grants;
  }
}

/**
 * Implements hook_field_collection_item_access_records().
 */
function rac_fca_field_collection_item_access_records(FieldCollectionItem $fci) {
  $entityRoles = _rac_get_entity_reference_roles($fci);
  if (count($entityRoles)) {

    // If we're here, the node has roles associated with it which restrict
    // access to the node.
    $grants = [];
    $roles = user_roles();
    foreach ($entityRoles as $role) {
      if (!isset($roles[$role])) {
        continue;
      }
      $grant = [
        'realm' => "rac_" . $roles[$role]
          ->id(),
        'gid' => 1,
        'grant_view' => 1,
        'grant_update' => 0,
        'grant_delete' => 0,
        'priority' => 0,
      ];
      $grant2 = [
        'realm' => "rac_" . $roles[$role]
          ->id(),
        'gid' => 2,
        'grant_view' => 1,
        'grant_update' => 1,
        'grant_delete' => 1,
        'priority' => 0,
      ];
      $grants[] = $grant;
      $grants[] = $grant2;
    }
    return $grants;
  }
}

/**
 * Implements hook_collection_access_restriction_message_alter().
 */
function rac_fca_field_collection_access_restriction_message_alter($fci, $op, &$message) {
  $entityRoles = _rac_get_entity_reference_roles($fci);
  if (count($entityRoles)) {

    // If entity has roles, then update text to reflex them.
    $message["#markup"] = "Additional Content exists for users with the role(s) " . implode(", ", $entityRoles);
  }
}

/**
 * Implements hook_field_widget_WIDGET_TYPE_form_alter().
 *
 * Restrict values for Entity Reference fields on Field Collections.
 */
function rac_fca_field_widget_field_collection_embed_form_alter(&$element, FormStateInterface $form_state, $context) {
  $entityType = \Drupal::entityTypeManager()
    ->getDefinition("field_collection_item");
  $fieldName = $element["#field_name"];

  // Get entity fields and form data.
  $fields = _rac_get_entity_reference_role_fields($entityType, $fieldName);
  if (!empty($fields)) {

    // Hide values for any role reference fields on this node.
    foreach ($fields as $fieldName) {
      if (isset($element[$fieldName])) {

        // Restrict element Values.
        $field =& $element[$fieldName];
        _rac_restrict_field_values($fieldName, $field);
      }
    }
  }
}

Functions

Namesort descending Description
rac_fca_field_collection_access_restriction_message_alter Implements hook_collection_access_restriction_message_alter().
rac_fca_field_collection_item_access_records Implements hook_field_collection_item_access_records().
rac_fca_field_collection_item_grants Implements hook_field_collection_item_grants().
rac_fca_field_widget_field_collection_embed_form_alter Implements hook_field_widget_WIDGET_TYPE_form_alter().