You are here

Home » API reference » Open Social 8.8 » social_group.module

function social_group_block_access in Open Social 8.8

Same name and namespace in other branches
  1. 8.9 modules/social_features/social_group/social_group.module \social_group_block_access()
  2. 8 modules/social_features/social_group/social_group.module \social_group_block_access()
  3. 8.2 modules/social_features/social_group/social_group.module \social_group_block_access()
  4. 8.3 modules/social_features/social_group/social_group.module \social_group_block_access()
  5. 8.4 modules/social_features/social_group/social_group.module \social_group_block_access()
  6. 8.5 modules/social_features/social_group/social_group.module \social_group_block_access()
  7. 8.6 modules/social_features/social_group/social_group.module \social_group_block_access()
  8. 8.7 modules/social_features/social_group/social_group.module \social_group_block_access()
  9. 10.3.x modules/social_features/social_group/social_group.module \social_group_block_access()
  10. 10.0.x modules/social_features/social_group/social_group.module \social_group_block_access()
  11. 10.1.x modules/social_features/social_group/social_group.module \social_group_block_access()
  12. 10.2.x modules/social_features/social_group/social_group.module \social_group_block_access()

Implements hook_block_access().

Check if the user is viewing a closed_group, check if the user is a member. If the user is not a member, the user has no access to view this block.

File

modules/social_features/social_group/social_group.module, line 1336
The Social group module.

Code

function social_group_block_access(Block $block, $operation, AccountInterface $account) {
  $block_id = $block
    ->getPluginId();

  // This is a list of the blocks that this function cares about, if we're being
  // called for a different block we exit early.
  $managed_blocks = [
    'views_exposed_filter_block:newest_groups-page_all_groups',
    'views_block:groups-block_user_groups',
    'views_block:upcoming_events-upcoming_events_group',
    'views_block:latest_topics-group_topics_block',
  ];
  if (!in_array($block_id, $managed_blocks)) {
    return AccessResult::neutral();
  }
  $group = _social_group_get_current_group();
  $user = Drupal::currentUser();

  // Check if there is a group set and if its an closed group.
  if ($group && $group
    ->getGroupType()
    ->id() == 'closed_group' && $account
    ->id() != 1) {
    if ($account
      ->hasPermission('manage all groups')) {
      return AccessResult::neutral();
    }
    elseif (!$group
      ->getMember($user)) {

      // If it is closed and the current user is not an member of this group,
      // then it is not allowed to see these blocks.
      $forbidden_blocks = [
        'views_block:upcoming_events-upcoming_events_group',
        'views_block:latest_topics-group_topics_block',
      ];
      foreach ($forbidden_blocks as $forbidden_block) {
        if ($operation == 'view' && $block
          ->getPluginId() == $forbidden_block) {
          return AccessResult::forbidden();
        }
      }
    }
  }

  // Check if we're alloweed to view the joined groups block.
  if ($operation === 'view' && $block
    ->getPluginId() === 'views_block:groups-block_user_groups') {

    // Here we're going to assume by default access is not granted.
    $groupController = SocialGroupController::create(\Drupal::getContainer());
    $access = $groupController
      ->myGroupAccess($account);

    // If the 'myGroupAccess' returns 'AccessResultNeutral', we have to assume
    // that access must be denied.
    if ($access instanceof AccessResultNeutral) {

      // Return forbidden, since access was not explicitly granted.
      return AccessResult::forbidden();
    }
    return $access;
  }
  return AccessResult::neutral();
}