View source
<?php
namespace Drupal\userprotect\Entity;
use Drupal\Component\Plugin\PluginInspectionInterface;
use Drupal\Core\Config\Entity\ConfigEntityBase;
use Drupal\Core\Config\Entity\ConfigEntityInterface;
use Drupal\Core\Entity\EntityWithPluginCollectionInterface;
use Drupal\Core\Entity\EntityStorageInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\user\UserInterface;
use Drupal\userprotect\UserProtect;
use Drupal\userprotect\Plugin\UserProtection\UserProtectionPluginCollection;
class ProtectionRule extends ConfigEntityBase implements ProtectionRuleInterface, EntityWithPluginCollectionInterface {
public $name;
public $label;
public $uuid;
protected $protectedEntityTypeId = 'user_role';
protected $protectedEntityId;
protected $protections = [];
protected $protectionsCollection;
protected $pluginConfigKey = 'protections';
protected $bypassRoles = [];
public function id() {
return $this->name;
}
public function getProtectedEntityTypeId() {
return $this->protectedEntityTypeId;
}
public function setProtectedEntityTypeId($entity_type_id) {
\Drupal::entityTypeManager()
->getDefinition($entity_type_id, TRUE);
$this->protectedEntityTypeId = $entity_type_id;
return $this;
}
public function getProtectedEntity() {
if ($this
->getProtectedEntityId()) {
return \Drupal::entityTypeManager()
->getStorage($this
->getProtectedEntityTypeId())
->load($this
->getProtectedEntityId());
}
}
public function getProtectedEntityId() {
return $this->protectedEntityId;
}
public function setProtectedEntityId($entity_id) {
$this->protectedEntityId = $entity_id;
return $this;
}
public function getProtection($protection) {
return $this
->getProtections()
->get($protection);
}
public function getProtections() {
if (!isset($this->protectionsCollection)) {
$this->protectionsCollection = new UserProtectionPluginCollection(UserProtect::pluginManager(), $this->protections);
}
return $this->protectionsCollection;
}
public function getPluginCollections() {
return [
'protections' => $this
->getProtections(),
];
}
public function setPluginConfig($instance_id, array $configuration) {
$this->protections[$instance_id] = $configuration;
if (isset($this->protectionsCollection)) {
$this->protectionsCollection
->setInstanceConfiguration($instance_id, $configuration);
$this->protectionsCollection
->sort();
}
return $this;
}
public function enableProtection($instance_id) {
$this
->setPluginConfig($instance_id, [
'status' => TRUE,
]);
return $this;
}
public function disableProtection($instance_id) {
$this
->setPluginConfig($instance_id, [
'status' => FALSE,
]);
return $this;
}
public function toArray() {
$properties = parent::toArray();
$names = [
'protections',
'protectedEntityTypeId',
'protectedEntityId',
];
foreach ($names as $name) {
$properties[$name] = $this
->get($name);
}
return $properties;
}
public function calculateDependencies() {
parent::calculateDependencies();
$this
->addDependency('module', 'user');
$protected_entity = $this
->getProtectedEntity();
if ($protected_entity instanceof ConfigEntityInterface) {
$this
->addDependency('config', $protected_entity
->getConfigDependencyName());
}
return $this->dependencies;
}
protected function calculatePluginDependencies(PluginInspectionInterface $instance) {
if (isset($this->protections[$instance
->getPluginId()])) {
parent::calculatePluginDependencies($instance);
}
}
public function getBypassRoles() {
return $this->bypassRoles;
}
public function setBypassRoles(array $roles) {
$this->bypassRoles = $roles;
return $this;
}
public static function postLoad(EntityStorageInterface $storage_controller, array &$entities) {
parent::postLoad($storage_controller, $entities);
foreach ($entities as $entity) {
$permission = $entity
->getPermissionName();
if ($permission) {
$roles = array_keys(user_role_names(FALSE, $permission));
$entity
->setBypassRoles($roles);
}
}
}
public function postSave(EntityStorageInterface $storage_controller, $update = TRUE) {
parent::postSave($storage_controller, $update);
$roles = $this
->getBypassRoles();
$permission = $this
->getPermissionName();
if ($roles && $permission) {
foreach (user_roles() as $rid => $name) {
$enabled = in_array($rid, $roles, TRUE);
user_role_change_permissions($rid, [
$permission => $enabled,
]);
}
}
}
public function getPermissionName() {
return 'userprotect.' . $this
->id() . '.bypass';
}
public function appliesTo(UserInterface $user) {
switch ($this->protectedEntityTypeId) {
case 'user':
return $this->protectedEntityId == $user
->id();
case 'user_role':
return $user
->hasRole($this->protectedEntityId);
}
return FALSE;
}
public function hasProtection($protection) {
if ($this
->getProtections()
->has($protection)) {
return $this
->getProtection($protection)
->isEnabled();
}
return FALSE;
}
public function isProtected(UserInterface $user, $op, AccountInterface $account) {
if (!$this
->appliesTo($user)) {
return FALSE;
}
if ($this
->hasProtection($op)) {
return TRUE;
}
foreach ($this
->getProtections() as $protection) {
if ($protection
->isEnabled()) {
if ($protection
->isProtected($user, $op, $account)) {
return TRUE;
}
}
}
return FALSE;
}
}