You are here

class ProtectionRule in User protect 8

Defines the Protection rule entity.

Plugin annotation


@ConfigEntityType(
  id = "userprotect_rule",
  label = @Translation("Protection rule"),
  handlers = {
    "storage" = "Drupal\Core\Config\Entity\ConfigEntityStorage",
    "list_builder" = "Drupal\userprotect\Controller\ProtectionRuleListBuilder",
    "form" = {
      "add" = "Drupal\userprotect\Form\ProtectionRuleAddForm",
      "edit" = "Drupal\userprotect\Form\ProtectionRuleEditForm",
      "delete" = "Drupal\userprotect\Form\ProtectionRuleDeleteForm"
    },
  },
  admin_permission = "userprotect.administer",
  config_prefix = "rule",
  entity_keys = {
    "id" = "name",
    "label" = "label",
    "uuid" = "uuid"
  },
  config_export = {
    "name",
    "label",
    "uuid",
    "protectedEntityTypeId",
    "protectedEntityId",
    "protections"
  },
  links = {
    "edit-form" = "/admin/config/people/userprotect/manage/{userprotect_rule}",
    "delete-form" = "/admin/config/people/userprotect/manage/{userprotect_rule}/delete"
  }
)

Hierarchy

Expanded class hierarchy of ProtectionRule

4 files declare their use of ProtectionRule
ProtectionRuleCrudTest.php in tests/src/Functional/ProtectionRuleCrudTest.php
ProtectionRuleUnitTest.php in tests/src/Kernel/Entity/ProtectionRuleUnitTest.php
RoleDelegationIntegrationTest.php in tests/src/Functional/RoleDelegation/RoleDelegationIntegrationTest.php
UserProtectCreationTrait.php in tests/src/Traits/UserProtectCreationTrait.php

File

src/Entity/ProtectionRule.php, line 51

Namespace

Drupal\userprotect\Entity
View source
class ProtectionRule extends ConfigEntityBase implements ProtectionRuleInterface, EntityWithPluginCollectionInterface {

  /**
   * The name of the protection rule.
   *
   * @var string
   */
  public $name;

  /**
   * The protection rule label.
   *
   * @var string
   */
  public $label;

  /**
   * The protection rule UUID.
   *
   * @var string
   */
  public $uuid;

  /**
   * The entity type the protection applies for.
   *
   * Can be "user" or "user_role".
   *
   * @var string
   */
  protected $protectedEntityTypeId = 'user_role';

  /**
   * The entity ID the protection applies for.
   *
   * @var string|int
   *   The identifier of the protected entity.
   */
  protected $protectedEntityId;

  /**
   * The elements that are protected by this rule.
   *
   * @var array
   */
  protected $protections = [];

  /**
   * Holds the collection of protections that are used by this protection rule.
   *
   * @var \Drupal\userprotect\Plugin\UserProtection\UserProtectionPluginCollection
   */
  protected $protectionsCollection;

  /**
   * {@inheritdoc}
   */
  protected $pluginConfigKey = 'protections';

  /**
   * List of user role IDs to that may bypass this protection rule.
   *
   * This property is saved as user permissions.
   *
   * @var array
   */
  protected $bypassRoles = [];

  /**
   * Overrides Drupal\Core\Entity\Entity::id().
   */
  public function id() {
    return $this->name;
  }

  /**
   * {@inheritdoc}
   */
  public function getProtectedEntityTypeId() {
    return $this->protectedEntityTypeId;
  }

  /**
   * {@inheritdoc}
   */
  public function setProtectedEntityTypeId($entity_type_id) {

    // Check if given entity type exists. An InvalidArgumentException will be
    // thrown if not.
    \Drupal::entityTypeManager()
      ->getDefinition($entity_type_id, TRUE);
    $this->protectedEntityTypeId = $entity_type_id;
    return $this;
  }

  /**
   * {@inheritdoc}
   */
  public function getProtectedEntity() {
    if ($this
      ->getProtectedEntityId()) {
      return \Drupal::entityTypeManager()
        ->getStorage($this
        ->getProtectedEntityTypeId())
        ->load($this
        ->getProtectedEntityId());
    }
  }

  /**
   * {@inheritdoc}
   */
  public function getProtectedEntityId() {
    return $this->protectedEntityId;
  }

  /**
   * {@inheritdoc}
   */
  public function setProtectedEntityId($entity_id) {
    $this->protectedEntityId = $entity_id;
    return $this;
  }

  /**
   * {@inheritdoc}
   */
  public function getProtection($protection) {
    return $this
      ->getProtections()
      ->get($protection);
  }

  /**
   * {@inheritdoc}
   */
  public function getProtections() {
    if (!isset($this->protectionsCollection)) {
      $this->protectionsCollection = new UserProtectionPluginCollection(UserProtect::pluginManager(), $this->protections);
    }
    return $this->protectionsCollection;
  }

  /**
   * {@inheritdoc}
   */
  public function getPluginCollections() {
    return [
      'protections' => $this
        ->getProtections(),
    ];
  }

  /**
   * {@inheritdoc}
   */
  public function setPluginConfig($instance_id, array $configuration) {
    $this->protections[$instance_id] = $configuration;
    if (isset($this->protectionsCollection)) {
      $this->protectionsCollection
        ->setInstanceConfiguration($instance_id, $configuration);
      $this->protectionsCollection
        ->sort();
    }
    return $this;
  }

  /**
   * {@inheritdoc}
   */
  public function enableProtection($instance_id) {
    $this
      ->setPluginConfig($instance_id, [
      'status' => TRUE,
    ]);
    return $this;
  }

  /**
   * {@inheritdoc}
   */
  public function disableProtection($instance_id) {
    $this
      ->setPluginConfig($instance_id, [
      'status' => FALSE,
    ]);
    return $this;
  }

  /**
   * {@inheritdoc}
   */
  public function toArray() {
    $properties = parent::toArray();
    $names = [
      'protections',
      'protectedEntityTypeId',
      'protectedEntityId',
    ];
    foreach ($names as $name) {
      $properties[$name] = $this
        ->get($name);
    }
    return $properties;
  }

  /**
   * Overrides ConfigEntityBase::calculateDependencies().
   */
  public function calculateDependencies() {
    parent::calculateDependencies();

    // Always add a dependency on the user module.
    $this
      ->addDependency('module', 'user');

    // Add a dependency on an user role in case this protection rule protects
    // an user role.
    $protected_entity = $this
      ->getProtectedEntity();
    if ($protected_entity instanceof ConfigEntityInterface) {
      $this
        ->addDependency('config', $protected_entity
        ->getConfigDependencyName());
    }
    return $this->dependencies;
  }

  /**
   * {@inheritdoc}
   */
  protected function calculatePluginDependencies(PluginInspectionInterface $instance) {

    // Only add dependencies for plugins that are enabled.
    // @see \Drupal\userprotect\Plugin\UserProtection\UserProtectionPluginCollection::getConfiguration()
    if (isset($this->protections[$instance
      ->getPluginId()])) {
      parent::calculatePluginDependencies($instance);
    }
  }

  /**
   * {@inheritdoc}
   */
  public function getBypassRoles() {
    return $this->bypassRoles;
  }

  /**
   * {@inheritdoc}
   */
  public function setBypassRoles(array $roles) {
    $this->bypassRoles = $roles;
    return $this;
  }

  /**
   * {@inheritdoc}
   */
  public static function postLoad(EntityStorageInterface $storage_controller, array &$entities) {
    parent::postLoad($storage_controller, $entities);
    foreach ($entities as $entity) {
      $permission = $entity
        ->getPermissionName();
      if ($permission) {
        $roles = array_keys(user_role_names(FALSE, $permission));
        $entity
          ->setBypassRoles($roles);
      }
    }
  }

  /**
   * {@inheritdoc}
   */
  public function postSave(EntityStorageInterface $storage_controller, $update = TRUE) {
    parent::postSave($storage_controller, $update);

    // Set bypass permissions.
    $roles = $this
      ->getBypassRoles();
    $permission = $this
      ->getPermissionName();
    if ($roles && $permission) {
      foreach (user_roles() as $rid => $name) {
        $enabled = in_array($rid, $roles, TRUE);
        user_role_change_permissions($rid, [
          $permission => $enabled,
        ]);
      }
    }
  }

  /**
   * {@inheritdoc}
   */
  public function getPermissionName() {
    return 'userprotect.' . $this
      ->id() . '.bypass';
  }

  /**
   * {@inheritdoc}
   */
  public function appliesTo(UserInterface $user) {
    switch ($this->protectedEntityTypeId) {
      case 'user':
        return $this->protectedEntityId == $user
          ->id();
      case 'user_role':
        return $user
          ->hasRole($this->protectedEntityId);
    }
    return FALSE;
  }

  /**
   * {@inheritdoc}
   */
  public function hasProtection($protection) {
    if ($this
      ->getProtections()
      ->has($protection)) {
      return $this
        ->getProtection($protection)
        ->isEnabled();
    }
    return FALSE;
  }

  /**
   * {@inheritdoc}
   */
  public function isProtected(UserInterface $user, $op, AccountInterface $account) {

    // First check if this protection rule is applyable to the given user.
    if (!$this
      ->appliesTo($user)) {

      // Not applyable. The operation is not protected by this rule.
      return FALSE;
    }

    // Check if the asked operation is equal to a protection plugin name
    // and if so, check if that protection plugin is enabled for this
    // rule.
    if ($this
      ->hasProtection($op)) {

      // Protection enabled. The operation is protected by this rule.
      return TRUE;
    }
    foreach ($this
      ->getProtections() as $protection) {
      if ($protection
        ->isEnabled()) {
        if ($protection
          ->isProtected($user, $op, $account)) {

          // The plugin says the operation is not permitted.
          return TRUE;
        }
      }
    }

    // In all other cases, the operation is not protected by this rule.
    return FALSE;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
CacheableDependencyTrait::$cacheContexts protected property Cache contexts.
CacheableDependencyTrait::$cacheMaxAge protected property Cache max-age.
CacheableDependencyTrait::$cacheTags protected property Cache tags.
CacheableDependencyTrait::setCacheability protected function Sets cacheability; useful for value object constructors.
ConfigEntityBase::$isUninstalling private property Whether the config is being deleted by the uninstall process.
ConfigEntityBase::$langcode protected property The language code of the entity's default language.
ConfigEntityBase::$originalId protected property The original ID of the configuration entity.
ConfigEntityBase::$status protected property The enabled/disabled status of the configuration entity. 4
ConfigEntityBase::$third_party_settings protected property Third party entity settings.
ConfigEntityBase::$trustedData protected property Trust supplied data and not use configuration schema on save.
ConfigEntityBase::$_core protected property Information maintained by Drupal core about configuration.
ConfigEntityBase::addDependency protected function Overrides \Drupal\Core\Entity\DependencyTrait:addDependency().
ConfigEntityBase::createDuplicate public function Creates a duplicate of the entity. Overrides EntityBase::createDuplicate 1
ConfigEntityBase::disable public function Disables the configuration entity. Overrides ConfigEntityInterface::disable 1
ConfigEntityBase::enable public function Enables the configuration entity. Overrides ConfigEntityInterface::enable
ConfigEntityBase::get public function Returns the value of a property. Overrides ConfigEntityInterface::get
ConfigEntityBase::getCacheTagsToInvalidate public function Returns the cache tags that should be used to invalidate caches. Overrides EntityBase::getCacheTagsToInvalidate 1
ConfigEntityBase::getConfigDependencyName public function Gets the configuration dependency name. Overrides EntityBase::getConfigDependencyName
ConfigEntityBase::getConfigManager protected static function Gets the configuration manager.
ConfigEntityBase::getConfigTarget public function Gets the configuration target identifier for the entity. Overrides EntityBase::getConfigTarget
ConfigEntityBase::getDependencies public function Gets the configuration dependencies. Overrides ConfigEntityInterface::getDependencies
ConfigEntityBase::getOriginalId public function Gets the original ID. Overrides EntityBase::getOriginalId
ConfigEntityBase::getThirdPartyProviders public function Gets the list of third parties that store information. Overrides ThirdPartySettingsInterface::getThirdPartyProviders
ConfigEntityBase::getThirdPartySetting public function Gets the value of a third-party setting. Overrides ThirdPartySettingsInterface::getThirdPartySetting
ConfigEntityBase::getThirdPartySettings public function Gets all third-party settings of a given module. Overrides ThirdPartySettingsInterface::getThirdPartySettings
ConfigEntityBase::getTypedConfig protected function Gets the typed config manager.
ConfigEntityBase::hasTrustedData public function Gets whether on not the data is trusted. Overrides ConfigEntityInterface::hasTrustedData
ConfigEntityBase::invalidateTagsOnDelete protected static function Override to never invalidate the individual entities' cache tags; the config system already invalidates them. Overrides EntityBase::invalidateTagsOnDelete
ConfigEntityBase::invalidateTagsOnSave protected function Override to never invalidate the entity's cache tag; the config system already invalidates it. Overrides EntityBase::invalidateTagsOnSave
ConfigEntityBase::isInstallable public function Checks whether this entity is installable. Overrides ConfigEntityInterface::isInstallable 2
ConfigEntityBase::isNew public function Overrides Entity::isNew(). Overrides EntityBase::isNew
ConfigEntityBase::isUninstalling public function Returns whether this entity is being changed during the uninstall process. Overrides ConfigEntityInterface::isUninstalling
ConfigEntityBase::link public function Deprecated way of generating a link to the entity. See toLink(). Overrides EntityBase::link
ConfigEntityBase::onDependencyRemoval public function Informs the entity that entities it depends on will be deleted. Overrides ConfigEntityInterface::onDependencyRemoval 7
ConfigEntityBase::preDelete public static function Acts on entities before they are deleted and before hooks are invoked. Overrides EntityBase::preDelete 8
ConfigEntityBase::preSave public function Acts on an entity before the presave hook is invoked. Overrides EntityBase::preSave 13
ConfigEntityBase::save public function Saves an entity permanently. Overrides EntityBase::save 1
ConfigEntityBase::set public function Sets the value of a property. Overrides ConfigEntityInterface::set
ConfigEntityBase::setOriginalId public function Sets the original ID. Overrides EntityBase::setOriginalId
ConfigEntityBase::setStatus public function Sets the status of the configuration entity. Overrides ConfigEntityInterface::setStatus
ConfigEntityBase::setThirdPartySetting public function Sets the value of a third-party setting. Overrides ThirdPartySettingsInterface::setThirdPartySetting
ConfigEntityBase::setUninstalling public function
ConfigEntityBase::sort public static function Helper callback for uasort() to sort configuration entities by weight and label. 6
ConfigEntityBase::status public function Returns whether the configuration entity is enabled. Overrides ConfigEntityInterface::status 4
ConfigEntityBase::toUrl public function Gets the URL object for the entity. Overrides EntityBase::toUrl
ConfigEntityBase::trustData public function Sets that the data should be trusted. Overrides ConfigEntityInterface::trustData
ConfigEntityBase::unsetThirdPartySetting public function Unsets a third-party setting. Overrides ThirdPartySettingsInterface::unsetThirdPartySetting
ConfigEntityBase::url public function Gets the public URL for this entity. Overrides EntityBase::url
ConfigEntityBase::urlInfo public function Gets the URL object for the entity. Overrides EntityBase::urlInfo
ConfigEntityBase::__construct public function Constructs an Entity object. Overrides EntityBase::__construct 10
ConfigEntityBase::__sleep public function Overrides EntityBase::__sleep 4
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function Aliased as: traitSleep 1
DependencySerializationTrait::__wakeup public function 2
DependencyTrait::$dependencies protected property The object's dependencies.
DependencyTrait::addDependencies protected function Adds multiple dependencies.
DependencyTrait::addDependency protected function Adds a dependency. Aliased as: addDependencyTrait
EntityBase::$enforceIsNew protected property Boolean indicating whether the entity should be forced to be new.
EntityBase::$entityTypeId protected property The entity type.
EntityBase::$typedData protected property A typed data object wrapping this entity.
EntityBase::access public function Checks data value access. Overrides AccessibleInterface::access 1
EntityBase::bundle public function Gets the bundle of the entity. Overrides EntityInterface::bundle 1
EntityBase::create public static function Constructs a new entity object, without permanently saving it. Overrides EntityInterface::create
EntityBase::delete public function Deletes an entity permanently. Overrides EntityInterface::delete 2
EntityBase::enforceIsNew public function Enforces an entity to be new. Overrides EntityInterface::enforceIsNew
EntityBase::entityManager Deprecated protected function Gets the entity manager.
EntityBase::entityTypeBundleInfo protected function Gets the entity type bundle info service.
EntityBase::entityTypeManager protected function Gets the entity type manager.
EntityBase::getCacheContexts public function The cache contexts associated with this object. Overrides CacheableDependencyTrait::getCacheContexts
EntityBase::getCacheMaxAge public function The maximum age for which this object may be cached. Overrides CacheableDependencyTrait::getCacheMaxAge
EntityBase::getCacheTags public function The cache tags associated with this object. Overrides CacheableDependencyTrait::getCacheTags
EntityBase::getConfigDependencyKey public function Gets the key that is used to store configuration dependencies. Overrides EntityInterface::getConfigDependencyKey
EntityBase::getEntityType public function Gets the entity type definition. Overrides EntityInterface::getEntityType
EntityBase::getEntityTypeId public function Gets the ID of the type of the entity. Overrides EntityInterface::getEntityTypeId
EntityBase::getListCacheTagsToInvalidate protected function The list cache tags to invalidate for this entity.
EntityBase::getTypedData public function Gets a typed data object for this entity object. Overrides EntityInterface::getTypedData
EntityBase::hasLinkTemplate public function Indicates if a link template exists for a given key. Overrides EntityInterface::hasLinkTemplate
EntityBase::label public function Gets the label of the entity. Overrides EntityInterface::label 6
EntityBase::language public function Gets the language of the entity. Overrides EntityInterface::language 1
EntityBase::languageManager protected function Gets the language manager.
EntityBase::linkTemplates protected function Gets an array link templates. 1
EntityBase::load public static function Loads an entity. Overrides EntityInterface::load
EntityBase::loadMultiple public static function Loads one or more entities. Overrides EntityInterface::loadMultiple
EntityBase::postCreate public function Acts on a created entity before hooks are invoked. Overrides EntityInterface::postCreate 4
EntityBase::postDelete public static function Acts on deleted entities before the delete hook is invoked. Overrides EntityInterface::postDelete 16
EntityBase::preCreate public static function Changes the values of an entity before it is created. Overrides EntityInterface::preCreate 5
EntityBase::referencedEntities public function Gets a list of entities referenced by this entity. Overrides EntityInterface::referencedEntities 1
EntityBase::toLink public function Generates the HTML for a link to this entity. Overrides EntityInterface::toLink
EntityBase::uriRelationships public function Gets a list of URI relationships supported by this entity. Overrides EntityInterface::uriRelationships
EntityBase::urlRouteParameters protected function Gets an array of placeholders for this entity. 2
EntityBase::uuid public function Gets the entity UUID (Universally Unique Identifier). Overrides EntityInterface::uuid 1
EntityBase::uuidGenerator protected function Gets the UUID generator.
PluginDependencyTrait::getPluginDependencies protected function Calculates and returns dependencies of a specific plugin instance.
PluginDependencyTrait::moduleHandler protected function Wraps the module handler. 1
PluginDependencyTrait::themeHandler protected function Wraps the theme handler. 1
ProtectionRule::$bypassRoles protected property List of user role IDs to that may bypass this protection rule.
ProtectionRule::$label public property The protection rule label.
ProtectionRule::$name public property The name of the protection rule.
ProtectionRule::$pluginConfigKey protected property
ProtectionRule::$protectedEntityId protected property The entity ID the protection applies for.
ProtectionRule::$protectedEntityTypeId protected property The entity type the protection applies for.
ProtectionRule::$protections protected property The elements that are protected by this rule.
ProtectionRule::$protectionsCollection protected property Holds the collection of protections that are used by this protection rule.
ProtectionRule::$uuid public property The protection rule UUID. Overrides ConfigEntityBase::$uuid
ProtectionRule::appliesTo public function Returns if this rule applies to the given user. Overrides ProtectionRuleInterface::appliesTo
ProtectionRule::calculateDependencies public function Overrides ConfigEntityBase::calculateDependencies(). Overrides ConfigEntityBase::calculateDependencies
ProtectionRule::calculatePluginDependencies protected function Calculates and adds dependencies of a specific plugin instance. Overrides PluginDependencyTrait::calculatePluginDependencies
ProtectionRule::disableProtection public function Disables a certain protection. Overrides ProtectionRuleInterface::disableProtection
ProtectionRule::enableProtection public function Enables a certain protection. Overrides ProtectionRuleInterface::enableProtection
ProtectionRule::getBypassRoles public function Returns a list of roles that may bypass this protection rule. Overrides ProtectionRuleInterface::getBypassRoles
ProtectionRule::getPermissionName public function Returns the name of the permission to bypass the protection rule. Overrides ProtectionRuleInterface::getPermissionName
ProtectionRule::getPluginCollections public function Gets the plugin collections used by this object. Overrides ObjectWithPluginCollectionInterface::getPluginCollections
ProtectionRule::getProtectedEntity public function Gets the protected entity. Overrides ProtectionRuleInterface::getProtectedEntity
ProtectionRule::getProtectedEntityId public function Gets the protected entity id. Overrides ProtectionRuleInterface::getProtectedEntityId
ProtectionRule::getProtectedEntityTypeId public function Gets the protected entity type id. Overrides ProtectionRuleInterface::getProtectedEntityTypeId
ProtectionRule::getProtection public function Returns a specific user protection. Overrides ProtectionRuleInterface::getProtection
ProtectionRule::getProtections public function Returns the user protections for this protection rule. Overrides ProtectionRuleInterface::getProtections
ProtectionRule::hasProtection public function Returns if the given protection is enabled on this rule. Overrides ProtectionRuleInterface::hasProtection
ProtectionRule::id public function Overrides Drupal\Core\Entity\Entity::id(). Overrides EntityBase::id
ProtectionRule::isProtected public function Checks if a given operation on an user should be protected. Overrides ProtectionRuleInterface::isProtected
ProtectionRule::postLoad public static function Acts on loaded entities. Overrides EntityBase::postLoad
ProtectionRule::postSave public function Acts on a saved entity before the insert or update hook is invoked. Overrides EntityBase::postSave
ProtectionRule::setBypassRoles public function Sets the list of roles that may bypass this protection rule. Overrides ProtectionRuleInterface::setBypassRoles
ProtectionRule::setPluginConfig public function Sets the configuration for a user protection plugin instance. Overrides ProtectionRuleInterface::setPluginConfig
ProtectionRule::setProtectedEntityId public function Gets the protected entity id. Overrides ProtectionRuleInterface::setProtectedEntityId
ProtectionRule::setProtectedEntityTypeId public function Sets the protected entity type id. Overrides ProtectionRuleInterface::setProtectedEntityTypeId
ProtectionRule::toArray public function Gets an array of all property values. Overrides ConfigEntityBase::toArray
RefinableCacheableDependencyTrait::addCacheableDependency public function 1
RefinableCacheableDependencyTrait::addCacheContexts public function
RefinableCacheableDependencyTrait::addCacheTags public function
RefinableCacheableDependencyTrait::mergeCacheMaxAge public function
SynchronizableEntityTrait::$isSyncing protected property Whether this entity is being created, updated or deleted through a synchronization process.
SynchronizableEntityTrait::isSyncing public function
SynchronizableEntityTrait::setSyncing public function