You are here

Home » API reference » Webform 8.5 » webform_group.module

function webform_group_webform_submission_query_access_alter in Webform 8.5

Same name and namespace in other branches
  1. 6.x modules/webform_group/webform_group.module \webform_group_webform_submission_query_access_alter()

Implements hook_webform_submission_query_access_alter().

File

modules/webform_group/webform_group.module, line 416
Provides a Webform integration with the Group module.

Code

function webform_group_webform_submission_query_access_alter(AlterableInterface $query, array $webform_submission_tables) {

  /** @var \Drupal\Core\Database\Query\SelectInterface $query */
  $operation = $query
    ->getMetaData('op') ?: 'view';
  $account = $query
    ->getMetaData('account') ?: \Drupal::currentUser();

  /** @var \Drupal\webform_group\WebformGroupManagerInterface $webform_group_manager */
  $webform_group_manager = \Drupal::service('webform_group.manager');

  // Get the current group webform.
  $webform = $webform_group_manager
    ->getCurrentGroupWebform();
  if (!$webform) {
    return;
  }

  // Get the current group content (source) entity.
  $group_content = $webform_group_manager
    ->getCurrentGroupContent();
  $source_entity = $group_content
    ->getEntity();

  // Get the current user's group roles for the current group content.
  $current_user_group_roles = $webform_group_manager
    ->getCurrentUserGroupRoles();

  // Get webform's access rules.
  $access_rules = $webform_group_manager
    ->getAccessRules($webform);
  $has_administer_access = array_intersect($access_rules['administer']['group_roles'], $current_user_group_roles);
  $has_any_access = array_intersect($access_rules[$operation . '_any']['group_roles'], $current_user_group_roles);

  // Only check own access if user can administer or access any submissions.
  if (!$has_administer_access && !$has_any_access) {
    $check_own_access = array_intersect($access_rules[$operation . '_own']['group_roles'], $current_user_group_roles);
  }
  else {
    $check_own_access = FALSE;
  }
  if ($has_administer_access || $has_any_access || $check_own_access) {
    foreach ($webform_submission_tables as $table) {

      /** @var \Drupal\Core\Database\Query\SelectInterface $query */
      $and_condition = $query
        ->andConditionGroup();
      $and_condition
        ->condition($table['alias'] . '.webform_id', $webform
        ->id());
      $and_condition
        ->condition($table['alias'] . '.entity_type', $source_entity
        ->getEntityTypeId());
      $and_condition
        ->condition($table['alias'] . '.entity_id', $source_entity
        ->id());
      if ($check_own_access) {
        $and_condition
          ->condition($table['alias'] . '.uid', $account
          ->id());
      }
      $table['condition']
        ->condition($and_condition);
    }
  }
}