You are here

function hook_webform_access_rules in Webform 8.5

Same name and namespace in other branches
  1. 6.x webform.api.php \hook_webform_access_rules()

Supply additional access rules that should be managed on per-webform level.

If your module defines any additional access logic that should be managed on per webform level, this hook is likely to be of use. Provide additional access rules into the webform access system through this hook. Then website administrators can assign appropriate grants to your rules for each webform via admin UI. Whenever you need to check if a user has access to execute a certain operation you should do the following:

\Drupal::entityTypeManager() ->getAccessControlHandler('webform_submission') ->access($webform_submission, $some_operation, $account);

This will return either a positive or a negative result depending on what website administrator has supplied in access settings for the webform in question.

Return value

array Array of metadata about additional access rules to be managed on per webform basis. Keys should be machine names whereas values are sub arrays with the following structure:

  • title: (string) Human friendly title of the rule.
  • description: (array) Renderable array that explains what this access rule stands for. Defaults to an empty array.
  • weight: (int) Sorting order of this access rule. Defaults to 0.
  • roles: (string[]) Array of role IDs that should be granted this access rule by default. Defaults to an empty array.
  • permissions: (string[]) Array of permissions that should be granted this access rule by default. Defaults to an empty array.
1 function implements hook_webform_access_rules()

Note: this list is generated by pattern matching, so it may include some functions that are not actually implementations of this hook.

webform_webform_access_rules in ./webform.module
Implements hook_webform_access_rules().
2 invocations of hook_webform_access_rules()
hook_webform_submission_access in ./webform.api.php
Implements hook_webform_submission_access().
WebformAccessRulesManager::getAccessRulesInfo in src/WebformAccessRulesManager.php
Collect metadata on known access rules.

File

./webform.api.php, line 607
Hooks related to Webform module.

Code

function hook_webform_access_rules() {
  return [
    // A custom operation.
    'some_operation' => [
      'title' => t('Some operation'),
      'weight' => -100,
      'roles' => [
        'authenticated',
      ],
      'permissions' => [
        'some permission',
        'another permission',
      ],
    ],
    // Custom any and own operations using hook_submission_access().
    //
    // - _any: means to grant access to all webform submissions independently
    //   of authorship
    // - _own: means to grant access only if the user requesting access is
    //   the author of the webform submission on which the operation is
    //   being requested.
    //
    // The below 2 operations can be queried together as following:
    //
    // \Drupal::entityTypeManager()
    //   ->getAccessControlHandler('webform_submission')
    //   ->access($webform_submission, 'some_operation', $account);
    //
    // This will return TRUE as long as the $account is has either
    // 'some_operation_any' or has 'some_operation_own' and is author of
    // the $webform_submission.
    //
    // Note, to implement *_own and *_any you will need to implement
    // hook_webform_submission_access().
    //
    // @see hook_webform_submission_access()
    'some_operation_any' => [
      'title' => t('Some operation on ALL webform submissions'),
      'description' => [
        '#markup' => t('Allow users to execute such particular operation on all webform submissions independently of whether they are authors of those submissions.'),
      ],
    ],
    'some_operation_own' => [
      'title' => t('Some operation on own webform submissions'),
    ],
  ];
}