You are here

class UserSelection in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/user/src/Plugin/EntityReferenceSelection/UserSelection.php \Drupal\user\Plugin\EntityReferenceSelection\UserSelection

Provides specific access control for the user entity type.

Plugin annotation


@EntityReferenceSelection(
  id = "default:user",
  label = @Translation("User selection"),
  entity_types = {"user"},
  group = "default",
  weight = 1
)

Hierarchy

Expanded class hierarchy of UserSelection

File

core/modules/user/src/Plugin/EntityReferenceSelection/UserSelection.php, line 31
Contains \Drupal\user\Plugin\EntityReferenceSelection\UserSelection.

Namespace

Drupal\user\Plugin\EntityReferenceSelection
View source
class UserSelection extends DefaultSelection {

  /**
   * The database connection.
   *
   * @var \Drupal\Core\Database\Connection
   */
  protected $connection;

  /**
   * The user storage.
   *
   * @var \Drupal\user\UserStorageInterface
   */
  protected $userStorage;

  /**
   * Constructs a new UserSelection object.
   *
   * @param array $configuration
   *   A configuration array containing information about the plugin instance.
   * @param string $plugin_id
   *   The plugin_id for the plugin instance.
   * @param mixed $plugin_definition
   *   The plugin implementation definition.
   * @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
   *   The entity manager service.
   * @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
   *   The module handler service.
   * @param \Drupal\Core\Session\AccountInterface $current_user
   *   The current user.
   * @param \Drupal\Core\Database\Connection $connection
   *   The database connection.
   */
  public function __construct(array $configuration, $plugin_id, $plugin_definition, EntityManagerInterface $entity_manager, ModuleHandlerInterface $module_handler, AccountInterface $current_user, Connection $connection) {
    parent::__construct($configuration, $plugin_id, $plugin_definition, $entity_manager, $module_handler, $current_user);
    $this->connection = $connection;
    $this->userStorage = $entity_manager
      ->getStorage('user');
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
    return new static($configuration, $plugin_id, $plugin_definition, $container
      ->get('entity.manager'), $container
      ->get('module_handler'), $container
      ->get('current_user'), $container
      ->get('database'));
  }

  /**
   * {@inheritdoc}
   */
  public function buildConfigurationForm(array $form, FormStateInterface $form_state) {
    $selection_handler_settings = $this->configuration['handler_settings'];

    // Merge in default values.
    $selection_handler_settings += array(
      'filter' => array(
        'type' => '_none',
      ),
      'include_anonymous' => TRUE,
    );
    $form['include_anonymous'] = array(
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Include the anonymous user.'),
      '#default_value' => $selection_handler_settings['include_anonymous'],
    );

    // Add user specific filter options.
    $form['filter']['type'] = array(
      '#type' => 'select',
      '#title' => $this
        ->t('Filter by'),
      '#options' => array(
        '_none' => $this
          ->t('- None -'),
        'role' => $this
          ->t('User role'),
      ),
      '#ajax' => TRUE,
      '#limit_validation_errors' => array(),
      '#default_value' => $selection_handler_settings['filter']['type'],
    );
    $form['filter']['settings'] = array(
      '#type' => 'container',
      '#attributes' => array(
        'class' => array(
          'entity_reference-settings',
        ),
      ),
      '#process' => array(
        array(
          '\\Drupal\\Core\\Field\\Plugin\\Field\\FieldType\\EntityReferenceItem',
          'formProcessMergeParent',
        ),
      ),
    );
    if ($selection_handler_settings['filter']['type'] == 'role') {

      // Merge in default values.
      $selection_handler_settings['filter'] += array(
        'role' => NULL,
      );
      $form['filter']['settings']['role'] = array(
        '#type' => 'checkboxes',
        '#title' => $this
          ->t('Restrict to the selected roles'),
        '#required' => TRUE,
        '#options' => array_diff_key(user_role_names(TRUE), array(
          RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID,
        )),
        '#default_value' => $selection_handler_settings['filter']['role'],
      );
    }
    $form += parent::buildConfigurationForm($form, $form_state);
    return $form;
  }

  /**
   * {@inheritdoc}
   */
  protected function buildEntityQuery($match = NULL, $match_operator = 'CONTAINS') {
    $query = parent::buildEntityQuery($match, $match_operator);

    // The user entity doesn't have a label column.
    if (isset($match)) {
      $query
        ->condition('name', $match, $match_operator);
    }

    // Filter by role.
    $handler_settings = $this->configuration['handler_settings'];
    if (!empty($handler_settings['filter']['role'])) {
      $query
        ->condition('roles', $handler_settings['filter']['role'], 'IN');
    }

    // Adding the permission check is sadly insufficient for users: core
    // requires us to also know about the concept of 'blocked' and 'active'.
    if (!$this->currentUser
      ->hasPermission('administer users')) {
      $query
        ->condition('status', 1);
    }
    return $query;
  }

  /**
   * {@inheritdoc}
   */
  public function createNewEntity($entity_type_id, $bundle, $label, $uid) {
    $user = parent::createNewEntity($entity_type_id, $bundle, $label, $uid);

    // In order to create a referenceable user, it needs to be active.
    if (!$this->currentUser
      ->hasPermission('administer users')) {

      /** @var \Drupal\user\UserInterface $user */
      $user
        ->activate();
    }
    return $user;
  }

  /**
   * {@inheritdoc}
   */
  public function validateReferenceableNewEntities(array $entities) {
    $entities = parent::validateReferenceableNewEntities($entities);

    // Mirror the conditions checked in buildEntityQuery().
    if (!empty($this->configuration['handler_settings']['filter']['role'])) {
      $entities = array_filter($entities, function ($user) {

        /** @var \Drupal\user\UserInterface $user */
        return !empty(array_intersect($user
          ->getRoles(), $this->configuration['handler_settings']['filter']['role']));
      });
    }
    if (!$this->currentUser
      ->hasPermission('administer users')) {
      $entities = array_filter($entities, function ($user) {

        /** @var \Drupal\user\UserInterface $user */
        return $user
          ->isActive();
      });
    }
    return $entities;
  }

  /**
   * {@inheritdoc}
   */
  public function entityQueryAlter(SelectInterface $query) {

    // Bail out early if we do not need to match the Anonymous user.
    $handler_settings = $this->configuration['handler_settings'];
    if (isset($handler_settings['include_anonymous']) && !$handler_settings['include_anonymous']) {
      return;
    }
    if ($this->currentUser
      ->hasPermission('administer users')) {

      // In addition, if the user is administrator, we need to make sure to
      // match the anonymous user, that doesn't actually have a name in the
      // database.
      $conditions =& $query
        ->conditions();
      foreach ($conditions as $key => $condition) {
        if ($key !== '#conjunction' && is_string($condition['field']) && $condition['field'] === 'users_field_data.name') {

          // Remove the condition.
          unset($conditions[$key]);

          // Re-add the condition and a condition on uid = 0 so that we end up
          // with a query in the form:
          // WHERE (name LIKE :name) OR (:anonymous_name LIKE :name AND uid = 0)
          $or = db_or();
          $or
            ->condition($condition['field'], $condition['value'], $condition['operator']);

          // Sadly, the Database layer doesn't allow us to build a condition
          // in the form ':placeholder = :placeholder2', because the 'field'
          // part of a condition is always escaped.
          // As a (cheap) workaround, we separately build a condition with no
          // field, and concatenate the field and the condition separately.
          $value_part = db_and();
          $value_part
            ->condition('anonymous_name', $condition['value'], $condition['operator']);
          $value_part
            ->compile($this->connection, $query);
          $or
            ->condition(db_and()
            ->where(str_replace('anonymous_name', ':anonymous_name', (string) $value_part), $value_part
            ->arguments() + array(
            ':anonymous_name' => \Drupal::config('user.settings')
              ->get('anonymous'),
          ))
            ->condition('base_table.uid', 0));
          $query
            ->condition($or);
        }
      }
    }
  }

}

Members

Namesort descending Modifiers Type Description Overrides
DefaultSelection::$currentUser protected property The current user.
DefaultSelection::$entityManager protected property The entity manager.
DefaultSelection::$moduleHandler protected property The module handler service.
DefaultSelection::countReferenceableEntities public function Counts entities that are referenceable. Overrides SelectionInterface::countReferenceableEntities 1
DefaultSelection::elementValidateFilter public static function Form element validation handler; Filters the #value property of an element.
DefaultSelection::getReferenceableEntities public function Gets the list of referenceable entities. Overrides SelectionInterface::getReferenceableEntities 2
DefaultSelection::reAlterQuery protected function Helper method: Passes a query to the alteration system again.
DefaultSelection::submitConfigurationForm public function Form submission handler. Overrides PluginFormInterface::submitConfigurationForm
DefaultSelection::validateConfigurationForm public function Form validation handler. Overrides PluginFormInterface::validateConfigurationForm
DefaultSelection::validateReferenceableEntities public function Validates which existing entities can be referenced. Overrides SelectionInterface::validateReferenceableEntities
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
PluginBase::$configuration protected property Configuration information passed into the plugin. 2
PluginBase::$pluginDefinition protected property The plugin implementation definition.
PluginBase::$pluginId protected property The plugin_id.
PluginBase::DERIVATIVE_SEPARATOR constant A string which is used to separate base plugin IDs from the derivative ID.
PluginBase::getBaseId public function Gets the base_plugin_id of the plugin instance. Overrides DerivativeInspectionInterface::getBaseId
PluginBase::getDerivativeId public function Gets the derivative_id of the plugin instance. Overrides DerivativeInspectionInterface::getDerivativeId
PluginBase::getPluginDefinition public function Gets the definition of the plugin implementation. Overrides PluginInspectionInterface::getPluginDefinition
PluginBase::getPluginId public function Gets the plugin_id of the plugin instance. Overrides PluginInspectionInterface::getPluginId
StringTranslationTrait::$stringTranslation protected property The string translation service.
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.
UserSelection::$connection protected property The database connection.
UserSelection::$userStorage protected property The user storage.
UserSelection::buildConfigurationForm public function Form constructor. Overrides DefaultSelection::buildConfigurationForm
UserSelection::buildEntityQuery protected function Builds an EntityQuery to get referenceable entities. Overrides DefaultSelection::buildEntityQuery
UserSelection::create public static function Creates an instance of the plugin. Overrides DefaultSelection::create
UserSelection::createNewEntity public function Creates a new entity object that can be used as a valid reference. Overrides DefaultSelection::createNewEntity
UserSelection::entityQueryAlter public function Allows the selection to alter the SelectQuery generated by EntityFieldQuery. Overrides DefaultSelection::entityQueryAlter
UserSelection::validateReferenceableNewEntities public function Validates which newly created entities can be referenced. Overrides DefaultSelection::validateReferenceableNewEntities
UserSelection::__construct public function Constructs a new UserSelection object. Overrides DefaultSelection::__construct