Added "own cases" permission and access check
Works for when viewing a single case, not for view yet though.
This commit is contained in:
naomi
parent
2a31b1c8ce
commit
351bdb5afd
@ -10,7 +10,8 @@ permissions:
|
||||
- 'add case entities'
|
||||
- 'add client entities'
|
||||
- 'delete activity entities'
|
||||
- 'delete case entities'
|
||||
- 'view own cases'
|
||||
- 'edit own cases'
|
||||
- 'delete client entities'
|
||||
- 'edit client entities'
|
||||
- 'view published client entities'
|
||||
|
||||
@ -78,11 +78,20 @@ edit case entities:
|
||||
title: 'Edit Case entities'
|
||||
|
||||
view published case entities:
|
||||
title: 'View published Case entities'
|
||||
title: 'View all cases'
|
||||
description: 'Even those which they user is not involved in.'
|
||||
|
||||
view unpublished case entities:
|
||||
title: 'View unpublished Case entities'
|
||||
|
||||
view own cases:
|
||||
title: 'View cases they are involved in'
|
||||
description: "Allow to access cases in which the user's linked actor is an involved party."
|
||||
|
||||
edit own cases:
|
||||
title: 'Edit cases they are involved in'
|
||||
description: "Allow to edit cases in which the user's linked actor is an involved party."
|
||||
|
||||
view all case revisions:
|
||||
title: 'View all Case revisions'
|
||||
|
||||
|
||||
16
modules/opencase_entities/src/CaseInvolvement.php
Normal file
16
modules/opencase_entities/src/CaseInvolvement.php
Normal file
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
namespace Drupal\opencase_entities;
|
||||
|
||||
class CaseInvolvement {
|
||||
|
||||
private function getLinkedActorId($userId) {
|
||||
return \Drupal\user\Entity\User::load($userId)->get('field_linked_opencase_actor')->target_id;
|
||||
}
|
||||
|
||||
public function userIsInvolved($account, $case) {
|
||||
$actorId = $this->getLinkedActorId($account->id());
|
||||
$involvedIds = array_column($case->actors_involved->getValue(), 'target_id');
|
||||
return in_array($actorId, $involvedIds);
|
||||
}
|
||||
}
|
||||
@ -6,6 +6,7 @@ use Drupal\Core\Entity\EntityAccessControlHandler;
|
||||
use Drupal\Core\Entity\EntityInterface;
|
||||
use Drupal\Core\Session\AccountInterface;
|
||||
use Drupal\Core\Access\AccessResult;
|
||||
use Drupal\opencase_entities\CaseInvolvement;
|
||||
|
||||
/**
|
||||
* Access controller for the Case entity.
|
||||
@ -24,8 +25,10 @@ class OCCaseAccessControlHandler extends EntityAccessControlHandler {
|
||||
if (!$entity->isPublished()) {
|
||||
return AccessResult::allowedIfHasPermission($account, 'view unpublished case entities');
|
||||
}
|
||||
return AccessResult::allowedIfHasPermission($account, 'view published case entities');
|
||||
|
||||
return AccessResult::allowedIf(
|
||||
$account->hasPermission('view published case entities')
|
||||
|| (new CaseInvolvement())->userIsInvolved($account, $entity)
|
||||
);
|
||||
case 'update':
|
||||
return AccessResult::allowedIfHasPermission($account, 'edit case entities');
|
||||
|
||||
|
||||
Reference in New Issue
Block a user