Authenticated user can see cases they are a provider for.

2022-01-20 14:48:53 +00:00 · 2022-01-20 14:48:53 +00:00 · 7c3b007ff9
commit 7c3b007ff9
parent f39f4a331d
6 changed files with 4 additions and 21 deletions
--- a/css/opencase.css
+++ b/css/opencase.css
@ -147,14 +147,6 @@ td.views-field {
  font-weight: bold !important;
 }

-/* Styling for grouped views */
-table.views-table.views-view-table caption {
-  text-align: left;
-  margin-bottom: 1em;
-  margin-top: 2em;
-  font-weight: bold;
-}
-
 /* remove "details" accordion, see https://drupal.stackexchange.com/questions/294312/why-has-this-details-accordion-appeared-in-this-view */
 .views-table details {
    display: none;
--- a/modules/opencase_cases/opencase_cases.permissions.yml
+++ b/modules/opencase_cases/opencase_cases.permissions.yml
@ -59,7 +59,3 @@ revert all case fee revisions:
 delete all case fee revisions:
  title: 'Delete all revisions'
  description: 'Role requires permission to <em>view Case Fee revisions</em> and <em>delete rights</em> for case fee entities in question or <em>administer case fee entities</em>.'
-
-permission_callbacks:
-  - \Drupal\opencase_cases\OCCaseFeePermissions::generatePermissions
-  - \Drupal\opencase_cases\OCCaseProvisionPermissions::generatePermissions
--- a/modules/opencase_cases/src/CaseInvolvement.php
+++ b/modules/opencase_cases/src/CaseInvolvement.php
@ -11,8 +11,8 @@ class CaseInvolvement {
  public static function userIsInvolved($account, $case) {
    $actorId = self::getLinkedActorId($account);        
    $query = \Drupal::entityQuery('oc_case_provision')
-    ->condition('provider', $actorId)
-    ->condition('case', $case);
+    ->condition('oc_provider', $actorId)
+    ->condition('oc_case', $case->id());
    $results = $query->execute();
    return !empty($results);
  }
--- a/modules/opencase_cases/src/OCCaseAccessControlHandler.php
+++ b/modules/opencase_cases/src/OCCaseAccessControlHandler.php
@ -32,7 +32,6 @@ class OCCaseAccessControlHandler extends EntityAccessControlHandler {
      case 'update':   // you can edit the case only if a) you can see it and b) you have the permission to edit cases.
        return AccessResult::allowedIf(
            $account->hasPermission('edit case entities')
-            && ($account->hasPermission('view published case entities') || CaseInvolvement::userIsInvolved($account, $entity))
        );
      case 'delete':   // you can delete the case only if a) you can see it and b) you have the permission to delete cases.
        return AccessResult::allowedIf(
--- a/modules/opencase_entities/opencase_entities.permissions.yml
+++ b/modules/opencase_entities/opencase_entities.permissions.yml
@ -1,8 +1,4 @@

-permission_callbacks:
-  - \Drupal\opencase_entities\OCOrganisationPermissions::generatePermissions
-  - \Drupal\opencase_entities\OCEventPermissions::generatePermissions
-  - Drupal\opencase_entities\OpenCaseEntityPermissions::permissions

 view edit delete all actor entities:
  title: 'View/Edit/Delete all types of people'
--- a/modules/opencase_entities/src/OCActivityAccessControlHandler.php
+++ b/modules/opencase_entities/src/OCActivityAccessControlHandler.php
@ -26,12 +26,12 @@ class OCActivityAccessControlHandler extends EntityAccessControlHandler {
        }
        return AccessResult::allowedIf(
            $account->hasPermission('view published case entities')  // activity permissions are inherited from case
-            || $entity->owner()->id() == $account->id(); 
+            || $entity->getOwner()->id() == $account->id()
        );
      case 'update':  // allowed only if a) they can see the case the activity is on and b) they can edit activities
        return AccessResult::allowedIf(
            $account->hasPermission('edit activity entities')  // activity permissions are inherited from case
-            || $entity->owner()->id() == $account->id(); 
+            || $entity->getOwner()->id() == $account->id()
        );
      case 'delete':  // allowed only if a) they can see the case the activity is on and b) they can delete activities
        return AccessResult::allowedIf(