Authenticated user can see cases they are a provider for.

This commit is contained in:
naomi 2022-01-20 14:48:53 +00:00
parent f39f4a331d
commit 7c3b007ff9
6 changed files with 4 additions and 21 deletions

View File

@ -147,14 +147,6 @@ td.views-field {
font-weight: bold !important; font-weight: bold !important;
} }
/* Styling for grouped views */
table.views-table.views-view-table caption {
text-align: left;
margin-bottom: 1em;
margin-top: 2em;
font-weight: bold;
}
/* remove "details" accordion, see https://drupal.stackexchange.com/questions/294312/why-has-this-details-accordion-appeared-in-this-view */ /* remove "details" accordion, see https://drupal.stackexchange.com/questions/294312/why-has-this-details-accordion-appeared-in-this-view */
.views-table details { .views-table details {
display: none; display: none;

View File

@ -59,7 +59,3 @@ revert all case fee revisions:
delete all case fee revisions: delete all case fee revisions:
title: 'Delete all revisions' title: 'Delete all revisions'
description: 'Role requires permission to <em>view Case Fee revisions</em> and <em>delete rights</em> for case fee entities in question or <em>administer case fee entities</em>.' description: 'Role requires permission to <em>view Case Fee revisions</em> and <em>delete rights</em> for case fee entities in question or <em>administer case fee entities</em>.'
permission_callbacks:
- \Drupal\opencase_cases\OCCaseFeePermissions::generatePermissions
- \Drupal\opencase_cases\OCCaseProvisionPermissions::generatePermissions

View File

@ -11,8 +11,8 @@ class CaseInvolvement {
public static function userIsInvolved($account, $case) { public static function userIsInvolved($account, $case) {
$actorId = self::getLinkedActorId($account); $actorId = self::getLinkedActorId($account);
$query = \Drupal::entityQuery('oc_case_provision') $query = \Drupal::entityQuery('oc_case_provision')
->condition('provider', $actorId) ->condition('oc_provider', $actorId)
->condition('case', $case); ->condition('oc_case', $case->id());
$results = $query->execute(); $results = $query->execute();
return !empty($results); return !empty($results);
} }

View File

@ -32,7 +32,6 @@ class OCCaseAccessControlHandler extends EntityAccessControlHandler {
case 'update': // you can edit the case only if a) you can see it and b) you have the permission to edit cases. case 'update': // you can edit the case only if a) you can see it and b) you have the permission to edit cases.
return AccessResult::allowedIf( return AccessResult::allowedIf(
$account->hasPermission('edit case entities') $account->hasPermission('edit case entities')
&& ($account->hasPermission('view published case entities') || CaseInvolvement::userIsInvolved($account, $entity))
); );
case 'delete': // you can delete the case only if a) you can see it and b) you have the permission to delete cases. case 'delete': // you can delete the case only if a) you can see it and b) you have the permission to delete cases.
return AccessResult::allowedIf( return AccessResult::allowedIf(

View File

@ -1,8 +1,4 @@
permission_callbacks:
- \Drupal\opencase_entities\OCOrganisationPermissions::generatePermissions
- \Drupal\opencase_entities\OCEventPermissions::generatePermissions
- Drupal\opencase_entities\OpenCaseEntityPermissions::permissions
view edit delete all actor entities: view edit delete all actor entities:
title: 'View/Edit/Delete all types of people' title: 'View/Edit/Delete all types of people'

View File

@ -26,12 +26,12 @@ class OCActivityAccessControlHandler extends EntityAccessControlHandler {
} }
return AccessResult::allowedIf( return AccessResult::allowedIf(
$account->hasPermission('view published case entities') // activity permissions are inherited from case $account->hasPermission('view published case entities') // activity permissions are inherited from case
|| $entity->owner()->id() == $account->id(); || $entity->getOwner()->id() == $account->id()
); );
case 'update': // allowed only if a) they can see the case the activity is on and b) they can edit activities case 'update': // allowed only if a) they can see the case the activity is on and b) they can edit activities
return AccessResult::allowedIf( return AccessResult::allowedIf(
$account->hasPermission('edit activity entities') // activity permissions are inherited from case $account->hasPermission('edit activity entities') // activity permissions are inherited from case
|| $entity->owner()->id() == $account->id(); || $entity->getOwner()->id() == $account->id()
); );
case 'delete': // allowed only if a) they can see the case the activity is on and b) they can delete activities case 'delete': // allowed only if a) they can see the case the activity is on and b) they can delete activities
return AccessResult::allowedIf( return AccessResult::allowedIf(