Removed the "view own cases" permission

Now everyone sees cases they are involved in, they don't need a special perm.
2018-07-09 20:26:11 +02:00 · 2018-07-09 20:26:11 +02:00 · a267e222b8
commit a267e222b8
parent 910350699d
4 changed files with 8 additions and 18 deletions
--- a/modules/opencase_defaults/config/optional/user.role.caseworker.yml
+++ b/modules/opencase_defaults/config/optional/user.role.caseworker.yml
@ -10,8 +10,6 @@ permissions:
  - 'add case entities'
  - 'add client entities'
  - 'delete activity entities'
-  - 'view own cases'
-  - 'edit own cases'
  - 'delete client entities'
  - 'edit client entities'
  - 'view published client entities'
--- a/modules/opencase_entities/opencase_entities.module
+++ b/modules/opencase_entities/opencase_entities.module
@ -122,10 +122,8 @@ function opencase_views_query_alter(Drupal\views\ViewExecutable $view, $query) {
 function opencase_query_oc_case_access_alter($query) {
  if (\Drupal::currentUser()->hasPermission('view published case entities')) {
    return;
-  } elseif (\Drupal::currentUser()->hasPermission('view own cases')) {
-    $linked_actor_id = CaseInvolvement::getLinkedActorId(\Drupal::currentUser());
-    $query->addJoin('INNER', 'oc_case__actors_involved', 'access_filter', 'access_filter.entity_id = oc_case_field_data.id');
-    $query->condition('access_filter.actors_involved_target_id', $linked_actor_id);
-    return $query;
  } 
+  $linked_actor_id = CaseInvolvement::getLinkedActorId(\Drupal::currentUser());
+  $query->addJoin('INNER', 'oc_case__actors_involved', 'access_filter', 'access_filter.entity_id = oc_case_field_data.id');
+  $query->condition('access_filter.actors_involved_target_id', $linked_actor_id);
 }
--- a/modules/opencase_entities/opencase_entities.permissions.yml
+++ b/modules/opencase_entities/opencase_entities.permissions.yml
@ -80,14 +80,6 @@ view published case entities:
 view unpublished case entities:
  title: 'View unpublished Case entities'

-view own cases:
-  title: 'View cases they are involved in'
-  description: "Allow to access cases in which the user's linked actor is an involved party."
-
-edit own cases:
-  title: 'Edit cases they are involved in'
-  description: "Allow to edit cases in which the user's linked actor is an involved party."
-
 view all case revisions:
  title: 'View all Case revisions'

--- a/modules/opencase_entities/src/OCCaseAccessControlHandler.php
+++ b/modules/opencase_entities/src/OCCaseAccessControlHandler.php
@ -30,8 +30,10 @@ class OCCaseAccessControlHandler extends EntityAccessControlHandler {
            || CaseInvolvement::userIsInvolved($account, $entity)
        );
      case 'update':
-        return AccessResult::allowedIfHasPermission($account, 'edit case entities');
-
+        return AccessResult::allowedIf(
+            $account->hasPermission('edit published case entities')
+            || CaseInvolvement::userIsInvolved($account, $entity)
+        );
      case 'delete':
        return AccessResult::allowedIfHasPermission($account, 'delete case entities');
    }