autonomic-cooperative
/
opencase
Archived
0
0
Fork 0
Code Issues 43 Pull Requests Releases Wiki Activity

Compare commits

base: autonomic-cooperative:7c3b007ff9200e6b5202f84a7c607caeb1704bfc
Branches Tags
autonomic-cooperative:master
autonomic-cooperative:revisionerrors
autonomic-cooperative:multiplefunctioncallstest
autonomic-cooperative:alex
autonomic-cooperative:refactor
autonomic-cooperative:trav
autonomic-cooperative:demo
autonomic-cooperative:sep_10
autonomic-cooperative:dev
autonomic-cooperative:MORE-LIVE
autonomic-cooperative:2.0.0
autonomic-cooperative:1.9.9
autonomic-cooperative:MORE
autonomic-cooperative:1.9.4
autonomic-cooperative:1.9.3
autonomic-cooperative:1.9.2
autonomic-cooperative:1.9
autonomic-cooperative:1.7
autonomic-cooperative:1.6.5
autonomic-cooperative:1.6.4
autonomic-cooperative:1.6.3
autonomic-cooperative:1.6.2
autonomic-cooperative:1.6.1
autonomic-cooperative:1.6
autonomic-cooperative:1.5.4
autonomic-cooperative:1.5.3
autonomic-cooperative:1.5.2
autonomic-cooperative:0.6.1
autonomic-cooperative:1.5.1
autonomic-cooperative:0.5.1
autonomic-cooperative:0.5.0
autonomic-cooperative:0.4.4
autonomic-cooperative:0.4.3
autonomic-cooperative:0.4.2
autonomic-cooperative:0.4.1
autonomic-cooperative:0.4.0
autonomic-cooperative:0.3.1
autonomic-cooperative:0.3.0
autonomic-cooperative:0.2.6
autonomic-cooperative:0.2.5
autonomic-cooperative:0.2.4
autonomic-cooperative:0.2.3
autonomic-cooperative:0.2.2
autonomic-cooperative:0.2.1
autonomic-cooperative:0.1.1
..
compare: autonomic-cooperative:240a55f54fd1a6a04d1989754ff7e05a9cdf9ec8
Branches Tags
autonomic-cooperative:master
autonomic-cooperative:revisionerrors
autonomic-cooperative:multiplefunctioncallstest
autonomic-cooperative:alex
autonomic-cooperative:refactor
autonomic-cooperative:trav
autonomic-cooperative:demo
autonomic-cooperative:sep_10
autonomic-cooperative:dev
autonomic-cooperative:MORE-LIVE
autonomic-cooperative:2.0.0
autonomic-cooperative:1.9.9
autonomic-cooperative:MORE
autonomic-cooperative:1.9.4
autonomic-cooperative:1.9.3
autonomic-cooperative:1.9.2
autonomic-cooperative:1.9
autonomic-cooperative:1.7
autonomic-cooperative:1.6.5
autonomic-cooperative:1.6.4
autonomic-cooperative:1.6.3
autonomic-cooperative:1.6.2
autonomic-cooperative:1.6.1
autonomic-cooperative:1.6
autonomic-cooperative:1.5.4
autonomic-cooperative:1.5.3
autonomic-cooperative:1.5.2
autonomic-cooperative:0.6.1
autonomic-cooperative:1.5.1
autonomic-cooperative:0.5.1
autonomic-cooperative:0.5.0
autonomic-cooperative:0.4.4
autonomic-cooperative:0.4.3
autonomic-cooperative:0.4.2
autonomic-cooperative:0.4.1
autonomic-cooperative:0.4.0
autonomic-cooperative:0.3.1
autonomic-cooperative:0.3.0
autonomic-cooperative:0.2.6
autonomic-cooperative:0.2.5
autonomic-cooperative:0.2.4
autonomic-cooperative:0.2.3
autonomic-cooperative:0.2.2
autonomic-cooperative:0.2.1
autonomic-cooperative:0.1.1

No commits in common. "7c3b007ff9200e6b5202f84a7c607caeb1704bfc" and "240a55f54fd1a6a04d1989754ff7e05a9cdf9ec8" have entirely different histories.
7c3b007ff9 ... 240a55f54f

6 changed files with 36 additions and 13 deletions
Show Stats Expand all files Collapse all files

8
css/opencase.css
View File

@ -147,6 +147,14 @@ td.views-field {
font-weight: bold !important;
}
/* Styling for grouped views */
table.views-table.views-view-table caption {
text-align: left;
margin-bottom: 1em;
margin-top: 2em;
font-weight: bold;
}
/* remove "details" accordion, see https://drupal.stackexchange.com/questions/294312/why-has-this-details-accordion-appeared-in-this-view */
.views-table details {
display: none;

4
modules/opencase_cases/opencase_cases.permissions.yml
View File

@ -59,3 +59,7 @@ revert all case fee revisions:
delete all case fee revisions:
title: 'Delete all revisions'
description: 'Role requires permission to <em>view Case Fee revisions</em> and <em>delete rights</em> for case fee entities in question or <em>administer case fee entities</em>.'
permission_callbacks:
- \Drupal\opencase_cases\OCCaseFeePermissions::generatePermissions
- \Drupal\opencase_cases\OCCaseProvisionPermissions::generatePermissions

7
modules/opencase_cases/src/CaseInvolvement.php
View File

@ -10,11 +10,8 @@ class CaseInvolvement {
public static function userIsInvolved($account, $case) {
$actorId = self::getLinkedActorId($account);
$query = \Drupal::entityQuery('oc_case_provision')
->condition('oc_provider', $actorId)
->condition('oc_case', $case->id());
$results = $query->execute();
return !empty($results);
$involvedIds = array_column($case->actors_involved->getValue(), 'target_id');
return in_array($actorId, $involvedIds);
}
public static function userIsInvolved_activity($account, $activity) {

1
modules/opencase_cases/src/OCCaseAccessControlHandler.php
View File

@ -32,6 +32,7 @@ class OCCaseAccessControlHandler extends EntityAccessControlHandler {
case 'update': // you can edit the case only if a) you can see it and b) you have the permission to edit cases.
return AccessResult::allowedIf(
$account->hasPermission('edit case entities')
&& ($account->hasPermission('view published case entities') || CaseInvolvement::userIsInvolved($account, $entity))
);
case 'delete': // you can delete the case only if a) you can see it and b) you have the permission to delete cases.
return AccessResult::allowedIf(

4
modules/opencase_entities/opencase_entities.permissions.yml
View File

@ -1,4 +1,8 @@
permission_callbacks:
- \Drupal\opencase_entities\OCOrganisationPermissions::generatePermissions
- \Drupal\opencase_entities\OCEventPermissions::generatePermissions
- Drupal\opencase_entities\OpenCaseEntityPermissions::permissions
view edit delete all actor entities:
title: 'View/Edit/Delete all types of people'

25
modules/opencase_entities/src/OCActivityAccessControlHandler.php
View File

@ -26,17 +26,26 @@ class OCActivityAccessControlHandler extends EntityAccessControlHandler {
}
return AccessResult::allowedIf(
$account->hasPermission('view published case entities') // activity permissions are inherited from case
|| $entity->getOwner()->id() == $account->id()
|| CaseInvolvement::userIsInvolved_activity($account, $entity)
);
case 'update': // allowed only if a) they can see the case the activity is on and b) they can edit activities
return AccessResult::allowedIf(
$account->hasPermission('edit activity entities') // activity permissions are inherited from case
|| $entity->getOwner()->id() == $account->id()
);
if (!$account->hasPermission('edit activity entities')) {
return AccessResult::forbidden();
} else {
return AccessResult::allowedIf(
$account->hasPermission('view published case entities')
|| CaseInvolvement::userIsInvolved_activity($account, $entity)
);
}
case 'delete': // allowed only if a) they can see the case the activity is on and b) they can delete activities
return AccessResult::allowedIf(
$account->hasPermission('delete case entities')
);
if (!$account->hasPermission('delete activity entities')) {
return AccessResult::forbidden();
} else {
return AccessResult::allowedIf(
$account->hasPermission('view published case entities')
|| CaseInvolvement::userIsInvolved_activity($account, $entity)
);
}
}
// Unknown operation, no opinion.