Commit | Line | Data |
---|---|---|
d3e88312 EM |
1 | <?php |
2 | /* | |
3 | +--------------------------------------------------------------------+ | |
fee14197 | 4 | | CiviCRM version 5 | |
d3e88312 | 5 | +--------------------------------------------------------------------+ |
f299f7db | 6 | | Copyright CiviCRM LLC (c) 2004-2020 | |
d3e88312 EM |
7 | +--------------------------------------------------------------------+ |
8 | | This file is a part of CiviCRM. | | |
9 | | | | |
10 | | CiviCRM is free software; you can copy, modify, and distribute it | | |
11 | | under the terms of the GNU Affero General Public License | | |
12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | | |
13 | | | | |
14 | | CiviCRM is distributed in the hope that it will be useful, but | | |
15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | | |
16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | | |
17 | | See the GNU Affero General Public License for more details. | | |
18 | | | | |
19 | | You should have received a copy of the GNU Affero General Public | | |
20 | | License and the CiviCRM Licensing Exception along | | |
21 | | with this program; if not, contact CiviCRM LLC | | |
22 | | at info[AT]civicrm[DOT]org. If you have questions about the | | |
23 | | GNU Affero General Public License or the licensing of CiviCRM, | | |
24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | | |
25 | +--------------------------------------------------------------------+ | |
d25dd0ee | 26 | */ |
d3e88312 EM |
27 | |
28 | /** | |
29 | * | |
30 | * @package CRM | |
ca5cec67 | 31 | * @copyright CiviCRM LLC https://civicrm.org/licensing |
d3e88312 EM |
32 | * $Id$ |
33 | * | |
34 | */ | |
35 | ||
36 | /** | |
37 | * | |
38 | */ | |
d3e86119 | 39 | class CRM_Core_Permission_Drupal8 extends CRM_Core_Permission_DrupalBase { |
518fa0ee | 40 | |
68be1dfe EM |
41 | /** |
42 | * Given a permission string, check for access requirements | |
43 | * | |
6a0b768e TO |
44 | * @param string $str |
45 | * The permission to check. | |
68be1dfe | 46 | * |
18be3201 | 47 | * @param int $userId |
decced8b | 48 | * |
68be1dfe EM |
49 | * @return bool |
50 | */ | |
18be3201 | 51 | public function check($str, $userId = NULL) { |
be2fb01f | 52 | $str = $this->translatePermission($str, 'Drupal', [ |
68be1dfe | 53 | 'view user account' => 'access user profiles', |
be2fb01f | 54 | ]); |
68be1dfe EM |
55 | |
56 | if ($str == CRM_Core_Permission::ALWAYS_DENY_PERMISSION) { | |
57 | return FALSE; | |
58 | } | |
59 | if ($str == CRM_Core_Permission::ALWAYS_ALLOW_PERMISSION) { | |
60 | return TRUE; | |
61 | } | |
18be3201 CW |
62 | $acct = $userId ? \Drupal\user\Entity\User::load($userId) : \Drupal::currentUser(); |
63 | return $acct->hasPermission($str); | |
68be1dfe | 64 | } |
96025800 | 65 | |
40d5632a AS |
66 | /** |
67 | * Get all the contact emails for users that have a specific permission. | |
68 | * | |
69 | * @param string $permissionName | |
70 | * Name of the permission we are interested in. | |
71 | * | |
72 | * @return string | |
73 | * a comma separated list of email addresses | |
74 | */ | |
75 | public function permissionEmails($permissionName) { | |
be2fb01f | 76 | static $_cache = []; |
40d5632a AS |
77 | |
78 | if (isset($_cache[$permissionName])) { | |
79 | return $_cache[$permissionName]; | |
80 | } | |
81 | ||
82 | $role_ids = array_map( | |
83 | function (\Drupal\user\RoleInterface $role) { | |
84 | return $role->id(); | |
85 | }, user_roles(TRUE, $permissionName) | |
86 | ); | |
be2fb01f | 87 | $users = \Drupal::entityTypeManager()->getStorage('user')->loadByProperties(['roles' => $role_ids]); |
40d5632a AS |
88 | $uids = array_keys($users); |
89 | ||
90 | $_cache[$permissionName] = self::getContactEmails($uids); | |
91 | return $_cache[$permissionName]; | |
92 | } | |
93 | ||
94 | /** | |
95 | * @inheritDoc | |
96 | */ | |
97 | public function upgradePermissions($permissions) { | |
98 | $civicrm_perms = array_keys(CRM_Core_Permission::getCorePermissions()); | |
99 | if (empty($civicrm_perms)) { | |
100 | throw new CRM_Core_Exception("Cannot upgrade permissions: permission list missing"); | |
101 | } | |
102 | ||
103 | $roles = user_roles(TRUE); | |
104 | foreach ($roles as $role) { | |
105 | foreach ($civicrm_perms as $permission) { | |
106 | $role->revokePermission($permission); | |
107 | } | |
108 | } | |
109 | } | |
110 | ||
68be1dfe | 111 | } |