2 namespace Drush\Drupal\Commands\core;
4 use Consolidation\OutputFormatters\Options\FormatterOptions;
5 use Drupal\user\Entity\Role;
6 use Drush\Commands\DrushCommands;
7 use Consolidation\OutputFormatters\StructuredData\RowsOfFields;
8 use Drush\Log\LogLevel;
9 use Drush\Role\RoleBase;
11 class RoleCommands extends DrushCommands
16 * @command role:create
17 * @param $machine_name The symbolic machine name for the role.
18 * @param $human_readable_name A descriptive name for the role.
19 * @usage drush role:create 'test role'
20 * Create a new role 'test role'. On D8, the human-readable name will be 'Test role'.
21 * @usage drush role:create 'test role' 'Test role'
22 * Create a new role with a machine name of 'test role', and a human-readable name of 'Test role'.
23 * @aliases rcrt,role-create
25 public function create($machine_name, $human_readable_name = null)
27 $role = Role::create([
28 'id' => $machine_name,
29 'label' => $human_readable_name,
32 $this->logger()->success(dt('Created "!role"', ['!role' => $machine_name]));
39 * @command role:delete
40 * @param $machine_name The symbolic machine name for the role.
41 * @validate-entity-load user_role machine_name
42 * @usage drush role:delete 'test role'
43 * Delete the role 'test role'.
44 * @aliases rdel,role-delete
46 public function delete($machine_name)
48 $role = Role::load($machine_name);
50 $this->logger()->success(dt('Deleted "!role"', ['!role' => $machine_name]));
54 * Grant specified permission(s) to a role.
56 * @todo Add validation for permission names.
58 * @command role:perm:add
59 * @validate-entity-load user_role machine_name
60 * @validate-permissions permissions
61 * @param $machine_name The role to modify.
62 * @param $permissions The list of permission to grant, delimited by commas.
63 * @option cache-clear Set to 0 to suppress normal cache clearing; the caller should then clear if needed.
64 * @usage drush role-add-perm anonymous 'post comments'
65 * Allow anon users to post comments.
66 * @usage drush role:add-perm anonymous "'post comments','access content'"
67 * Allow anon users to post comments and access content.
68 * @usage drush pm:info --fields=permissions --format=csv aggregator
69 * Discover the permissions associated with given module (then use this command as needed).
70 * @aliases rap,role-add-perm
72 public function roleAddPerm($machine_name, $permissions)
74 $perms = _convert_csv_to_array($permissions);
75 user_role_grant_permissions($machine_name, $perms);
76 $this->logger()->success(dt('Added "!permissions" to "!role"', ['!permissions' => $permissions, '!role' => $machine_name]));
77 drush_drupal_cache_clear_all();
81 * Remove specified permission(s) from a role.
83 * @command role:perm:remove
84 * @validate-entity-load user_role machine_name
85 * @validate-permissions permissions
86 * @param $machine_name The role to modify.
87 * @param $permissions The list of permission to grant, delimited by commas.
88 * @option cache-clear Set to 0 to suppress normal cache clearing; the caller should then clear if needed.
89 * @usage drush role:remove-perm anonymous 'access content'
90 * Hide content from anon users.
91 * @aliases rmp,role-remove-perm
93 public function roleRemovePerm($machine_name, $permissions)
95 $perms = _convert_csv_to_array($permissions);
96 user_role_revoke_permissions($machine_name, $perms);
97 $this->logger()->success(dt('Removed "!permissions" to "!role"', ['!permissions' => $permissions, '!role' => $result->name]));
98 drush_drupal_cache_clear_all();
102 * Display a list of all roles defined on the system.
104 * If a role name is provided as an argument, then all of the permissions of
105 * that role will be listed. If a permission name is provided as an option,
106 * then all of the roles that have been granted that permission will be listed.
109 * @validate-permissions filter
110 * @option filter Limits the list of roles to only those that have been assigned the specified permission.
111 * @usage drush role:list --filter='administer nodes'
112 * Display a list of roles that have the administer nodes permission assigned.
113 * @aliases rls,role-list
119 * @return \Consolidation\OutputFormatters\StructuredData\RowsOfFields
121 public function roleList($options = ['format' => 'yaml', 'filter' => self::REQ])
124 $roles = Role::loadMultiple();
125 foreach ($roles as $role) {
126 if ($options['filter'] && !$role->hasPermission($options['filter'])) {
129 $rows[$role->id()] = [
130 'label' => $role->label(),
131 'perms' => $role->getPermissions(),
134 $result = new RowsOfFields($rows);
135 $result->addRendererFunction([$this, 'renderPermsCell']);
140 * Used in the unlikely event user specifies --format=table.
142 public function renderPermsCell($key, $cellData, FormatterOptions $options)
144 if (is_array($cellData)) {
145 return implode(',', $cellData);