X-Git-Url: https://yaffs.net/gitweb/?a=blobdiff_plain;f=web%2Fmodules%2Fcontrib%2Fpermissions_by_term%2Fpermissions_by_term.module;h=f8b869c45e6f1312f161adea93e5f4af92f78ffc;hb=refs%2Fheads%2Fd864;hp=e7c8e0adfce3ed3999cf54122ae52e6f5e2d34df;hpb=1270d9129ce8f27c9b28b10518e32132c58e0aca;p=yaffs-website

diff --git a/web/modules/contrib/permissions_by_term/permissions_by_term.module b/web/modules/contrib/permissions_by_term/permissions_by_term.module
index e7c8e0adf..f8b869c45 100644
--- a/web/modules/contrib/permissions_by_term/permissions_by_term.module
+++ b/web/modules/contrib/permissions_by_term/permissions_by_term.module
@@ -5,16 +5,14 @@
  * Allows access to terms in a vocabulary to be limited by user or role.
  */
 
-use Drupal\Core\Access\AccessResult;
+use Drupal\Core\Cache\Cache;
+use Drupal\Core\Entity\EntityInterface;
 use Drupal\Core\Form\FormState;
-use Drupal\permissions_by_term\Controller\PermissionsByTermController;
 use Drupal\Core\Form\FormStateInterface;
-use Drupal\node\NodeInterface;
+use Drupal\Core\Routing\RouteMatchInterface;
 use Drupal\Core\Session\AccountInterface;
-use Drupal\permissions_by_term\Event\PermissionsByTermDeniedEvent;
+use Drupal\node\NodeInterface;
 use Drupal\taxonomy\Entity\Term;
-use Drupal\Core\Routing\RouteMatchInterface;
-use Drupal\Core\Cache\Cache;
 
 /**
  * Implements hook_help().
@@ -56,12 +54,14 @@ function permissions_by_term_validate($form, FormState $oFormState) {
       $not_allowed_term_names = [];
       if (!empty($terms)) {
         foreach ($terms as $term) {
-          $term_id = $term['target_id'];
-          /* @var \Drupal\permissions_by_term\Service\AccessCheck $access_check_service */
-          $access_check_service = \Drupal::service('permissions_by_term.access_check');
-          if (!$access_check_service->isAccessAllowedByDatabase($term_id)) {
-            $term = Term::load($term_id);
-            $not_allowed_term_names[] = $term->getName();
+          if (!empty($term['target_id'])) {
+            $term_id = $term['target_id'];
+            /* @var \Drupal\permissions_by_term\Service\AccessCheck $access_check_service */
+            $access_check_service = \Drupal::service('permissions_by_term.access_check');
+            if (!$access_check_service->isAccessAllowedByDatabase($term_id)) {
+              $term = Term::load($term_id);
+              $not_allowed_term_names[] = $term->getName();
+            }
           }
         }
       }
@@ -88,19 +88,20 @@ function permissions_by_term_submit($form, FormState $formState) {
   $access_storage = \Drupal::service('permissions_by_term.access_storage');
   $access_update = $access_storage->saveTermPermissions($formState, $termId);
 
-  // Check if we need to rebuild node_access by term id
-  $invalidate_cache_tag = false;
+  // Check if we need to rebuild cache and node_access
+  $rebuild_cache_and_node_access = false;
 
   // Has anything has changed?
   foreach($access_update as $values) {
     if(!empty($values)) {
-      $invalidate_cache_tag = true;
+      $rebuild_cache_and_node_access = true;
       break;
     }
   }
 
-  // Do we need to flush the cache?
-  if($invalidate_cache_tag === true) {
+  // Do we need to flush the cache and the node access records?
+  if($rebuild_cache_and_node_access === true) {
+    node_access_rebuild(TRUE);
     Cache::invalidateTags(['search_index:node_search']);
   }
 }
@@ -108,28 +109,34 @@ function permissions_by_term_submit($form, FormState $formState) {
 /**
  * Implements hook_form_alter().
  */
-function permissions_by_term_form_taxonomy_term_form_alter(&$form, FormStateInterface $oFormState, $form_id) {
+function permissions_by_term_form_taxonomy_term_form_alter(&$form, FormStateInterface $formState, $form_id) {
   if (\Drupal::currentUser()->hasPermission('show term permission form on term page')) {
-    $iTermId = $oFormState->getFormObject()->getEntity()->id();
+    $termId = $formState->getFormObject()->getEntity()->id();
 
     /* @var \Drupal\permissions_by_term\Service\AccessStorage $access_storage */
     $access_storage = \Drupal::service('permissions_by_term.access_storage');
 
+    $description = <<<EOT
+To limit access to this term by user(s) or role(s), select users or roles above.
+If left empty, all users will have access to content, related to this taxonomy term
+and this taxonomy term itself.
+EOT;
+
     $form['access'] = [
-      '#type' => 'fieldset',
-      '#title' => t('Permissions'),
-      '#description' => t('To limit access to this term by user or roles,
-      add users or roles to the following lists. Leave empty to allow
-      node access by single node view, node listing in views and taxonomy
-      term selection by all users.'),
-      '#collapsible' => TRUE,
-      '#collapsed' => TRUE,
-      '#attributes' => ['id' => 'fieldset_term_access'],
-      '#weight' => -5,
-      '#tree' => TRUE,
+      '#type'        => 'details',
+      '#title'       => t('Permissions'),
+      '#description' => t($description),
+      '#attributes'  => ['id' => 'fieldset_term_access'],
+      '#weight'      => -5,
+      '#tree'        => TRUE,
     ];
 
-    $aAllowedUsers = $access_storage->getAllowedUserIds($iTermId);
+    $langcode = \Drupal::languageManager()->getCurrentLanguage()->getId();
+    if (!empty($formState->getValue('langcode'))) {
+      $langcode = $formState->getValue('langcode')['0']['value'];
+    }
+
+    $aAllowedUsers = $access_storage->getAllowedUserIds($termId, $langcode);
     if (!empty($aAllowedUsers)) {
       $aAllowedUsers = user_load_multiple($aAllowedUsers);
       $sUserFormValue = $access_storage->getUserFormValue($aAllowedUsers);
@@ -138,23 +145,26 @@ function permissions_by_term_form_taxonomy_term_form_alter(&$form, FormStateInte
       $sUserFormValue = NULL;
     }
 
+    $description = <<<EOT
+Enter a comma-separated list of user names who will be able to access content,
+related to this taxonomy term.
+EOT;
+
     // Note that the autocomplete widget will only enable for users with the
     // 'access profiles' permission. Other users will have to specify the name
     // manually.
     $form['access']['user'] = [
-      '#type' => 'entity_autocomplete',
-      '#target_type' => 'user',
-      '#title' => t('Allowed users'),
-      '#description' => t('Enter a comma-seperated list of user names to give') . ' ' .
-      t('them permission to use this term and access related nodes in single node view
-      and views listings.'),
-      '#value' => $sUserFormValue,
-      '#size' => 60,
+      '#type'                    => 'entity_autocomplete',
+      '#target_type'             => 'user',
+      '#title'                   => t('Allowed users'),
+      '#description'             => t($description),
+      '#value'                   => $sUserFormValue,
+      '#size'                    => 60,
       '#autocomplete_route_name' => 'permissions_by_term.autocomplete_multiple',
-      '#weight' => -10,
+      '#weight'                  => -10,
     ];
 
-    $aAllowedRoles = $access_storage->getRoleTermPermissionsByTid($iTermId);
+    $aAllowedRoles = $access_storage->getRoleTermPermissionsByTid($termId, $langcode);
 
     // Firstly fetch all translated allowed role names.
     $aTranslatedAllowedRoleNames = [];
@@ -178,17 +188,19 @@ function permissions_by_term_form_taxonomy_term_form_alter(&$form, FormStateInte
       }
     }
 
+    $description = <<<EOT
+Select user roles who will be able to access content, related to this taxonomy term.
+EOT;
+
     // Now, lets do the Roles table.
     $form['access']['role'] = [
-      '#type' => 'checkboxes',
-      '#title' => t('Allowed roles'),
-      '#description' => t('Select a role to allow all members of this role to
-        use this term and access related nodes in single node view and views
-        listings.'),
+      '#type'          => 'checkboxes',
+      '#title'         => t('Allowed roles'),
+      '#description'   => t($description),
       '#default_value' => $aSetRoles,
-      '#options' => $aTranslatedUserRoles,
-      '#multiple' => FALSE,
-      '#weight' => 5,
+      '#options'       => $aTranslatedUserRoles,
+      '#multiple'      => FALSE,
+      '#weight'        => 5,
     ];
 
     $form['#validate'][] = 'permissions_by_term_validate';
@@ -199,7 +211,7 @@ function permissions_by_term_form_taxonomy_term_form_alter(&$form, FormStateInte
 /**
  * Implements hook_form_alter().
  */
-function permissions_by_term_form_alter(&$form, FormStateInterface $oFormState, $form_id) {
+function permissions_by_term_form_alter(&$form, FormStateInterface $formState, $form_id) {
   $form['#validate'][] = 'permissions_by_term_validate';
   if (isNodeEditForm()) {
     $form['permissions_by_term_info'] = [
@@ -209,6 +221,11 @@ function permissions_by_term_form_alter(&$form, FormStateInterface $oFormState,
       '#access' => \Drupal::currentUser()->hasPermission('show term permissions on node edit page'),
     ];
 
+    $langcode = \Drupal::languageManager()->getCurrentLanguage()->getId();
+    if (!empty($formState->getUserInput()['langcode']['0']['value'])) {
+      $langcode = $formState->getUserInput()['langcode']['0']['value'];
+    }
+
     $nid = null;
     if (!empty($node = \Drupal::routeMatch()->getParameter('node'))) {
       $nid = $node->id();
@@ -222,7 +239,7 @@ function permissions_by_term_form_alter(&$form, FormStateInterface $oFormState,
 
     $form['permissions_by_term_info']['revision'] = array(
       '#type' => 'item',
-      '#markup' => $nodeEntityBundleInfo->renderNodeDetails($viewFilePath, $nid),
+      '#markup' => $nodeEntityBundleInfo->renderNodeDetails($viewFilePath, $langcode, $nid),
     );
 
     $form['#attached']['library'][] = 'permissions_by_term/nodeForm';
@@ -249,20 +266,10 @@ function isNodeEditForm() {
  * through the administrative interface.
  */
 function permissions_by_term_node_access(NodeInterface $node, $op, AccountInterface $account) {
-  if (method_exists($node, 'id') && ($op == 'view' OR $op == 'update' OR $op == 'delete')) {
-    if (!$node->isPublished() && !$account->hasPermission('Bypass content access control', $account)) {
-      $eventDispatcher = \Drupal::service('event_dispatcher');
-      $accessDeniedEvent = new PermissionsByTermDeniedEvent($node->id());
-      $eventDispatcher->dispatch(PermissionsByTermDeniedEvent::NAME, $accessDeniedEvent);
-
-      return AccessResult::forbidden();
-    }
+  /* @var \Drupal\permissions_by_term\Service\AccessCheck $accessCheck */
+  $accessCheck = \Drupal::service('permissions_by_term.access_check');
 
-    /* @var \Drupal\permissions_by_term\Service\AccessCheck $accessCheck */
-    $accessCheck = \Drupal::service('permissions_by_term.access_check');
-
-    return $accessCheck->handleNode($node->id());
-  }
+  return $accessCheck->handleNode($node->id(), $node->language()->getId());
 }
 
 /**
@@ -297,7 +304,14 @@ function permissions_by_term_node_access_records(\Drupal\node\NodeInterface $nod
   foreach ($access_storage->getTidsByNid($node->id()) as $tid) {
     /* @var \Drupal\permissions_by_term\Service\AccessCheck $access_check_service */
     $access_check_service = \Drupal::service('permissions_by_term.access_check');
-    if ($access_check_service->isAnyPermissionSetForTerm($tid)) {
+    if($node->language()->getId() == 'und'){
+      // Current system default language
+      $language = \Drupal::languageManager()->getCurrentLanguage()->getId();
+    }
+    else {
+      $language = $node->language()->getId();
+    }
+    if ($access_check_service->isAnyPermissionSetForTerm($tid, $language)) {
       $has_term_access_restrictions = TRUE;
       break;
     }
@@ -313,14 +327,12 @@ function permissions_by_term_node_access_records(\Drupal\node\NodeInterface $nod
   $grantObject = $nodeAccess->createGrant($node->id(), $node->id());
 
   $grants[] = [
-    'realm' => $grantObject->realm,
-    'gid' => $grantObject->gid,
-    'grant_view' => $grantObject->grant_view,
+    'realm'        => $grantObject->realm,
+    'gid'          => $grantObject->gid,
+    'grant_view'   => $grantObject->grant_view,
     'grant_update' => $grantObject->grant_update,
     'grant_delete' => $grantObject->grant_delete,
-    'langcode' => $grantObject->langcode,
-    'fallback' => 1,
-    'nid' => $node->id(),
+    'nid'          => $node->id(),
   ];
 
   return $grants;
@@ -357,24 +369,19 @@ function permissions_by_term_options_list_alter(array &$options, array $context)
   if (!empty($fieldDefinitionSettings['target_type']) && $fieldDefinitionSettings['target_type'] == 'taxonomy_term') {
     foreach ($options as $id => $names) {
       if ($id !== '_none') {
-        /**
-         * @var \Drupal\permissions_by_term\Service\Term $term
-         */
-        $term = \Drupal::service('permissions_by_term.term');
-
         /**
          * @var \Drupal\permissions_by_term\Service\AccessCheck $accessCheck
          */
         $accessCheck = \Drupal::service('permissions_by_term.access_check');
 
         if (is_array($names)) {
-          foreach ($names as $name) {
-            if (!$accessCheck->isAccessAllowedByDatabase($term->getTermIdByName($name))) {
+          foreach ($names as $group_id => $name) {
+            if (!$accessCheck->isAccessAllowedByDatabase($group_id)) {
               unset($options[$id]);
             }
           }
         } elseif(is_string($names)) {
-          if (!$accessCheck->isAccessAllowedByDatabase($term->getTermIdByName($names))) {
+          if (!$accessCheck->isAccessAllowedByDatabase($id)) {
             unset($options[$id]);
           }
         }
@@ -396,3 +403,14 @@ function permissions_by_term_user_cancel($edit, $account, $method) {
   $access_storage = \Drupal::service('permissions_by_term.access_storage');
   $access_storage->deleteAllTermPermissionsByUserId($deleted_user_id);
 }
+
+/**
+ * Implements hook_ENTITY_TYPE_delete().
+ *
+ * Deletes all term permissions from storage when a term is deleted.
+ */
+function permissions_by_term_taxonomy_term_delete(EntityInterface $entity) {
+  /* @var \Drupal\permissions_by_term\Service\AccessStorage $access_storage */
+  $access_storage = \Drupal::service('permissions_by_term.access_storage');
+  $access_storage->deleteAllTermPermissionsByTid($entity->id());
+}