Skip to content

Commit

Permalink
Search for invalid permission(s) and remove them from existing roles:…
Browse files Browse the repository at this point in the history 
… "access contextual links".
  • Loading branch information
@zanvidmar
zanvidmar committed Aug 30, 2023
1 parent fb8f46f commit 02ea988
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 2 deletions.
18 changes: 18 additions & 0 deletions ...al_features/social_core/config/modify/social_core.access_contextual_links_permissions.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
dependencies:
module:
- contextual
items:
user.role.contentmanager:
expected_config:
permissions: { }
update_actions:
add:
permissions:
- 'access contextual links'
user.role.sitemanager:
expected_config:
permissions: { }
update_actions:
add:
permissions:
- 'access contextual links'
30 changes: 28 additions & 2 deletions modules/social_features/social_core/social_core.install
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,6 @@ function social_core_install() {
'administer account settings',
'administer themes',
'administer blocks',
'access contextual links',
'access social_core dashboard',
]
);
Expand Down Expand Up @@ -250,7 +249,6 @@ function _social_core_get_permissions($role) {
'administer account settings',
'administer themes',
'administer blocks',
'access contextual links',
]);

return $permissions[$role] ?? [];
Expand Down Expand Up @@ -1688,3 +1686,31 @@ function social_core_update_11900() : string {
// Output logged messages to related channel of update execution.
return $update_helper->logger()->output();
}

/**
* Search for invalid permission(s) and remove them from existing roles:
* "access contextual links".
*/
function social_core_update_111201(): void {
$entity_type_manager = \Drupal::entityTypeManager();
$all_permissions = array_keys(\Drupal::service('user.permissions')->getPermissions());
/** @var \Drupal\user\RoleInterface[] $roles */
$roles = $entity_type_manager->getStorage('user_role')->loadMultiple();

$permissions_to_check = [
'access contextual links',
];

// If permission is not valid (is not on the list of all permissions),
// we need to revoke it from all existing roles.
foreach ($permissions_to_check as $permission_to_check) {
if (!in_array($permission_to_check, $all_permissions)) {
foreach ($roles as $role) {
if ($role->hasPermission($permission_to_check)) {
$role->revokePermission($permission_to_check);
$role->save();
}
}
}
}
}

0 comments on commit 02ea988

Please sign in to comment.