Skip to content
Snippets Groups Projects
Commit 3dfa1da9 authored by artis.bajars's avatar artis.bajars
Browse files

Implement a custom access handler for HmTaxonomyController, respect core term... 

Implement a custom access handler for HmTaxonomyController, respect core term edit permissions per vocabulary
parent 6de9a0ac
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
hierarchy_manager.routing.yml
+ 2
2
View file @ 3dfa1da9
......@@ -25,7 +25,7 @@ hierarchy_manager.taxonomy.tree.json:
_title: 'Taxonomy tree'
_controller: '\Drupal\hierarchy_manager\Controller\HmTaxonomyController::taxonomyTreeJson'
requirements:
_permission: 'administer taxonomy'
_custom_access: '\Drupal\hierarchy_manager\Controller\HmTaxonomyController::access'
options:
_admin_route: TRUE
hierarchy_manager.taxonomy.tree.update:
......@@ -34,7 +34,7 @@ hierarchy_manager.taxonomy.tree.update:
_title: 'Taxonomy tree'
_controller: '\Drupal\hierarchy_manager\Controller\HmTaxonomyController::updateTerms'
requirements:
_permission: 'administer taxonomy'
_custom_access: '\Drupal\hierarchy_manager\Controller\HmTaxonomyController::access'
options:
_admin_route: TRUE
......
src/Controller/HmTaxonomyController.php
+ 18
0
View file @ 3dfa1da9
......@@ -2,10 +2,12 @@
namespace Drupal\hierarchy_manager\Controller;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Access\CsrfTokenGenerator;
use Drupal\Core\Controller\ControllerBase;
use Drupal\Core\Entity\EntityRepositoryInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\taxonomy\Entity\Term;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Request;
......@@ -69,6 +71,22 @@ class HmTaxonomyController extends ControllerBase {
);
}
/**
* Access check callback for taxonomy tree json.
*
* @param \Drupal\Core\Session\AccountInterface $account
* User account.
* @param string $vid
* Vocabulary ID.
*/
public function access(AccountInterface $account, string $vid) {
if ($account->hasPermission('administer taxonomy')) {
return AccessResult::allowed();
}
return AccessResult::allowedIfHasPermission($account, "edit terms in {$vid}");
}
/**
* Callback for taxonomy tree json.
*
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment