From 3dfa1da93f8632e70c2820d3db45b7d5d8c95aae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Artis=20Baj=C4=81rs?= <artis.bajars@gmail.com>
Date: Thu, 14 Oct 2021 15:20:46 +0300
Subject: [PATCH] Implement a custom access handler for HmTaxonomyController,
 respect core term edit permissions per vocabulary

---
 hierarchy_manager.routing.yml           |  4 ++--
 src/Controller/HmTaxonomyController.php | 18 ++++++++++++++++++
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/hierarchy_manager.routing.yml b/hierarchy_manager.routing.yml
index 8dbfe27..55cf2ce 100644
--- a/hierarchy_manager.routing.yml
+++ b/hierarchy_manager.routing.yml
@@ -25,7 +25,7 @@ hierarchy_manager.taxonomy.tree.json:
     _title: 'Taxonomy tree'
     _controller: '\Drupal\hierarchy_manager\Controller\HmTaxonomyController::taxonomyTreeJson'
   requirements:
-    _permission: 'administer taxonomy'
+    _custom_access: '\Drupal\hierarchy_manager\Controller\HmTaxonomyController::access'
   options:
     _admin_route: TRUE
 hierarchy_manager.taxonomy.tree.update:
@@ -34,7 +34,7 @@ hierarchy_manager.taxonomy.tree.update:
     _title: 'Taxonomy tree'
     _controller: '\Drupal\hierarchy_manager\Controller\HmTaxonomyController::updateTerms'
   requirements:
-    _permission: 'administer taxonomy'
+    _custom_access: '\Drupal\hierarchy_manager\Controller\HmTaxonomyController::access'
   options:
     _admin_route: TRUE   
  
diff --git a/src/Controller/HmTaxonomyController.php b/src/Controller/HmTaxonomyController.php
index 3b96443..fdf79ff 100644
--- a/src/Controller/HmTaxonomyController.php
+++ b/src/Controller/HmTaxonomyController.php
@@ -2,10 +2,12 @@
 
 namespace Drupal\hierarchy_manager\Controller;
 
+use Drupal\Core\Access\AccessResult;
 use Drupal\Core\Access\CsrfTokenGenerator;
 use Drupal\Core\Controller\ControllerBase;
 use Drupal\Core\Entity\EntityRepositoryInterface;
 use Drupal\Core\Entity\EntityTypeManagerInterface;
+use Drupal\Core\Session\AccountInterface;
 use Drupal\taxonomy\Entity\Term;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 use Symfony\Component\HttpFoundation\Request;
@@ -69,6 +71,22 @@ class HmTaxonomyController extends ControllerBase {
         );
   }
 
+
+  /**
+   * Access check callback for taxonomy tree json.
+   *
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *  User account.
+   * @param string $vid
+   *  Vocabulary ID.
+   */
+  public function access(AccountInterface $account, string $vid) {
+    if ($account->hasPermission('administer taxonomy')) {
+      return AccessResult::allowed();
+    }
+    return AccessResult::allowedIfHasPermission($account, "edit terms in {$vid}");
+  }
+
   /**
    * Callback for taxonomy tree json.
    *
-- 
GitLab