Issue #3181684 by mistermoper: Allow authlink permissions to be granular

dfbebe9b · Omar Mohamad - El Hassan Lopesino · David López · 2f9585ba · dfbebe9b · dfbebe9b
Commit dfbebe9b authored Nov 10, 2020 by Omar Mohamad - El Hassan Lopesino Committed by David López Nov 10, 2020
--- a/node_authlink.permissions.yml
+++ b/node_authlink.permissions.yml
-
 configure node_authlink module:
  title: 'Configure node_authlink module'
  description: ''
+
 create and delete node authlinks:
  title: 'Create and delete node authlinks'
-  description: ''
+  description: 'Granting this permission will allow to the selected roles to create and delete node authlinks for every content type.'
+  restrict access: TRUE
+
+permission_callbacks:
+  - \Drupal\node_authlink\NodeAuthlinkPermissions::permissions
--- a/node_authlink.routing.yml
+++ b/node_authlink.routing.yml
@@ -4,7 +4,6 @@ node_authlink.node_authlink_node_form:
    _form: '\Drupal\node_authlink\Form\NodeAuthlinkNodeForm'
    _title: 'Authlink'
  requirements:
-    _permission: 'create and delete node authlinks'
    _custom_access: '\Drupal\node_authlink\Form\NodeAuthlinkNodeForm::access'
  options:
    _admin_route: TRUE
--- a/src/Form/NodeAuthlinkNodeForm.php
+++ b/src/Form/NodeAuthlinkNodeForm.php
@@ -230,10 +230,13 @@ class NodeAuthlinkNodeForm extends FormBase {
    if (is_numeric($node)) {
      $node = Node::load($node);
      $enable = $this->config('node_authlink.settings')->get('enable');
-      if (isset($enable[$node->bundle()]) && $enable[$node->bundle()]) {
+      if (isset($enable[$node->bundle()]) && $enable[$node->bundle()]
+        && ($account->hasPermission('create and delete node authlinks')
+          || $account->hasPermission(sprintf('create and delete node %s authlinks', $node->bundle())))) {
        return AccessResult::allowed();
      }
    }
    return AccessResult::forbidden();
  }
+
 }
--- a/src/NodeAuthlinkPermissions.php
+++ b/src/NodeAuthlinkPermissions.php
+<?php
+
+namespace Drupal\node_authlink;
+
+use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
+use Drupal\Core\Entity\EntityTypeManagerInterface;
+use Drupal\Core\StringTranslation\StringTranslationTrait;
+use Symfony\Component\DependencyInjection\ContainerInterface;
+
+/**
+ * Node authlink permissions generator.
+ */
+class NodeAuthlinkPermissions implements ContainerInjectionInterface
+{
+
+  use StringTranslationTrait;
+
+  /**
+   * Used to get all the node types.
+   *
+   * @var \Drupal\Core\Entity\EntityTypeManagerInterface
+   */
+  protected $entityTypeManager;
+
+  /**
+   * NodeAuthlinkPermissions constructor.
+   *
+   * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entityTypeManager
+   *   Entity type manager.
+   */
+  public function __construct(EntityTypeManagerInterface $entityTypeManager) {
+    $this->entityTypeManager = $entityTypeManager;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public static function create(ContainerInterface $container) {
+    return new static($container->get('entity_type.manager'));
+  }
+
+  /**
+   * Permissions callback to granularize node authlink.
+   */
+  public function permissions() {
+    $permissions = [];
+    foreach ($this->entityTypeManager->getStorage('node_type')->loadMultiple() as $nodeType) {
+      $permission_name = sprintf('create and delete node %s authlinks', $nodeType->id());
+      $permissions[$permission_name] = [
+        'title' => $this->t('Create and delete node "@node_type" authlinks', ['@node_type' => $nodeType->label()])
+      ];
+    }
+    return $permissions;
+  }
+
+}