Skip to content
Snippets Groups Projects
Commit 0e68d2ac authored by Eirik Morland's avatar Eirik Morland
Browse files

Issue #3440496 by eiriksm: Allow access to invite form for members, but only allow own role

parent 840c3c06
No related branches found
No related tags found
1 merge request!47allow access but remove invite admin for members
Pipeline #144944 passed with warnings
......@@ -10,6 +10,7 @@ use Drupal\Core\Ajax\ReplaceCommand;
use Drupal\Core\Form\FormBase;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Routing\CurrentRouteMatch;
use Drupal\Core\Session\AccountProxyInterface;
use Drupal\Core\Url;
use Drupal\violinist_teams\TeamManager;
use Drupal\violinist_teams\TeamNode;
......@@ -31,7 +32,8 @@ final class InviteMembersForm extends FormBase {
* The constructor.
*/
public function __construct(CurrentRouteMatch $routeMatch,
private TeamManager $teamManager
private TeamManager $teamManager,
private AccountProxyInterface $currentUser
) {
$this->routeMatch = $routeMatch;
$team = $this->routeMatch->getParameter('team');
......@@ -46,7 +48,8 @@ final class InviteMembersForm extends FormBase {
public static function create(ContainerInterface $container) {
return new static(
$container->get('current_route_match'),
$container->get('violinist_teams.team_manager')
$container->get('violinist_teams.team_manager'),
$container->get('current_user')
);
}
......@@ -73,13 +76,17 @@ final class InviteMembersForm extends FormBase {
'#suffix' => '</p>',
'#markup' => $this->t('Invite users by sharing the one-time use link you can create below. When visiting the link, they will be able to log in with any provider.'),
];
$options = [
'member' => $this->t('Member'),
'admin' => $this->t('Administrator'),
];
if (!$team->isAdmin($this->currentUser)) {
unset($options['admin']);
}
$form['role'] = [
'#type' => 'select',
'#title' => $this->t('Role'),
'#options' => [
'member' => $this->t('Member'),
'admin' => $this->t('Administrator'),
],
'#options' => $options,
'#default_value' => 'member',
];
$form['invite_link'] = [
......
......@@ -47,16 +47,16 @@ violinist_teams.team_members:
_violinist_teams_access: 'admin_or_member'
violinist_teams.team_members_invite:
path: '/teams/{team}/members/invite'
defaults:
_title: 'Invite Team Members'
_form: 'Drupal\violinist_teams\Form\InviteMembersForm'
options:
parameters:
team:
type: entity:node
requirements:
_violinist_teams_access: 'admin'
path: '/teams/{team}/members/invite'
defaults:
_title: 'Invite Team Members'
_form: 'Drupal\violinist_teams\Form\InviteMembersForm'
options:
parameters:
team:
type: entity:node
requirements:
_violinist_teams_access: 'admin_or_member'
violinist_teams.invite_accept:
path: '/violinist-teams/invite/{team_id}/{membership_type}/{timestamp}/{hash}'
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment