diff --git a/contact_storage.install b/contact_storage.install index 0973584..2530750 100644 --- a/contact_storage.install +++ b/contact_storage.install @@ -9,6 +9,7 @@ use Drupal\Core\Url; use Drupal\Core\Config\InstallStorage; use Drupal\Core\Config\FileStorage; use Drupal\Core\Field\BaseFieldDefinition; +use Drupal\user\Entity\Role; /** * Implements hook_install(). @@ -110,7 +111,7 @@ function contact_storage_update_8200() { if (!$config->get('redirect')) { $config->set('redirect', $url); } - $config->save(); + $config->trustData()->save(); } } } @@ -121,3 +122,23 @@ function contact_storage_update_8200() { function contact_storage_update_8201() { \Drupal::service('module_installer')->install(['options']); } + +/** + * Change the view permissions for viewing contact messages. + * + * We are splitting apart, the permission to administer contact forms and the + * permission to view contact messages. We ensure that the only those roles which + * has the access to administer contact forms will be able to view contact messages. + */ +function contact_storage_update_8202() { + + // Get the current permission needed to view messages. + $permission = \Drupal::config('views.view.contact_messages') + ->get('display.default.display_options.access.options.perm'); + + // Change the view permission to the new view contact messages permission. + $config = \Drupal::configFactory()->getEditable('views.view.contact_messages'); + $config->set('display.default.display_options.access.options.perm', 'view contact messages'); + $config->save(); +} + diff --git a/contact_storage.module b/contact_storage.module index 35f2fbf..0aff9cf 100644 --- a/contact_storage.module +++ b/contact_storage.module @@ -17,6 +17,8 @@ use Drupal\Core\Language\LanguageInterface; use Drupal\contact\Entity\ContactForm; use Drupal\Core\Routing\RouteMatchInterface; use Drupal\views\Views; +use Drupal\Core\Access\AccessResult; +use Drupal\Core\Session\AccountInterface; /** * Implements hook_help(). @@ -514,3 +516,22 @@ function contact_storage_contact_form_delete(EntityInterface $entity) { // Delete all aliases with this contact form as a source. \Drupal::service('path.alias_storage')->delete(['source' => '/' . $entity->toUrl('canonical')->getInternalPath()]); } + +/** + * Implements hook_entity_access(). + * + * @param $opertaion + * These Operation can be to View, Clone and View messages. + */ +function contact_storage_entity_access(EntityInterface $entity, $operation, AccountInterface $account) { + + // Check access to the contact message entity. + if ($entity->getEntityTypeId() == 'contact_message') { + if ($account->hasPermission($operation . ' contact messages')) { + return AccessResult::allowed(); + } + } + + // No opinion. + return AccessResult::neutral(); +} diff --git a/contact_storage.post_update.php b/contact_storage.post_update.php new file mode 100644 index 0000000..8ac5738 --- /dev/null +++ b/contact_storage.post_update.php @@ -0,0 +1,36 @@ +get('display.default.display_options.access.options.perm'); + $roles_storage = \Drupal::entityTypeManager()->getStorage('user_role'); + $roles = $roles_storage->loadMultiple(); + if($roles) { + foreach ($roles as $role) { + $changed = FALSE; + + // If they can view the view, they can already view contact messages. + if ($role->hasPermission($permission)) { + $role->grantPermission('view contact messages'); + $changed = TRUE; + } + + // If they can administer contact forms, they can already delete contact + // messages. + if ($role->hasPermission('administer contact forms')) { + $role->grantPermission('delete contact messages'); + $changed = TRUE; + } + + // Only save if a change has been made for efficiency. + if ($changed) { + $role->save(); + } + } + } +}