diff --git a/lib/Drupal/profile2/Plugin/Core/Entity/Profile.php b/lib/Drupal/profile2/Plugin/Core/Entity/Profile.php index 033a559..bfd07ba 100644 --- a/lib/Drupal/profile2/Plugin/Core/Entity/Profile.php +++ b/lib/Drupal/profile2/Plugin/Core/Entity/Profile.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\Plugin\Core\Entity\Profile. + * Contains \Drupal\profile2\Plugin\Core\Entity\Profile. */ namespace Drupal\profile2\Plugin\Core\Entity; diff --git a/lib/Drupal/profile2/Plugin/Core/Entity/ProfileType.php b/lib/Drupal/profile2/Plugin/Core/Entity/ProfileType.php index da869ab..a671e42 100644 --- a/lib/Drupal/profile2/Plugin/Core/Entity/ProfileType.php +++ b/lib/Drupal/profile2/Plugin/Core/Entity/ProfileType.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\Plugin\Core\Entity\ProfileType. + * Contains \Drupal\profile2\Plugin\Core\Entity\ProfileType. */ namespace Drupal\profile2\Plugin\Core\Entity; diff --git a/lib/Drupal/profile2/ProfileAccessController.php b/lib/Drupal/profile2/ProfileAccessController.php index 650bd3b..82a6132 100644 --- a/lib/Drupal/profile2/ProfileAccessController.php +++ b/lib/Drupal/profile2/ProfileAccessController.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\ProfileAccessController. + * Contains \Drupal\profile2\ProfileAccessController. */ namespace Drupal\profile2; @@ -34,7 +34,7 @@ class ProfileAccessController implements EntityAccessControllerInterface { * Implements EntityAccessControllerInterface::createAccess(). */ public function createAccess(EntityInterface $profile, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - // Map to 'edit' access. + // Create and update operations are folded into edit access for profiles. return $this->access($profile, 'edit', $langcode, $account); } @@ -42,7 +42,7 @@ class ProfileAccessController implements EntityAccessControllerInterface { * Implements EntityAccessControllerInterface::updateAccess(). */ public function updateAccess(EntityInterface $profile, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - // Map to 'edit' access. + // Create and update operations are folded into edit access for profiles. return $this->access($profile, 'edit', $langcode, $account); } @@ -82,12 +82,11 @@ class ProfileAccessController implements EntityAccessControllerInterface { if (user_access('bypass profile access', $account)) { return TRUE; } - + $uid = $account->id(); // For existing profiles, check access for the particular profile ID. When // creating a new profile, check access for the profile's bundle. $pid = $profile->id() ?: $profile->bundle(); - $uid = $account->id(); if (isset($this->accessCache[$uid][$operation][$pid][$langcode])) { return $this->accessCache[$uid][$operation][$pid][$langcode]; } @@ -96,9 +95,9 @@ class ProfileAccessController implements EntityAccessControllerInterface { // Ask modules to grant or deny access. foreach (module_implements('profile2_access', $operation, $profile, $account) as $module) { $return = module_invoke($module, 'profile2_access', $operation, $profile, $account); - // If a module denies access, there's no point in asking further. + // If a module denies access, there is no point in asking further. if ($return === FALSE) { - $access = $return; + $access = FALSE; break; } // A module may grant access, but others may still deny. @@ -106,6 +105,10 @@ class ProfileAccessController implements EntityAccessControllerInterface { $access = TRUE; } } + // Final access is only TRUE if any module explicitly returned TRUE. If at + // least one returned FALSE, $access will be FALSE. If no module returned + // anything, $access will be NULL, which means access is denied. + // @see hook_profile2_access() $this->accessCache[$uid][$operation][$pid][$langcode] = ($access === TRUE); return $this->accessCache[$uid][$operation][$pid][$langcode]; diff --git a/lib/Drupal/profile2/ProfileFormController.php b/lib/Drupal/profile2/ProfileFormController.php index c717789..2f1f11d 100644 --- a/lib/Drupal/profile2/ProfileFormController.php +++ b/lib/Drupal/profile2/ProfileFormController.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\ProfileFormController. + * Contains \Drupal\profile2\ProfileFormController. */ namespace Drupal\profile2; diff --git a/lib/Drupal/profile2/ProfileStorageController.php b/lib/Drupal/profile2/ProfileStorageController.php index b96959b..ceb7559 100644 --- a/lib/Drupal/profile2/ProfileStorageController.php +++ b/lib/Drupal/profile2/ProfileStorageController.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\ProfileStorageController. + * Contains \Drupal\profile2\ProfileStorageController. */ namespace Drupal\profile2; diff --git a/lib/Drupal/profile2/ProfileTypeFormController.php b/lib/Drupal/profile2/ProfileTypeFormController.php index 10a0cd1..0bdf5dd 100644 --- a/lib/Drupal/profile2/ProfileTypeFormController.php +++ b/lib/Drupal/profile2/ProfileTypeFormController.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\ProfileTypeFormController. + * Contains \Drupal\profile2\ProfileTypeFormController. */ namespace Drupal\profile2; diff --git a/lib/Drupal/profile2/ProfileTypeListController.php b/lib/Drupal/profile2/ProfileTypeListController.php index 6a88e76..d21f713 100644 --- a/lib/Drupal/profile2/ProfileTypeListController.php +++ b/lib/Drupal/profile2/ProfileTypeListController.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\ProfileTypeListController. + * Contains \Drupal\profile2\ProfileTypeListController. */ namespace Drupal\profile2; @@ -16,7 +16,7 @@ use Drupal\Core\Entity\EntityInterface; class ProfileTypeListController extends ConfigEntityListController { /** - * Overrides EntityListController::getOperations(). + * Overrides \Drupal\Core\Entity\EntityListController::getOperations(). */ public function getOperations(EntityInterface $entity) { $operations = parent::getOperations($entity); diff --git a/lib/Drupal/profile2/ProfileTypeStorageController.php b/lib/Drupal/profile2/ProfileTypeStorageController.php index 681882b..fddc533 100644 --- a/lib/Drupal/profile2/ProfileTypeStorageController.php +++ b/lib/Drupal/profile2/ProfileTypeStorageController.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\ProfileTypeController. + * Contains \Drupal\profile2\ProfileTypeController. */ namespace Drupal\profile2; diff --git a/lib/Drupal/profile2/Tests/ProfileAccessTest.php b/lib/Drupal/profile2/Tests/ProfileAccessTest.php index 8a00b6e..4263afe 100644 --- a/lib/Drupal/profile2/Tests/ProfileAccessTest.php +++ b/lib/Drupal/profile2/Tests/ProfileAccessTest.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\Tests\ProfileAccessTest. + * Contains \Drupal\profile2\Tests\ProfileAccessTest. */ namespace Drupal\profile2\Tests; diff --git a/lib/Drupal/profile2/Tests/ProfileAttachTest.php b/lib/Drupal/profile2/Tests/ProfileAttachTest.php index d92efe3..34edb72 100644 --- a/lib/Drupal/profile2/Tests/ProfileAttachTest.php +++ b/lib/Drupal/profile2/Tests/ProfileAttachTest.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\Tests\ProfileAttachTest. + * Contains \Drupal\profile2\Tests\ProfileAttachTest. */ namespace Drupal\profile2\Tests; diff --git a/lib/Drupal/profile2/Tests/ProfileCRUDTest.php b/lib/Drupal/profile2/Tests/ProfileCRUDTest.php index 1358654..5f31e61 100644 --- a/lib/Drupal/profile2/Tests/ProfileCRUDTest.php +++ b/lib/Drupal/profile2/Tests/ProfileCRUDTest.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\Tests\ProfileCRUDTest. + * Contains \Drupal\profile2\Tests\ProfileCRUDTest. */ namespace Drupal\profile2\Tests; diff --git a/lib/Drupal/profile2/Tests/ProfileFieldAccessTest.php b/lib/Drupal/profile2/Tests/ProfileFieldAccessTest.php index 605ee1d..1970ed4 100644 --- a/lib/Drupal/profile2/Tests/ProfileFieldAccessTest.php +++ b/lib/Drupal/profile2/Tests/ProfileFieldAccessTest.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\Tests\ProfileFieldAccessTest. + * Contains \Drupal\profile2\Tests\ProfileFieldAccessTest. */ namespace Drupal\profile2\Tests; diff --git a/lib/Drupal/profile2/Tests/ProfileTypeCRUDTest.php b/lib/Drupal/profile2/Tests/ProfileTypeCRUDTest.php index 5abb07a..55c54db 100644 --- a/lib/Drupal/profile2/Tests/ProfileTypeCRUDTest.php +++ b/lib/Drupal/profile2/Tests/ProfileTypeCRUDTest.php @@ -2,7 +2,7 @@ /** * @file - * Contains Drupal\profile2\Tests\ProfileTypeCRUDTest. + * Contains \Drupal\profile2\Tests\ProfileTypeCRUDTest. */ namespace Drupal\profile2\Tests; diff --git a/profile2.module b/profile2.module index 6a02337..52a73fb 100644 --- a/profile2.module +++ b/profile2.module @@ -5,6 +5,7 @@ * Support for configurable user profiles. */ +use Drupal\entity\Plugin\Core\Entity\EntityDisplay; use Drupal\profile2\Plugin\Core\Entity\Profile; use Drupal\profile2\Plugin\Core\Entity\ProfileType; use Drupal\user\Plugin\Core\Entity\User; @@ -16,11 +17,13 @@ function profile2_entity_info(&$info) { $config_names = config_get_storage_names_with_prefix('profile2.type.'); foreach ($config_names as $config_name) { $config = config($config_name); - $info['profile2']['bundles'][$config->get('id')] = array( - 'label' => $config->get('label'), + $id = $config->get('id'); + $label = $config->get('label'); + $info['profile2']['bundles'][$id] = array( + 'label' => $label, 'admin' => array( 'path' => 'admin/people/profiles/manage/%profile2_type', - 'real path' => 'admin/people/profiles/manage/' . $config->get('id'), + 'real path' => 'admin/people/profiles/manage/' . $id, 'bundle argument' => 4, 'access arguments' => array('administer profile types'), ), @@ -275,7 +278,7 @@ function profile2_permission() { /** * Implements hook_user_predelete(). */ -function profile2_user_predelete($account) { +function profile2_user_predelete(User $account) { if ($profiles = entity_load_multiple_by_properties('profile2', array('uid' => $account->id()))) { entity_get_controller('profile2')->delete($profiles); } @@ -284,7 +287,11 @@ function profile2_user_predelete($account) { /** * Implements hook_user_view(). */ -function profile2_user_view($account, $view_mode, $langcode) { +function profile2_user_view(User $account, EntityDisplay $display, $view_mode, $langcode) { + // Only attach profiles for the account view. + if ($view_mode != 'full') { + return; + } foreach (entity_load_multiple('profile2_type') as $id => $type) { $profiles = entity_load_multiple_by_properties('profile2', array( 'uid' => $account->id(), @@ -303,7 +310,7 @@ function profile2_user_view($account, $view_mode, $langcode) { } /** - * Implements hook_form_FORM_ID_alter() for the registration form. + * Implements hook_form_FORM_ID_alter() for user_register_form(). */ function profile2_form_user_register_form_alter(&$form, &$form_state) { foreach (entity_load_multiple('profile2_type') as $id => $type) { @@ -533,15 +540,10 @@ function profile2_form_field_ui_field_settings_form_alter(&$form, &$form_state) /** * Implements hook_field_access(). */ -function profile2_field_access($op, $field, $entity_type, $profile = NULL, $account = NULL) { +function profile2_field_access($op, $field, $entity_type, $profile, $account) { if ($entity_type == 'profile2' && $op == 'view' && !empty($field['settings']['profile2_private']) && !user_access('bypass profile access', $account)) { - // For profiles, deny general view access for private fields. - if (!isset($profile)) { - return FALSE; - } - // Also deny view access, if someone else views a private field. - $account = isset($account) ? $account : $GLOBALS['user']; - if ($account->uid != $profile->uid) { + // Deny view access, if someone else views a private field. + if ($account->id() != $profile->uid) { return FALSE; } }