Hi,

Just trying to use entity forms for an enquiry system.. I need to have three different enquiry (entity) forms and the submissions of each need to be managed by users of different roles..

In other words entityform_1 submissions managed by users in role_1, entityform_2 submissions managed by users in role_2 and entityform_3 submissions managed by users in role_3.. Users in role_2 and role_3 can't have access to submissions of entityform_1. Users in role_1 and role_3 has no access to entityform_2. Users in role_1 and role_2 can't access submissions of entityform_3..

Looking at the available permissions it seems that its only possible to grant access to view and edit the submissions of ALL entity forms at once or none.. I couldn't see anywhere to be more selective..

Am I missing something? Is this functionality available and if so how would I achieve it?

Thanks

CommentFileSizeAuthor
#8 entityform_access.zip1.37 KBwlofgren

Comments

mrchristophy’s picture

mrchristophy commented

I also need this functionality. Does anyone have any ideas on how to achieve this, if the module does not provide itself?

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented

This module does not support this now.

capysara’s picture

capysara commented

FWIW, I needed to give permission to edit a specific entityform based on the user's role and I didn't want that role to be able to edit all my other entityforms. I made a custom module with hook_permission and hook_entityform_access_alter (as suggested in elsewhere in the issue queue) so I can use the permissions UI to allow editing based on role. It would be cumbersome to individually extend it to lots of entityforms, but this worked for my limited use. I think the ideal solution would be to model the Node permissions (e.g., '[ENTITYFORM]: Create new content').

/**
 * Implements hook_permission().
 */
function [MODULE]_permission() {
  $perms = array(
    'edit equipment request entityform' => array(
      'title' => t('Edit equipment request entityform'),
      'description' => t('Edit equipment request entityform.'),
    )
  );

  return $perms;
}

/**
 * Implements hook_entityform_access_alter().
 * Role-specific entityform access permissions. 
 */
function [MODULE]_entityform_access_alter(&$access, $op, $context) {
  if (user_access('edit equipment request entityform')) {
    $entityform = $context['entityform'];
    if($entityform->type == '[ENTITYFORM_MACHINE_NAME') {
      if ($op == 'edit') {
        $access = TRUE;
      }
    }
  }
}
scareyclott’s picture

scareyclott commented

Hi Capysara,
#3 looks like it would work for me but i am a bit new to using the hook function in Drupal
can you advise on which parts of the 'hook_entityform_access_alter' function i need to amend

Below is what i have so far
module is called 'sample_access_module'
form machine name is 'sampling_input'
user role i want to have edit rights to this form is 'Sample Admin' I can't see where i need to put this in 

/**
 * Implements hook_permission().
 */
function sample_access_module_permission() {
  $perms = array(
    'edit sampling input entityform' => array(
      'title' => t('Edit sampling input entityform'),
      'description' => t('Edit sampling input entityform.'),
    )
  );

  return $perms;
}

/**
 * Implements hook_entityform_access_alter().
 * Role-specific entityform access permissions. 
 */
function sample_access_module_entityform_access_alter(&$access, $op, $context) {
  if (user_access('edit sampling input entityform')) {
    $entityform = $context['entityform'];
    if($entityform->type == 'sampling_input') {
      if ($op == 'edit') {
        $access = TRUE;
      }
    }
  }
}
capysara’s picture

capysara commented

In this case, you're creating a permission 'Edit sampling input entityform.' You would just go thru the UI and give the Sample Admin role that new permission.

I just made mine a little more complicated because I found that I wanted to be sure that my administrator role always had access, while the roles with the default 'edit entityform' permission could not access this one. I also found that I needed to add the View in addition to edit (I think this is necessary to see the admin view of all the entityforms).

function [MODULE]_entityform_access_alter(&$access, $op, $context) {

  global $user;
  $roles = $user->roles;

  $entityform = $context['entityform'];

  // If the user is not administrator or does not have custom Edit permission, no access.
  // Prevents others with general 'edit entityform' permissions from accessing.
  if (array_search('administrator', $roles) == FALSE) {
    if($entityform->type == '[ENTITYFORM_MACHINE_NAME]'  || $entityform->type == '[ENTITYFORM_MACHINE_NAME]') { // I needed access to 2 entityforms
      if ($op == 'view' || $op == 'edit') { // edit and view
        if (!user_access('edit staff picks entityform')) { // If they don't have the custom permission, no joy
          $access = FALSE;
        }
        // If the user has custom Edit permission, allow view and edit.
        else {
          $access = TRUE;
        }
      }
    }
  }
}

Alternatively, if you're doing it strictly by Role (in other words, you don't want to give any individual people a permission thru the UI) I think you you could do it all with code. Then you wouldn't need the hook_permission. I didn't test it, but something like...

function [MODULE]_entityform_access_alter(&$access, $op, $context) {

  global $user;
  $roles = $user->roles;

  $entityform = $context['entityform'];


  if (array_search('[sample_admin', $roles) == TRUE) {
    if($entityform->type == '[ENTITYFORM_MACHINE_NAME]'  || $entityform->type == '[ENTITYFORM_MACHINE_NAME]') { // I needed access to 2 entityforms
      if ($op == 'view' || $op == 'edit') { // edit and view
        // If the user has the role above, then allow view and edit.
          $access = TRUE;
      }
    }
  }
}
scareyclott’s picture

scareyclott commented

Thanks Capysara,

I will give it a go and let you know how i get on

scareyclott’s picture

scareyclott commented

Hi Capyara,

I have managed to get the simple version working ok. I added delete as these users need this option

Thanks for your help it is much appreciated, yay my first module :)

Regards Scott 

<?php

/**
 * This module provides a access permissions for entity form Sampling.
 */

/**
 * Implements hook_permission().
 */

function sample_perm_permission() {
  $perms = array(
    'edit sampling input entityform' => array(
      'title' => t('Edit sampling input entityform'),
      'description' => t('Allows the editing of the sampling input entityform.'),
    )
  );

  return $perms;
}

/**
 * Implements hook_entityform_access_alter().
 * Role-specific entityform access permissions. 
 */
function sample_perm_entityform_access_alter(&$access, $op, $context) {

  if (user_access('edit sampling input entityform')) {
    $entityform = $context['entityform'];
    if($entityform->type == 'sampling_input') {
      if ($op == 'edit' || $op == 'delete') {
        $access = TRUE;
      }
    }
  }
}
wlofgren’s picture

wlofgren commented
StatusFileSize
new entityform_access.zip1.37 KB

I've put together this simple module that will provide granular permissions per entityform type.

entityform_access.info

name = Entityform Access
description = Provides permissions settings for entityforms
core = 7.x
package = Entityforms
dependencies[] = entity

entityform_access.module

<?php
/**
 * Implements hook_permission().
 */
function entityform_access_permission() {
  $permissions = array();
  
  // Generate standard entityform permissions for all applicable entityform types.
  $entityform_types = entity_load('entityform_type');
  
  foreach ($entityform_types as $entityform_type) {
    $permissions += entityform_access_list_permissions($entityform_type);
  }

  return $permissions;
}

/**
 * Implements hook_entityform_access_alter().
 * Role-specific entityform access permissions. 
 */
function entityform_access_entityform_access_alter(&$access, $op, $context) {
	$entityform = $context['entityform'];
	$account = $context['account'];
    
  if (!empty($entityform)) {
    if (is_object($entityform)) {
      $type_name = $entityform->type;
    }
    else {
      $type_name = $entityform;
    }
    $entityform_type = entityform_type_load($type_name);
  }

    if (isset($entityform) && $type_name && is_object($entityform)) {
      if (user_access("$op any " . $type_name . " entityform submission", $account)) {
        $access = TRUE;
      }
      elseif (!empty($account->uid) && $entityform->uid == $account->uid && user_access("$op own " . $type_name . " entityform submission", $account)) {
        $access = TRUE;
      }
    }

}

/**
 * Helper function to generate standard entityform permission list for a given type.
 *
 * @param $entityform_type
 *   The machine-readable name of the entityform type.
 *
 * @return array
 *   An array of permission names and descriptions.
 */
function entityform_access_list_permissions($entityform_type) {
	$type_name = $entityform_type->type;
	$label = $entityform_type->label;

  // Build standard list of entityform permissions for this type.
  $permissions = array(
    "edit own $type_name entityform submission" => array(
      'title' => t('%label: Edit own entityform submission', array('%label' => $label)),
    ),
    "edit any $type_name entityform submission" => array(
      'title' => t('%label: Edit any entityform submission', array('%label' => $label)),
    ),
    "view own $type_name entityform submission" => array(
    	'title' => t('%label: View own entityform submission', array('%label' => $label)),
    ),
    "view any $type_name entityform submission" => array(
    	'title' => t('%label: View any entityform submission', array('%label' => $label)),
    ),
    "delete own $type_name entityform submission" => array(
      'title' => t('%label: Delete own entityform submission', array('%label' => $label)),
    ),
    "delete any $type_name entityform submission" => array(
      'title' => t('%label: Delete any entityform submission', array('%label' => $label)),
    ),
  );

  return $permissions;
}
wlofgren’s picture

wlofgren commented
Status: Active » Needs review