Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Have been trying to limit the ability to export the CSV list to just a specific role and the creator of the event. However, it seems that the decision on whether to show the export CSV option or not is taken by
function rsvp_csv_hash_form_access($connector, $rsvp, $invite_target)
which in turn decides based on visible guestlist access and visible attendees access - i.e. the more general rules used for visibility of guest lists on the side itself.
Is there a way to achieve different behavior for just the CSV aspect that is more restrictive? Or would that take separate permission logic?