CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
isAdmin example
function file_removed_post_updates() {
return [
'file_post_update_add_txt_if_allows_insecure_extensions' => '10.0.0',
];
}
/** * Grant all non-anonymous roles the 'delete own files' permission. */
function file_post_update_add_permissions_to_roles(?array &$sandbox = NULL): void {
\Drupal::classResolver(ConfigEntityUpdater::class)->update($sandbox, 'user_role', function DRoleInterface $role): bool {
if ($role->id() === RoleInterface::ANONYMOUS_ID || $role->isAdmin()) {
return FALSE;
}
$role->grantPermission('delete own files');
return TRUE;
});
}
return [
'file_post_update_add_txt_if_allows_insecure_extensions' => '10.0.0',
];
}
/** * Grant all non-anonymous roles the 'delete own files' permission. */
function file_post_update_add_permissions_to_roles(?array &$sandbox = NULL): void {
\Drupal::classResolver(ConfigEntityUpdater::class)->update($sandbox, 'user_role', function DRoleInterface $role): bool {
if ($role->id() === RoleInterface::ANONYMOUS_ID || $role->isAdmin()) {
return FALSE;
}
$role->grantPermission('delete own files');
return TRUE;
});
}
// Use the permissions associated to that app, if the request is made by an integration associated to an app
$appPermissions = $this->fetchPermissionsIntegrationByApp($integrationId);
if ($appPermissions !== null) {
$source->setIsAdmin(false);
$source->setPermissions($appPermissions);
return $source;
}
if ($userId !== null) {
$source->setPermissions($this->fetchPermissions($userId));
$source->setIsAdmin($this->isAdmin($userId));
return $source;
}
if ($integrationId !== null) {
$source->setIsAdmin($this->isAdminIntegration($integrationId));
$source->setPermissions($this->fetchIntegrationPermissions($integrationId));
return $source;
}
if ($appPermissions !== null) {
$source->setIsAdmin(false);
$source->setPermissions($appPermissions);
return $source;
}
if ($userId !== null) {
$source->setPermissions($this->fetchPermissions($userId));
$source->setIsAdmin($this->isAdmin($userId));
return $source;
}
if ($integrationId !== null) {
$source->setIsAdmin($this->isAdminIntegration($integrationId));
$source->setPermissions($this->fetchIntegrationPermissions($integrationId));
return $source;
}
$request->attributes->has(PlatformRequest::ATTRIBUTE_CONTEXT_OBJECT)
);
/** @var Context $context */
$context = $request->attributes->get(PlatformRequest::ATTRIBUTE_CONTEXT_OBJECT);
static::assertInstanceOf(AdminApiSource::class, $context->getSource());
/** @var AdminApiSource $source */
$source = $context->getSource();
static::assertEquals($isAdmin, $source->isAdmin());
foreach ($expected as $privilege => $allowed) {
static::assertEquals($allowed, $source->isAllowed($privilege), $privilege);
}
}
/** * @dataProvider userRoleProvider * * @param array<string, bool> $expected * @param array<string, list<string>> $roles */
);
/** @var Context $context */
$context = $request->attributes->get(PlatformRequest::ATTRIBUTE_CONTEXT_OBJECT);
static::assertInstanceOf(AdminApiSource::class, $context->getSource());
/** @var AdminApiSource $source */
$source = $context->getSource();
static::assertEquals($isAdmin, $source->isAdmin());
foreach ($expected as $privilege => $allowed) {
static::assertEquals($allowed, $source->isAllowed($privilege), $privilege);
}
}
/** * @dataProvider userRoleProvider * * @param array<string, bool> $expected * @param array<string, list<string>> $roles */
/**
* An indicator whether the role has all permissions.
*
* @var bool
*/
protected $is_admin;
/** * {@inheritdoc} */
public function getPermissions() {
if ($this->isAdmin()) {
return [];
}
return $this->permissions;
}
/** * {@inheritdoc} */
public function getWeight() {
return $this->get('weight');
}
protected $is_admin;
/** * {@inheritdoc} */
public function getPermissions() {
if ($this->isAdmin()) {
return [];
}
return $this->permissions;
}
/** * {@inheritdoc} */
public function getWeight() {
return $this->get('weight');
}
static::assertNotNull($importExportMessage);
/** @var Context $readContext */
$readContext = $importExportMessage->getContext();
static::assertEquals($context, $readContext);
/** @var AdminApiSource $source */
$source = $readContext->getSource();
static::assertEquals($adminSource, $source);
static::assertTrue($source->isAdmin());
static::assertEquals($logEntity->getId(), $importExportMessage->getLogId());
static::assertEquals($logEntity->getActivity(), $importExportMessage->getActivity());
}
/** * @return iterable<string, array{activity: string}> */
public static function dataProviderForTestImportExport(): iterable
{
yield 'Test import process' => [
/**
* Tests assigning of permissions for the administrator role.
*/
public function testAdministratorRole() {
$this->drupalLogin($this->adminUser);
$this->drupalGet('admin/people/role-settings');
// Verify that the administration role is none by default. $this->assertTrue($this->assertSession()->optionExists('edit-user-admin-role', '')->isSelected());
$this->assertFalse(Role::load($this->rid)->isAdmin());
// Set the user's role to be the administrator role. $edit = [];
$edit['user_admin_role'] = $this->rid;
$this->drupalGet('admin/people/role-settings');
$this->submitForm($edit, 'Save configuration');
\Drupal::entityTypeManager()->getStorage('user_role')->resetCache();
$this->assertTrue(Role::load($this->rid)->isAdmin());
// Enable block module and ensure the 'administer news feeds'
public function testAdministratorRole() {
$this->drupalLogin($this->adminUser);
$this->drupalGet('admin/people/role-settings');
// Verify that the administration role is none by default. $this->assertTrue($this->assertSession()->optionExists('edit-user-admin-role', '')->isSelected());
$this->assertFalse(Role::load($this->rid)->isAdmin());
// Set the user's role to be the administrator role. $edit = [];
$edit['user_admin_role'] = $this->rid;
$this->drupalGet('admin/people/role-settings');
$this->submitForm($edit, 'Save configuration');
\Drupal::entityTypeManager()->getStorage('user_role')->resetCache();
$this->assertTrue(Role::load($this->rid)->isAdmin());
// Enable block module and ensure the 'administer news feeds'
public function buildForm(array $form, FormStateInterface $form_state) {
$role_names = [];
$role_permissions = [];
$admin_roles = [];
foreach ($this->getRoles() as $role_name => $role) {
// Retrieve role names for columns. $role_names[$role_name] = $role->label();
// Fetch permissions for the roles. $role_permissions[$role_name] = $role->getPermissions();
$admin_roles[$role_name] = $role->isAdmin();
}
// Store $role_names for use when saving the data. $form['role_names'] = [
'#type' => 'value',
'#value' => $role_names,
];
// Render role/permission overview: $hide_descriptions = system_admin_compact_mode();
$form['system_compact_link'] = [
}
public function getNotifications(Context $context, int $limit, ?string $latestTimestamp): array
{
$source = $context->getSource();
if (!$source instanceof AdminApiSource) {
throw new InvalidContextSourceException(AdminApiSource::class, $context->getSource()::class);
}
$criteria = new Criteria();
$isAdmin = $source->isAdmin();
if (!$isAdmin) {
$criteria->addFilter(new EqualsFilter('adminOnly', false));
}
if ($latestTimestamp) {
$criteria->addFilter(new RangeFilter('createdAt', [
RangeFilter::GT => $latestTimestamp,
]));
}
$criteria->addSorting(new FieldSorting('createdAt', FieldSorting::ASCENDING));
#[Route(path: '/api/integration', name: 'api.integration.create', methods: ['POST'], defaults: ['_acl' => ['integration:create']])]
public function upsertIntegration(?string $integrationId, Request $request, Context $context, ResponseFactoryInterface $factory): Response
{
/** @var AdminApiSource $source */
$source = $context->getSource();
$data = $request->request->all();
// only an admin is allowed to set the admin field if (
!$source->isAdmin()
&& isset($data['admin'])
) {
throw new PermissionDeniedException();
}
if (!isset($data['id'])) {
$data['id'] = null;
}
$data['id'] = $integrationId ?: $data['id'];
$events = $context->scope(Context::SYSTEM_SCOPE, fn (Context $context): EntityWrittenContainerEvent => $this->integrationRepository->upsert([$data], $context));
{
/** @var AdminApiSource $source */
$source = $context->getSource();
$data = $request->request->all();
// only an admin is allowed to set the admin field if (
!$source->isAdmin()
&& isset($data['admin'])
) {
throw new PermissionDeniedException();
}
if (!isset($data['id'])) {
$data['id'] = null;
}
$data['id'] = $integrationId ?: $data['id'];
$events = $context->scope(Context::SYSTEM_SCOPE, fn (Context $context): EntityWrittenContainerEvent => $this->integrationRepository->upsert([$data], $context));
public function preValidate(PreWriteValidationEvent $event): void
{
$context = $event->getContext();
$source = $event->getContext()->getSource();
if ($source instanceof AdminSalesChannelApiSource) {
$context = $source->getOriginalContext();
$source = $context->getSource();
}
if ($context->getScope() === Context::SYSTEM_SCOPE || !$source instanceof AdminApiSource || $source->isAdmin()) {
return;
}
$commands = $event->getCommands();
$missingPrivileges = [];
foreach ($commands as $command) {
$resource = $command->getDefinition()->getEntityName();
$privilege = $command->getPrivilege();
if ($privilege === null) {