From 4e5480aa183ff89ddffc9275d9e0ff56b83c45f1 Mon Sep 17 00:00:00 2001 From: Dimitris Kritsotakis Date: Tue, 5 Mar 2024 13:08:24 +0200 Subject: [PATCH] EICNET-2979: Filter sensitive groups when the user doesn't have the sensitive role --- lib/modules/eic_admin/eic_admin.module | 34 ++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/lib/modules/eic_admin/eic_admin.module b/lib/modules/eic_admin/eic_admin.module index 73e789398..28d8b08fb 100644 --- a/lib/modules/eic_admin/eic_admin.module +++ b/lib/modules/eic_admin/eic_admin.module @@ -7,6 +7,40 @@ use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Entity\EntityFormInterface; +use Drupal\views\Plugin\views\query\QueryPluginBase; +use Drupal\views\ViewExecutable; + +/** + * Implements hook_views_query_alter(). + */ +function eic_admin_views_query_alter(ViewExecutable $view, QueryPluginBase $query) { + if ($view->id() === 'admin_groups' && $view->current_display === 'page_admin_groups') { + $current_user_roles = \Drupal::currentUser()->getRoles(TRUE); + if (!in_array('sensitive', $current_user_roles, TRUE)) { + /** @var \Drupal\views\Plugin\views\query\Sql $query */ + $group = count($query->where); + + while (isset($query->where[$group])) { + $group++; + } + + $definition = [ + 'table' => 'oec_group_visibility', + 'field' => 'gid', + 'left_table' => 'groups_field_data', + 'left_field' => 'id', + ]; + // Instantiates the join plugin. + $join = \Drupal::service('plugin.manager.views.join')->createInstance('standard', $definition); + // Adds the join relationship to the query. + $query->addRelationship('oec_group_visibility', $join, 'oec_group_visibility'); + // Filters out the query by the selected group visibilities. + $query->addWhere($group, 'oec_group_visibility.type', ['sensitive'], 'NOT IN'); + } + + } + +} /** * Implements template_preprocess_views_view_field().