diff --git a/oda.deploy.php b/oda.deploy.php new file mode 100644 index 0000000..5ee884e --- /dev/null +++ b/oda.deploy.php @@ -0,0 +1,46 @@ +getStorage('taxonomy_term')->loadTree('oda_access_control'); + $oda_access_terms = []; + foreach ($terms as $term) { + $query = \Drupal::database()->select('permissions_by_term_role', 'p'); + $query->fields('p', ['rid']); + $query->condition('p.tid', $term->tid); + $query->condition('p.rid', 'oit_oda%', 'LIKE'); + $results = $query->execute()->fetchAll(); + $term_name = $term->name; + $tid = $term->tid; + if ($tid == 1229) { + $key = 'anonymous'; + } + elseif ($tid == 1228) { + $key = 'authenticated'; + } + elseif ($tid == 1227) { + $key = 'dl_student'; + } + else { + $key = $results[0]->rid; + } + $oda_access_terms[$term_name] = [ + 'role' => $key, + 'tid' => $tid, + ]; + } + foreach ($oda_access_terms as $term_name => $term) { + $tid = $term['tid']; + $role = $term['role']; + $term = \Drupal::entityTypeManager()->getStorage('taxonomy_term')->load($tid); + $term->field_oda_role_machine_name->value = $role; + $term->save(); + } +} diff --git a/oda.install b/oda.install index 0d86d3f..7018936 100644 --- a/oda.install +++ b/oda.install @@ -210,7 +210,6 @@ function oda_update_10004() { 'OIT-ODA-faculty', 'OIT-ODA-professional', 'OIT-ODA-staff', - ]; $weight = 3; @@ -224,5 +223,43 @@ function oda_update_10004() { $term->save(); $weight++; } +} +/** + * Add oda permission terms to TAC Control.. + */ +function oda_update_10005() { + $tac_terms = [ + 'DA-DataAndAnalyticsTeam', + ]; + + $weight = 3; + + foreach ($tac_terms as $tac_term) { + $term = Term::create([ + 'name' => $tac_term, + 'vid' => 'oda_access_control', + 'weight' => $weight, + ]); + $term->save(); + + $weight++; + + $roles = [ + 'administrator', + 'pseudo_admin', + 'oit_oda_da_team', + ]; + + foreach ($roles as $role) { + $query = \Drupal::database(); + $query->insert('permissions_by_term_role') + ->fields([ + 'tid' => $term->id(), + 'rid' => $role, + 'langcode' => 'en', + ]) + ->execute(); + } + } } diff --git a/oda.module b/oda.module index e7cd395..5407b47 100644 --- a/oda.module +++ b/oda.module @@ -24,6 +24,40 @@ function oda_page_attachments(array &$attachments) { } } +/** + * Implements hook_views_pre_render(). + */ +function oda_views_pre_view(ViewExecutable $view) { + if ($view->id() == 'oda_data') { + // Get current users roles. + $current_user = \Drupal::currentUser(); + $roles = $current_user->getRoles(); + // Get all taxonomy terms from 'oda_access_control' vocabulary. + $terms = \Drupal::entityTypeManager()->getStorage('taxonomy_term')->loadTree('oda_access_control'); + // Get the permissions from taxonomy access control terms. + $oda_access_terms = []; + foreach ($terms as $term) { + $tid = $term->tid; + $term = \Drupal::entityTypeManager()->getStorage('taxonomy_term')->load($tid); + $key = $term->get("field_oda_role_machine_name")->getValue()[0]['value']; + $oda_access_terms[$key] = $tid; + } + + $view_filters = $view->display_handler->getOption('filters'); + $view_filters['field_oda_report_access']['value'] = []; + foreach ($oda_access_terms as $term_role=>$term_tid) { + if (in_array('administrator', $roles) || in_array('pseudo_admin', $roles)) { + $view_filters['field_oda_report_access']['value'][$term_tid] = $term_tid; + } + elseif (in_array($term_role, $roles)) { + $view_filters['field_oda_report_access']['value'][$term_tid] = $term_tid; + } + } + + $view->display_handler->setOption('filters', $view_filters); + } +} + /** * Implements hook_views_pre_render(). */