Newer
Older
Dries Buytaert
committed
<?php
/**
* @file
Alex Pott
committed
* Contains \Drupal\user\Plugin\EntityReferenceSelection\UserSelection.
Dries Buytaert
committed
*/
Alex Pott
committed
namespace Drupal\user\Plugin\EntityReferenceSelection;
Dries Buytaert
committed
Alex Pott
committed
use Drupal\Core\Database\Connection;
Dries Buytaert
committed
use Drupal\Core\Database\Query\SelectInterface;
Alex Pott
committed
use Drupal\Core\Entity\EntityManagerInterface;
use Drupal\Core\Entity\Plugin\EntityReferenceSelection\SelectionBase;
use Drupal\Core\Extension\ModuleHandlerInterface;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\user\RoleInterface;
Alex Pott
committed
use Symfony\Component\DependencyInjection\ContainerInterface;
Dries Buytaert
committed
/**
* Provides specific access control for the user entity type.
*
Alex Pott
committed
* @EntityReferenceSelection(
Alex Pott
committed
* id = "default:user",
Dries Buytaert
committed
* label = @Translation("User selection"),
* entity_types = {"user"},
* group = "default",
* weight = 1
* )
*/
class UserSelection extends SelectionBase {
Alex Pott
committed
/**
* The database connection.
*
* @var \Drupal\Core\Database\Connection
*/
protected $connection;
/**
* The user storage.
*
* @var \Drupal\user\UserStorageInterface
*/
protected $userStorage;
Alex Pott
committed
/**
* Constructs a new UserSelection object.
*
* @param array $configuration
* A configuration array containing information about the plugin instance.
* @param string $plugin_id
* The plugin_id for the plugin instance.
* @param mixed $plugin_definition
* The plugin implementation definition.
* @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
* The entity manager service.
* @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
* The module handler service.
* @param \Drupal\Core\Session\AccountInterface $current_user
* The current user.
* @param \Drupal\Core\Database\Connection $connection
* The database connection.
*/
public function __construct(array $configuration, $plugin_id, $plugin_definition, EntityManagerInterface $entity_manager, ModuleHandlerInterface $module_handler, AccountInterface $current_user, Connection $connection) {
parent::__construct($configuration, $plugin_id, $plugin_definition, $entity_manager, $module_handler, $current_user);
$this->connection = $connection;
$this->userStorage = $entity_manager->getStorage('user');
Alex Pott
committed
}
Dries Buytaert
committed
/**
Alex Pott
committed
* {@inheritdoc}
Dries Buytaert
committed
*/
Alex Pott
committed
public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
return new static(
$configuration,
$plugin_id,
$plugin_definition,
$container->get('entity.manager'),
$container->get('module_handler'),
$container->get('current_user'),
$container->get('database')
);
}
/**
* {@inheritdoc}
*/
public function buildConfigurationForm(array $form, FormStateInterface $form_state) {
$selection_handler_settings = $this->configuration['handler_settings'];
Dries Buytaert
committed
// Merge in default values.
$selection_handler_settings += array(
Dries Buytaert
committed
'filter' => array(
'type' => '_none',
),
'include_anonymous' => TRUE,
);
$form['include_anonymous'] = array(
'#type' => 'checkbox',
'#title' => $this->t('Include the anonymous user.'),
'#default_value' => $selection_handler_settings['include_anonymous'],
Dries Buytaert
committed
);
// Add user specific filter options.
$form['filter']['type'] = array(
'#type' => 'select',
Alex Pott
committed
'#title' => $this->t('Filter by'),
Dries Buytaert
committed
'#options' => array(
Alex Pott
committed
'_none' => $this->t('- None -'),
'role' => $this->t('User role'),
Dries Buytaert
committed
),
'#ajax' => TRUE,
'#limit_validation_errors' => array(),
'#default_value' => $selection_handler_settings['filter']['type'],
Dries Buytaert
committed
);
$form['filter']['settings'] = array(
'#type' => 'container',
'#attributes' => array('class' => array('entity_reference-settings')),
'#process' => array('_entity_reference_form_process_merge_parent'),
);
if ($selection_handler_settings['filter']['type'] == 'role') {
Dries Buytaert
committed
// Merge in default values.
$selection_handler_settings['filter'] += array(
Dries Buytaert
committed
'role' => NULL,
);
$form['filter']['settings']['role'] = array(
'#type' => 'checkboxes',
Alex Pott
committed
'#title' => $this->t('Restrict to the selected roles'),
Dries Buytaert
committed
'#required' => TRUE,
'#options' => array_diff_key(user_role_names(TRUE), array(RoleInterface::AUTHENTICATED_ID => RoleInterface::AUTHENTICATED_ID)),
'#default_value' => $selection_handler_settings['filter']['role'],
Dries Buytaert
committed
);
}
Alex Pott
committed
$form += parent::buildConfigurationForm($form, $form_state);
Dries Buytaert
committed
return $form;
}
/**
Alex Pott
committed
* {@inheritdoc}
Dries Buytaert
committed
*/
protected function buildEntityQuery($match = NULL, $match_operator = 'CONTAINS') {
Dries Buytaert
committed
$query = parent::buildEntityQuery($match, $match_operator);
// The user entity doesn't have a label column.
if (isset($match)) {
$query->condition('name', $match, $match_operator);
}
Dries Buytaert
committed
// Filter by role.
Alex Pott
committed
$handler_settings = $this->configuration['handler_settings'];
Dries Buytaert
committed
if (!empty($handler_settings['filter']['role'])) {
$query->condition('roles', $handler_settings['filter']['role'], 'IN');
}
Angie Byron
committed
// Adding the permission check is sadly insufficient for users: core
Dries Buytaert
committed
// requires us to also know about the concept of 'blocked' and 'active'.
Alex Pott
committed
if (!$this->currentUser->hasPermission('administer users')) {
Dries Buytaert
committed
$query->condition('status', 1);
}
return $query;
}
/**
Alex Pott
committed
* {@inheritdoc}
Dries Buytaert
committed
*/
public function entityQueryAlter(SelectInterface $query) {
// Bail out early if we do not need to match the Anonymous user.
$handler_settings = $this->configuration['handler_settings'];
if (isset($handler_settings['include_anonymous']) && !$handler_settings['include_anonymous']) {
return;
}
Alex Pott
committed
if ($this->currentUser->hasPermission('administer users')) {
Dries Buytaert
committed
// In addition, if the user is administrator, we need to make sure to
// match the anonymous user, that doesn't actually have a name in the
// database.
$conditions = &$query->conditions();
foreach ($conditions as $key => $condition) {
Alex Pott
committed
if ($key !== '#conjunction' && is_string($condition['field']) && $condition['field'] === 'users_field_data.name') {
Dries Buytaert
committed
// Remove the condition.
unset($conditions[$key]);
// Re-add the condition and a condition on uid = 0 so that we end up
// with a query in the form:
// WHERE (name LIKE :name) OR (:anonymous_name LIKE :name AND uid = 0)
$or = db_or();
$or->condition($condition['field'], $condition['value'], $condition['operator']);
// Sadly, the Database layer doesn't allow us to build a condition
// in the form ':placeholder = :placeholder2', because the 'field'
// part of a condition is always escaped.
// As a (cheap) workaround, we separately build a condition with no
// field, and concatenate the field and the condition separately.
$value_part = db_and();
$value_part->condition('anonymous_name', $condition['value'], $condition['operator']);
Alex Pott
committed
$value_part->compile($this->connection, $query);
Dries Buytaert
committed
$or->condition(db_and()
->where(str_replace('anonymous_name', ':anonymous_name', (string) $value_part), $value_part->arguments() + array(':anonymous_name' => user_format_name($this->userStorage->load(0))))
Alex Pott
committed
->condition('base_table.uid', 0)
Dries Buytaert
committed
);
$query->condition($or);
}
}
}
}
Alex Pott
committed