diff --git a/site_users.module b/site_users.module index bfcce2a..82b7726 100644 --- a/site_users.module +++ b/site_users.module @@ -119,7 +119,7 @@ function site_users_check_profile_field_access($operation, AccountInterface $acc if (!$items) { return AccessResult::neutral(); } - if ($is_own && $account->hasPermission('edit own user profile fields')) { + if ($is_own) { // Campo habilitado na config? $config = \Drupal::config('site_users.settings'); $field_enabled = $config->get('user_editable_fields.' . $field_name) ?? TRUE; @@ -128,11 +128,7 @@ function site_users_check_profile_field_access($operation, AccountInterface $acc } return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']); } - if (!$is_own) { - return AccessResult::forbidden()->cachePerPermissions()->cachePerUser(); - } - // Próprio usuário sem a permissão explícita: defer ao comportamento padrão do Drupal. - return AccessResult::neutral()->cachePerUser(); + return AccessResult::forbidden()->cachePerPermissions()->cachePerUser(); } return AccessResult::neutral(); @@ -177,7 +173,7 @@ function site_users_check_photo_field_access($operation, AccountInterface $accou if (!$items) { return AccessResult::neutral(); } - if ($is_own && $account->hasPermission('manage own user photos')) { + if ($is_own) { $config = \Drupal::config('site_users.settings'); $field_enabled = $config->get('user_editable_fields.' . $field_name) ?? TRUE; if ($field_enabled) { @@ -185,10 +181,7 @@ function site_users_check_photo_field_access($operation, AccountInterface $accou } return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']); } - if (!$is_own) { - return AccessResult::forbidden()->cachePerPermissions()->cachePerUser(); - } - return AccessResult::neutral()->cachePerUser(); + return AccessResult::forbidden()->cachePerPermissions()->cachePerUser(); } return AccessResult::neutral();