Admin/site_users
1
0
Fork 0
mirror of https://gitlab.unicamp.br/infimecc_drupal11_modules/site_users.git synced 2026-03-11 10:47:40 -03:00
Code Issues Packages Projects Releases Wiki Activity

fix: Corrige acesso edit de campos do próprio usuário

Browse Source 
Para operação 'edit', verifica apenas a config user_editable_fields
para o próprio usuário, sem exigir permissão explícita. Evita que
AccessResult::neutral() bloqueie o widget no formulário.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Quintino A. G. Souza
2026-02-23 15:40:49 -03:00
parent e9f4cdcfb4
commit 06e5bae039
1 changed files with 4 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
site_users.module
View File

@@ -119,7 +119,7 @@ function site_users_check_profile_field_access($operation, AccountInterface $acc
if (!$items) { if (!$items) {
return AccessResult::neutral(); return AccessResult::neutral();
} }
if ($is_own && $account->hasPermission('edit own user profile fields')) { if ($is_own) {
// Campo habilitado na config? // Campo habilitado na config?
$config = \Drupal::config('site_users.settings'); $config = \Drupal::config('site_users.settings');
$field_enabled = $config->get('user_editable_fields.' . $field_name) ?? TRUE; $field_enabled = $config->get('user_editable_fields.' . $field_name) ?? TRUE;
@@ -128,11 +128,7 @@ function site_users_check_profile_field_access($operation, AccountInterface $acc
} }
return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']); return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']);
} }
if (!$is_own) { return AccessResult::forbidden()->cachePerPermissions()->cachePerUser();
return AccessResult::forbidden()->cachePerPermissions()->cachePerUser();
}
// Próprio usuário sem a permissão explícita: defer ao comportamento padrão do Drupal.
return AccessResult::neutral()->cachePerUser();
} }
return AccessResult::neutral(); return AccessResult::neutral();
@@ -177,7 +173,7 @@ function site_users_check_photo_field_access($operation, AccountInterface $accou
if (!$items) { if (!$items) {
return AccessResult::neutral(); return AccessResult::neutral();
} }
if ($is_own && $account->hasPermission('manage own user photos')) { if ($is_own) {
$config = \Drupal::config('site_users.settings'); $config = \Drupal::config('site_users.settings');
$field_enabled = $config->get('user_editable_fields.' . $field_name) ?? TRUE; $field_enabled = $config->get('user_editable_fields.' . $field_name) ?? TRUE;
if ($field_enabled) { if ($field_enabled) {
@@ -185,10 +181,7 @@ function site_users_check_photo_field_access($operation, AccountInterface $accou
} }
return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']); return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']);
} }
if (!$is_own) { return AccessResult::forbidden()->cachePerPermissions()->cachePerUser();
return AccessResult::forbidden()->cachePerPermissions()->cachePerUser();
}
return AccessResult::neutral()->cachePerUser();
} }
return AccessResult::neutral(); return AccessResult::neutral();