diff --git a/config/install/site_users.settings.yml b/config/install/site_users.settings.yml index d28ae55..41cebde 100644 --- a/config/install/site_users.settings.yml +++ b/config/install/site_users.settings.yml @@ -1,3 +1,9 @@ photos: max_count: 5 ldap_attribute: 'jpegPhoto' +user_editable_fields: + field_user_name: true + field_user_phone: true + field_user_bio: true + field_user_social_links: true + field_user_photos: true diff --git a/site_users.module b/site_users.module index 3b07ab2..58adb58 100644 --- a/site_users.module +++ b/site_users.module @@ -67,12 +67,12 @@ function site_users_entity_field_access($operation, FieldDefinitionInterface $fi // Verificar se é um campo de perfil. if (in_array($field_name, $profile_fields)) { - return site_users_check_profile_field_access($operation, $account, $items); + return site_users_check_profile_field_access($operation, $account, $items, $field_name); } // Verificar se é um campo de fotos. if (in_array($field_name, $photo_fields)) { - return site_users_check_photo_field_access($operation, $account, $items); + return site_users_check_photo_field_access($operation, $account, $items, $field_name); } return AccessResult::neutral(); @@ -81,7 +81,7 @@ function site_users_entity_field_access($operation, FieldDefinitionInterface $fi /** * Verifica acesso aos campos de perfil. */ -function site_users_check_profile_field_access($operation, AccountInterface $account, ?FieldItemListInterface $items = NULL) { +function site_users_check_profile_field_access($operation, AccountInterface $account, ?FieldItemListInterface $items = NULL, string $field_name = '') { // Administradores têm acesso total. if ($account->hasPermission('administer site_users settings')) { return AccessResult::allowed()->cachePerPermissions(); @@ -111,9 +111,14 @@ function site_users_check_profile_field_access($operation, AccountInterface $acc if ($account->hasPermission('edit any user profile fields')) { return AccessResult::allowed()->cachePerPermissions(); } - // Pode editar apenas o próprio perfil. + // Pode editar apenas o próprio perfil, se o campo estiver habilitado na config. if ($is_own && $account->hasPermission('edit own user profile fields')) { - return AccessResult::allowed()->cachePerPermissions()->cachePerUser(); + $config = \Drupal::config('site_users.settings'); + $field_enabled = $config->get('user_editable_fields.' . $field_name) ?? TRUE; + if ($field_enabled) { + return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']); + } + return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']); } return AccessResult::forbidden()->cachePerPermissions()->cachePerUser(); } @@ -124,7 +129,7 @@ function site_users_check_profile_field_access($operation, AccountInterface $acc /** * Verifica acesso ao campo de fotos. */ -function site_users_check_photo_field_access($operation, AccountInterface $account, ?FieldItemListInterface $items = NULL) { +function site_users_check_photo_field_access($operation, AccountInterface $account, ?FieldItemListInterface $items = NULL, string $field_name = '') { // Administradores têm acesso total. if ($account->hasPermission('administer site_users settings')) { return AccessResult::allowed()->cachePerPermissions(); @@ -153,9 +158,14 @@ function site_users_check_photo_field_access($operation, AccountInterface $accou if ($account->hasPermission('manage user photos')) { return AccessResult::allowed()->cachePerPermissions(); } - // Pode gerenciar apenas as próprias fotos. + // Pode gerenciar apenas as próprias fotos, se o campo estiver habilitado na config. if ($is_own && $account->hasPermission('manage own user photos')) { - return AccessResult::allowed()->cachePerPermissions()->cachePerUser(); + $config = \Drupal::config('site_users.settings'); + $field_enabled = $config->get('user_editable_fields.' . $field_name) ?? TRUE; + if ($field_enabled) { + return AccessResult::allowed()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']); + } + return AccessResult::forbidden()->cachePerPermissions()->cachePerUser()->addCacheTags(['config:site_users.settings']); } return AccessResult::forbidden()->cachePerPermissions()->cachePerUser(); } diff --git a/src/Form/SiteUsersSettingsForm.php b/src/Form/SiteUsersSettingsForm.php index 0d583a9..bd9c40c 100644 --- a/src/Form/SiteUsersSettingsForm.php +++ b/src/Form/SiteUsersSettingsForm.php @@ -10,6 +10,22 @@ use Drupal\Core\Form\FormStateInterface; */ class SiteUsersSettingsForm extends ConfigFormBase { + /** + * Returns the list of fields controllable by the admin. + * + * @return array + * Associative array of field_name => label. + */ + protected function getEditableFields(): array { + return [ + 'field_user_name' => $this->t('Full Name'), + 'field_user_phone' => $this->t('Phone'), + 'field_user_bio' => $this->t('Biography'), + 'field_user_social_links' => $this->t('Social Links'), + 'field_user_photos' => $this->t('Photos'), + ]; + } + /** * {@inheritdoc} */ @@ -55,6 +71,22 @@ class SiteUsersSettingsForm extends ConfigFormBase { '#maxlength' => 255, ]; + // Fieldset para campos editáveis pelo próprio usuário. + $form['user_editable_fields'] = [ + '#type' => 'fieldset', + '#title' => $this->t('User-editable profile fields'), + '#description' => $this->t('Select which fields users with the "Edit own user profile fields" or "Manage own user photos" permission can edit on their own profile.'), + '#tree' => TRUE, + ]; + + foreach ($this->getEditableFields() as $field_name => $label) { + $form['user_editable_fields'][$field_name] = [ + '#type' => 'checkbox', + '#title' => $label, + '#default_value' => $config->get('user_editable_fields.' . $field_name) ?? TRUE, + ]; + } + return parent::buildForm($form, $form_state); } @@ -62,10 +94,18 @@ class SiteUsersSettingsForm extends ConfigFormBase { * {@inheritdoc} */ public function submitForm(array &$form, FormStateInterface $form_state) { - $this->config('site_users.settings') + $config = $this->config('site_users.settings'); + + $config ->set('photos.max_count', $form_state->getValue('photos_max_count')) - ->set('photos.ldap_attribute', $form_state->getValue('photos_ldap_attribute')) - ->save(); + ->set('photos.ldap_attribute', $form_state->getValue('photos_ldap_attribute')); + + $editable = $form_state->getValue('user_editable_fields'); + foreach (array_keys($this->getEditableFields()) as $field_name) { + $config->set('user_editable_fields.' . $field_name, (bool) ($editable[$field_name] ?? FALSE)); + } + + $config->save(); parent::submitForm($form, $form_state); } diff --git a/translations/site_users.pt-br.po b/translations/site_users.pt-br.po index 4557eef..401e846 100644 --- a/translations/site_users.pt-br.po +++ b/translations/site_users.pt-br.po @@ -128,6 +128,13 @@ msgstr "Redes Sociais" msgid "Social network profile links." msgstr "Links de perfil em redes sociais." +# Settings form - user editable fields +msgid "User-editable profile fields" +msgstr "Campos do perfil editáveis pelo usuário" + +msgid "Select which fields users with the \"Edit own user profile fields\" or \"Manage own user photos\" permission can edit on their own profile." +msgstr "Selecione quais campos os usuários com a permissão \"Editar campos do próprio perfil\" ou \"Gerenciar próprias fotos\" podem editar no próprio perfil." + # Template msgid "Phone:" msgstr "Telefone:"