Restrict access to user 1 so that Account Admins cannot edit it.
This commit is contained in:
parent
501d573b19
commit
05a3b374bb
|
@ -0,0 +1,22 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @file
|
||||||
|
* Hooks implemented by the farmOS Account Admin Role module.
|
||||||
|
*/
|
||||||
|
|
||||||
|
use Drupal\Core\Access\AccessResult;
|
||||||
|
use Drupal\Core\Entity\EntityInterface;
|
||||||
|
use Drupal\Core\Session\AccountInterface;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implements hook_ENTITY_TYPE_access().
|
||||||
|
*/
|
||||||
|
function farm_role_account_admin_user_access(EntityInterface $entity, $operation, AccountInterface $account) {
|
||||||
|
|
||||||
|
// Only user 1 can access user 1.
|
||||||
|
if ($entity->id() == 1 && $account->id() != 1) {
|
||||||
|
return AccessResult::forbidden();
|
||||||
|
}
|
||||||
|
return AccessResult::neutral();
|
||||||
|
}
|
|
@ -0,0 +1,39 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Drupal\Tests\farm_role_account_admin\Functional;
|
||||||
|
|
||||||
|
use Drupal\Tests\farm_test\Functional\FarmBrowserTestBase;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tests access to user 1.
|
||||||
|
*
|
||||||
|
* @group farm
|
||||||
|
*/
|
||||||
|
class UserAccessTest extends FarmBrowserTestBase {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
protected static $modules = [
|
||||||
|
'farm_role_account_admin',
|
||||||
|
];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test user 1 access.
|
||||||
|
*/
|
||||||
|
public function testUser1Access() {
|
||||||
|
|
||||||
|
// Create and login a user with farm_account_admin role.
|
||||||
|
$user = $this->createUser();
|
||||||
|
$user->addRole('farm_account_admin');
|
||||||
|
$user->save();
|
||||||
|
$this->drupalLogin($user);
|
||||||
|
|
||||||
|
// Confirm that the user cannot access user 1.
|
||||||
|
$this->drupalGet('user/1');
|
||||||
|
$this->assertSession()->statusCodeEquals(403);
|
||||||
|
$this->drupalGet('user/1/edit');
|
||||||
|
$this->assertSession()->statusCodeEquals(403);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue